45.136.108.118

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): ComTrade LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Jan 8 15:03:38 debian-2gb-nbg1-2 kernel: \[751533.099951\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=4516 PROTO=TCP SPT=41044 DPT=9999 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-08 22:40:44
attack	ET CINS Active Threat Intelligence Poor Reputation IP group 32 - port: 9000 proto: TCP cat: Misc Attack	2020-01-08 15:24:44
attack	Multiport scan : 13 ports scanned 1000 3333 3380 3388 15000 18000 20000 22222 23000 26000 40000 43389 53389	2020-01-08 08:03:57
attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2020-01-03 06:19:37
attack	01/01/2020-00:00:45.409649 45.136.108.118 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-01-01 13:10:52
attackspambots	Dec 31 09:48:00 debian-2gb-nbg1-2 kernel: \[41415.427937\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=27016 PROTO=TCP SPT=52135 DPT=12000 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-31 17:20:08
attackspam	Port scan: Attack repeated for 24 hours	2019-12-30 00:07:06
attack	Dec 28 21:57:21 debian-2gb-nbg1-2 kernel: \[1219356.927408\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=39368 PROTO=TCP SPT=49633 DPT=13000 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-29 05:19:05
attackspambots	Dec 26 07:14:58 debian-2gb-nbg1-2 kernel: \[993628.702621\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.118 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=63958 PROTO=TCP SPT=57767 DPT=3000 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-26 14:17:02

相同子网IP讨论:

IP	类型	评论内容	时间
45.136.108.22	attackspambots	45.136.108.22 - - [31/Aug/2020:07:28:26 -0500] "- / HTTP/1.0" 400 219 000 0 0 0 15 282 0 0 0 NONE FIN FIN ERR_INVALID_REQ	2020-09-01 04:38:43
45.136.108.22	attack	Unauthorized connection attempt from IP address 45.136.108.22 on port 993	2020-08-29 02:06:36
45.136.108.24	attackspambots	SSH login attempts.	2020-08-22 23:35:58
45.136.108.22	attackspambots	Fail2Ban Ban Triggered	2020-08-19 09:11:16
45.136.108.65	attack	[14/Aug/2020:05:14:56 -0400] "\x03" Blank UA	2020-08-16 04:36:35
45.136.108.67	attack	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2261 [T]	2020-08-16 04:36:18
45.136.108.24	attackspam	Unauthorized connection attempt detected from IP address 45.136.108.24 to port 4453 [T]	2020-08-14 02:36:09
45.136.108.65	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.65 to port 968 [T]	2020-08-14 02:12:50
45.136.108.66	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.66 to port 1723 [T]	2020-08-14 02:12:33
45.136.108.68	attack	Unauthorized connection attempt detected from IP address 45.136.108.68 to port 3424 [T]	2020-08-14 02:12:09
45.136.108.22	attackbotsspam	Port scan detected	2020-08-14 01:49:56
45.136.108.67	attackspambots	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2925 [T]	2020-08-14 01:49:28
45.136.108.62	attack	Unauthorized connection attempt detected from IP address 45.136.108.62 to port 9055 [T]	2020-08-14 01:07:35
45.136.108.80	attackspambots	2020-08-12T12:42:42Z - RDP login failed multiple times. (45.136.108.80)	2020-08-12 22:09:08
45.136.108.18	attack	RDP brute forcing (r)	2020-08-04 21:39:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.108.118
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13487
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.108.118.			IN	A

