45.129.33.7 - IPInfo

基本信息:

城市(city): Los Angeles

省份(region): California

国家(country): United States

运营商(isp): TT1 Datacenter UG (haftungsbeschraenkt)

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	TCP (SYN) 45.129.33.7:51342 -> port 6777, len 44	2020-08-27 02:13:48
attackbotsspam	TCP (SYN) 45.129.33.7:48691 -> port 6349, len 44	2020-08-16 17:31:10
attackbots	[H1] Blocked by UFW	2020-08-16 05:01:36
attack	firewall-block, port(s): 6224/tcp, 6247/tcp	2020-08-15 03:27:57
attackspam	TCP (SYN) 45.129.33.7:50815 -> port 6137, len 44	2020-08-13 03:48:12
attackspam	ET DROP Dshield Block Listed Source group 1 - port: 6018 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 07:38:39
attackspam	IPS Sensor Hit - Port Scan detected	2020-08-10 22:24:16
attackbotsspam	TCP (SYN) 45.129.33.7:48686 -> port 6041, len 44	2020-08-10 17:48:15
attackspam	Aug 7 19:25:55 debian-2gb-nbg1-2 kernel: \[19079605.262380\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.129.33.7 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=34399 PROTO=TCP SPT=58823 DPT=41061 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-08 01:27:07
attackbotsspam	Port scan	2020-08-07 18:31:55
attackspam	Multiport scan : 35 ports scanned 3388 5907 5908 5911 5912 5913 5915 5920 5922 5923 5925 5929 5931 5932 5934 5935 5946 5948 5952 5953 5957 5961 5962 5966 5974 5975 5979 5985 5986 5988 5989 5992 5994 5997 5999	2020-08-07 06:32:29
attack	Attempted to establish connection to non opened port 41049	2020-08-07 05:48:00
attack	TCP (SYN) 45.129.33.7:49905 -> port 5980, len 44	2020-08-05 17:42:53
attackspam	Aug 3 16:43:53 debian-2gb-nbg1-2 kernel: \[18724304.006190\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.129.33.7 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15241 PROTO=TCP SPT=59555 DPT=5846 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-03 22:59:37
attackspambots	Port scan on 3 port(s): 5722 5731 5788	2020-08-01 17:14:07
attackspambots	TCP (SYN) 45.129.33.7:49443 -> port 5742, len 44	2020-08-01 02:35:32
attackspam	TCP (SYN) 45.129.33.7:52386 -> port 5663, len 44	2020-07-30 22:53:45
attack	[H1.VM6] Blocked by UFW	2020-07-29 13:20:35
attackbots	Jul 28 22:29:16 debian-2gb-nbg1-2 kernel: \[18226655.625380\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.129.33.7 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=7057 PROTO=TCP SPT=52386 DPT=5698 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-29 05:13:54
attackspambots	TCP (SYN) 45.129.33.7:59693 -> port 5545, len 44	2020-07-28 00:51:25
attackbots	Jul 25 20:37:07 debian-2gb-nbg1-2 kernel: \[17960741.753576\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.129.33.7 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=35455 PROTO=TCP SPT=52272 DPT=5482 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-26 03:02:41
attackspambots	TCP (SYN) 45.129.33.7:52272 -> port 5410, len 44	2020-07-25 19:17:55

相同子网IP讨论:

IP	类型	评论内容	时间
45.129.33.168	attack	Dec 13 21:22:00 router.asus.com kernel: DROP IN=eth0 OUT= MAC=b8:86:87:f3:ff:58:00:01:5c:98:9a:46:08:00 SRC=45.129.33.168 DST=AA.BB.CC.DD LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=22869 PROTO=TCP SPT=59221 DPT=21398 SEQ=3578506072 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Scans from the 45.129.33.0/24 range have been incessant. hostslick.de does not respond to email.	2020-12-14 11:37:48
45.129.33.122	attackbots	Port-scan: detected 150 distinct ports within a 24-hour window.	2020-10-14 07:07:41
45.129.33.147	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 39601 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 06:03:33
45.129.33.9	attackbotsspam	TCP (SYN) 45.129.33.9:53668 -> port 10226, len 44	2020-10-14 05:49:00
45.129.33.12	attack	TCP (SYN) 45.129.33.12:54343 -> port 60282, len 44	2020-10-14 05:48:33
45.129.33.19	attack	ET DROP Dshield Block Listed Source group 1 - port: 4578 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:48:01
45.129.33.22	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 6367 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:49
45.129.33.53	attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 7394 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:33
45.129.33.56	attackbots	ET DROP Dshield Block Listed Source group 1 - port: 13478 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:47:02
45.129.33.80	attackspam	TCP (SYN) 45.129.33.80:56794 -> port 5319, len 44	2020-10-14 05:46:44
45.129.33.101	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 39596 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:46:12
45.129.33.142	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 39635 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:45:42
45.129.33.145	attack	ET DROP Dshield Block Listed Source group 1 - port: 39557 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:45:18
45.129.33.13	attack	ET DROP Dshield Block Listed Source group 1 - port: 9853 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:30:31
45.129.33.18	attack	ET DROP Dshield Block Listed Source group 1 - port: 4098 proto: tcp cat: Misc Attackbytes: 60	2020-10-14 05:29:45

