45.136.110.43 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: ComTrade LLC

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 11 15:40:25 h2177944 kernel: \[6358779.915352\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=54504 PROTO=TCP SPT=52801 DPT=1439 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:44:40 h2177944 kernel: \[6359035.274057\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=24756 PROTO=TCP SPT=52801 DPT=1408 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:52:06 h2177944 kernel: \[6359481.409706\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=47723 PROTO=TCP SPT=52801 DPT=1201 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:55:07 h2177944 kernel: \[6359662.286145\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=53681 PROTO=TCP SPT=52801 DPT=1583 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 11 15:55:14 h2177944 kernel: \[6359668.957840\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9	2019-11-12 03:24:49
attackbots	Nov 5 20:14:15 h2177944 kernel: \[5856900.734467\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=47635 PROTO=TCP SPT=50341 DPT=428 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:17:27 h2177944 kernel: \[5857092.925218\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=22721 PROTO=TCP SPT=50341 DPT=1655 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:25:32 h2177944 kernel: \[5857577.910269\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=11337 PROTO=TCP SPT=50341 DPT=73 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:41:27 h2177944 kernel: \[5858532.605664\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=39272 PROTO=TCP SPT=50341 DPT=763 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 5 20:41:50 h2177944 kernel: \[5858555.159779\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.43 DST=85.214.117.9 LEN	2019-11-06 03:55:56
attack	firewall-block, port(s): 7/tcp, 77/tcp, 485/tcp, 524/tcp, 631/tcp, 670/tcp, 700/tcp, 876/tcp, 922/tcp, 1015/tcp, 1257/tcp, 1593/tcp	2019-11-05 06:41:20
attack	Attempted to connect 2 times to port 1016 TCP	2019-10-26 15:06:00
attackspam	Scanning random ports - tries to find possible vulnerable services	2019-10-24 03:54:48

Comments on same subnet:

IP	Type	Details	Datetime
45.136.110.227	attackspam	TCP scanned	2020-06-15 02:24:50
45.136.110.25	attack	Mar 13 18:33:09 debian-2gb-nbg1-2 kernel: \[6379921.888201\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=31856 PROTO=TCP SPT=45838 DPT=2891 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-14 01:34:57
45.136.110.25	attackspam	Mar 13 05:18:39 debian-2gb-nbg1-2 kernel: \[6332254.684603\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=29917 PROTO=TCP SPT=42567 DPT=5768 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-13 12:22:14
45.136.110.25	attackbots	Mar 12 18:54:02 debian-2gb-nbg1-2 kernel: \[6294779.364795\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=50546 PROTO=TCP SPT=40824 DPT=3009 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-13 02:06:49
45.136.110.25	attackbots	Mar 12 06:06:36 debian-2gb-nbg1-2 kernel: \[6248736.057240\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=36529 PROTO=TCP SPT=40824 DPT=3230 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-12 13:12:51
45.136.110.25	attackspam	Mar 11 20:18:44 debian-2gb-nbg1-2 kernel: \[6213465.545709\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=44819 PROTO=TCP SPT=52822 DPT=4035 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-12 04:08:04
45.136.110.25	attack	Mar 11 06:03:41 debian-2gb-nbg1-2 kernel: \[6162165.528514\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=63434 PROTO=TCP SPT=51295 DPT=3710 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-11 13:05:03
45.136.110.135	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-03-11 06:59:16
45.136.110.25	attack	Mar 9 00:46:54 debian-2gb-nbg1-2 kernel: \[5970368.159838\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=43699 PROTO=TCP SPT=53340 DPT=5288 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-09 08:27:58
45.136.110.25	attackspambots	Mar 8 17:38:09 debian-2gb-nbg1-2 kernel: \[5944645.387471\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=53755 PROTO=TCP SPT=53340 DPT=5263 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-09 00:45:36
45.136.110.25	attack	Mar 8 02:00:28 debian-2gb-nbg1-2 kernel: \[5888387.149380\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=57156 PROTO=TCP SPT=49617 DPT=4308 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-08 09:20:05
45.136.110.25	attackbots	Mar 7 14:08:54 debian-2gb-nbg1-2 kernel: \[5845695.146432\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=45338 PROTO=TCP SPT=49617 DPT=4364 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-07 21:34:50
45.136.110.25	attackbotsspam	Mar 5 23:22:53 debian-2gb-nbg1-2 kernel: \[5706141.085150\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=46803 PROTO=TCP SPT=56630 DPT=12121 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-06 06:27:20
45.136.110.25	attackspam	Mar 5 01:11:04 debian-2gb-nbg1-2 kernel: \[5626236.499804\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.110.25 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=60913 PROTO=TCP SPT=59333 DPT=3934 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-05 08:20:16
45.136.110.135	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 04-03-2020 13:35:09.	2020-03-05 01:31:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.110.43
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 278
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.110.43.			IN	A

;; AUTHORITY SECTION:
.			379	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102301 1800 900 604800 86400

;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 24 03:54:45 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 43.110.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 43.110.136.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.110.243	attack	10/15/2019-20:13:33.702962 77.247.110.243 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 75	2019-10-16 03:00:13
198.108.67.133	attackbots	10/15/2019-13:15:49.509182 198.108.67.133 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-16 03:05:50
178.165.85.88	attack	[portscan] tcp/1433 [MsSQL] *(RWIN=8192)(10151156)	2019-10-16 02:52:05
193.201.224.207	attack	[portscan] udp/1900 [ssdp] [scan/connect: 10 time(s)] in stopforumspam:'listed [255 times]' in spfbl.net:'listed' *(RWIN=-)(10151156)	2019-10-16 03:06:49
121.28.199.78	attackspam	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 02:56:09
37.49.230.10	attackspam	firewall-block, port(s): 123/udp	2019-10-16 03:29:01
27.8.69.86	attackbotsspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=7330)(10151156)	2019-10-16 03:19:02
94.28.176.34	attackspambots	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=8192)(10151156)	2019-10-16 02:58:16
69.1.129.34	attackbots	[portscan] tcp/1433 [MsSQL] in gbudb.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 03:00:34
46.185.140.22	attack	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=32662)(10151156)	2019-10-16 03:17:09
194.44.93.225	attackbots	[portscan] tcp/3389 [MS RDP] in sorbs:'listed [spam]' *(RWIN=1024)(10151156)	2019-10-16 03:21:06
149.56.15.15	attackbots	[portscan] tcp/3389 [MS RDP] [scan/connect: 2 time(s)] *(RWIN=8192)(10151156)	2019-10-16 03:25:15
185.26.114.61	attackbotsspam	[portscan] tcp/3389 [MS RDP] *(RWIN=1024)(10151156)	2019-10-16 02:50:58
1.179.145.90	attack	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 03:04:44
185.172.110.214	attackbots	UTC: 2019-10-14 pkts: 4 port: 81/tcp	2019-10-16 03:08:24

Recently Reported IPs

5.167.205.106	14.1.109.140	160.122.75.218	49.92.23.233
102.81.109.154	217.221.158.139	193.250.116.74	95.227.21.152
70.33.107.244	175.158.239.126	95.244.244.84	211.5.76.66
77.132.47.28	32.107.78.84	74.65.239.97	117.5.23.16
85.173.93.25	141.158.99.151	110.28.69.98	49.126.131.8