45.136.109.82 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: ComTrade LLC

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Nov 15 23:04:19 mc1 kernel: \[5141726.470634\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=63095 PROTO=TCP SPT=56799 DPT=9744 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 23:05:31 mc1 kernel: \[5141798.383413\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=23950 PROTO=TCP SPT=56799 DPT=8272 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 23:05:56 mc1 kernel: \[5141824.201369\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=45023 PROTO=TCP SPT=56799 DPT=9309 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-16 06:15:41
attackspam	Nov 15 01:45:45 mc1 kernel: \[5065015.406622\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=58357 PROTO=TCP SPT=56799 DPT=8433 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 01:45:57 mc1 kernel: \[5065027.372515\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=64683 PROTO=TCP SPT=56799 DPT=9817 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 15 01:49:02 mc1 kernel: \[5065212.685291\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=57948 PROTO=TCP SPT=56799 DPT=8804 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-15 08:59:45
attack	Nov 12 18:03:37 h2177944 kernel: \[6453755.573830\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=35207 PROTO=TCP SPT=56799 DPT=8944 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:04:07 h2177944 kernel: \[6453785.086582\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=23504 PROTO=TCP SPT=56799 DPT=8371 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:05:05 h2177944 kernel: \[6453843.259422\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=24781 PROTO=TCP SPT=56799 DPT=9832 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:05:15 h2177944 kernel: \[6453853.116786\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=33534 PROTO=TCP SPT=56799 DPT=8186 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 18:06:08 h2177944 kernel: \[6453906.529866\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.82 DST=85.214.117.9	2019-11-13 01:07:15
attackspam	Nov 12 10:56:24 mc1 kernel: \[4838863.439063\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=48002 PROTO=TCP SPT=56799 DPT=8328 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 10:58:17 mc1 kernel: \[4838976.493959\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=48872 PROTO=TCP SPT=56799 DPT=9681 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 12 11:02:58 mc1 kernel: \[4839257.245188\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.82 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=2133 PROTO=TCP SPT=56799 DPT=9199 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-12 18:27:33
attackspam	45.136.109.82 was recorded 159 times by 25 hosts attempting to connect to the following ports: 9851,9825,9810,9903,9935,9863,9896,9924,9849,9888,9823,9821,9925,9829,9812,9916,9854,9881,9861,9813,9904,9931,9960,9921,9907,9847,9815,9818,9824,9877,9848,9809,9912,9961,9827,9959,9884,9869,9862,9997,9819,9850,9996,9910,9801,9936,9918,9817,9954,9993,9859,9800,9820,9930,9807,9843,9822,9860,9909,9830,9920,9802,9927,9858,9914,9856,9852,9974,9906,9890,9908,9875,9894,9806,9844,10000,9814,9840,9947,9971,9964,9967,9895,9842,9901,9835,9957,9887,9811,9889,9929,9834,9871,9808,9972,9885,9816,9982,9932. Incident counter (4h, 24h, all-time): 159, 892, 3513	2019-11-11 02:57:27
attackbots	11/07/2019-17:04:32.266975 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-08 06:25:40
attackbotsspam	10/30/2019-13:15:24.999845 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-31 01:25:33
attackbots	10/27/2019-19:35:56.593990 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-28 08:05:42
attackbots	10/26/2019-19:15:13.223519 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-27 07:55:56
attack	10/25/2019-18:37:21.948245 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-26 07:37:14
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 30 - port: 9160 proto: TCP cat: Misc Attack	2019-10-25 07:01:34
attackbotsspam	10/22/2019-14:16:53.779324 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-23 03:51:00
attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 32 - port: 9228 proto: TCP cat: Misc Attack	2019-10-21 16:40:07
attackspambots	10/18/2019-15:52:00.538764 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-19 05:20:37
attack	10/18/2019-08:57:54.567495 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-18 21:48:20
attackbotsspam	10/17/2019-07:28:17.096915 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-17 19:34:26
attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-10-16 09:54:31
attackspambots	10/15/2019-07:48:34.735424 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-15 21:11:56
attackspam	10/15/2019-06:08:47.072263 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-15 18:28:26
attack	10/14/2019-17:21:32.120732 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-15 05:38:01
attackspambots	Port-scan: detected 180 distinct ports within a 24-hour window.	2019-10-15 03:05:17
attack	10/09/2019-08:34:27.687031 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-09 21:32:57
attackspam	10/09/2019-00:22:03.156132 45.136.109.82 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-09 14:14:50

Comments on same subnet:

