45.129.33.13 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Bulgaria

运营商(isp): TT1 Datacenter UG (haftungsbeschraenkt)

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	ET DROP Dshield Block Listed Source group 1 - port: 9853 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:30:31
attackspam	TCP (SYN) 45.129.33.13:46346 -> port 9886, len 44	2020-10-13 22:01:47
attack	Oct 13 06:47:20 [host] kernel: [2896351.783193] [U Oct 13 06:52:10 [host] kernel: [2896642.481625] [U Oct 13 06:52:55 [host] kernel: [2896686.843589] [U Oct 13 06:56:55 [host] kernel: [2896926.613356] [U Oct 13 07:20:58 [host] kernel: [2898369.584814] [U Oct 13 07:22:08 [host] kernel: [2898440.402633] [U	2020-10-13 13:27:24
attackspam	Multiport scan : 47 ports scanned 9850 9852 9854 9856 9858 9860 9861 9862 9864 9866 9867 9871 9873 9875 9880 9890 9892 9894 9896 9899 9900 9901 9903 9908 9910 9914 9916 9917 9920 9932 9934 9939 9953 9955 9961 9967 9971 9972 9974 9977 9983 9988 9989 9990 9991 9993 9995	2020-10-13 06:11:58
attack	TCP (SYN) 45.129.33.13:49137 -> port 9378, len 44	2020-10-01 06:01:28
attackspambots	TCP (SYN) 45.129.33.13:49137 -> port 9378, len 44	2020-09-30 22:20:36
attack	TCP (SYN) 45.129.33.13:49137 -> port 9379, len 44	2020-09-30 14:52:35
attack	TCP (SYN) 45.129.33.13:52266 -> port 7748, len 44	2020-08-28 17:22:05
attackspam	TCP (SYN) 45.129.33.13:52266 -> port 7817, len 44	2020-08-27 02:27:06
attackspambots	TCP (SYN) 45.129.33.13:45946 -> port 7607, len 44	2020-08-23 08:11:32
attack	TCP (SYN) 45.129.33.13:51498 -> port 7282, len 44	2020-08-12 16:39:29
attack	ET DROP Dshield Block Listed Source group 1 - port: 7081 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 07:37:48
attack	IPS Sensor Hit - Port Scan detected	2020-08-10 22:23:00
attackspambots	[H1] Blocked by UFW	2020-08-10 19:28:26
attack	firewall-block, port(s): 7001/tcp, 7005/tcp, 7010/tcp, 7011/tcp, 7030/tcp, 7039/tcp, 7047/tcp, 7050/tcp, 7069/tcp, 7078/tcp	2020-08-10 06:13:12
attackbots	Persistent port scanning [40 denied]	2020-08-07 14:09:11
attack	TCP (SYN) 45.129.33.13:50671 -> port 1815, len 44	2020-08-05 20:55:17
attackbotsspam	TCP (SYN) 45.129.33.13:50671 -> port 1817, len 44	2020-08-05 17:42:30
attackspam	Multiport scan : 39 ports scanned 1703 1706 1711 1712 1716 1720 1725 1727 1728 1731 1732 1734 1736 1737 1738 1740 1741 1743 1744 1745 1746 1747 1749 1750 1753 1762 1766 1768 1780 1783 1784 1789 1792 1793 1794 1797 1798 1868 1871	2020-08-05 06:31:06
attack	08/04/2020-07:23:37.853365 45.129.33.13 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-04 19:33:43
attackspambots	TCP (SYN) 45.129.33.13:59742 -> port 1790, len 44	2020-08-04 16:51:06
attack	TCP (SYN) 45.129.33.13:59742 -> port 1770, len 44	2020-08-04 01:58:03
attack	Aug 2 22:25:34 debian-2gb-nbg1-2 kernel: \[18658408.213029\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.129.33.13 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=43634 PROTO=TCP SPT=59742 DPT=1785 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-03 04:35:53
attackspambots	firewall-block, port(s): 1625/tcp, 1646/tcp, 1648/tcp, 1687/tcp, 1688/tcp	2020-08-01 15:30:44
attack	firewall-block, port(s): 1644/tcp, 1680/tcp	2020-08-01 06:27:10
attack	firewall-block, port(s): 1614/tcp, 1619/tcp, 1622/tcp, 1633/tcp, 1642/tcp, 1660/tcp, 1661/tcp, 1662/tcp, 1669/tcp, 1681/tcp, 1690/tcp, 1698/tcp	2020-08-01 00:18:53
attackbots	TCP (SYN) 45.129.33.13:52635 -> port 1542, len 44	2020-07-29 19:51:44
attack	Port scan on 11 port(s): 1406 1438 1441 1459 1461 1475 1480 1486 1520 1555 1592	2020-07-29 05:12:18
attackbots	TCP (SYN) 45.129.33.13:59602 -> port 1426, len 44	2020-07-27 17:51:22
attackspambots	SmallBizIT.US 7 packets to tcp(1219,1227,1231,1235,1276,1280,1283)	2020-07-22 06:12:41

