45.136.108.119

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): ComTrade LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	firewall-block, port(s): 62/tcp, 108/tcp, 172/tcp, 266/tcp, 286/tcp, 298/tcp, 307/tcp, 328/tcp, 364/tcp, 413/tcp, 663/tcp, 920/tcp, 1151/tcp, 1172/tcp, 1316/tcp	2020-01-08 00:12:57
attackbots	Jan 4 06:43:54 debian-2gb-nbg1-2 kernel: \[375959.475522\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=12502 PROTO=TCP SPT=41365 DPT=676 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-04 14:14:24
attackbots	Jan 3 10:50:15 debian-2gb-nbg1-2 kernel: \[304342.429866\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=4913 PROTO=TCP SPT=44434 DPT=685 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-03 18:15:09
attackbots	Jan 1 16:13:49 debian-2gb-nbg1-2 kernel: \[150960.805638\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=40795 PROTO=TCP SPT=44793 DPT=419 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-01 23:26:38
attackspam	Scanning random ports - tries to find possible vulnerable services	2020-01-01 16:17:25
attackbots	Dec 30 00:34:44 debian-2gb-nbg1-2 kernel: \[1315194.581897\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=7771 PROTO=TCP SPT=54602 DPT=611 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-30 07:46:34
attackbots	Dec 29 16:09:29 debian-2gb-nbg1-2 kernel: \[1284880.896705\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=269 PROTO=TCP SPT=54602 DPT=188 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-30 00:05:39
attack	Dec 28 11:20:17 h2177944 kernel: \[727115.083986\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=23210 PROTO=TCP SPT=44885 DPT=152 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:20:17 h2177944 kernel: \[727115.084001\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=23210 PROTO=TCP SPT=44885 DPT=152 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:53:39 h2177944 kernel: \[729117.099195\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=10632 PROTO=TCP SPT=44885 DPT=311 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:53:39 h2177944 kernel: \[729117.099207\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=10632 PROTO=TCP SPT=44885 DPT=311 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:59:09 h2177944 kernel: \[729447.233164\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN	2019-12-28 19:06:10
attack	Dec 28 07:02:06 debian-2gb-nbg1-2 kernel: \[1165645.429880\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=50229 PROTO=TCP SPT=40250 DPT=707 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-28 14:23:45
attackspam	Dec 27 17:01:45 debian-2gb-nbg1-2 kernel: \[1115228.272509\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=10783 PROTO=TCP SPT=40250 DPT=1026 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-28 00:25:23
attackbotsspam	Dec 26 08:01:10 debian-2gb-nbg1-2 kernel: \[996400.287259\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=25044 PROTO=TCP SPT=47824 DPT=446 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-26 15:04:28
attackspambots	Dec 26 06:39:41 debian-2gb-nbg1-2 kernel: \[991512.244711\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=10829 PROTO=TCP SPT=47824 DPT=417 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-26 13:52:31
attackspam	Dec 25 19:00:39 h2177944 kernel: \[495578.576920\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43423 PROTO=TCP SPT=47824 DPT=739 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 25 19:00:39 h2177944 kernel: \[495578.576935\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=43423 PROTO=TCP SPT=47824 DPT=739 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 25 19:22:10 h2177944 kernel: \[496869.383994\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=56800 PROTO=TCP SPT=47824 DPT=157 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 25 19:22:10 h2177944 kernel: \[496869.384009\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=56800 PROTO=TCP SPT=47824 DPT=157 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 25 19:36:21 h2177944 kernel: \[497720.054700\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.119 DST=85.214.117.9 LEN	2019-12-26 02:51:55
attackspam	Dec 24 16:34:55 debian-2gb-nbg1-2 kernel: \[854435.095665\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.119 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=23800 PROTO=TCP SPT=44131 DPT=438 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-25 01:03:23
attack	Excessive Port-Scanning	2019-12-24 23:23:22

相同子网IP讨论:

