2.204.49.129 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Vodafone GmbH

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Port Scan Attack	2020-04-01 03:10:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.204.49.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 813
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.204.49.129.			IN	A

;; AUTHORITY SECTION:
.			515	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033101 1800 900 604800 86400

;; Query time: 89 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 01 03:10:11 CST 2020
;; MSG SIZE  rcvd: 116

Host info

129.49.204.2.in-addr.arpa domain name pointer dslb-002-204-049-129.002.204.pools.vodafone-ip.de.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
129.49.204.2.in-addr.arpa	name = dslb-002-204-049-129.002.204.pools.vodafone-ip.de.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.244.77.210	attack	Invalid user fake from 104.244.77.210 port 45100	2019-10-17 19:10:01
79.117.61.210	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: 79-117-61-210.rdsnet.ro.	2019-10-17 19:20:54
93.125.114.141	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 04:45:26.	2019-10-17 19:21:12
185.100.87.206	attack	goldgier-watches-purchase.com:80 185.100.87.206 - - \[17/Oct/2019:10:09:33 +0200\] "POST /xmlrpc.php HTTP/1.0" 301 525 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_13_4\) AppleWebKit/605.1.15 \(KHTML, like Gecko\) Version/11.1 Safari/605.1.15" goldgier-watches-purchase.com 185.100.87.206 \[17/Oct/2019:10:09:34 +0200\] "POST /xmlrpc.php HTTP/1.0" 302 3617 "-" "Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_13_4\) AppleWebKit/605.1.15 \(KHTML, like Gecko\) Version/11.1 Safari/605.1.15"	2019-10-17 19:42:50
183.89.106.108	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 04:45:24.	2019-10-17 19:24:34
36.155.114.82	attack	Oct 15 23:28:25 cumulus sshd[31521]: Invalid user nhostnameex-info from 36.155.114.82 port 33537 Oct 15 23:28:25 cumulus sshd[31521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.114.82 Oct 15 23:28:27 cumulus sshd[31521]: Failed password for invalid user nhostnameex-info from 36.155.114.82 port 33537 ssh2 Oct 15 23:28:27 cumulus sshd[31521]: Received disconnect from 36.155.114.82 port 33537:11: Bye Bye [preauth] Oct 15 23:28:27 cumulus sshd[31521]: Disconnected from 36.155.114.82 port 33537 [preauth] Oct 15 23:49:53 cumulus sshd[32447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.114.82 user=r.r Oct 15 23:49:55 cumulus sshd[32447]: Failed password for r.r from 36.155.114.82 port 34617 ssh2 Oct 15 23:49:55 cumulus sshd[32447]: Received disconnect from 36.155.114.82 port 34617:11: Bye Bye [preauth] Oct 15 23:49:55 cumulus sshd[32447]: Disconnected from 36.155.114.82 port........ -------------------------------	2019-10-17 19:11:38
222.120.192.98	attackspambots	Oct 17 12:35:27 XXX sshd[12224]: Invalid user ofsaa from 222.120.192.98 port 45034	2019-10-17 19:13:09
58.182.240.144	attackspambots	CloudCIX Reconnaissance Scan Detected, PTR: 144.240.182.58.starhub.net.sg.	2019-10-17 19:33:34
223.205.239.136	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 04:45:25.	2019-10-17 19:21:58
45.80.65.82	attackbots	Oct 17 11:43:26 localhost sshd\[71141\]: Invalid user changeme from 45.80.65.82 port 53148 Oct 17 11:43:26 localhost sshd\[71141\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.82 Oct 17 11:43:28 localhost sshd\[71141\]: Failed password for invalid user changeme from 45.80.65.82 port 53148 ssh2 Oct 17 11:47:14 localhost sshd\[71221\]: Invalid user zjidcgs from 45.80.65.82 port 35498 Oct 17 11:47:14 localhost sshd\[71221\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.82 ...	2019-10-17 19:52:00
185.122.104.197	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/185.122.104.197/ PL - 1H : (177) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN197697 IP : 185.122.104.197 CIDR : 185.122.104.0/22 PREFIX COUNT : 7 UNIQUE IP COUNT : 8192 WYKRYTE ATAKI Z ASN197697 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-17 05:44:56 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-17 19:39:42
218.212.16.128	attack	CloudCIX Reconnaissance Scan Detected, PTR: 128.16.212.218.starhub.net.sg.	2019-10-17 19:39:25
211.159.153.82	attackspam	SSH/22 MH Probe, BF, Hack -	2019-10-17 19:51:43
106.12.22.23	attackbotsspam	Triggered by Fail2Ban at Vostok web server	2019-10-17 19:45:06
142.93.149.34	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-10-17 19:19:24

Recently Reported IPs

176.12.177.31	152.88.187.44	59.195.32.143	182.61.132.141
124.187.205.139	0.96.180.93	107.69.212.228	14.232.129.129
49.234.222.209	123.21.240.242	34.204.193.243	3.229.117.44
105.48.34.226	187.32.16.152	36.77.94.141	43.226.146.239
103.110.192.34	186.194.105.134	118.163.96.163	212.252.178.234