104.129.18.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): QuadraNet Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.129.186.182	attackbots	$f2bV_matches	2020-10-14 04:17:40
104.129.186.182	attackspam	Oct 13 08:37:07 shivevps sshd[19527]: Failed password for invalid user spider from 104.129.186.182 port 34230 ssh2 Oct 13 08:40:54 shivevps sshd[19878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.186.182 user=root Oct 13 08:40:56 shivevps sshd[19878]: Failed password for root from 104.129.186.182 port 42496 ssh2 ...	2020-10-13 19:42:41
104.129.180.37	attack	104.129.180.37 - - \[23/Aug/2020:15:32:51 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.129.180.37 - - \[23/Aug/2020:15:32:59 +0200\] "POST /wp-login.php HTTP/1.0" 200 6412 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.129.180.37 - - \[23/Aug/2020:15:33:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 6404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-08-24 03:37:22
104.129.18.198	attackbots	Sent phishing email to user then stole credentials and used them to send more phishing emails as user from that IP. Probably will do it again.	2020-01-09 05:36:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.18.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42769
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.129.18.20.			IN	A

;; AUTHORITY SECTION:
.			237	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112200 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 22 23:50:57 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

20.18.129.104.in-addr.arpa domain name pointer unassigned.quadranet.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.18.129.104.in-addr.arpa	name = unassigned.quadranet.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
42.101.44.116	attack	Sep 20 18:28:04 php1 sshd\[14254\]: Invalid user ek from 42.101.44.116 Sep 20 18:28:04 php1 sshd\[14254\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.101.44.116 Sep 20 18:28:05 php1 sshd\[14254\]: Failed password for invalid user ek from 42.101.44.116 port 54705 ssh2 Sep 20 18:32:06 php1 sshd\[14764\]: Invalid user qwerty from 42.101.44.116 Sep 20 18:32:06 php1 sshd\[14764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.101.44.116	2019-09-21 12:36:41
217.182.198.187	attack	\[2019-09-21 05:54:23\] NOTICE\[603\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '217.182.198.187:59096' $callid: 180106890-1040818756-1317083482$ - Failed to authenticate \[2019-09-21 05:54:23\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-09-21T05:54:23.673+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="180106890-1040818756-1317083482",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/217.182.198.187/59096",Challenge="1569038063/37afbbd6d831ac76c6b089b1d3cb2d3d",Response="2d7022125876e8637f423e3fa4ad264a",ExpectedResponse="" \[2019-09-21 05:54:23\] NOTICE\[18654\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '217.182.198.187:59096' $callid: 180106890-1040818756-1317083482$ - Failed to authenticate \[2019-09-21 05:54:23\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeR	2019-09-21 12:42:59
46.59.17.161	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-21 12:42:37
51.255.168.202	attack	Sep 21 06:09:56 eventyay sshd[9569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.168.202 Sep 21 06:09:58 eventyay sshd[9569]: Failed password for invalid user hotelsalesdad from 51.255.168.202 port 45708 ssh2 Sep 21 06:14:45 eventyay sshd[9671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.255.168.202 ...	2019-09-21 12:32:40
188.166.30.203	attack	Sep 20 18:42:38 php1 sshd\[16094\]: Invalid user fns from 188.166.30.203 Sep 20 18:42:38 php1 sshd\[16094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.30.203 Sep 20 18:42:40 php1 sshd\[16094\]: Failed password for invalid user fns from 188.166.30.203 port 42770 ssh2 Sep 20 18:46:55 php1 sshd\[16594\]: Invalid user test from 188.166.30.203 Sep 20 18:46:55 php1 sshd\[16594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.30.203	2019-09-21 12:51:33
