45.136.108.160

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): ComTrade LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Dec 23 15:59:54 debian-2gb-nbg1-2 kernel: \[765939.945595\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.160 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=25261 PROTO=TCP SPT=57559 DPT=7934 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-23 23:16:44
attackbotsspam	Dec 23 10:40:28 debian-2gb-nbg1-2 kernel: \[746774.965561\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.160 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=2519 PROTO=TCP SPT=42071 DPT=7647 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-23 17:50:14
attack	Dec 21 09:53:50 debian-2gb-nbg1-2 kernel: \[571188.567398\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.160 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=16478 PROTO=TCP SPT=51262 DPT=8514 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-21 17:03:01

类型

评论内容

时间

attackspam

Dec 23 15:59:54 debian-2gb-nbg1-2 kernel: \[765939.945595\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.160 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=25261 PROTO=TCP SPT=57559 DPT=7934 WINDOW=1024 RES=0x00 SYN URGP=0

2019-12-23 23:16:44

attackbotsspam

Dec 23 10:40:28 debian-2gb-nbg1-2 kernel: \[746774.965561\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.160 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=2519 PROTO=TCP SPT=42071 DPT=7647 WINDOW=1024 RES=0x00 SYN URGP=0

2019-12-23 17:50:14

attack

Dec 21 09:53:50 debian-2gb-nbg1-2 kernel: \[571188.567398\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.160 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=16478 PROTO=TCP SPT=51262 DPT=8514 WINDOW=1024 RES=0x00 SYN URGP=0

2019-12-21 17:03:01

相同子网IP讨论:

IP	类型	评论内容	时间
45.136.108.22	attackspambots	45.136.108.22 - - [31/Aug/2020:07:28:26 -0500] "- / HTTP/1.0" 400 219 000 0 0 0 15 282 0 0 0 NONE FIN FIN ERR_INVALID_REQ	2020-09-01 04:38:43
45.136.108.22	attack	Unauthorized connection attempt from IP address 45.136.108.22 on port 993	2020-08-29 02:06:36
45.136.108.24	attackspambots	SSH login attempts.	2020-08-22 23:35:58
45.136.108.22	attackspambots	Fail2Ban Ban Triggered	2020-08-19 09:11:16
45.136.108.65	attack	[14/Aug/2020:05:14:56 -0400] "\x03" Blank UA	2020-08-16 04:36:35
45.136.108.67	attack	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2261 [T]	2020-08-16 04:36:18
45.136.108.24	attackspam	Unauthorized connection attempt detected from IP address 45.136.108.24 to port 4453 [T]	2020-08-14 02:36:09
45.136.108.65	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.65 to port 968 [T]	2020-08-14 02:12:50
45.136.108.66	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.66 to port 1723 [T]	2020-08-14 02:12:33
45.136.108.68	attack	Unauthorized connection attempt detected from IP address 45.136.108.68 to port 3424 [T]	2020-08-14 02:12:09
45.136.108.22	attackbotsspam	Port scan detected	2020-08-14 01:49:56
45.136.108.67	attackspambots	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2925 [T]	2020-08-14 01:49:28
45.136.108.62	attack	Unauthorized connection attempt detected from IP address 45.136.108.62 to port 9055 [T]	2020-08-14 01:07:35
45.136.108.80	attackspambots	2020-08-12T12:42:42Z - RDP login failed multiple times. (45.136.108.80)	2020-08-12 22:09:08
45.136.108.18	attack	RDP brute forcing (r)	2020-08-04 21:39:59

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.108.160
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30136
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.108.160.			IN	A

