45.129.33.49 - IPInfo

Basic Info

City: Los Angeles

Region: California

Country: United States

Internet Service Provider: TT1 Datacenter UG (haftungsbeschraenkt)

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	TCP (SYN) 45.129.33.49:48459 -> port 3942, len 44	2020-10-13 21:01:22
attackspambots	[MK-VM5] Blocked by UFW	2020-10-13 12:29:34
attackspambots	[Mon Oct 12 23:05:02 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=45.129.33.49 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=16330 PROTO=TCP SPT=48459 DPT=3831 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 3831	2020-10-13 05:19:10
attackbots	Excessive Port-Scanning	2020-10-01 07:52:29
attack	Port Scan detected from 45.129.33.49 (DE/Germany/-). 11 hits in the last 210 seconds	2020-10-01 00:23:38
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 25 - port: 3611 proto: tcp cat: Misc Attackbytes: 60	2020-09-30 16:44:05
attack	ET DROP Dshield Block Listed Source group 1 - port: 13040 proto: tcp cat: Misc Attackbytes: 60	2020-08-27 02:10:59
attack	Port scan: Attack repeated for 24 hours	2020-08-11 08:11:45

Comments on same subnet:

IP	Type	Details	Datetime
45.129.33.168	attack	Dec 13 21:22:00 router.asus.com kernel: DROP IN=eth0 OUT= MAC=b8:86:87:f3:ff:58:00:01:5c:98:9a:46:08:00 SRC=45.129.33.168 DST=AA.BB.CC.DD LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=22869 PROTO=TCP SPT=59221 DPT=21398 SEQ=3578506072 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Scans from the 45.129.33.0/24 range have been incessant. hostslick.de does not respond to email.	2020-12-14 11:37:48
45.129.33.122	attackbots	Port-scan: detected 150 distinct ports within a 24-hour window.	2020-10-14 07:07:41
45.129.33.147	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 39601 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 06:03:33
45.129.33.9	attackbotsspam	TCP (SYN) 45.129.33.9:53668 -> port 10226, len 44	2020-10-14 05:49:00
45.129.33.12	attack	TCP (SYN) 45.129.33.12:54343 -> port 60282, len 44	2020-10-14 05:48:33
45.129.33.19	attack	ET DROP Dshield Block Listed Source group 1 - port: 4578 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:48:01
45.129.33.22	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 6367 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:49
45.129.33.53	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 7394 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:33
45.129.33.56	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 13478 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:02
45.129.33.80	attackspam	TCP (SYN) 45.129.33.80:56794 -> port 5319, len 44	2020-10-14 05:46:44
45.129.33.101	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 39596 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:46:12
45.129.33.142	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 39635 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:45:42
45.129.33.145	attack	ET DROP Dshield Block Listed Source group 1 - port: 39557 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:45:18
45.129.33.13	attack	ET DROP Dshield Block Listed Source group 1 - port: 9853 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:30:31
45.129.33.18	attack	ET DROP Dshield Block Listed Source group 1 - port: 4098 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:29:45

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.129.33.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41377
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.129.33.49.			IN	A

