City: unknown
Region: unknown
Country: Germany
Internet Service Provider: ComTrade LLC
Hostname: unknown
Organization: unknown
Usage Type: Commercial
| Type | Details | Datetime |
|---|---|---|
| attack | Nov 11 15:40:25 h2177944 kernel: \[6358779.915352\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54504 PROTO=TCP SPT=52801 DPT=1439 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:44:40 h2177944 kernel: \[6359035.274057\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=24756 PROTO=TCP SPT=52801 DPT=1408 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:52:06 h2177944 kernel: \[6359481.409706\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=47723 PROTO=TCP SPT=52801 DPT=1201 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:55:07 h2177944 kernel: \[6359662.286145\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=53681 PROTO=TCP SPT=52801 DPT=1583 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:55:14 h2177944 kernel: \[6359668.957840\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 |
2019-11-12 03:24:49 |
| attackbots | Nov 5 20:14:15 h2177944 kernel: \[5856900.734467\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=47635 PROTO=TCP SPT=50341 DPT=428 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:17:27 h2177944 kernel: \[5857092.925218\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=22721 PROTO=TCP SPT=50341 DPT=1655 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:25:32 h2177944 kernel: \[5857577.910269\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=11337 PROTO=TCP SPT=50341 DPT=73 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:41:27 h2177944 kernel: \[5858532.605664\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=39272 PROTO=TCP SPT=50341 DPT=763 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:41:50 h2177944 kernel: \[5858555.159779\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN |
2019-11-06 03:55:56 |
| attack | firewall-block, port(s): 7/tcp, 77/tcp, 485/tcp, 524/tcp, 631/tcp, 670/tcp, 700/tcp, 876/tcp, 922/tcp, 1015/tcp, 1257/tcp, 1593/tcp |
2019-11-05 06:41:20 |
| attack | Attempted to connect 2 times to port 1016 TCP |
2019-10-26 15:06:00 |
| attackspam | Scanning random ports - tries to find possible vulnerable services |
2019-10-24 03:54:48 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.136.110.227 | attackspam | TCP scanned |
2020-06-15 02:24:50 |
| 45.136.110.25 | attack | Mar 13 18:33:09 debian-2gb-nbg1-2 kernel: \[6379921.888201\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=31856 PROTO=TCP SPT=45838 DPT=2891 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-14 01:34:57 |
| 45.136.110.25 | attackspam | Mar 13 05:18:39 debian-2gb-nbg1-2 kernel: \[6332254.684603\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=29917 PROTO=TCP SPT=42567 DPT=5768 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-13 12:22:14 |
| 45.136.110.25 | attackbots | Mar 12 18:54:02 debian-2gb-nbg1-2 kernel: \[6294779.364795\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=50546 PROTO=TCP SPT=40824 DPT=3009 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-13 02:06:49 |
| 45.136.110.25 | attackbots | Mar 12 06:06:36 debian-2gb-nbg1-2 kernel: \[6248736.057240\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=36529 PROTO=TCP SPT=40824 DPT=3230 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-12 13:12:51 |
| 45.136.110.25 | attackspam | Mar 11 20:18:44 debian-2gb-nbg1-2 kernel: \[6213465.545709\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=44819 PROTO=TCP SPT=52822 DPT=4035 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-12 04:08:04 |
| 45.136.110.25 | attack | Mar 11 06:03:41 debian-2gb-nbg1-2 kernel: \[6162165.528514\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=63434 PROTO=TCP SPT=51295 DPT=3710 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-11 13:05:03 |
| 45.136.110.135 | attackspambots | Scanning random ports - tries to find possible vulnerable services |
2020-03-11 06:59:16 |