IP	Type	Details	Datetime
45.136.109.219	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 6000 proto: tcp cat: Misc Attackbytes: 60	2020-08-19 23:39:13
45.136.109.219	attackspam	slow and persistent scanner	2020-08-17 20:34:11
45.136.109.251	attackbotsspam	Port scanning [3 denied]	2020-08-14 14:18:15
45.136.109.219	attackbots	TCP (SYN) 45.136.109.219:50230 -> port 53, len 44	2020-08-07 08:11:38
45.136.109.219	attackbotsspam	[Tue Aug 04 17:47:28 2020] - DDoS Attack From IP: 45.136.109.219 Port: 41096	2020-08-06 18:31:50
45.136.109.219	attack	TCP (SYN) 45.136.109.219:43869 -> port 53, len 44	2020-08-05 23:34:34
45.136.109.158	attack	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 3389	2020-07-22 15:39:59
45.136.109.87	attack	BruteForce RDP attempts from 45.136.109.175	2020-07-17 14:21:12
45.136.109.158	attack	SmallBizIT.US 2 packets to tcp(3389,3391)	2020-07-07 12:28:14
45.136.109.158	attackbots	Unauthorized connection attempt detected from IP address 45.136.109.158 to port 4489 [T]	2020-07-05 22:47:55
45.136.109.175	attackspambots	Icarus honeypot on github	2020-07-02 08:25:18
45.136.109.251	attackbots	Multiport scan : 15 ports scanned 2888 3381 3382 3402 3420 3501 3502 4003 4018 5909 7926 8093 9000 9261 9833	2020-06-21 07:47:48
45.136.109.219	attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 6389 proto: TCP cat: Misc Attack	2020-06-06 08:47:05
45.136.109.222	attackspam	Mar 22 03:57:09 src: 45.136.109.222 signature match: "BACKDOOR NetSphere Connection attempt" (sid: 100044) tcp port: 30100	2020-03-22 12:01:46
45.136.109.222	attackbotsspam	Mar 18 22:14:16 src: 45.136.109.222 signature match: "BACKDOOR Subseven connection attempt" (sid: 100207) tcp port: 27374	2020-03-19 06:22:33

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.109.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47564
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.109.82.			IN	A

;; AUTHORITY SECTION:
.			479	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100900 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 09 14:15:46 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 82.109.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 82.109.136.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.226.129.90	attack	Invalid user oracle2 from 129.226.129.90 port 34322	2020-04-21 22:06:49
120.71.147.93	attack	Invalid user ks from 120.71.147.93 port 36683	2020-04-21 22:12:40
104.131.249.57	attackbots	Apr 21 04:08:16 web1 sshd\[6623\]: Invalid user git from 104.131.249.57 Apr 21 04:08:16 web1 sshd\[6623\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.249.57 Apr 21 04:08:18 web1 sshd\[6623\]: Failed password for invalid user git from 104.131.249.57 port 44331 ssh2 Apr 21 04:14:01 web1 sshd\[7142\]: Invalid user ga from 104.131.249.57 Apr 21 04:14:01 web1 sshd\[7142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.249.57	2020-04-21 22:26:40
187.111.211.14	attack	trying to login to mikrotik from zyxel device	2020-04-21 22:30:20
129.144.62.179	attackbotsspam	Invalid user dixie from 129.144.62.179 port 61961	2020-04-21 22:08:00
123.206.76.119	attack	Invalid user sr from 123.206.76.119 port 52242	2020-04-21 22:09:43
98.220.134.161	attackbotsspam	Apr 21 14:34:35 DAAP sshd[9497]: Invalid user samir from 98.220.134.161 port 60662 Apr 21 14:34:35 DAAP sshd[9497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.220.134.161 Apr 21 14:34:35 DAAP sshd[9497]: Invalid user samir from 98.220.134.161 port 60662 Apr 21 14:34:37 DAAP sshd[9497]: Failed password for invalid user samir from 98.220.134.161 port 60662 ssh2 Apr 21 14:43:40 DAAP sshd[9767]: Invalid user qs from 98.220.134.161 port 58634 ...	2020-04-21 22:28:43
125.124.91.247	attackbotsspam	Invalid user root1 from 125.124.91.247 port 34198	2020-04-21 22:08:41
51.68.142.10	attack	Invalid user admin7 from 51.68.142.10 port 60678	2020-04-21 22:41:34
113.162.141.24	attackbotsspam	Invalid user supervisor from 113.162.141.24 port 55196	2020-04-21 22:18:53
52.224.69.165	attack	Invalid user admin from 52.224.69.165 port 30626	2020-04-21 22:38:21
59.49.76.205	attackspambots	Invalid user vyatta from 59.49.76.205 port 26121	2020-04-21 22:37:20
128.199.177.16	attack	$f2bV_matches	2020-04-21 22:08:17
129.213.107.56	attack	Invalid user bv from 129.213.107.56 port 58094	2020-04-21 22:07:08
51.91.157.101	attack	2020-04-21T13:16:49.333092abusebot-3.cloudsearch.cf sshd[21018]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-51-91-157.eu user=root 2020-04-21T13:16:51.541590abusebot-3.cloudsearch.cf sshd[21018]: Failed password for root from 51.91.157.101 port 51100 ssh2 2020-04-21T13:21:11.285784abusebot-3.cloudsearch.cf sshd[21328]: Invalid user dt from 51.91.157.101 port 57270 2020-04-21T13:21:11.291539abusebot-3.cloudsearch.cf sshd[21328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.ip-51-91-157.eu 2020-04-21T13:21:11.285784abusebot-3.cloudsearch.cf sshd[21328]: Invalid user dt from 51.91.157.101 port 57270 2020-04-21T13:21:13.470936abusebot-3.cloudsearch.cf sshd[21328]: Failed password for invalid user dt from 51.91.157.101 port 57270 ssh2 2020-04-21T13:25:15.555810abusebot-3.cloudsearch.cf sshd[21635]: Invalid user admin from 51.91.157.101 port 35214 ...	2020-04-21 22:39:04

Recently Reported IPs

122.152.48.62	46.173.185.153	5.149.158.66	198.71.233.87
110.93.246.72	58.178.93.119	186.4.156.132	220.94.70.32
117.219.215.52	93.95.102.88	45.248.68.69	157.245.195.158
111.230.143.110	79.105.61.203	222.252.0.227	159.253.146.19
5.250.80.73	61.173.81.1	131.224.219.22	14.14.164.11