JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.12.132.25

49.12.132.25 was found in our database!

This IP was reported 406 times. Confidence of Abuse is 100%: ?

100%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.25.132.12.49.clients.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.12.132.25

Whois 49.12.132.25

IP Abuse Reports for 49.12.132.25:

This IP address has been reported a total of 406 times from 248 distinct sources. 49.12.132.25 was first reported on January 21st 2026, and the most recent report was 2 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇭 Sawasdee	2026-06-18 04:11:45 (2 minutes ago)	SSH break in attempt ...	SSH
🇺🇸 COMPLEX	2026-06-18 03:37:35 (36 minutes ago)	Unsolicited TCP traffic \| Action: DROP \| Port 2222	Brute-Force
🇺🇸 MPL	2026-06-18 03:09:25 (1 hour ago)	tcp ports: 2222,443 (7 or more attempts)	Port Scan
🇫🇷 Petre 21_ip	2026-06-18 03:03:53 (1 hour ago)	2026-06-18T05:03:52.859436+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-18T05:03:52.859436+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=49.12.132.25 DST=155.133.26.57 LEN=40 TOS=0x00 PREC=0x00 TTL=56 ID=20961 PROTO=TCP SPT=46496 DPT=2222 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 xmission.com	2026-06-18 02:58:35 (1 hour ago)	Blocked by UFW (TCP on 80) Source port: 50514 TTL: 44 Packet length: 40 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 50514 TTL: 44 Packet length: 40 TOS: 0x08 This report (for 49.12.132.25) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 iNetWorker	2026-06-18 02:40:32 (1 hour ago)	firewall-block, port(s): 80/tcp	Port Scan
🇫🇷 EDSL	2026-06-18 02:17:19 (1 hour ago)	[mail.edsl.fr] Blocked by SysWarden Firewall (Web Attack)	Web App Attack Hacking Port Scan
🇳🇱 StopAbuse	2026-06-18 01:43:04 (2 hours ago)	tcp/80	Port Scan
🇺🇸 COMPLEX	2026-06-18 01:39:06 (2 hours ago)	Unsolicited TCP traffic \| Action: DROP \| Port 443	Phishing
Anonymous	2026-06-18 01:37:22 (2 hours ago)	Portscan: TCP/22 (3x), TCP/2222 (2x), TCP/23	Port Scan
🇺🇸 RAP	2026-06-18 01:09:08 (3 hours ago)	2026-06-18 01:09:08 UTC Unauthorized activity to TCP port 22. SSH	SSH
🇫🇷 Duggy_Tuxy🧱	2026-06-18 01:07:39 (3 hours ago)	[DS-BLKS-PROD01] Blocked by SysWarden Firewall (Telnet IoT Attack)	Brute-Force IoT Targeted Port Scan
🇺🇸 COMPLEX	2026-06-18 01:02:04 (3 hours ago)	Unsolicited TCP traffic \| Action: DROP \| Port 22	SSH
🇱🇹 NotACaptcha	2026-06-18 00:48:35 (3 hours ago)	Unauthorised access (Jun 18 03:48) SRC=49.12.132.25 LEN=40 TTL=54 ID=7056 TCP DPT=23 WINDOW=65535 SY ... show more Unauthorised access (Jun 18 03:48) SRC=49.12.132.25 LEN=40 TTL=54 ID=7056 TCP DPT=23 WINDOW=65535 SYN show less	Port Scan
🇫🇷 bellovacorp	2026-06-18 00:24:11 (3 hours ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking

Showing 1 to 15 of 406 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 128.173.237.165

🇨🇳 118.145.247.242

🇻🇳 103.78.1.33

🇷🇺 46.44.40.82

🇺🇸 35.212.221.241

🇺🇸 18.118.153.87

🇵🇭 2001:4452:13d:ce00:75db:b823:c69f:3108

🇬🇧 172.236.12.197

🇺🇸 154.201.90.18

🇬🇧 118.26.104.179

🇺🇸 54.145.222.30

🇷🇺 37.28.177.141

🇮🇩 36.90.71.214

🇩🇪 194.88.98.124

🇺🇸 144.202.82.88

🇮🇳 122.187.230.183

🇫🇮 74.125.114.151

🇮🇳 64.227.142.30

🇺🇸 18.221.8.78

🇩🇪 2620:171:f8:f0:9999::211