| 45.136.110.25 | attack | Mar 9 00:46:54 debian-2gb-nbg1-2 kernel: \[5970368.159838\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=43699 PROTO=TCP SPT=53340 DPT=5288 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-09 08:27:58 |
| 45.136.110.25 | attackspambots | Mar 8 17:38:09 debian-2gb-nbg1-2 kernel: \[5944645.387471\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=53755 PROTO=TCP SPT=53340 DPT=5263 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-09 00:45:36 |
| 45.136.110.25 | attack | Mar 8 02:00:28 debian-2gb-nbg1-2 kernel: \[5888387.149380\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=57156 PROTO=TCP SPT=49617 DPT=4308 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-08 09:20:05 |
| 45.136.110.25 | attackbots | Mar 7 14:08:54 debian-2gb-nbg1-2 kernel: \[5845695.146432\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=45338 PROTO=TCP SPT=49617 DPT=4364 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-07 21:34:50 |
| 45.136.110.25 | attackbotsspam | Mar 5 23:22:53 debian-2gb-nbg1-2 kernel: \[5706141.085150\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=46803 PROTO=TCP SPT=56630 DPT=12121 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-06 06:27:20 |
| 45.136.110.25 | attackspam | Mar 5 01:11:04 debian-2gb-nbg1-2 kernel: \[5626236.499804\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=60913 PROTO=TCP SPT=59333 DPT=3934 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-05 08:20:16 |
| 45.136.110.135 | attackspambots | Attempt to attack host OS, exploiting network vulnerabilities, on 04-03-2020 13:35:09. |
2020-03-05 01:31:24 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.110.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 278
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.110.43. IN A
;; AUTHORITY SECTION:
. 379 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019102301 1800 900 604800 86400
;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 03:54:45 CST 2019
;; MSG SIZE rcvd: 117
Host 43.110.136.45.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 43.110.136.45.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 77.247.110.243 | attack | 10/15/2019-20:13:33.702962 77.247.110.243 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 75 |
2019-10-16 03:00:13 |
| 198.108.67.133 | attackbots | 10/15/2019-13:15:49.509182 198.108.67.133 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-10-16 03:05:50 |
| 178.165.85.88 | attack | [portscan] tcp/1433 [MsSQL] *(RWIN=8192)(10151156) |
2019-10-16 02:52:05 |
| 193.201.224.207 | attack | [portscan] udp/1900 [ssdp] [scan/connect: 10 time(s)] in stopforumspam:'listed [255 times]' in spfbl.net:'listed' *(RWIN=-)(10151156) |
2019-10-16 03:06:49 |
| 121.28.199.78 | attackspam | [portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156) |
2019-10-16 02:56:09 |
| 37.49.230.10 | attackspam | firewall-block, port(s): 123/udp |
2019-10-16 03:29:01 |
| 27.8.69.86 | attackbotsspam | [portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=7330)(10151156) |
2019-10-16 03:19:02 |
| 94.28.176.34 | attackspambots | [portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=8192)(10151156) |
2019-10-16 02:58:16 |
| 69.1.129.34 | attackbots | [portscan] tcp/1433 [MsSQL] in gbudb.net:'listed' *(RWIN=1024)(10151156) |
2019-10-16 03:00:34 |
| 46.185.140.22 | attack | [portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=32662)(10151156) |
2019-10-16 03:17:09 |
| 194.44.93.225 | attackbots | [portscan] tcp/3389 [MS RDP] in sorbs:'listed [spam]' *(RWIN=1024)(10151156) |
2019-10-16 03:21:06 |
| 149.56.15.15 | attackbots | [portscan] tcp/3389 [MS RDP] [scan/connect: 2 time(s)] *(RWIN=8192)(10151156) |
2019-10-16 03:25:15 |
| 185.26.114.61 | attackbotsspam | [portscan] tcp/3389 [MS RDP] *(RWIN=1024)(10151156) |
2019-10-16 02:50:58 |
| 1.179.145.90 | attack | [portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156) |
2019-10-16 03:04:44 |
| 185.172.110.214 | attackbots | UTC: 2019-10-14 pkts: 4 port: 81/tcp |
2019-10-16 03:08:24 |