;; AUTHORITY SECTION:
.			445	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122600 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 14:16:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 118.108.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 118.108.136.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
103.141.138.119	attackbots	[portscan] tcp/22 [SSH] [scan/connect: 4 time(s)] in blocklist.de:'listed [ssh]' in spfbl.net:'listed' *(RWIN=8192)(10261102)	2019-10-26 19:54:00
121.14.12.36	attackspambots	failed root login	2019-10-26 19:52:59
39.108.172.75	attack	xmlrpc attack	2019-10-26 20:01:37
79.132.21.121	attackbotsspam	Oct 26 14:01:14 offspring postfix/smtpd[28707]: connect from bras-79-132-21-121.comnet.bg[79.132.21.121] Oct 26 14:01:15 offspring postfix/smtpd[28707]: warning: bras-79-132-21-121.comnet.bg[79.132.21.121]: SASL CRAM-MD5 authentication failed: authentication failure Oct 26 14:01:15 offspring postfix/smtpd[28707]: warning: bras-79-132-21-121.comnet.bg[79.132.21.121]: SASL PLAIN authentication failed: authentication failure Oct 26 14:01:15 offspring postfix/smtpd[28707]: warning: bras-79-132-21-121.comnet.bg[79.132.21.121]: SASL LOGIN authentication failed: authentication failure Oct 26 14:01:15 offspring postfix/smtpd[28707]: disconnect from bras-79-132-21-121.comnet.bg[79.132.21.121] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=79.132.21.121	2019-10-26 20:29:09
170.150.155.102	attackspambots	Automatic report - Banned IP Access	2019-10-26 20:06:17
145.239.93.79	attackbots	Oct 26 07:48:11 server sshd\[13637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.ip-145-239-93.eu user=root Oct 26 07:48:13 server sshd\[13637\]: Failed password for root from 145.239.93.79 port 52010 ssh2 Oct 26 08:00:14 server sshd\[16440\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.ip-145-239-93.eu user=root Oct 26 08:00:17 server sshd\[16440\]: Failed password for root from 145.239.93.79 port 49568 ssh2 Oct 26 08:04:03 server sshd\[16966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.ip-145-239-93.eu user=root ...	2019-10-26 19:51:44
123.234.219.226	attack	2019-10-26T12:05:22.190736abusebot-5.cloudsearch.cf sshd\[17689\]: Invalid user cjohnson from 123.234.219.226 port 58962	2019-10-26 20:30:00
112.85.42.237	attackspam	2019-10-26T12:05:47.634233abusebot-2.cloudsearch.cf sshd\[22088\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.237 user=root	2019-10-26 20:14:49
51.75.255.166	attackbotsspam	Oct 25 15:43:33 server sshd\[4371\]: Failed password for invalid user duncan from 51.75.255.166 port 35618 ssh2 Oct 26 10:12:32 server sshd\[20996\]: Invalid user zp from 51.75.255.166 Oct 26 10:12:32 server sshd\[20996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.ip-51-75-255.eu Oct 26 10:12:35 server sshd\[20996\]: Failed password for invalid user zp from 51.75.255.166 port 37386 ssh2 Oct 26 10:16:21 server sshd\[21930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.ip-51-75-255.eu user=root ...	2019-10-26 19:51:58
81.17.27.134	attackbots	10/26/2019-14:05:38.710469 81.17.27.134 Protocol: 6 ET TOR Known Tor Exit Node Traffic group 81	2019-10-26 20:22:01
92.86.179.186	attackbotsspam	Invalid user jp from 92.86.179.186 port 43250	2019-10-26 20:05:29
183.16.209.174	attack	[portscan] Port scan	2019-10-26 20:11:50
185.82.220.179	attack	Port 1433 Scan	2019-10-26 20:07:44
37.139.13.105	attackbots	Oct 26 14:05:42 vps01 sshd[8939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.139.13.105 Oct 26 14:05:44 vps01 sshd[8939]: Failed password for invalid user ftpuser from 37.139.13.105 port 53346 ssh2	2019-10-26 20:16:30
110.77.136.66	attackbots	2019-10-26T07:33:33.3344171495-001 sshd\[39012\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.77.136.66 user=root 2019-10-26T07:33:35.2982901495-001 sshd\[39012\]: Failed password for root from 110.77.136.66 port 44170 ssh2 2019-10-26T07:51:14.4040571495-001 sshd\[39602\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.77.136.66 user=root 2019-10-26T07:51:16.3573191495-001 sshd\[39602\]: Failed password for root from 110.77.136.66 port 53108 ssh2 2019-10-26T07:55:55.5353941495-001 sshd\[39801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.77.136.66 user=root 2019-10-26T07:55:57.4000011495-001 sshd\[39801\]: Failed password for root from 110.77.136.66 port 11604 ssh2 ...	2019-10-26 20:09:36

最近上报的IP列表

139.28.223.160	201.161.58.33	35.241.104.109	157.47.216.211
45.125.66.18	14.253.211.217	1.54.50.230	184.82.202.8
91.211.181.221	84.123.90.242	45.125.66.115	157.245.251.123
113.220.230.211	99.239.100.115	115.55.98.11	222.124.78.14
185.94.214.100	175.176.80.96	118.254.148.18	45.118.114.141