150.129.63.124

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: Yashash Cable Network Pvt Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	445/tcp [2020-02-01]1pkt	2020-02-02 00:40:52
attack	150.129.63.124 - - [18/Oct/2019:15:51:42 -0400] "GET /?page=products&action=view&manufacturerID=36&productID=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=13130 HTTP/1.1" 302 - "https://simplexlock.com/?page=products&action=view&manufacturerID=36&productID=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=13130" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" 150.129.63.124 - - [18/Oct/2019:15:51:43 -0400] "GET /?page=manufacturers&manufacturerID=36 HTTP/1.1" 200 52161 "https://simplexlock.com/?page=products&action=view&manufacturerID=36&productID=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=13130" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-19 05:27:50

Type

Details

Datetime

attack

445/tcp
[2020-02-01]1pkt

2020-02-02 00:40:52

attack

150.129.63.124 - - [18/Oct/2019:15:51:42 -0400] "GET /?page=products&action=view&manufacturerID=36&productID=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=13130 HTTP/1.1" 302 - "https://simplexlock.com/?page=products&action=view&manufacturerID=36&productID=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=13130" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0"
150.129.63.124 - - [18/Oct/2019:15:51:43 -0400] "GET /?page=manufacturers&manufacturerID=36 HTTP/1.1" 200 52161 "https://simplexlock.com/?page=products&action=view&manufacturerID=36&productID=..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&linkID=13130" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0"
...

2019-10-19 05:27:50

Comments on same subnet:

IP	Type	Details	Datetime
150.129.63.162	attackbots	Unauthorized connection attempt detected from IP address 150.129.63.162 to port 445 [T]	2020-08-16 18:40:47
150.129.63.20	attack	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(09161116)	2019-09-17 02:51:50
150.129.63.20	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 16:34:00

Type

Details

Datetime

150.129.63.162

attackbots

Unauthorized connection attempt detected from IP address 150.129.63.162 to port 445 [T]

2020-08-16 18:40:47

150.129.63.20

attack

[SMB remote code execution attempt: port tcp/445]
*(RWIN=1024)(09161116)

2019-09-17 02:51:50

150.129.63.20

attackspambots

Scanning random ports - tries to find possible vulnerable services

2019-09-01 16:34:00

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 150.129.63.124
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24367
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;150.129.63.124.			IN	A

;; AUTHORITY SECTION:
.			551	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101801 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 05:27:47 CST 2019
;; MSG SIZE  rcvd: 118

Host info

124.63.129.150.in-addr.arpa domain name pointer yash-static-124.63.129.150.yashtel.co.in.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
124.63.129.150.in-addr.arpa	name = yash-static-124.63.129.150.yashtel.co.in.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.97.216.52	attack	Jul 18 21:48:58 debian-2gb-nbg1-2 kernel: \[17360286.695082\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=122.97.216.52 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=229 ID=60043 PROTO=TCP SPT=45924 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-19 07:01:42
51.91.250.49	attack	Jul 19 00:17:02 Invalid user moe from 51.91.250.49 port 43868	2020-07-19 06:54:03
51.178.50.98	attackspam	Jul 18 15:20:03 pixelmemory sshd[2531556]: Invalid user fx from 51.178.50.98 port 60962 Jul 18 15:20:03 pixelmemory sshd[2531556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.50.98 Jul 18 15:20:03 pixelmemory sshd[2531556]: Invalid user fx from 51.178.50.98 port 60962 Jul 18 15:20:05 pixelmemory sshd[2531556]: Failed password for invalid user fx from 51.178.50.98 port 60962 ssh2 Jul 18 15:24:19 pixelmemory sshd[2543258]: Invalid user msuser from 51.178.50.98 port 47788 ...	2020-07-19 07:21:14
181.40.73.86	attack	Invalid user r00t from 181.40.73.86 port 17779	2020-07-19 07:12:42
106.12.207.92	attackbotsspam	Invalid user lovey from 106.12.207.92 port 44702	2020-07-19 07:31:32
49.232.162.53	attackspam	Jul 18 22:51:31 [host] sshd[13128]: Invalid user e Jul 18 22:51:31 [host] sshd[13128]: pam_unix(sshd: Jul 18 22:51:33 [host] sshd[13128]: Failed passwor	2020-07-19 07:18:59
49.88.112.111	attackspam	Jul 18 15:43:13 dignus sshd[28022]: Failed password for root from 49.88.112.111 port 45301 ssh2 Jul 18 15:43:15 dignus sshd[28022]: Failed password for root from 49.88.112.111 port 45301 ssh2 Jul 18 15:43:19 dignus sshd[28022]: Failed password for root from 49.88.112.111 port 45301 ssh2 Jul 18 15:44:04 dignus sshd[28134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.111 user=root Jul 18 15:44:06 dignus sshd[28134]: Failed password for root from 49.88.112.111 port 21732 ssh2 ...	2020-07-19 07:04:33
47.89.17.193	attackspambots	(sshd) Failed SSH login from 47.89.17.193 (HK/Hong Kong/-): 12 in the last 3600 secs	2020-07-19 07:12:03
181.48.155.149	attack	537. On Jul 18 2020 experienced a Brute Force SSH login attempt -> 47 unique times by 181.48.155.149.	2020-07-19 06:58:56
115.233.209.130	attackbotsspam	Fail2Ban - SSH Bruteforce Attempt	2020-07-19 07:25:04
141.134.184.201	attackspam	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-07-19 06:56:49
41.232.116.123	attack	" "	2020-07-19 07:03:42
103.205.68.2	attack	2020-07-18T21:05:30.799543abusebot-4.cloudsearch.cf sshd[12000]: Invalid user tk from 103.205.68.2 port 59298 2020-07-18T21:05:30.805735abusebot-4.cloudsearch.cf sshd[12000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.205.68.2 2020-07-18T21:05:30.799543abusebot-4.cloudsearch.cf sshd[12000]: Invalid user tk from 103.205.68.2 port 59298 2020-07-18T21:05:32.473756abusebot-4.cloudsearch.cf sshd[12000]: Failed password for invalid user tk from 103.205.68.2 port 59298 ssh2 2020-07-18T21:13:23.818242abusebot-4.cloudsearch.cf sshd[12087]: Invalid user georg from 103.205.68.2 port 48518 2020-07-18T21:13:23.825391abusebot-4.cloudsearch.cf sshd[12087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.205.68.2 2020-07-18T21:13:23.818242abusebot-4.cloudsearch.cf sshd[12087]: Invalid user georg from 103.205.68.2 port 48518 2020-07-18T21:13:26.095485abusebot-4.cloudsearch.cf sshd[12087]: Failed password for in ...	2020-07-19 06:59:12
218.18.101.84	attackbots	Jul 19 04:10:04 gw1 sshd[16905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.18.101.84 Jul 19 04:10:07 gw1 sshd[16905]: Failed password for invalid user software from 218.18.101.84 port 55530 ssh2 ...	2020-07-19 07:14:02
191.96.59.96	attack	SQL Injection Attempt.	2020-07-19 07:23:26

Recently Reported IPs

123.204.185.132	201.4.57.72	185.138.183.110	96.127.169.6
118.170.197.221	185.99.212.23	24.230.102.43	180.228.42.3
202.98.203.20	103.237.158.29	67.231.240.195	61.75.186.11
193.227.49.81	59.126.222.75	146.148.66.136	91.121.154.141
201.217.36.19	52.17.77.184	89.120.110.78	109.202.101.37