相同子网IP讨论:

IP	类型	评论内容	时间
45.129.33.168	attack	Dec 13 21:22:00 router.asus.com kernel: DROP IN=eth0 OUT= MAC=b8:86:87:f3:ff:58:00:01:5c:98:9a:46:08:00 SRC=45.129.33.168 DST=AA.BB.CC.DD LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=22869 PROTO=TCP SPT=59221 DPT=21398 SEQ=3578506072 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Scans from the 45.129.33.0/24 range have been incessant. hostslick.de does not respond to email.	2020-12-14 11:37:48
45.129.33.122	attackbots	Port-scan: detected 150 distinct ports within a 24-hour window.	2020-10-14 07:07:41
45.129.33.147	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 39601 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 06:03:33
45.129.33.9	attackbotsspam	TCP (SYN) 45.129.33.9:53668 -> port 10226, len 44	2020-10-14 05:49:00
45.129.33.12	attack	TCP (SYN) 45.129.33.12:54343 -> port 60282, len 44	2020-10-14 05:48:33
45.129.33.19	attack	ET DROP Dshield Block Listed Source group 1 - port: 4578 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:48:01
45.129.33.22	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 6367 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:49
45.129.33.53	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 7394 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:33
45.129.33.56	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 13478 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:02
45.129.33.80	attackspam	TCP (SYN) 45.129.33.80:56794 -> port 5319, len 44	2020-10-14 05:46:44
45.129.33.101	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 39596 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:46:12
45.129.33.142	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 39635 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:45:42
45.129.33.145	attack	ET DROP Dshield Block Listed Source group 1 - port: 39557 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:45:18
45.129.33.18	attack	ET DROP Dshield Block Listed Source group 1 - port: 4098 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:29:45
45.129.33.24	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 20211 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:29:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.129.33.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53281
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.129.33.13.			IN	A

;; AUTHORITY SECTION:
.			431	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072102 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 06:12:38 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 13.33.129.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.33.129.45.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
101.32.45.10	attackspambots	Port scan denied	2020-09-02 14:40:51
189.231.216.95	attack	Unauthorized connection attempt from IP address 189.231.216.95 on Port 445(SMB)	2020-09-02 14:53:49
94.200.90.58	attack	Attempted connection to port 9527.	2020-09-02 14:41:05
122.152.212.188	attack	Port scan denied	2020-09-02 15:11:51
180.180.68.237	attack	Unauthorized connection attempt from IP address 180.180.68.237 on Port 445(SMB)	2020-09-02 15:08:35
154.237.55.14	attackspambots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 14:39:25
58.186.105.162	attackbots	Attempted connection to port 445.	2020-09-02 14:42:29
103.75.101.59	attackspambots	Invalid user oracle from 103.75.101.59 port 44282	2020-09-02 15:06:38
116.55.103.37	attackspam	Unauthorized connection attempt from IP address 116.55.103.37 on Port 445(SMB)	2020-09-02 14:59:40
113.180.194.121	attackspambots	Unauthorized connection attempt from IP address 113.180.194.121 on Port 445(SMB)	2020-09-02 14:51:15
189.124.227.17	attack	1598979343 - 09/01/2020 18:55:43 Host: 189.124.227.17/189.124.227.17 Port: 445 TCP Blocked	2020-09-02 14:38:34
102.177.145.221	attack	Invalid user john from 102.177.145.221 port 42198	2020-09-02 14:38:17
2.88.36.138	attack	Unauthorized connection attempt from IP address 2.88.36.138 on Port 445(SMB)	2020-09-02 14:50:28
222.186.175.202	attackspambots	Sep 2 07:59:56 ns308116 sshd[11080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Sep 2 07:59:58 ns308116 sshd[11080]: Failed password for root from 222.186.175.202 port 15540 ssh2 Sep 2 08:00:01 ns308116 sshd[11080]: Failed password for root from 222.186.175.202 port 15540 ssh2 Sep 2 08:00:05 ns308116 sshd[11080]: Failed password for root from 222.186.175.202 port 15540 ssh2 Sep 2 08:00:08 ns308116 sshd[11080]: Failed password for root from 222.186.175.202 port 15540 ssh2 ...	2020-09-02 15:00:52
171.217.131.164	attackspambots	Unauthorized connection attempt from IP address 171.217.131.164 on Port 445(SMB)	2020-09-02 15:06:05

最近上报的IP列表

180.76.55.119	63.18.103.183	58.59.96.201	94.102.53.112
80.89.41.230	17.185.51.74	40.141.34.147	18.198.228.255
79.111.122.62	88.24.242.220	99.217.13.76	2.73.39.163
46.39.154.21	66.94.45.33	157.245.6.122	145.253.239.182
85.226.163.133	34.80.93.245	3.15.153.227	193.27.228.152