City: unknown
Region: unknown
Country: Germany
Internet Service Provider: ComTrade LLC
Hostname: unknown
Organization: unknown
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attack | Sep 19 17:49:51 mc1 kernel: \[194653.709007\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=37591 PROTO=TCP SPT=48372 DPT=9696 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 19 17:56:00 mc1 kernel: \[195022.090116\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=34475 PROTO=TCP SPT=48372 DPT=9536 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 19 17:56:02 mc1 kernel: \[195024.079515\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=46547 PROTO=TCP SPT=48372 DPT=9158 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-09-20 01:02:03 |
| attackbots | Port scan |
2019-09-14 05:34:23 |
| attackspambots | Sep 13 10:14:36 TCP Attack: SRC=45.136.109.50 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=241 PROTO=TCP SPT=48510 DPT=9608 WINDOW=1024 RES=0x00 SYN URGP=0 |
2019-09-13 18:17:38 |
| attackspambots | Sep 11 11:19:34 mc1 kernel: \[744140.926030\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=21626 PROTO=TCP SPT=42250 DPT=9453 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 11:25:07 mc1 kernel: \[744473.369660\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=3614 PROTO=TCP SPT=42250 DPT=9644 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 11 11:27:00 mc1 kernel: \[744586.411692\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.50 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=587 PROTO=TCP SPT=42250 DPT=9440 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2019-09-11 19:35:15 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.136.109.219 | attackspambots | ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 6000 proto: tcp cat: Misc Attackbytes: 60 |
2020-08-19 23:39:13 |
| 45.136.109.219 | attackspam | slow and persistent scanner |
2020-08-17 20:34:11 |
| 45.136.109.251 | attackbotsspam | Port scanning [3 denied] |
2020-08-14 14:18:15 |
| 45.136.109.219 | attackbots |
|
2020-08-07 08:11:38 |
| 45.136.109.219 | attackbotsspam | [Tue Aug 04 17:47:28 2020] - DDoS Attack From IP: 45.136.109.219 Port: 41096 |
2020-08-06 18:31:50 |
| 45.136.109.219 | attack |
|
2020-08-05 23:34:34 |
| 45.136.109.158 | attack | Unauthorized connection attempt detected from IP address 45.136.109.158 to port 3389 |
2020-07-22 15:39:59 |
| 45.136.109.87 | attack | BruteForce RDP attempts from 45.136.109.175 |
2020-07-17 14:21:12 |
| 45.136.109.158 | attack | SmallBizIT.US 2 packets to tcp(3389,3391) |
2020-07-07 12:28:14 |
| 45.136.109.158 | attackbots | Unauthorized connection attempt detected from IP address 45.136.109.158 to port 4489 [T] |
2020-07-05 22:47:55 |
| 45.136.109.175 | attackspambots | Icarus honeypot on github |
2020-07-02 08:25:18 |
| 45.136.109.251 | attackbots | Multiport scan : 15 ports scanned 2888 3381 3382 3402 3420 3501 3502 4003 4018 5909 7926 8093 9000 9261 9833 |
2020-06-21 07:47:48 |
| 45.136.109.219 | attackbots | ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 6389 proto: TCP cat: Misc Attack |
2020-06-06 08:47:05 |
| 45.136.109.222 | attackspam | Mar 22 03:57:09 src: 45.136.109.222 signature match: "BACKDOOR NetSphere Connection attempt" (sid: 100044) tcp port: 30100 |
2020-03-22 12:01:46 |
| 45.136.109.222 | attackbotsspam | Mar 18 22:14:16 src: 45.136.109.222 signature match: "BACKDOOR Subseven connection attempt" (sid: 100207) tcp port: 27374 |
2020-03-19 06:22:33 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.109.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29861