IP	类型	评论内容	时间
45.136.108.22	attackspambots	45.136.108.22 - - [31/Aug/2020:07:28:26 -0500] "- / HTTP/1.0" 400 219 000 0 0 0 15 282 0 0 0 NONE FIN FIN ERR_INVALID_REQ	2020-09-01 04:38:43
45.136.108.22	attack	Unauthorized connection attempt from IP address 45.136.108.22 on port 993	2020-08-29 02:06:36
45.136.108.24	attackspambots	SSH login attempts.	2020-08-22 23:35:58
45.136.108.22	attackspambots	Fail2Ban Ban Triggered	2020-08-19 09:11:16
45.136.108.65	attack	[14/Aug/2020:05:14:56 -0400] "\x03" Blank UA	2020-08-16 04:36:35
45.136.108.67	attack	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2261 [T]	2020-08-16 04:36:18
45.136.108.24	attackspam	Unauthorized connection attempt detected from IP address 45.136.108.24 to port 4453 [T]	2020-08-14 02:36:09
45.136.108.65	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.65 to port 968 [T]	2020-08-14 02:12:50
45.136.108.66	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.66 to port 1723 [T]	2020-08-14 02:12:33
45.136.108.68	attack	Unauthorized connection attempt detected from IP address 45.136.108.68 to port 3424 [T]	2020-08-14 02:12:09
45.136.108.22	attackbotsspam	Port scan detected	2020-08-14 01:49:56
45.136.108.67	attackspambots	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2925 [T]	2020-08-14 01:49:28
45.136.108.62	attack	Unauthorized connection attempt detected from IP address 45.136.108.62 to port 9055 [T]	2020-08-14 01:07:35
45.136.108.80	attackspambots	2020-08-12T12:42:42Z - RDP login failed multiple times. (45.136.108.80)	2020-08-12 22:09:08
45.136.108.18	attack	RDP brute forcing (r)	2020-08-04 21:39:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.108.119
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.108.119.			IN	A