;; AUTHORITY SECTION:
.			560	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081001 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 11 08:11:42 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 49.33.129.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 49.33.129.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.105.99.163	attack	Joomla HTTP User Agent Object Injection Vulnerability	2019-07-09 21:55:12
78.142.208.30	attackspam	Jul 9 05:10:44 mout sshd[24068]: Invalid user user from 78.142.208.30 port 9751	2019-07-09 21:25:09
60.246.3.129	attackspambots	(imapd) Failed IMAP login from 60.246.3.129 (MO/Macao/nz3l129.bb60246.ctm.net): 1 in the last 3600 secs	2019-07-09 21:41:09
141.98.10.33	attackbots	Rude login attack (11 tries in 1d)	2019-07-09 21:37:31
14.102.254.230	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-09 21:33:31
58.243.20.76	attackspam	3 failed attempts at connecting to SSH.	2019-07-09 21:32:51
185.36.81.176	attackbots	Rude login attack (11 tries in 1d)	2019-07-09 21:29:18
103.207.38.157	attackbotsspam	Jul 9 15:08:27 mail postfix/smtpd\[26027\]: warning: unknown\[103.207.38.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 15:08:34 mail postfix/smtpd\[26027\]: warning: unknown\[103.207.38.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 9 15:08:45 mail postfix/smtpd\[26027\]: warning: unknown\[103.207.38.157\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-07-09 21:27:24
162.243.150.140	attack	Scanning random ports - tries to find possible vulnerable services	2019-07-09 21:26:58
125.167.244.90	attack	Lines containing failures of 125.167.244.90 Jul 9 16:04:58 siirappi sshd[32311]: Invalid user yw from 125.167.244.90 port 49494 Jul 9 16:04:58 siirappi sshd[32311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.167.244.90 Jul 9 16:05:00 siirappi sshd[32311]: Failed password for invalid user yw from 125.167.244.90 port 49494 ssh2 Jul 9 16:05:00 siirappi sshd[32311]: Received disconnect from 125.167.244.90 port 49494:11: Bye Bye [preauth] Jul 9 16:05:00 siirappi sshd[32311]: Disconnected from 125.167.244.90 port 49494 [preauth] Jul 9 16:08:43 siirappi sshd[32333]: Invalid user vivian from 125.167.244.90 port 22635 Jul 9 16:08:43 siirappi sshd[32333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.167.244.90 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.167.244.90	2019-07-09 22:20:43
134.209.86.195	attack	Jul 9 15:45:03 tuxlinux sshd[11958]: Invalid user paul from 134.209.86.195 port 43582 Jul 9 15:45:03 tuxlinux sshd[11958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.86.195 Jul 9 15:45:03 tuxlinux sshd[11958]: Invalid user paul from 134.209.86.195 port 43582 Jul 9 15:45:03 tuxlinux sshd[11958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.86.195 Jul 9 15:45:03 tuxlinux sshd[11958]: Invalid user paul from 134.209.86.195 port 43582 Jul 9 15:45:03 tuxlinux sshd[11958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.86.195 Jul 9 15:45:05 tuxlinux sshd[11958]: Failed password for invalid user paul from 134.209.86.195 port 43582 ssh2 ...	2019-07-09 21:56:48
92.118.37.84	attackspam	Excessive Port-Scanning	2019-07-09 21:41:50
159.65.88.161	attackbots	Jul 9 13:05:25 MK-Soft-VM3 sshd\[8169\]: Invalid user postgres from 159.65.88.161 port 21047 Jul 9 13:05:25 MK-Soft-VM3 sshd\[8169\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.88.161 Jul 9 13:05:26 MK-Soft-VM3 sshd\[8169\]: Failed password for invalid user postgres from 159.65.88.161 port 21047 ssh2 ...	2019-07-09 21:19:43
103.7.64.200	attackspam	Jul 9 11:15:45 spelly sshd[7654]: Did not receive identification string from 103.7.64.200 Jul 9 11:15:46 spelly sshd[7655]: Connection closed by 103.7.64.200 [preauth] Jul 9 11:15:57 spelly sshd[7657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.7.64.200 user=r.r Jul 9 11:15:59 spelly sshd[7657]: Failed password for r.r from 103.7.64.200 port 62839 ssh2 Jul 9 11:15:59 spelly sshd[7657]: Connection closed by 103.7.64.200 [preauth] Jul 9 11:16:04 spelly sshd[7659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.7.64.200 user=r.r Jul 9 11:16:06 spelly sshd[7659]: Failed password for r.r from 103.7.64.200 port 63767 ssh2 Jul 9 11:16:06 spelly sshd[7659]: Connection closed by 103.7.64.200 [preauth] Jul 9 11:16:08 spelly sshd[7661]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.7.64.200 user=r.r Jul 9 11:16:10 spelly sshd[7661........ -------------------------------	2019-07-09 22:04:23
77.29.59.74	attackspambots	Hit on /wp-login.php	2019-07-09 22:00:37

Recently Reported IPs

182.242.231.121	210.56.169.136	177.148.152.248	94.59.176.161
79.90.227.190	84.211.139.161	217.69.201.101	171.68.174.247
141.78.110.19	85.207.139.242	110.186.50.160	109.27.159.175
212.42.122.75	171.1.124.119	171.56.231.11	125.176.6.226
27.247.195.242	68.216.44.226	211.117.171.95	174.35.2.227