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.129.33.7
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2922
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.129.33.7.			IN	A

;; AUTHORITY SECTION:
.			467	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072102 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jul 22 06:58:31 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 7.33.129.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 7.33.129.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
45.249.111.40	attack	2019-08-06T21:42:49.529754abusebot-5.cloudsearch.cf sshd\[5644\]: Invalid user nsrecover from 45.249.111.40 port 46876	2019-08-07 09:25:11
112.85.42.237	attack	Aug 7 05:54:33 areeb-Workstation sshd\[30519\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root Aug 7 05:54:35 areeb-Workstation sshd\[30519\]: Failed password for root from 112.85.42.237 port 45759 ssh2 Aug 7 05:56:45 areeb-Workstation sshd\[30889\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root ...	2019-08-07 08:35:40
117.93.112.166	attack	20 attempts against mh-ssh on beach.magehost.pro	2019-08-07 08:52:59
103.107.245.3	attackspambots	445/tcp 445/tcp 445/tcp... [2019-06-06/08-06]13pkt,1pt.(tcp)	2019-08-07 09:17:11
134.175.222.163	attack	Aug 7 01:59:45 dedicated sshd[9339]: Invalid user dcadmin from 134.175.222.163 port 33698	2019-08-07 08:38:33
103.60.137.111	attack	445/tcp 445/tcp 445/tcp... [2019-06-13/08-06]12pkt,1pt.(tcp)	2019-08-07 09:04:14
187.75.75.127	attack	Aug 6 23:48:56 * sshd[23491]: Address 187.75.75.127 maps to 187-75-75-127.dsl.telesp.net.br, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 6 23:48:56 * sshd[23491]: Invalid user docker from 187.75.75.127 Aug 6 23:48:56 * sshd[23491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.75.75.127 Aug 6 23:48:58 * sshd[23491]: Failed password for invalid user docker from 187.75.75.127 port 52148 ssh2 Aug 6 23:48:58 *** sshd[23491]: Received disconnect from 187.75.75.127: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=187.75.75.127	2019-08-07 08:45:46
51.254.248.18	attackspam	2019-08-07T00:45:08.459587 sshd[6714]: Invalid user snoopy from 51.254.248.18 port 50036 2019-08-07T00:45:08.473192 sshd[6714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.248.18 2019-08-07T00:45:08.459587 sshd[6714]: Invalid user snoopy from 51.254.248.18 port 50036 2019-08-07T00:45:10.807874 sshd[6714]: Failed password for invalid user snoopy from 51.254.248.18 port 50036 ssh2 2019-08-07T00:49:15.824441 sshd[6755]: Invalid user jessie from 51.254.248.18 port 44136 ...	2019-08-07 08:49:27
1.175.159.123	attackspam	1565130510 - 08/07/2019 05:28:30 Host: 1-175-159-123.dynamic-ip.hinet.net/1.175.159.123 Port: 23 TCP Blocked ...	2019-08-07 08:50:31
68.183.39.235	attack	Spam trapped	2019-08-07 08:47:59
209.97.169.136	attack	Aug 7 03:14:15 server sshd\[32027\]: Invalid user police from 209.97.169.136 port 56810 Aug 7 03:14:15 server sshd\[32027\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.169.136 Aug 7 03:14:18 server sshd\[32027\]: Failed password for invalid user police from 209.97.169.136 port 56810 ssh2 Aug 7 03:19:30 server sshd\[16067\]: Invalid user aurora from 209.97.169.136 port 55144 Aug 7 03:19:30 server sshd\[16067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.169.136	2019-08-07 08:36:45
209.17.97.18	attackspambots	Brute force attack stopped by firewall	2019-08-07 08:51:54
132.145.141.191	attackbotsspam	6380/tcp 8080/tcp 1433/tcp... [2019-06-10/08-06]7pkt,3pt.(tcp)	2019-08-07 09:03:03
172.105.224.78	attack	49152/tcp 49152/tcp 49152/tcp... [2019-06-06/08-06]86pkt,1pt.(tcp)	2019-08-07 09:12:05
61.155.234.38	attackbots	Aug 7 00:28:21 dedicated sshd[31228]: Invalid user jenkins from 61.155.234.38 port 47404	2019-08-07 08:48:30

最近上报的IP列表

138.100.102.25	196.102.6.87	138.187.168.0	61.137.160.232
49.233.84.59	52.217.91.211	208.187.164.18	80.181.171.71
18.217.191.248	72.49.231.46	213.125.172.128	37.231.34.144
189.43.227.150	104.42.170.101	190.80.76.242	35.184.73.158
49.143.152.33	108.25.243.193	84.56.118.178	194.237.79.153