JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.87.249.147

45.87.249.147 was found in our database!

This IP was reported 7,966 times. Confidence of Abuse is 100%: ?

100%

ISP	Shereverov Marat Ahmedovich
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210006
Domain Name	tuta.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.87.249.147

Whois 45.87.249.147

IP Abuse Reports for 45.87.249.147:

This IP address has been reported a total of 7,966 times from 147 distinct sources. 45.87.249.147 was first reported on February 13th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Fasetech	2026-06-21 00:06:11 (2 days ago)	SecLedge detected suspicious activity. Score: 1817.64. Sensor: T-Pot.	Brute-Force
🇮🇹 kgreen	2026-06-20 22:00:50 (2 days ago)	Graylog firewall DROP detected. Hits=6570, ASN=AS210006, Provider=Shereverov Marat Ahmedovich, Count ... show more Graylog firewall DROP detected. Hits=6570, ASN=AS210006, Provider=Shereverov Marat Ahmedovich, Country=FI, Range=45.87.249.0/24, AbuseScore=100, Reports=5145 show less	Port Scan Hacking Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇨🇭 SOC [GOLINE SA]	2026-06-20 20:58:54 (2 days ago)	[RoutePulse \| 2026-06-20T20:58:54Z \| RTBH-INJECTED] ATTACK CLASS: volumetric SOURCE: 45.87.249.147 · ... show more [RoutePulse \| 2026-06-20T20:58:54Z \| RTBH-INJECTED] ATTACK CLASS: volumetric SOURCE: 45.87.249.147 · AS210006 Shereverov Marat Ahmedovich · Seychelles EVIDENCE: Subnet aggregation member of 45.87.249.0/24 · /24 aggregate member of 45.87.249.0/24 INTEL: AbuseIPDB 100% \| feeds: Wazuh SIEM — FortiGate FW,FortiAnalyzer Threat Intel,IPsum Level 4 (very low FP),Wazuh SIEM — Suricata IDS,Wazuh SIEM — Wazuh Threat Intel (built-in TI enrichment) (1372) \| RoutePulse score 97/100 CONVICTION: Tier 4, LLR 9.11 (multi-source SPRT) MITRE: T1498 Network Denial of Service, T1499 Endpoint DoS DETECTION: Conviction Engine SPRT + 14-detector ML stack (6-model weighted ensemble) + 5-pillar threat scoring ACTION: BGP null route injected at RoutePulse network edge show less	DDoS Attack
🇩🇪 mueller-nils.com	2026-06-20 08:30:32 (3 days ago)	Jun 20 09:39:19 [host] kernel: [5049929.384975] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=45.87.249.147 DS ... show more Jun 20 09:39:19 [host] kernel: [5049929.384975] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=45.87.249.147 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=65306 PROTO=TCP SPT=46048 DPT=51216 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 20 10:10:56 [host] kernel: [50 show less	Port Scan
🇩🇪 gnb	2026-06-20 08:18:20 (3 days ago)	2026-06-20T10:06:39.620240+02:00 atlas kernel: [47781449.508095] [UFW BLOCK] IN=eth0 OUT= MAC=(redac ... show more 2026-06-20T10:06:39.620240+02:00 atlas kernel: [47781449.508095] [UFW BLOCK] IN=eth0 OUT= MAC=(redacted) SRC=45.87.249.147 DST=(redacted) LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=31078 PROTO=TCP SPT=46048 DPT=21643 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-20T10:10:41.193473+02:00 atlas kernel: [47781691.080863] [UFW BLOCK] IN=eth0 OUT= MAC=(redacted) SRC=45.87.249.147 DST=(redacted) LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55761 PROTO=TCP SPT=46048 DPT=17004 WINDOW=1024 RES=0x00 SYN URGP=0 2026-06-20T10:18:20.155414+02:00 atlas kernel: [47782150.041957] [UFW BLOCK] IN=eth0 