45.136.109.221

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: ComTrade LLC

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-17 22:50:05
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-15 04:34:17

Comments on same subnet:

IP	Type	Details	Datetime
45.136.109.219	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 6000 proto: tcp cat: Misc Attackbytes: 60	2020-08-19 23:39:13
45.136.109.219	attackspam	slow and persistent scanner	2020-08-17 20:34:11
45.136.109.251	attackbotsspam	Port scanning [3 denied]	2020-08-14 14:18:15
45.136.109.219	attackbots	TCP (SYN) 45.136.109.219:50230 -> port 53, len 44	2020-08-07 08:11:38
45.136.109.219	attackbotsspam	[Tue Aug 04 17:47:28 2020] - DDoS Attack From IP: 45.136.109.219 Port: 41096	2020-08-06 18:31:50
45.136.109.219	attack	TCP (SYN) 45.136.109.219:43869 -> port 53, len 44	2020-08-05 23:34:34
45.136.109.158	attack	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 3389	2020-07-22 15:39:59
45.136.109.87	attack	BruteForce RDP attempts from 45.136.109.175	2020-07-17 14:21:12
45.136.109.158	attack	SmallBizIT.US 2 packets to tcp(3389,3391)	2020-07-07 12:28:14
45.136.109.158	attackbots	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 4489 [T]	2020-07-05 22:47:55
45.136.109.175	attackspambots	Icarus honeypot on github	2020-07-02 08:25:18
45.136.109.251	attackbots	Multiport scan : 15 ports scanned 2888 3381 3382 3402 3420 3501 3502 4003 4018 5909 7926 8093 9000 9261 9833	2020-06-21 07:47:48
45.136.109.219	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 6389 proto: TCP cat: Misc Attack	2020-06-06 08:47:05
45.136.109.222	attackspam	Mar 22 03:57:09 src: 45.136.109.222 signature match: "BACKDOOR NetSphere Connection attempt" (sid: 100044) tcp port: 30100	2020-03-22 12:01:46
45.136.109.222	attackbotsspam	Mar 18 22:14:16 src: 45.136.109.222 signature match: "BACKDOOR Subseven connection attempt" (sid: 100207) tcp port: 27374	2020-03-19 06:22:33

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.109.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42181
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.109.221.			IN	A

;; AUTHORITY SECTION:
.			139	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120801 1800 900 604800 86400