;; AUTHORITY SECTION:
.			558	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122100 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 21 17:02:57 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 160.108.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 160.108.136.45.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
91.229.112.12	attackspam	firewall-block, port(s): 123/tcp, 3401/tcp, 5005/tcp, 5555/tcp, 8008/tcp, 8888/tcp	2020-09-05 23:35:35
212.200.118.98	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-09-05 23:16:18
37.187.16.30	attack	Time: Sat Sep 5 17:30:43 2020 +0200 IP: 37.187.16.30 (FR/France/server02.phus.ovh) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 5 17:11:31 mail-03 sshd[13674]: Invalid user ts3 from 37.187.16.30 port 40338 Sep 5 17:11:33 mail-03 sshd[13674]: Failed password for invalid user ts3 from 37.187.16.30 port 40338 ssh2 Sep 5 17:24:07 mail-03 sshd[13898]: Failed password for root from 37.187.16.30 port 39664 ssh2 Sep 5 17:30:40 mail-03 sshd[14043]: Invalid user jx from 37.187.16.30 port 45120 Sep 5 17:30:42 mail-03 sshd[14043]: Failed password for invalid user jx from 37.187.16.30 port 45120 ssh2	2020-09-05 23:39:02
113.172.226.24	attack	Honeypot attack, port: 5555, PTR: static.vnpt.vn.	2020-09-05 23:06:12
141.98.10.211	attack	2020-09-05T17:26:10.630653centos sshd[32517]: Invalid user admin from 141.98.10.211 port 33005 2020-09-05T17:26:12.441915centos sshd[32517]: Failed password for invalid user admin from 141.98.10.211 port 33005 ssh2 2020-09-05T17:26:50.368245centos sshd[32593]: Invalid user Admin from 141.98.10.211 port 46259 ...	2020-09-05 23:37:06
92.222.93.104	attackbotsspam	SSH Brute Force	2020-09-05 23:12:02
222.186.30.35	attackbots	Sep 5 17:29:01 minden010 sshd[17918]: Failed password for root from 222.186.30.35 port 22306 ssh2 Sep 5 17:29:12 minden010 sshd[17935]: Failed password for root from 222.186.30.35 port 41963 ssh2 ...	2020-09-05 23:32:51
180.166.117.254	attackbotsspam	2020-09-04 22:23:19.833673-0500 localhost sshd[78489]: Failed password for invalid user villa from 180.166.117.254 port 47381 ssh2	2020-09-05 23:02:56
185.200.118.53	attackspambots	3128/tcp 3389/tcp 1080/tcp... [2020-07-08/09-04]24pkt,4pt.(tcp),1pt.(udp)	2020-09-05 23:18:04
185.147.215.8	attackbotsspam	[2020-09-05 11:33:30] NOTICE[1194] chan_sip.c: Registration from '' failed for '185.147.215.8:56718' - Wrong password [2020-09-05 11:33:30] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-05T11:33:30.248-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8143",SessionID="0x7f2ddc0f4e48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/56718",Challenge="0771f279",ReceivedChallenge="0771f279",ReceivedHash="a20e419283ea8c757b16c393180ab45d" [2020-09-05 11:34:12] NOTICE[1194] chan_sip.c: Registration from '' failed for '185.147.215.8:52848' - Wrong password [2020-09-05 11:34:12] SECURITY[1233] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-05T11:34:12.071-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="8145",SessionID="0x7f2ddc0314b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8 ...	2020-09-05 23:37:27
121.46.244.194	attack	Sep 5 07:32:29 mavik sshd[26723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.244.194 Sep 5 07:32:31 mavik sshd[26723]: Failed password for invalid user maven from 121.46.244.194 port 28408 ssh2 Sep 5 07:35:58 mavik sshd[26926]: Invalid user odoo from 121.46.244.194 Sep 5 07:35:58 mavik sshd[26926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.244.194 Sep 5 07:36:00 mavik sshd[26926]: Failed password for invalid user odoo from 121.46.244.194 port 48471 ssh2 ...	2020-09-05 23:03:44
222.186.175.148	attackspambots	Sep 5 15:19:00 ip-172-31-61-156 sshd[21940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Sep 5 15:19:02 ip-172-31-61-156 sshd[21940]: Failed password for root from 222.186.175.148 port 63054 ssh2 ...	2020-09-05 23:19:49
118.163.191.109	attackbots	Honeypot attack, port: 81, PTR: 118-163-191-109.HINET-IP.hinet.net.	2020-09-05 23:15:48
112.85.42.89	attackspam	Sep 5 17:41:43 ns381471 sshd[17255]: Failed password for root from 112.85.42.89 port 34242 ssh2	2020-09-05 23:43:40
171.7.65.123	attack	Sep 4 05:48:34 kmh-wmh-003-nbg03 sshd[31272]: Invalid user user3 from 171.7.65.123 port 51274 Sep 4 05:48:34 kmh-wmh-003-nbg03 sshd[31272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.7.65.123 Sep 4 05:48:36 kmh-wmh-003-nbg03 sshd[31272]: Failed password for invalid user user3 from 171.7.65.123 port 51274 ssh2 Sep 4 05:48:37 kmh-wmh-003-nbg03 sshd[31272]: Received disconnect from 171.7.65.123 port 51274:11: Bye Bye [preauth] Sep 4 05:48:37 kmh-wmh-003-nbg03 sshd[31272]: Disconnected from 171.7.65.123 port 51274 [preauth] Sep 4 05:53:01 kmh-wmh-003-nbg03 sshd[31690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.7.65.123 user=r.r Sep 4 05:53:03 kmh-wmh-003-nbg03 sshd[31690]: Failed password for r.r from 171.7.65.123 port 58506 ssh2 Sep 4 05:53:04 kmh-wmh-003-nbg03 sshd[31690]: Received disconnect from 171.7.65.123 port 58506:11: Bye Bye [preauth] Sep 4 05:53:04 kmh-wmh........ -------------------------------	2020-09-05 23:39:32

最近上报的IP列表

223.178.164.10	71.231.143.131	116.98.148.96	31.162.48.29
183.60.205.26	43.226.148.238	101.36.179.159	206.189.233.20
141.98.80.122	158.69.121.204	180.124.243.17	42.118.234.141
37.122.4.217	217.146.67.63	122.51.212.198	31.167.67.2
87.117.180.78	191.249.103.135	5.178.87.175	80.84.57.93