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.109.50. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019091100 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 11 19:35:09 CST 2019
;; MSG SIZE rcvd: 117Host 50.109.136.45.in-addr.arpa. not found: 3(NXDOMAIN)Server: 67.207.67.2
Address: 67.207.67.2#53
** server can't find 50.109.136.45.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.170.73.7 | attackspam | $f2bV_matches |
2020-06-14 13:05:08 |
| 112.85.42.89 | attackspambots | Jun 14 06:34:13 [host] sshd[19357]: pam_unix(sshd: Jun 14 06:34:16 [host] sshd[19357]: Failed passwor Jun 14 06:34:18 [host] sshd[19357]: Failed passwor |
2020-06-14 12:59:55 |
| 111.231.220.177 | attack | Invalid user gbase from 111.231.220.177 port 36372 |
2020-06-14 12:15:11 |
| 47.92.109.56 | attack | Port scan detected on ports: 7001[TCP], 7002[TCP], 8088[TCP] |
2020-06-14 12:18:32 |
| 222.186.31.166 | attack | Jun 14 00:48:56 NPSTNNYC01T sshd[14346]: Failed password for root from 222.186.31.166 port 42913 ssh2 Jun 14 00:48:58 NPSTNNYC01T sshd[14346]: Failed password for root from 222.186.31.166 port 42913 ssh2 Jun 14 00:49:00 NPSTNNYC01T sshd[14346]: Failed password for root from 222.186.31.166 port 42913 ssh2 ... |
2020-06-14 12:52:20 |
| 188.166.1.140 | attackbotsspam | Fail2Ban Ban Triggered |
2020-06-14 12:29:14 |
| 65.52.196.134 | attackbotsspam | Invalid user pevyraymond from 65.52.196.134 port 47478 |
2020-06-14 13:03:14 |
| 139.198.191.86 | attackspam | Too many connections or unauthorized access detected from Arctic banned ip |
2020-06-14 12:58:23 |
| 87.251.74.50 | attackbotsspam | 2020-06-14T04:17:33.804495homeassistant sshd[26657]: Invalid user admin from 87.251.74.50 port 53074 2020-06-14T04:17:33.965972homeassistant sshd[26656]: Invalid user user from 87.251.74.50 port 53088 ... |
2020-06-14 12:31:15 |
| 51.75.66.142 | attackbots | Jun 14 03:51:50 ip-172-31-61-156 sshd[31860]: Failed password for root from 51.75.66.142 port 38450 ssh2 Jun 14 03:55:18 ip-172-31-61-156 sshd[32021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.66.142 user=root Jun 14 03:55:20 ip-172-31-61-156 sshd[32021]: Failed password for root from 51.75.66.142 port 40602 ssh2 Jun 14 03:55:18 ip-172-31-61-156 sshd[32021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.66.142 user=root Jun 14 03:55:20 ip-172-31-61-156 sshd[32021]: Failed password for root from 51.75.66.142 port 40602 ssh2 ... |
2020-06-14 12:58:54 |
| 222.186.30.59 | attack | Jun 14 00:22:59 ny01 sshd[3531]: Failed password for root from 222.186.30.59 port 22239 ssh2 Jun 14 00:23:51 ny01 sshd[3632]: Failed password for root from 222.186.30.59 port 53116 ssh2 |
2020-06-14 12:39:05 |
| 178.217.169.247 | attack | Jun 14 05:45:17 gestao sshd[1275]: Failed password for root from 178.217.169.247 port 34581 ssh2 Jun 14 05:49:24 gestao sshd[1383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.217.169.247 Jun 14 05:49:26 gestao sshd[1383]: Failed password for invalid user andre from 178.217.169.247 port 35656 ssh2 ... |
2020-06-14 13:07:00 |
| 98.246.134.147 | attackbots | Jun 14 05:55:28 vmd17057 sshd[27169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.246.134.147 Jun 14 05:55:28 vmd17057 sshd[27170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.246.134.147 ... |
2020-06-14 12:52:53 |
| 79.137.163.43 | attack | Jun 14 09:10:00 gw1 sshd[3480]: Failed password for root from 79.137.163.43 port 36366 ssh2 Jun 14 09:14:40 gw1 sshd[3585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.163.43 ... |
2020-06-14 12:33:50 |
| 198.204.244.90 | attack | 20 attempts against mh-misbehave-ban on twig |
2020-06-14 12:46:58 |