City: Los Angeles
Region: California
Country: United States
Internet Service Provider: TT1 Datacenter UG (haftungsbeschraenkt)
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbotsspam |
|
2020-10-13 21:01:22 |
| attackspambots | [MK-VM5] Blocked by UFW |
2020-10-13 12:29:34 |
| attackspambots | [Mon Oct 12 23:05:02 2020] IN=enp34s0 OUT= MAC=SERVERMAC SRC=45.129.33.49 DST=MYSERVERIP LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=16330 PROTO=TCP SPT=48459 DPT=3831 WINDOW=1024 RES=0x00 SYN URGP=0 Ports: 3831 |
2020-10-13 05:19:10 |
| attackbots | Excessive Port-Scanning |
2020-10-01 07:52:29 |
| attack | *Port Scan* detected from 45.129.33.49 (DE/Germany/-). 11 hits in the last 210 seconds |
2020-10-01 00:23:38 |
| attack | ET CINS Active Threat Intelligence Poor Reputation IP group 25 - port: 3611 proto: tcp cat: Misc Attackbytes: 60 |
2020-09-30 16:44:05 |
| attack | ET DROP Dshield Block Listed Source group 1 - port: 13040 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-27 02:10:59 |
| attack | Port scan: Attack repeated for 24 hours |
2020-08-11 08:11:45 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.129.33.168 | attack | Dec 13 21:22:00 router.asus.com kernel: DROP IN=eth0 OUT= MAC=b8:86:87:f3:ff:58:00:01:5c:98:9a:46:08:00 SRC=45.129.33.168 DST=AA.BB.CC.DD LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=22869 PROTO=TCP SPT=59221 DPT=21398 SEQ=3578506072 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Scans from the 45.129.33.0/24 range have been incessant. hostslick.de does not respond to email. |
2020-12-14 11:37:48 |
| 45.129.33.122 | attackbots | Port-scan: detected 150 distinct ports within a 24-hour window. |
2020-10-14 07:07:41 |
| 45.129.33.147 | attackspambots | ET DROP Dshield Block Listed Source group 1 - port: 39601 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 06:03:33 |
| 45.129.33.9 | attackbotsspam |
|
2020-10-14 05:49:00 |
| 45.129.33.12 | attack |
|
2020-10-14 05:48:33 |
| 45.129.33.19 | attack | ET DROP Dshield Block Listed Source group 1 - port: 4578 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:48:01 |
| 45.129.33.22 | attackbotsspam | ET DROP Dshield Block Listed Source group 1 - port: 6367 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:47:49 |
| 45.129.33.53 | attackbotsspam | ET DROP Dshield Block Listed Source group 1 - port: 7394 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:47:33 |
| 45.129.33.56 | attackbots | ET DROP Dshield Block Listed Source group 1 - port: 13478 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:47:02 |
| 45.129.33.80 | attackspam |
|
2020-10-14 05:46:44 |
| 45.129.33.101 | attackspam | ET DROP Dshield Block Listed Source group 1 - port: 39596 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:46:12 |
| 45.129.33.142 | attackspam | ET DROP Dshield Block Listed Source group 1 - port: 39635 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:45:42 |
| 45.129.33.145 | attack | ET DROP Dshield Block Listed Source group 1 - port: 39557 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:45:18 |
| 45.129.33.13 | attack | ET DROP Dshield Block Listed Source group 1 - port: 9853 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:30:31 |
| 45.129.33.18 | attack | ET DROP Dshield Block Listed Source group 1 - port: 4098 proto: tcp cat: Misc Attackbytes: 60 |
2020-10-14 05:29:45 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.129.33.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41377
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.129.33.49. IN A
;; AUTHORITY SECTION:
. 560 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020081001 1800 900 604800 86400
