45.136.108.122

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): ComTrade LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Jan 5 14:13:11 debian-2gb-nbg1-2 kernel: \[489314.064610\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=22959 PROTO=TCP SPT=55294 DPT=4378 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-05 21:23:14
attackspam	Jan 3 11:21:17 debian-2gb-nbg1-2 kernel: \[306204.946704\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=53387 PROTO=TCP SPT=44359 DPT=5046 WINDOW=1024 RES=0x00 SYN URGP=0	2020-01-03 20:38:24
attackbotsspam	Dec 28 11:17:51 mc1 kernel: \[1687063.311477\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=61930 PROTO=TCP SPT=44842 DPT=5135 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:23:24 mc1 kernel: \[1687396.581594\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=10067 PROTO=TCP SPT=44842 DPT=4741 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:26:56 mc1 kernel: \[1687608.364677\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=34728 PROTO=TCP SPT=44842 DPT=5656 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-28 18:30:30
attack	Dec 27 17:22:58 h2177944 kernel: \[662488.338498\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=43752 PROTO=TCP SPT=40344 DPT=4397 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 17:22:58 h2177944 kernel: \[662488.338510\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=43752 PROTO=TCP SPT=40344 DPT=4397 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 17:33:59 h2177944 kernel: \[663149.374321\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=62702 PROTO=TCP SPT=40344 DPT=5349 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 17:33:59 h2177944 kernel: \[663149.374334\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.122 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=62702 PROTO=TCP SPT=40344 DPT=5349 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 27 17:53:22 h2177944 kernel: \[664311.409716\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.108.122 DST=85.214.117.9	2019-12-28 00:58:41
attack	Dec 26 18:46:19 debian-2gb-nbg1-2 kernel: \[1035107.538055\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=29606 PROTO=TCP SPT=52508 DPT=5657 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-27 02:18:34
attack	Dec 26 06:34:48 debian-2gb-nbg1-2 kernel: \[991218.848148\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=46778 PROTO=TCP SPT=48244 DPT=5512 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-26 13:42:13
attack	Dec 25 18:31:00 debian-2gb-nbg1-2 kernel: \[947793.421270\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.122 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=11101 PROTO=TCP SPT=48244 DPT=4871 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-26 01:51:23
attackspambots	firewall-block, port(s): 4594/tcp, 4711/tcp, 4727/tcp, 4739/tcp, 4749/tcp, 4765/tcp, 4864/tcp, 4982/tcp, 5011/tcp, 5270/tcp, 5299/tcp, 5313/tcp, 5331/tcp, 5430/tcp, 5589/tcp, 5676/tcp	2019-12-25 16:27:03

相同子网IP讨论:

IP	类型	评论内容	时间
45.136.108.22	attackspambots	45.136.108.22 - - [31/Aug/2020:07:28:26 -0500] "- / HTTP/1.0" 400 219 000 0 0 0 15 282 0 0 0 NONE FIN FIN ERR_INVALID_REQ	2020-09-01 04:38:43
45.136.108.22	attack	Unauthorized connection attempt from IP address 45.136.108.22 on port 993	2020-08-29 02:06:36
45.136.108.24	attackspambots	SSH login attempts.	2020-08-22 23:35:58
45.136.108.22	attackspambots	Fail2Ban Ban Triggered	2020-08-19 09:11:16
45.136.108.65	attack	[14/Aug/2020:05:14:56 -0400] "\x03" Blank UA	2020-08-16 04:36:35
45.136.108.67	attack	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2261 [T]	2020-08-16 04:36:18
45.136.108.24	attackspam	Unauthorized connection attempt detected from IP address 45.136.108.24 to port 4453 [T]	2020-08-14 02:36:09
45.136.108.65	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.65 to port 968 [T]	2020-08-14 02:12:50
45.136.108.66	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.66 to port 1723 [T]	2020-08-14 02:12:33
45.136.108.68	attack	Unauthorized connection attempt detected from IP address 45.136.108.68 to port 3424 [T]	2020-08-14 02:12:09
45.136.108.22	attackbotsspam	Port scan detected	2020-08-14 01:49:56
45.136.108.67	attackspambots	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2925 [T]	2020-08-14 01:49:28
45.136.108.62	attack	Unauthorized connection attempt detected from IP address 45.136.108.62 to port 9055 [T]	2020-08-14 01:07:35
45.136.108.80	attackspambots	2020-08-12T12:42:42Z - RDP login failed multiple times. (45.136.108.80)	2020-08-12 22:09:08
45.136.108.18	attack	RDP brute forcing (r)	2020-08-04 21:39:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.108.122
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47111
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.108.122.			IN	A