;; AUTHORITY SECTION:
.			481	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122401 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 24 23:23:18 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 119.108.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 119.108.136.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
39.89.249.254	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-08 17:59:11
167.99.107.202	attackspambots	2020-03-08T10:15:04.572911shield sshd\[17469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.107.202 user=root 2020-03-08T10:15:06.910866shield sshd\[17469\]: Failed password for root from 167.99.107.202 port 50906 ssh2 2020-03-08T10:19:44.778385shield sshd\[18246\]: Invalid user hata from 167.99.107.202 port 53868 2020-03-08T10:19:44.784414shield sshd\[18246\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.107.202 2020-03-08T10:19:46.560514shield sshd\[18246\]: Failed password for invalid user hata from 167.99.107.202 port 53868 ssh2	2020-03-08 18:27:47
121.166.10.220	attackspambots	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-08 18:02:13
45.95.32.224	attackbotsspam	Mar 8 05:22:09 mail.srvfarm.net postfix/smtpd[3216050]: NOQUEUE: reject: RCPT from unknown[45.95.32.224]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:23:13 mail.srvfarm.net postfix/smtpd[3227706]: NOQUEUE: reject: RCPT from unknown[45.95.32.224]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:24:58 mail.srvfarm.net postfix/smtpd[3216090]: NOQUEUE: reject: RCPT from unknown[45.95.32.224]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:26:25 mail.srvfarm.net postfix/smtpd[3230033]: NOQUEUE: reject: RCPT from unknown[45.95.32.224]: 450 4.1.8	2020-03-08 18:23:55
189.254.131.123	attack	Honeypot attack, port: 445, PTR: customer-189-254-131-123-sta.uninet-ide.com.mx.	2020-03-08 17:57:33
59.126.88.193	attackbots	Honeypot attack, port: 81, PTR: 59-126-88-193.HINET-IP.hinet.net.	2020-03-08 18:06:19
185.109.251.37	attack	DATE:2020-03-08 06:08:10, IP:185.109.251.37, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-08 17:59:54
45.95.32.191	attack	Mar 8 05:27:06 mail.srvfarm.net postfix/smtpd[3216051]: NOQUEUE: reject: RCPT from unknown[45.95.32.191]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:28:07 mail.srvfarm.net postfix/smtpd[3216050]: NOQUEUE: reject: RCPT from unknown[45.95.32.191]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:29:25 mail.srvfarm.net postfix/smtpd[3216089]: NOQUEUE: reject: RCPT from unknown[45.95.32.191]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:35:53 mail.srvfarm.net postfix/smtpd[3230033]: NOQUEUE: reject: RCPT from unknown[45.95.32.191]: 450 4.	2020-03-08 18:24:30
194.94.197.128	attackbots	Scanning	2020-03-08 18:30:50
159.203.27.100	attack	CMS (WordPress or Joomla) login attempt.	2020-03-08 18:08:15
212.237.53.169	attack	2020-03-08T06:14:20.859376homeassistant sshd[14744]: Invalid user lisa from 212.237.53.169 port 55728 2020-03-08T06:14:20.873605homeassistant sshd[14744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.237.53.169 ...	2020-03-08 18:31:03
69.94.134.225	attack	Mar 8 04:28:21 web01 postfix/smtpd[22499]: warning: hostname 69-94-134-225.nca.datanoc.com does not resolve to address 69.94.134.225 Mar 8 04:28:21 web01 postfix/smtpd[22499]: connect from unknown[69.94.134.225] Mar 8 04:28:21 web01 policyd-spf[22500]: None; identhostnamey=helo; client-ip=69.94.134.225; helo=difficult.eurekafied.com; envelope-from=x@x Mar 8 04:28:21 web01 policyd-spf[22500]: Pass; identhostnamey=mailfrom; client-ip=69.94.134.225; helo=difficult.eurekafied.com; envelope-from=x@x Mar x@x Mar 8 04:28:22 web01 postfix/smtpd[22499]: disconnect from unknown[69.94.134.225] Mar 8 04:31:47 web01 postfix/smtpd[22526]: warning: hostname 69-94-134-225.nca.datanoc.com does not resolve to address 69.94.134.225 Mar 8 04:31:47 web01 postfix/smtpd[22526]: connect from unknown[69.94.134.225] Mar 8 04:31:47 web01 policyd-spf[22529]: None; identhostnamey=helo; client-ip=69.94.134.225; helo=difficult.eurekafied.com; envelope-from=x@x Mar 8 04:31:47 web01 policyd-sp........ -------------------------------	2020-03-08 18:19:17
69.94.144.15	attackbotsspam	Mar 8 05:34:22 mail.srvfarm.net postfix/smtpd[3232947]: NOQUEUE: reject: RCPT from unknown[69.94.144.15]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:34:34 mail.srvfarm.net postfix/smtpd[3230033]: NOQUEUE: reject: RCPT from unknown[69.94.144.15]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:34:46 mail.srvfarm.net postfix/smtpd[3227706]: NOQUEUE: reject: RCPT from unknown[69.94.144.15]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 8 05:35:15 mail.srvfarm.net postfix/smtpd[3232947]: NOQUEUE: reject: RCPT from unknown[69.94.144.15]: 450 4.1.8 : Se	2020-03-08 18:17:37
69.94.158.95	attackspam	Mar 8 05:37:33 mail.srvfarm.net postfix/smtpd[3230896]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com[69.94.158.95]: 554 5.7.1 Service unavailable; Client host [69.94.158.95] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Mar 8 05:39:36 mail.srvfarm.net postfix/smtpd[3216090]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com[69.94.158.95]: 554 5.7.1 Service unavailable; Client host [69.94.158.95] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo= Mar 8 05:42:44 mail.srvfarm.net postfix/smtpd[3230033]: NOQUEUE: reject: RCPT from cheap.swingthelamp.com[69.94.158.95]: 554 5.7.1 Service unavailable; Client host [69.94.158.95] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from=	2020-03-08 18:16:49
79.132.209.146	attackbots	Automatic report - Port Scan Attack	2020-03-08 18:30:02

最近上报的IP列表

103.223.5.212	101.99.14.176	144.217.136.227	197.25.166.43
210.175.50.124	212.109.29.46	187.28.47.90	46.35.157.113
177.71.62.85	95.38.208.68	114.39.6.27	93.90.167.55
80.252.158.171	159.44.137.45	14.184.251.199	181.177.119.38
5.234.235.73	107.93.58.146	252.24.93.79	181.11.220.126