45.136.109.82 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: ComTrade LLC

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Nov 15 23:04:19 mc1 kernel: \[5141726.470634\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=63095 PROTO=TCP SPT=56799 DPT=9744 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 23:05:31 mc1 kernel: \[5141798.383413\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=23950 PROTO=TCP SPT=56799 DPT=8272 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 23:05:56 mc1 kernel: \[5141824.201369\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=45023 PROTO=TCP SPT=56799 DPT=9309 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-16 06:15:41
attackspam	Nov 15 01:45:45 mc1 kernel: \[5065015.406622\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=58357 PROTO=TCP SPT=56799 DPT=8433 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 01:45:57 mc1 kernel: \[5065027.372515\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=64683 PROTO=TCP SPT=56799 DPT=9817 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 01:49:02 mc1 kernel: \[5065212.685291\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=57948 PROTO=TCP SPT=56799 DPT=8804 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-15 08:59:45
attack	Nov 12 18:03:37 h2177944 kernel: \[6453755.573830\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=35207 PROTO=TCP SPT=56799 DPT=8944 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:04:07 h2177944 kernel: \[6453785.086582\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=23504 PROTO=TCP SPT=56799 DPT=8371 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:05:05 h2177944 kernel: \[6453843.259422\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=24781 PROTO=TCP SPT=56799 DPT=9832 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:05:15 h2177944 kernel: \[6453853.116786\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=33534 PROTO=TCP SPT=56799 DPT=8186 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:06:08 h2177944 kernel: \[6453906.529866\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9	2019-11-13 01:07:15
attackspam	Nov 12 10:56:24 mc1 kernel: \[4838863.439063\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=48002 PROTO=TCP SPT=56799 DPT=8328 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 10:58:17 mc1 kernel: \[4838976.493959\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=48872 PROTO=TCP SPT=56799 DPT=9681 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 11:02:58 mc1 kernel: \[4839257.245188\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=2133 PROTO=TCP SPT=56799 DPT=9199 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-12 18:27:33
attackspam	45.136.109.82 was recorded 159 times by 25 hosts attempting to connect to the following ports: 9851,9825,9810,9903,9935,9863,9896,9924,9849,9888,9823,9821,9925,9829,9812,9916,9854,9881,9861,9813,9904,9931,9960,9921,9907,9847,9815,9818,9824,9877,9848,9809,9912,9961,9827,9959,9884,9869,9862,9997,9819,9850,9996,9910,9801,9936,9918,9817,9954,9993,9859,9800,9820,9930,9807,9843,9822,9860,9909,9830,9920,9802,9927,9858,9914,9856,9852,9974,9906,9890,9908,9875,9894,9806,9844,10000,9814,9840,9947,9971,9964,9967,9895,9842,9901,9835,9957,9887,9811,9889,9929,9834,9871,9808,9972,9885,9816,9982,9932. Incident counter (4h, 24h, all-time): 159, 892, 3513	2019-11-11 02:57:27
attackbots	11/07/2019-17:04:32.266975 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-08 06:25:40
attackbotsspam	10/30/2019-13:15:24.999845 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-31 01:25:33
attackbots	10/27/2019-19:35:56.593990 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-28 08:05:42
attackbots	10/26/2019-19:15:13.223519 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-27 07:55:56
attack	10/25/2019-18:37:21.948245 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-26 07:37:14
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 30 - port: 9160 proto: TCP cat: Misc Attack	2019-10-25 07:01:34
attackbotsspam	10/22/2019-14:16:53.779324 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-23 03:51:00
attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 32 - port: 9228 proto: TCP cat: Misc Attack	2019-10-21 16:40:07
attackspambots	10/18/2019-15:52:00.538764 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-19 05:20:37
attack	10/18/2019-08:57:54.567495 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-18 21:48:20
attackbotsspam	10/17/2019-07:28:17.096915 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-17 19:34:26
attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-16 09:54:31
attackspambots	10/15/2019-07:48:34.735424 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-15 21:11:56
attackspam	10/15/2019-06:08:47.072263 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-15 18:28:26
attack	10/14/2019-17:21:32.120732 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-15 05:38:01
attackspambots	Port-scan: detected 180 distinct ports within a 24-hour window.	2019-10-15 03:05:17
attack	10/09/2019-08:34:27.687031 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-09 21:32:57
attackspam	10/09/2019-00:22:03.156132 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-09 14:14:50

Comments on same subnet:

IP	Type	Details	Datetime
45.136.109.219	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 6000 proto: tcp cat: Misc Attackbytes: 60	2020-08-19 23:39:13
45.136.109.219	attackspam	slow and persistent scanner	2020-08-17 20:34:11
45.136.109.251	attackbotsspam	Port scanning [3 denied]	2020-08-14 14:18:15
45.136.109.219	attackbots	TCP (SYN) 45.136.109.219:50230 -> port 53, len 44	2020-08-07 08:11:38
45.136.109.219	attackbotsspam	[Tue Aug 04 17:47:28 2020] - DDoS Attack From IP: 45.136.109.219 Port: 41096	2020-08-06 18:31:50
45.136.109.219	attack	TCP (SYN) 45.136.109.219:43869 -> port 53, len 44	2020-08-05 23:34:34
45.136.109.158	attack	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 3389	2020-07-22 15:39:59
45.136.109.87	attack	BruteForce RDP attempts from 45.136.109.175	2020-07-17 14:21:12
45.136.109.158	attack	SmallBizIT.US 2 packets to tcp(3389,3391)	2020-07-07 12:28:14
45.136.109.158	attackbots	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 4489 [T]	2020-07-05 22:47:55
45.136.109.175	attackspambots	Icarus honeypot on github	2020-07-02 08:25:18
45.136.109.251	attackbots	Multiport scan : 15 ports scanned 2888 3381 3382 3402 3420 3501 3502 4003 4018 5909 7926 8093 9000 9261 9833	2020-06-21 07:47:48
45.136.109.219	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 6389 proto: TCP cat: Misc Attack	2020-06-06 08:47:05
45.136.109.222	attackspam	Mar 22 03:57:09 src: 45.136.109.222 signature match: "BACKDOOR NetSphere Connection attempt" (sid: 100044) tcp port: 30100	2020-03-22 12:01:46
45.136.109.222	attackbotsspam	Mar 18 22:14:16 src: 45.136.109.222 signature match: "BACKDOOR Subseven connection attempt" (sid: 100207) tcp port: 27374	2020-03-19 06:22:33

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.109.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47564
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.109.82.			IN	A

;; AUTHORITY SECTION:
.			479	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100900 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 09 14:15:46 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 82.109.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 82.109.136.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.59.31.109	attackbotsspam	Unauthorized connection attempt detected from IP address 111.59.31.109 to port 80	2019-12-31 20:11:10
46.38.144.146	attackspambots	Dec 31 12:28:18 relay postfix/smtpd\[15598\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 31 12:28:41 relay postfix/smtpd\[28558\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 31 12:29:18 relay postfix/smtpd\[15608\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 31 12:29:42 relay postfix/smtpd\[27679\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 31 12:30:20 relay postfix/smtpd\[15606\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-12-31 19:33:50
120.78.185.116	attackspambots	Dec 31 11:33:46 debian-2gb-nbg1-2 kernel: \[47761.478777\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=120.78.185.116 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=51202 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-31 20:07:50
192.99.28.247	attackbots	2019-12-31T08:52:12.682827homeassistant sshd[2730]: Invalid user netdev from 192.99.28.247 port 39377 2019-12-31T08:52:12.689055homeassistant sshd[2730]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.28.247 ...	2019-12-31 19:32:45
202.102.90.226	attackbots	Unauthorized connection attempt detected from IP address 202.102.90.226 to port 6380	2019-12-31 19:59:26
220.191.25.139	attackspambots	Unauthorized connection attempt detected from IP address 220.191.25.139 to port 5555	2019-12-31 19:56:23
181.188.155.45	attackspambots	Unauthorized connection attempt detected from IP address 181.188.155.45 to port 1433	2019-12-31 20:01:15
123.97.139.220	attackbots	Unauthorized connection attempt detected from IP address 123.97.139.220 to port 445	2019-12-31 20:05:36
153.223.235.22	attack	Unauthorized connection attempt detected from IP address 153.223.235.22 to port 9000	2019-12-31 20:03:45
113.172.200.2	attackbotsspam	Dec 31 06:13:50 euve59663 sshd[12147]: Address 113.172.200.2 maps to st= atic.vnpt.vn, but this does not map back to the address - POSSIBLE BREA= K-IN ATTEMPT! Dec 31 06:13:50 euve59663 sshd[12147]: Invalid user system from 113.172= .200.2 Dec 31 06:13:50 euve59663 sshd[12147]: pam_unix(sshd:auth): authenticat= ion failure; logname=3D uid=3D0 euid=3D0 tty=3Dssh ruser=3D rhost=3D113= .172.200.2=20 Dec 31 06:13:52 euve59663 sshd[12147]: Failed password for invalid user= system from 113.172.200.2 port 52996 ssh2 Dec 31 06:13:53 euve59663 sshd[12147]: Connection closed by 113.172.200= .2 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.172.200.2	2019-12-31 19:48:02
14.241.38.57	attackspam	1577773351 - 12/31/2019 07:22:31 Host: 14.241.38.57/14.241.38.57 Port: 445 TCP Blocked	2019-12-31 19:39:32
117.132.193.92	attackbots	Unauthorized connection attempt detected from IP address 117.132.193.92 to port 5555	2019-12-31 20:08:55
129.28.141.140	attack	Unauthorized connection attempt detected from IP address 129.28.141.140 to port 80	2019-12-31 20:04:17
20.185.73.59	attack	Brute force attack against VPN service	2019-12-31 19:37:49
182.61.104.171	attack	Invalid user wernik from 182.61.104.171 port 45026	2019-12-31 19:43:43

Recently Reported IPs

122.152.48.62	46.173.185.153	5.149.158.66	198.71.233.87
110.93.246.72	58.178.93.119	186.4.156.132	220.94.70.32
117.219.215.52	93.95.102.88	45.248.68.69	157.245.195.158
111.230.143.110	79.105.61.203	222.252.0.227	159.253.146.19
5.250.80.73	61.173.81.1	131.224.219.22	14.14.164.11