;; AUTHORITY SECTION:
.			243	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122500 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 16:26:58 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 122.108.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 122.108.136.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
51.254.123.127	attack	Sep 5 16:13:45 kapalua sshd\[15285\]: Invalid user odoo from 51.254.123.127 Sep 5 16:13:45 kapalua sshd\[15285\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.ip-51-254-123.eu Sep 5 16:13:47 kapalua sshd\[15285\]: Failed password for invalid user odoo from 51.254.123.127 port 32922 ssh2 Sep 5 16:17:42 kapalua sshd\[15626\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=127.ip-51-254-123.eu user=www-data Sep 5 16:17:45 kapalua sshd\[15626\]: Failed password for www-data from 51.254.123.127 port 54033 ssh2	2019-09-06 10:21:13
118.70.81.87	attackspam	Unauthorized connection attempt from IP address 118.70.81.87 on Port 445(SMB)	2019-09-06 10:38:12
157.52.193.83	attackspambots	Brute force attempt	2019-09-06 10:52:20
138.68.220.196	attackspambots	firewall-block, port(s): 27017/tcp	2019-09-06 10:34:09
114.97.62.6	attack	Sep 5 21:01:01 relay postfix/smtpd\[14652\]: warning: unknown\[114.97.62.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 21:01:08 relay postfix/smtpd\[1172\]: warning: unknown\[114.97.62.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 21:01:19 relay postfix/smtpd\[28668\]: warning: unknown\[114.97.62.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 21:01:44 relay postfix/smtpd\[14652\]: warning: unknown\[114.97.62.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 5 21:01:51 relay postfix/smtpd\[28668\]: warning: unknown\[114.97.62.6\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-06 10:24:39
155.4.32.16	attackspambots	Sep 5 10:08:36 aiointranet sshd\[6827\]: Invalid user minecraftpassword from 155.4.32.16 Sep 5 10:08:36 aiointranet sshd\[6827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se Sep 5 10:08:38 aiointranet sshd\[6827\]: Failed password for invalid user minecraftpassword from 155.4.32.16 port 46467 ssh2 Sep 5 10:13:05 aiointranet sshd\[7258\]: Invalid user test4 from 155.4.32.16 Sep 5 10:13:05 aiointranet sshd\[7258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=h-32-16.a182.priv.bahnhof.se	2019-09-06 10:48:57
89.103.132.233	attackspam	Unauthorized connection attempt from IP address 89.103.132.233 on Port 445(SMB)	2019-09-06 10:32:38
104.248.30.249	attackbotsspam	Sep 5 22:34:49 ny01 sshd[17352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.30.249 Sep 5 22:34:51 ny01 sshd[17352]: Failed password for invalid user ubuntu from 104.248.30.249 port 38848 ssh2 Sep 5 22:38:25 ny01 sshd[18159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.30.249	2019-09-06 10:42:08
159.65.12.204	attack	Sep 5 16:14:54 hpm sshd\[5973\]: Invalid user q1w2e3 from 159.65.12.204 Sep 5 16:14:54 hpm sshd\[5973\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.12.204 Sep 5 16:14:56 hpm sshd\[5973\]: Failed password for invalid user q1w2e3 from 159.65.12.204 port 37896 ssh2 Sep 5 16:19:39 hpm sshd\[6374\]: Invalid user password from 159.65.12.204 Sep 5 16:19:39 hpm sshd\[6374\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.12.204	2019-09-06 10:34:42
190.64.68.178	attackbots	Sep 6 04:29:11 ns41 sshd[26290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.64.68.178	2019-09-06 10:36:20
119.196.83.22	attack	Sep 6 02:59:04 XXX sshd[18922]: Invalid user ofsaa from 119.196.83.22 port 58762	2019-09-06 10:42:32
87.247.240.48	attackbotsspam	Detected by ModSecurity. Request URI: /xmlrpc.php	2019-09-06 10:22:09
14.163.241.186	attackspam	Unauthorized connection attempt from IP address 14.163.241.186 on Port 445(SMB)	2019-09-06 10:26:52
190.128.230.14	attackspambots	Sep 6 03:47:47 SilenceServices sshd[13979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.230.14 Sep 6 03:47:49 SilenceServices sshd[13979]: Failed password for invalid user luser from 190.128.230.14 port 45950 ssh2 Sep 6 03:56:20 SilenceServices sshd[17125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.230.14	2019-09-06 10:14:21
31.208.65.235	attackbotsspam	Sep 5 21:57:55 server01 sshd\[4182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.208.65.235 user=root Sep 5 21:57:57 server01 sshd\[4182\]: Failed password for root from 31.208.65.235 port 43322 ssh2 Sep 5 22:01:44 server01 sshd\[4250\]: Invalid user sftpuser from 31.208.65.235 ...	2019-09-06 10:30:15

最近上报的IP列表

114.1.197.70	56.103.214.68	83.97.20.187	35.206.157.68
190.186.64.8	17.74.231.248	36.92.100.109	90.185.10.156
130.241.87.61	49.37.131.237	55.172.212.2	169.227.239.230
237.169.83.49	207.119.182.244	141.165.213.93	186.185.254.82
109.115.127.230	115.151.54.173	14.248.84.183	27.78.117.148