45.136.109.173

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: ComTrade LLC

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Honeypot attack, port: 4848, PTR: PTR record not found	2019-12-28 22:19:55
attackspambots	45.136.109.173 was recorded 5 times by 3 hosts attempting to connect to the following ports: 5565,6886,10510,10370,5800. Incident counter (4h, 24h, all-time): 5, 33, 1407	2019-11-24 02:53:24
attackbots	Unauthorised access (Nov 23) SRC=45.136.109.173 LEN=40 TTL=248 ID=16636 TCP DPT=3306 WINDOW=1024 SYN	2019-11-23 21:03:11
attackspam	45.136.109.173 was recorded 12 times by 3 hosts attempting to connect to the following ports: 45054,7002,5551,25652,6050,33555,5445,389,6036,10635,10860. Incident counter (4h, 24h, all-time): 12, 84, 1031	2019-11-18 06:30:16
attack	45.136.109.173 was recorded 12 times by 3 hosts attempting to connect to the following ports: 7744,33555,55888,101,63063,4494,4473,27872,2305,5389,29029. Incident counter (4h, 24h, all-time): 12, 57, 923	2019-11-17 01:34:06
attack	45.136.109.173 was recorded 5 times by 2 hosts attempting to connect to the following ports: 1800,1385,3306,9540,4900. Incident counter (4h, 24h, all-time): 5, 36, 142	2019-11-04 22:12:12
attack	Multiport scan : 63 ports scanned 1119 1455 1777 1995 2130 2244 2350 2485 2545 3328 3545 4040 4265 4457 4493 5001 5220 5460 5547 6185 7590 7766 7778 8135 8185 8222 8250 8265 8383 8889 8900 9235 9440 9955 9978 10230 10245 10465 10550 10580 15451 16000 20500 20902 21312 22111 25852 29792 30003 31000 31513 32032 33033 33350 33891 33894 40300 47074 51000 53053 56789 60900 62026	2019-10-31 03:36:29

Comments on same subnet:

IP	Type	Details	Datetime
45.136.109.219	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 6000 proto: tcp cat: Misc Attackbytes: 60	2020-08-19 23:39:13
45.136.109.219	attackspam	slow and persistent scanner	2020-08-17 20:34:11
45.136.109.251	attackbotsspam	Port scanning [3 denied]	2020-08-14 14:18:15
45.136.109.219	attackbots	TCP (SYN) 45.136.109.219:50230 -> port 53, len 44	2020-08-07 08:11:38
45.136.109.219	attackbotsspam	[Tue Aug 04 17:47:28 2020] - DDoS Attack From IP: 45.136.109.219 Port: 41096	2020-08-06 18:31:50
45.136.109.219	attack	TCP (SYN) 45.136.109.219:43869 -> port 53, len 44	2020-08-05 23:34:34
45.136.109.158	attack	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 3389	2020-07-22 15:39:59
45.136.109.87	attack	BruteForce RDP attempts from 45.136.109.175	2020-07-17 14:21:12
45.136.109.158	attack	SmallBizIT.US 2 packets to tcp(3389,3391)	2020-07-07 12:28:14
45.136.109.158	attackbots	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 4489 [T]	2020-07-05 22:47:55
45.136.109.175	attackspambots	Icarus honeypot on github	2020-07-02 08:25:18
45.136.109.251	attackbots	Multiport scan : 15 ports scanned 2888 3381 3382 3402 3420 3501 3502 4003 4018 5909 7926 8093 9000 9261 9833	2020-06-21 07:47:48
45.136.109.219	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 6389 proto: TCP cat: Misc Attack	2020-06-06 08:47:05
45.136.109.222	attackspam	Mar 22 03:57:09 src: 45.136.109.222 signature match: "BACKDOOR NetSphere Connection attempt" (sid: 100044) tcp port: 30100	2020-03-22 12:01:46
45.136.109.222	attackbotsspam	Mar 18 22:14:16 src: 45.136.109.222 signature match: "BACKDOOR Subseven connection attempt" (sid: 100207) tcp port: 27374	2020-03-19 06:22:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.109.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8963
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.109.173.			IN	A