;; Query time: 2094 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 09 09:52:55 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 221.109.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 221.109.136.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.248.30.249	attackspambots	Nov 10 16:31:00 legacy sshd[31148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.30.249 Nov 10 16:31:02 legacy sshd[31148]: Failed password for invalid user administrator from 104.248.30.249 port 34712 ssh2 Nov 10 16:34:24 legacy sshd[31253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.30.249 ...	2019-11-10 23:42:14
120.71.146.45	attackbots	Nov 10 16:46:57 MK-Soft-VM7 sshd[12701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.71.146.45 Nov 10 16:46:58 MK-Soft-VM7 sshd[12701]: Failed password for invalid user Tour123 from 120.71.146.45 port 36833 ssh2 ...	2019-11-11 00:03:19
45.91.149.54	attackbots	Nov 11 00:15:25 our-server-hostname postfix/smtpd[1407]: connect from unknown[45.91.149.54] Nov 11 00:15:28 our-server-hostname postfix/smtpd[1161]: connect from unknown[45.91.149.54] Nov x@x Nov x@x Nov 11 00:15:30 our-server-hostname postfix/smtpd[1161]: 44B74A40041: client=unknown[45.91.149.54] Nov x@x Nov x@x Nov 11 00:15:30 our-server-hostname postfix/smtpd[1407]: 4770CA40095: client=unknown[45.91.149.54] Nov 11 00:15:30 our-server-hostname postfix/smtpd[31863]: B5911A40096: client=unknown[127.0.0.1], orig_client=unknown[45.91.149.54] Nov 11 00:15:30 our-server-hostname amavis[28801]: (28801-11) Passed CLEAN, [45.91.149.54] [45.91.149.54] , mail_id: l19rXm01NxAG, Hhostnames: -, size: 6184, queued_as: B5911A40096, 112 ms Nov x@x Nov x@x Nov 11 00:15:31 our-server-hostname postfix/smtpd[1161]: 04FECA40041: client=unknown[45.91.149.54] Nov 11 00:15:31 our-server-hostname postfix/smtpd[31863]: 1CC0CA40096: client=unknown[127.0.0.1], orig_client=unknown[45.91.149.5........ -------------------------------	2019-11-10 23:40:53
118.24.114.192	attack	2019-11-10T15:21:55.062959abusebot-3.cloudsearch.cf sshd\[19350\]: Invalid user dougg from 118.24.114.192 port 39878	2019-11-11 00:10:18
181.56.69.185	attackspam	2019-11-10T14:42:02.821605hub.schaetter.us sshd\[23212\]: Invalid user perry from 181.56.69.185 port 23211 2019-11-10T14:42:02.843317hub.schaetter.us sshd\[23212\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.56.69.185 2019-11-10T14:42:05.566422hub.schaetter.us sshd\[23212\]: Failed password for invalid user perry from 181.56.69.185 port 23211 ssh2 2019-11-10T14:46:09.865854hub.schaetter.us sshd\[23255\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.56.69.185 user=root 2019-11-10T14:46:11.831065hub.schaetter.us sshd\[23255\]: Failed password for root from 181.56.69.185 port 64362 ssh2 ...	2019-11-10 23:50:56
103.212.235.147	attackbotsspam	Nov 7 19:36:18 HOST sshd[3013]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.235.147 user=r.r Nov 7 19:36:19 HOST sshd[3013]: Failed password for r.r from 103.212.235.147 port 42868 ssh2 Nov 7 19:36:20 HOST sshd[3013]: Received disconnect from 103.212.235.147: 11: Bye Bye [preauth] Nov 7 19:58:44 HOST sshd[3526]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.212.235.147 user=r.r Nov 7 19:58:46 HOST sshd[3526]: Failed password for r.r from 103.212.235.147 port 60490 ssh2 Nov 7 19:58:46 HOST sshd[3526]: Received disconnect from 103.212.235.147: 11: Bye Bye [preauth] Nov 7 20:04:49 HOST sshd[3664]: Failed password for invalid user dmkim from 103.212.235.147 port 45318 ssh2 Nov 7 20:04:49 HOST sshd[3664]: Received disconnect from 103.212.235.147: 11: Bye Bye [preauth] Nov 7 20:09:20 HOST sshd[3826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tt........ -------------------------------	2019-11-11 00:15:39
2.137.102.27	attackspam	ssh failed login	2019-11-11 00:23:52
185.176.27.98	attackbotsspam	185.176.27.98 was recorded 36 times by 17 hosts attempting to connect to the following ports: 47523,47521,47522,15305,15304. Incident counter (4h, 24h, all-time): 36, 216, 806	2019-11-10 23:54:43
106.53.19.186	attackspambots	Nov 10 06:02:34 php1 sshd\[7432\]: Invalid user saini from 106.53.19.186 Nov 10 06:02:34 php1 sshd\[7432\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.19.186 Nov 10 06:02:36 php1 sshd\[7432\]: Failed password for invalid user saini from 106.53.19.186 port 36934 ssh2 Nov 10 06:06:26 php1 sshd\[7961\]: Invalid user netdump from 106.53.19.186 Nov 10 06:06:26 php1 sshd\[7961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.19.186	2019-11-11 00:12:59
64.91.244.152	attack	Nov 10 15:36:53 srv-ubuntu-dev3 sshd[34846]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.91.244.152 user=root Nov 10 15:36:55 srv-ubuntu-dev3 sshd[34846]: Failed password for root from 64.91.244.152 port 46038 ssh2 Nov 10 15:39:54 srv-ubuntu-dev3 sshd[35228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.91.244.152 user=root Nov 10 15:39:56 srv-ubuntu-dev3 sshd[35228]: Failed password for root from 64.91.244.152 port 49630 ssh2 Nov 10 15:42:57 srv-ubuntu-dev3 sshd[35477]: Invalid user webmin from 64.91.244.152 Nov 10 15:42:57 srv-ubuntu-dev3 sshd[35477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=64.91.244.152 Nov 10 15:42:57 srv-ubuntu-dev3 sshd[35477]: Invalid user webmin from 64.91.244.152 Nov 10 15:42:59 srv-ubuntu-dev3 sshd[35477]: Failed password for invalid user webmin from 64.91.244.152 port 53238 ssh2 Nov 10 15:45:53 srv-ubuntu-dev3 sshd[35 ...	2019-11-11 00:10:36
190.9.132.202	attackbotsspam	Nov 10 15:42:00 MK-Soft-Root2 sshd[29741]: Failed password for root from 190.9.132.202 port 47382 ssh2 Nov 10 15:46:12 MK-Soft-Root2 sshd[30518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.132.202 ...	2019-11-10 23:46:10
183.171.73.142	attack	Unauthorized connection attempt from IP address 183.171.73.142 on Port 445(SMB)	2019-11-10 23:44:53
86.105.53.166	attack	Nov 10 16:47:19 vps691689 sshd[24420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.105.53.166 Nov 10 16:47:20 vps691689 sshd[24420]: Failed password for invalid user guest from 86.105.53.166 port 35071 ssh2 Nov 10 16:50:24 vps691689 sshd[24527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.105.53.166 ...	2019-11-11 00:03:37
189.7.25.34	attack	Nov 10 15:54:45 h2177944 sshd\[22448\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.25.34 user=root Nov 10 15:54:47 h2177944 sshd\[22448\]: Failed password for root from 189.7.25.34 port 50423 ssh2 Nov 10 16:00:04 h2177944 sshd\[22603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.25.34 user=root Nov 10 16:00:07 h2177944 sshd\[22603\]: Failed password for root from 189.7.25.34 port 40501 ssh2 ...	2019-11-10 23:52:47
41.46.83.100	attackspam	Unauthorized connection attempt from IP address 41.46.83.100 on Port 445(SMB)	2019-11-10 23:55:39

Recently Reported IPs

251.129.82.0	94.204.69.184	23.108.208.72	198.147.221.34
208.98.109.127	243.172.228.22	243.71.194.104	18.179.35.33
230.132.155.101	121.50.191.190	93.170.114.190	133.226.92.21
108.130.123.18	93.125.84.179	242.157.210.208	113.3.223.140
152.115.217.104	106.28.124.198	104.225.223.31	89.220.222.24