66.162.137.4	attack	Sep 21 10:55:40 itv-usvr-01 sshd[16641]: Invalid user admin from 66.162.137.4 Sep 21 10:55:40 itv-usvr-01 sshd[16641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.162.137.4 Sep 21 10:55:40 itv-usvr-01 sshd[16641]: Invalid user admin from 66.162.137.4 Sep 21 10:55:41 itv-usvr-01 sshd[16641]: Failed password for invalid user admin from 66.162.137.4 port 46084 ssh2 Sep 21 10:55:40 itv-usvr-01 sshd[16641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.162.137.4 Sep 21 10:55:40 itv-usvr-01 sshd[16641]: Invalid user admin from 66.162.137.4 Sep 21 10:55:41 itv-usvr-01 sshd[16641]: Failed password for invalid user admin from 66.162.137.4 port 46084 ssh2 Sep 21 10:55:43 itv-usvr-01 sshd[16641]: Failed password for invalid user admin from 66.162.137.4 port 46084 ssh2	2019-09-21 12:55:00
133.130.99.77	attack	2019-09-21T04:28:32.218532abusebot-5.cloudsearch.cf sshd\[19378\]: Invalid user admin from 133.130.99.77 port 44640	2019-09-21 12:45:12
62.28.34.125	attack	Invalid user luo from 62.28.34.125 port 17389	2019-09-21 13:06:56
222.186.30.152	attackbots	Automated report - ssh fail2ban: Sep 21 05:35:06 wrong password, user=root, port=31774, ssh2 Sep 21 05:35:08 wrong password, user=root, port=31774, ssh2 Sep 21 05:35:12 wrong password, user=root, port=31774, ssh2	2019-09-21 12:22:13
173.244.36.31	attackspam	173.244.36.31 - admin \[20/Sep/2019:20:56:06 -0700\] "GET /rss/order/new HTTP/1.1" 401 25173.244.36.31 - admin \[20/Sep/2019:20:56:10 -0700\] "GET /rss/order/new HTTP/1.1" 401 25173.244.36.31 - admin \[20/Sep/2019:20:56:14 -0700\] "GET /rss/order/new HTTP/1.1" 401 25 ...	2019-09-21 12:29:22
159.203.198.34	attackspambots	Sep 20 18:27:56 lcprod sshd\[4803\]: Invalid user adell from 159.203.198.34 Sep 20 18:27:56 lcprod sshd\[4803\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.198.34 Sep 20 18:27:58 lcprod sshd\[4803\]: Failed password for invalid user adell from 159.203.198.34 port 39341 ssh2 Sep 20 18:32:31 lcprod sshd\[5202\]: Invalid user git from 159.203.198.34 Sep 20 18:32:31 lcprod sshd\[5202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.198.34	2019-09-21 12:48:10
49.88.112.90	attack	Sep 21 10:05:59 areeb-Workstation sshd[24906]: Failed password for root from 49.88.112.90 port 54276 ssh2 Sep 21 10:06:01 areeb-Workstation sshd[24906]: Failed password for root from 49.88.112.90 port 54276 ssh2 ...	2019-09-21 12:36:15
180.16.116.22	attackspam	Unauthorised access (Sep 21) SRC=180.16.116.22 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=22175 TCP DPT=8080 WINDOW=16466 SYN	2019-09-21 12:57:50
14.29.174.142	attackbotsspam	Sep 21 01:32:27 vtv3 sshd\[2050\]: Invalid user web71p3 from 14.29.174.142 port 49958 Sep 21 01:32:27 vtv3 sshd\[2050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.174.142 Sep 21 01:32:29 vtv3 sshd\[2050\]: Failed password for invalid user web71p3 from 14.29.174.142 port 49958 ssh2 Sep 21 01:36:47 vtv3 sshd\[4377\]: Invalid user gq from 14.29.174.142 port 34100 Sep 21 01:36:47 vtv3 sshd\[4377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.174.142 Sep 21 01:49:12 vtv3 sshd\[10498\]: Invalid user deborah from 14.29.174.142 port 42990 Sep 21 01:49:12 vtv3 sshd\[10498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.174.142 Sep 21 01:49:15 vtv3 sshd\[10498\]: Failed password for invalid user deborah from 14.29.174.142 port 42990 ssh2 Sep 21 01:53:29 vtv3 sshd\[12620\]: Invalid user mirror05 from 14.29.174.142 port 55364 Sep 21 01:53:29 vtv3 sshd\[12620\]: pa	2019-09-21 12:53:32
51.158.101.121	attackspam	Sep 21 06:37:28 localhost sshd\[10792\]: Invalid user admin from 51.158.101.121 port 59448 Sep 21 06:37:28 localhost sshd\[10792\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.101.121 Sep 21 06:37:30 localhost sshd\[10792\]: Failed password for invalid user admin from 51.158.101.121 port 59448 ssh2	2019-09-21 12:42:20

最近上报的IP列表

122.242.57.215	181.135.208.17	77.20.52.207	36.6.148.145
119.95.244.71	180.125.17.229	113.161.44.186	110.159.178.177
165.227.4.106	119.49.146.179	62.12.83.235	114.104.235.20
221.230.15.111	51.159.18.78	14.42.196.245	113.68.83.96
109.78.184.125	107.174.217.122	169.42.207.72	14.228.149.102