;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 11 08:11:42 CST 2020
;; MSG SIZE rcvd: 116Host 49.33.129.45.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 49.33.129.45.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 194.158.192.175 | attackbots | SSH Bruteforce attempt |
2019-09-29 16:38:05 |
| 49.88.112.113 | attackbotsspam | Sep 28 17:49:20 friendsofhawaii sshd\[16829\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Sep 28 17:49:22 friendsofhawaii sshd\[16829\]: Failed password for root from 49.88.112.113 port 49025 ssh2 Sep 28 17:49:53 friendsofhawaii sshd\[16882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Sep 28 17:49:55 friendsofhawaii sshd\[16882\]: Failed password for root from 49.88.112.113 port 37025 ssh2 Sep 28 17:49:57 friendsofhawaii sshd\[16882\]: Failed password for root from 49.88.112.113 port 37025 ssh2 |
2019-09-29 17:01:12 |
| 115.178.24.72 | attackspam | 2019-09-29T08:19:46.397034abusebot-2.cloudsearch.cf sshd\[7693\]: Invalid user newscng from 115.178.24.72 port 40180 |
2019-09-29 16:48:33 |
| 118.89.26.15 | attackbots | Sep 29 04:45:55 plusreed sshd[4367]: Invalid user ftpadmin from 118.89.26.15 ... |
2019-09-29 16:55:28 |
| 45.23.108.9 | attackbots | Sep 29 02:51:26 ny01 sshd[15777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.23.108.9 Sep 29 02:51:28 ny01 sshd[15777]: Failed password for invalid user tor from 45.23.108.9 port 51738 ssh2 Sep 29 02:55:30 ny01 sshd[17241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.23.108.9 |
2019-09-29 16:35:58 |
| 178.128.212.173 | attack | WordPress wp-login brute force :: 178.128.212.173 0.144 BYPASS [29/Sep/2019:13:50:26 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 4140 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-09-29 16:36:40 |
| 132.247.172.26 | attackbots | Sep 29 03:14:53 debian sshd\[29900\]: Invalid user bdos from 132.247.172.26 port 56226 Sep 29 03:14:53 debian sshd\[29900\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.247.172.26 Sep 29 03:14:54 debian sshd\[29900\]: Failed password for invalid user bdos from 132.247.172.26 port 56226 ssh2 ... |
2019-09-29 16:42:27 |
| 193.112.27.92 | attackspambots | Sep 28 20:30:41 friendsofhawaii sshd\[2543\]: Invalid user ines from 193.112.27.92 Sep 28 20:30:41 friendsofhawaii sshd\[2543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.27.92 Sep 28 20:30:43 friendsofhawaii sshd\[2543\]: Failed password for invalid user ines from 193.112.27.92 port 40032 ssh2 Sep 28 20:34:38 friendsofhawaii sshd\[2939\]: Invalid user weng from 193.112.27.92 Sep 28 20:34:38 friendsofhawaii sshd\[2939\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.27.92 |
2019-09-29 16:53:39 |
| 41.224.59.78 | attackspambots | Triggered by Fail2Ban at Ares web server |
2019-09-29 16:58:43 |
| 68.45.62.109 | attack | Invalid user janitor from 68.45.62.109 port 49542 |
2019-09-29 16:40:00 |
| 120.82.143.166 | attack | firewall-block, port(s): 8000/tcp |
2019-09-29 16:52:16 |
| 91.121.157.15 | attackspambots | [Aegis] @ 2019-09-29 09:01:05 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2019-09-29 16:34:57 |
| 61.45.37.148 | attack | 09/29/2019-06:56:31.133296 61.45.37.148 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 64 |
2019-09-29 16:39:31 |
| 130.61.28.159 | attack | Sep 29 10:28:33 markkoudstaal sshd[6627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.28.159 Sep 29 10:28:34 markkoudstaal sshd[6627]: Failed password for invalid user lrios from 130.61.28.159 port 46614 ssh2 Sep 29 10:33:17 markkoudstaal sshd[7010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=130.61.28.159 |
2019-09-29 16:34:32 |
| 189.213.227.180 | attackspam | " " |
2019-09-29 17:05:45 |