;; AUTHORITY SECTION:
.			590	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103001 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 03:36:25 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 173.109.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 173.109.136.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.64.68.181	attackbotsspam	$f2bV_matches	2019-12-10 22:18:17
167.86.79.146	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-10 22:05:55
192.81.211.152	attackbotsspam	Dec 10 15:11:45 minden010 sshd[10559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.211.152 Dec 10 15:11:48 minden010 sshd[10559]: Failed password for invalid user hung from 192.81.211.152 port 42598 ssh2 Dec 10 15:17:09 minden010 sshd[12180]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.81.211.152 ...	2019-12-10 22:17:51
122.228.19.79	attackspam	12/10/2019-14:57:12.531342 122.228.19.79 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-12-10 22:14:33
117.4.137.72	attackspam	Unauthorised access (Dec 10) SRC=117.4.137.72 LEN=52 TTL=107 ID=20640 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Dec 10) SRC=117.4.137.72 LEN=52 TTL=107 ID=26272 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Dec 9) SRC=117.4.137.72 LEN=52 TTL=107 ID=2215 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-10 21:48:39
45.136.109.87	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 5916 proto: TCP cat: Misc Attack	2019-12-10 22:08:55
138.197.145.26	attack	Dec 10 02:14:32 auw2 sshd\[559\]: Invalid user abcdefghij from 138.197.145.26 Dec 10 02:14:32 auw2 sshd\[559\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26 Dec 10 02:14:34 auw2 sshd\[559\]: Failed password for invalid user abcdefghij from 138.197.145.26 port 37754 ssh2 Dec 10 02:20:21 auw2 sshd\[1203\]: Invalid user resolvando from 138.197.145.26 Dec 10 02:20:21 auw2 sshd\[1203\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.145.26	2019-12-10 22:14:08
219.144.65.204	attackspambots	Invalid user castis from 219.144.65.204 port 57402	2019-12-10 22:05:28
203.110.179.26	attackbots	Dec 10 13:40:05 mail sshd\[18383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.179.26 user=root Dec 10 13:40:06 mail sshd\[18383\]: Failed password for root from 203.110.179.26 port 53012 ssh2 Dec 10 13:48:51 mail sshd\[18489\]: Invalid user vnc from 203.110.179.26 Dec 10 13:48:51 mail sshd\[18489\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.110.179.26 ...	2019-12-10 22:11:24
91.232.196.249	attackbots	Dec 10 04:57:42 linuxvps sshd\[57553\]: Invalid user apache from 91.232.196.249 Dec 10 04:57:42 linuxvps sshd\[57553\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.232.196.249 Dec 10 04:57:44 linuxvps sshd\[57553\]: Failed password for invalid user apache from 91.232.196.249 port 41906 ssh2 Dec 10 05:03:30 linuxvps sshd\[61389\]: Invalid user henritzi from 91.232.196.249 Dec 10 05:03:30 linuxvps sshd\[61389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.232.196.249	2019-12-10 21:47:53
188.166.211.194	attackspam	Dec 10 14:40:12 MK-Soft-VM3 sshd[1614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.211.194 Dec 10 14:40:14 MK-Soft-VM3 sshd[1614]: Failed password for invalid user whynot from 188.166.211.194 port 35419 ssh2 ...	2019-12-10 21:50:50
121.142.111.222	attack	2019-12-10T06:25:14.112284abusebot-5.cloudsearch.cf sshd\[27521\]: Invalid user rakesh from 121.142.111.222 port 36852	2019-12-10 21:54:04
78.231.60.44	attackbotsspam	Dec 10 14:36:46 vtv3 sshd[21753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 14:36:48 vtv3 sshd[21753]: Failed password for invalid user aslanidis from 78.231.60.44 port 41782 ssh2 Dec 10 14:45:47 vtv3 sshd[26275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 15:02:53 vtv3 sshd[2013]: Failed password for root from 78.231.60.44 port 41858 ssh2 Dec 10 15:11:30 vtv3 sshd[6206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 15:11:32 vtv3 sshd[6206]: Failed password for invalid user nandakumar from 78.231.60.44 port 51000 ssh2 Dec 10 15:48:22 vtv3 sshd[24021]: Failed password for root from 78.231.60.44 port 32954 ssh2 Dec 10 15:56:51 vtv3 sshd[28479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.231.60.44 Dec 10 15:56:53 vtv3 sshd[28479]: Failed password for invalid user guest f	2019-12-10 21:58:11
117.64.235.237	attackspam	Dec 10 07:16:04 mxgate1 postfix/postscreen[21000]: CONNECT from [117.64.235.237]:61799 to [176.31.12.44]:25 Dec 10 07:16:04 mxgate1 postfix/dnsblog[21003]: addr 117.64.235.237 listed by domain zen.spamhaus.org as 127.0.0.11 Dec 10 07:16:04 mxgate1 postfix/dnsblog[21003]: addr 117.64.235.237 listed by domain zen.spamhaus.org as 127.0.0.2 Dec 10 07:16:04 mxgate1 postfix/dnsblog[21003]: addr 117.64.235.237 listed by domain zen.spamhaus.org as 127.0.0.4 Dec 10 07:16:04 mxgate1 postfix/dnsblog[21004]: addr 117.64.235.237 listed by domain cbl.abuseat.org as 127.0.0.2 Dec 10 07:16:04 mxgate1 postfix/dnsblog[21002]: addr 117.64.235.237 listed by domain b.barracudacentral.org as 127.0.0.2 Dec 10 07:16:04 mxgate1 postfix/postscreen[21000]: PREGREET 15 after 0.23 from [117.64.235.237]:61799: EHLO m8sGx0U4 Dec 10 07:16:04 mxgate1 postfix/postscreen[21000]: DNSBL rank 4 for [117.64.235.237]:61799 Dec 10 07:16:05 mxgate1 postfix/postscreen[21000]: NOQUEUE: reject: RCPT from [117.64......... -------------------------------	2019-12-10 22:01:02
219.90.67.89	attack	Dec 10 03:52:33 php1 sshd\[8832\]: Invalid user niven from 219.90.67.89 Dec 10 03:52:33 php1 sshd\[8832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89 Dec 10 03:52:35 php1 sshd\[8832\]: Failed password for invalid user niven from 219.90.67.89 port 41218 ssh2 Dec 10 03:59:06 php1 sshd\[9488\]: Invalid user megafile from 219.90.67.89 Dec 10 03:59:06 php1 sshd\[9488\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.90.67.89	2019-12-10 21:59:45

Recently Reported IPs

71.124.125.116	57.13.137.219	212.106.115.126	222.127.33.86
68.253.216.82	42.157.73.70	106.122.135.108	13.127.69.35
13.215.120.14	254.42.249.164	6.24.147.38	131.140.104.220
61.123.232.2	238.51.228.145	125.214.56.112	48.7.152.121
210.71.199.251	16.83.248.13	197.239.87.51	56.39.159.167