104.129.18.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): QuadraNet Inc

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.129.186.182	attackbots	$f2bV_matches	2020-10-14 04:17:40
104.129.186.182	attackspam	Oct 13 08:37:07 shivevps sshd[19527]: Failed password for invalid user spider from 104.129.186.182 port 34230 ssh2 Oct 13 08:40:54 shivevps sshd[19878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.129.186.182 user=root Oct 13 08:40:56 shivevps sshd[19878]: Failed password for root from 104.129.186.182 port 42496 ssh2 ...	2020-10-13 19:42:41
104.129.180.37	attack	104.129.180.37 - - \[23/Aug/2020:15:32:51 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.129.180.37 - - \[23/Aug/2020:15:32:59 +0200\] "POST /wp-login.php HTTP/1.0" 200 6412 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 104.129.180.37 - - \[23/Aug/2020:15:33:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 6404 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-08-24 03:37:22
104.129.18.198	attackbots	Sent phishing email to user then stole credentials and used them to send more phishing emails as user from that IP. Probably will do it again.	2020-01-09 05:36:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.129.18.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42769
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.129.18.20.			IN	A

;; AUTHORITY SECTION:
.			237	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112200 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 22 23:50:57 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

20.18.129.104.in-addr.arpa domain name pointer unassigned.quadranet.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.18.129.104.in-addr.arpa	name = unassigned.quadranet.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
122.51.89.18	attack	SSH / Telnet Brute Force Attempts on Honeypot	2020-09-07 13:02:43
182.61.37.144	attack	Sep 7 01:53:08 server sshd[12594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.37.144 user=root Sep 7 01:53:10 server sshd[12594]: Failed password for invalid user root from 182.61.37.144 port 53210 ssh2 Sep 7 02:08:43 server sshd[13618]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.37.144 user=root Sep 7 02:08:45 server sshd[13618]: Failed password for invalid user root from 182.61.37.144 port 43666 ssh2	2020-09-07 12:47:22
139.198.122.19	attackspam	Time: Mon Sep 7 04:34:07 2020 +0000 IP: 139.198.122.19 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 7 04:19:28 pv-14-ams2 sshd[24001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root Sep 7 04:19:30 pv-14-ams2 sshd[24001]: Failed password for root from 139.198.122.19 port 50328 ssh2 Sep 7 04:30:42 pv-14-ams2 sshd[28224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root Sep 7 04:30:44 pv-14-ams2 sshd[28224]: Failed password for root from 139.198.122.19 port 60016 ssh2 Sep 7 04:34:03 pv-14-ams2 sshd[6697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.122.19 user=root	2020-09-07 12:43:57
222.174.148.178	attackbotsspam	TCP (SYN) 222.174.148.178:48139 -> port 445, len 40	2020-09-07 12:39:28
14.142.50.177	attackspambots	Port scan on 1 port(s): 445	2020-09-07 12:42:29
160.16.208.136	attack	Wordpress attack	2020-09-07 13:11:59
88.121.22.235	attack	Failed password for invalid user vnc from 88.121.22.235 port 55323 ssh2	2020-09-07 13:11:37
78.128.113.120	attackbots	Sep 7 06:17:29 relay postfix/smtpd\[21443\]: warning: unknown\[78.128.113.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 06:18:26 relay postfix/smtpd\[16873\]: warning: unknown\[78.128.113.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 06:18:44 relay postfix/smtpd\[14931\]: warning: unknown\[78.128.113.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 06:23:58 relay postfix/smtpd\[16867\]: warning: unknown\[78.128.113.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 06:24:16 relay postfix/smtpd\[21494\]: warning: unknown\[78.128.113.120\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-07 12:39:05
189.170.62.37	attack	Unauthorized connection attempt from IP address 189.170.62.37 on Port 445(SMB)	2020-09-07 12:52:37
212.70.149.52	attackbotsspam	Sep 7 06:52:19 v22019058497090703 postfix/smtpd[2954]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 06:52:46 v22019058497090703 postfix/smtpd[2954]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 06:53:12 v22019058497090703 postfix/smtpd[2954]: warning: unknown[212.70.149.52]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-07 12:57:53
81.218.173.82	attackspam	Automatic report - Port Scan Attack	2020-09-07 12:45:10
123.22.212.99	attack	Brute force attempt	2020-09-07 12:37:01
118.69.82.233	attackspambots	Sep 7 03:34:48 marvibiene sshd[55787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.69.82.233 user=root Sep 7 03:34:50 marvibiene sshd[55787]: Failed password for root from 118.69.82.233 port 51140 ssh2 Sep 7 03:51:34 marvibiene sshd[56014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.69.82.233 user=root Sep 7 03:51:35 marvibiene sshd[56014]: Failed password for root from 118.69.82.233 port 52244 ssh2	2020-09-07 12:44:18
179.182.183.228	attackbotsspam	Automatic report - Port Scan Attack	2020-09-07 12:48:44
151.177.64.250	attackbotsspam	Honeypot attack, port: 5555, PTR: c151-177-64-250.bredband.comhem.se.	2020-09-07 13:14:52

最近上报的IP列表

122.242.57.215	181.135.208.17	77.20.52.207	36.6.148.145
119.95.244.71	180.125.17.229	113.161.44.186	110.159.178.177
165.227.4.106	119.49.146.179	62.12.83.235	114.104.235.20
221.230.15.111	51.159.18.78	14.42.196.245	113.68.83.96
109.78.184.125	107.174.217.122	169.42.207.72	14.228.149.102