OUT= MAC=(redacted) SRC=45.87.249.147 DST=(redacted) LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=1214 PROTO=TCP SPT=46048 DPT=25309 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇩🇪 iNetWorker	2026-06-20 07:20:26 (3 days ago)	firewall-block, port(s): 10557/tcp, 10854/tcp, 10955/tcp, 11344/tcp, 14554/tcp, 14914/tcp, 17255/tcp ... show more firewall-block, port(s): 10557/tcp, 10854/tcp, 10955/tcp, 11344/tcp, 14554/tcp, 14914/tcp, 17255/tcp, 19475/tcp, 20512/tcp, 21488/tcp, 21899/tcp, 22674/tcp, 24624/tcp, 24789/tcp, 24864/tcp, 25265/tcp, 25912/tcp, 26035/tcp, 43168/tcp, 47288/tcp, 49685/tcp, 50875/tcp, 51544/tcp, 59257/tcp, 62074/tcp, 63673/tcp, 63862/tcp show less	Port Scan
🇩🇪 Tamsweb	2026-06-20 07:10:03 (3 days ago)	Unauthorized connection attempt or scan from 45.87.249.147 on port 50082 ...	Port Scan
🇩🇪 EinfxchFinn	2026-06-20 06:50:53 (3 days ago)	Unauthorized connection attempt to port 10923 from 45.87.249.147	Port Scan
🇩🇪 kingjan1999	2026-06-20 06:37:21 (3 days ago)	Blocked by UFW [51245/tcp] \| SPT: 46048 \| TTL: 249 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/s ... show more Blocked by UFW [51245/tcp] \| SPT: 46048 \| TTL: 249 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 acadeova	2026-06-20 06:34:27 (3 days ago)	🚨 Recon detected (nft drop) SRC=45.87.249.147 Observed=TCP dpt=11307 in=enp0s6 ttl=246 Time=recent(j ... show more 🚨 Recon detected (nft drop) SRC=45.87.249.147 Observed=TCP dpt=11307 in=enp0s6 ttl=246 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇩🇪 mueller-nils.com	2026-06-20 06:34:18 (3 days ago)	Jun 20 07:55:33 [host] kernel: [5043703.158145] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=45.87.249.147 DS ... show more Jun 20 07:55:33 [host] kernel: [5043703.158145] [UFW BLOCK] IN=venet0 OUT= MAC= SRC=45.87.249.147 DST=[munged] LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=39217 PROTO=TCP SPT=46048 DPT=11349 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 20 08:04:20 [host] kernel: [50 show less	Port Scan
🇩🇪 EinfxchFinn	2026-06-20 06:09:50 (3 days ago)	Unauthorized connection attempt to port 17933 from 45.87.249.147	Port Scan
🇨🇭 pingusurmars	2026-06-20 05:32:01 (3 days ago)	Blocked by UFW on amperetwo [60358/tcp] Source port: 46048 TTL: 248 Packet length: 40 TOS: 0x00 Thi ... show more Blocked by UFW on amperetwo [60358/tcp] Source port: 46048 TTL: 248 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 David Ferneding	2026-06-20 05:22:03 (3 days ago)	Blocked by UFW (TCP on 11872) Source port: 46048 TTL: 248 Packet length: 40 TOS: 0x00 This report ( ... show more Blocked by UFW (TCP on 11872) Source port: 46048 TTL: 248 Packet length: 40 TOS: 0x00 This report (for 45.87.249.147) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 EinfxchFinn	2026-06-20 05:11:51 (3 days ago)	Unauthorized connection attempt to port 25618 from 45.87.249.147	Port Scan

Showing 1 to 15 of 7966 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 153.117.40.233

🇺🇸 104.171.28.10

🇦🇺 45.133.5.183

🇺🇦 37.221.135.184

🇸🇬 172.188.218.162

🇺🇸 103.251.27.148

🇨🇳 103.219.32.239

🇫🇷 92.103.134.183

🇸🇬 47.82.48.189

🇮🇳 210.212.136.3

🇻🇳 171.244.143.209

🇺🇸 162.216.150.231

🇮🇹 151.115.164.167

🇺🇸 104.171.28.179

🇻🇳 14.191.25.141

🇺🇸 192.155.84.194

🇳🇱 176.65.139.181

🇫🇮 147.185.133.96

🇧🇷 131.161.249.165

🇵🇰 110.93.224.226