必须是合法有效的IP地址, 可以是IPv4或者是IPv6, 例如127.0.0.1或者2001:DB8:0:0:8:800:200C:417A
基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Germany

运营商(isp): ComTrade LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:
类型 评论内容 时间
attackspambots
MultiHost/MultiPort Probe, Scan, Hack -
2019-11-01 02:15:26
attackspam
Oct 25 13:01:32 mc1 kernel: \[3287632.951781\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.207 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=21979 PROTO=TCP SPT=51124 DPT=9053 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 25 13:06:01 mc1 kernel: \[3287901.360932\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.207 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=23677 PROTO=TCP SPT=51124 DPT=8050 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 25 13:08:23 mc1 kernel: \[3288043.299608\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=45.136.109.207 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=31175 PROTO=TCP SPT=51124 DPT=8065 WINDOW=1024 RES=0x00 SYN URGP=0 
...
2019-10-25 19:23:51
attackbots
Oct 12 11:38:15 h2177944 kernel: \[3749122.845379\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.207 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=57897 PROTO=TCP SPT=43777 DPT=3362 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 12 11:42:58 h2177944 kernel: \[3749406.164028\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.207 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=26684 PROTO=TCP SPT=43777 DPT=3327 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 12 11:46:28 h2177944 kernel: \[3749615.765224\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.207 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=26122 PROTO=TCP SPT=43777 DPT=3392 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 12 11:55:46 h2177944 kernel: \[3750174.247894\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.207 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=29351 PROTO=TCP SPT=43777 DPT=3376 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 12 12:09:10 h2177944 kernel: \[3750977.325503\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.109.207 DST=85.214.
2019-10-12 18:45:36
相同子网IP讨论:
IP 类型 评论内容 时间
45.136.109.219 attackspambots
ET CINS Active Threat Intelligence Poor Reputation IP group 26 - port: 6000 proto: tcp cat: Misc Attackbytes: 60
2020-08-19 23:39:13
45.136.109.219 attackspam
slow and persistent scanner
2020-08-17 20:34:11
45.136.109.251 attackbotsspam
Port scanning [3 denied]
2020-08-14 14:18:15
45.136.109.219 attackbots
 TCP (SYN) 45.136.109.219:50230 -> port 53, len 44
2020-08-07 08:11:38
45.136.109.219 attackbotsspam
[Tue Aug 04 17:47:28 2020] - DDoS Attack From IP: 45.136.109.219 Port: 41096
2020-08-06 18:31:50
45.136.109.219 attack
 TCP (SYN) 45.136.109.219:43869 -> port 53, len 44
2020-08-05 23:34:34
45.136.109.158 attack
Unauthorized connection attempt detected from IP address 45.136.109.158 to port 3389
2020-07-22 15:39:59
45.136.109.87 attack
BruteForce RDP attempts from 45.136.109.175
2020-07-17 14:21:12
45.136.109.158 attack
SmallBizIT.US 2 packets to tcp(3389,3391)
2020-07-07 12:28:14
45.136.109.158 attackbots
Unauthorized connection attempt detected from IP address 45.136.109.158 to port 4489 [T]
2020-07-05 22:47:55
45.136.109.175 attackspambots
Icarus honeypot on github
2020-07-02 08:25:18
45.136.109.251 attackbots
Multiport scan : 15 ports scanned 2888 3381 3382 3402 3420 3501 3502 4003 4018 5909 7926 8093 9000 9261 9833
2020-06-21 07:47:48
45.136.109.219 attackbots
ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 6389 proto: TCP cat: Misc Attack
2020-06-06 08:47:05
45.136.109.222 attackspam
Mar 22 03:57:09 src: 45.136.109.222 signature match: "BACKDOOR NetSphere Connection attempt" (sid: 100044) tcp port: 30100
2020-03-22 12:01:46
45.136.109.222 attackbotsspam
Mar 18 22:14:16 src: 45.136.109.222 signature match: "BACKDOOR Subseven connection attempt" (sid: 100207) tcp port: 27374
2020-03-19 06:22:33
WHOIS信息:
b
DIG信息:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.109.207
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26556
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.109.207.			IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101200 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 12 18:45:33 CST 2019
;; MSG SIZE  rcvd: 118
HOST信息:
Host 207.109.136.45.in-addr.arpa. not found: 3(NXDOMAIN)
NSLOOKUP信息:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 207.109.136.45.in-addr.arpa: NXDOMAIN
相关IP信息:
最新评论:
IP 类型 评论内容 时间
183.109.134.225 attackbots
Honeypot attack, port: 5555, PTR: PTR record not found
2020-01-06 07:57:53
211.220.27.191 attackspam
Jan  6 00:52:46 MK-Soft-VM8 sshd[16913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.220.27.191 
Jan  6 00:52:47 MK-Soft-VM8 sshd[16913]: Failed password for invalid user xena from 211.220.27.191 port 42380 ssh2
...
2020-01-06 07:58:21
110.72.251.22 attackspambots
B: f2b 404 5x
2020-01-06 08:08:28
49.88.112.75 attack
Jan  6 05:02:50 gw1 sshd[3543]: Failed password for root from 49.88.112.75 port 39247 ssh2
...
2020-01-06 08:04:38
111.226.238.40 attack
Honeypot attack, port: 23, PTR: PTR record not found
2020-01-06 08:09:49
92.8.184.184 attackspam
Unauthorized connection attempt detected from IP address 92.8.184.184 to port 80 [J]
2020-01-06 08:10:11
1.34.107.92 attackspambots
Jan  5 13:10:12 hanapaa sshd\[29970\]: Invalid user ymo from 1.34.107.92
Jan  5 13:10:12 hanapaa sshd\[29970\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-107-92.hinet-ip.hinet.net
Jan  5 13:10:14 hanapaa sshd\[29970\]: Failed password for invalid user ymo from 1.34.107.92 port 55399 ssh2
Jan  5 13:15:37 hanapaa sshd\[30515\]: Invalid user cj from 1.34.107.92
Jan  5 13:15:37 hanapaa sshd\[30515\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1-34-107-92.hinet-ip.hinet.net
2020-01-06 08:15:25
117.158.243.78 attackbotsspam
Unauthorized connection attempt detected from IP address 117.158.243.78 to port 80 [J]
2020-01-06 08:18:04
201.16.247.143 attackspam
Jan  5 19:48:05 ws12vmsma01 sshd[14687]: Invalid user beyondbeyond from 201.16.247.143
Jan  5 19:48:06 ws12vmsma01 sshd[14687]: Failed password for invalid user beyondbeyond from 201.16.247.143 port 47374 ssh2
Jan  5 19:48:29 ws12vmsma01 sshd[14738]: Invalid user bezaliel from 201.16.247.143
...
2020-01-06 08:07:27
190.98.210.83 attack
1578260941 - 01/05/2020 22:49:01 Host: 190.98.210.83/190.98.210.83 Port: 445 TCP Blocked
2020-01-06 08:00:10
132.145.16.205 attackspambots
Tried to connect to Port 22 (12x)
2020-01-06 08:32:08
46.158.39.199 attackspambots
1578260927 - 01/05/2020 22:48:47 Host: 46.158.39.199/46.158.39.199 Port: 445 TCP Blocked
2020-01-06 08:10:40
173.198.52.58 attack
Unauthorized connection attempt detected from IP address 173.198.52.58 to port 81 [J]
2020-01-06 08:02:58
189.219.141.142 attackspam
Telnet/23 MH Probe, BF, Hack -
2020-01-06 08:30:59
95.134.195.166 attackbots
Unauthorized connection attempt detected from IP address 95.134.195.166 to port 1433 [J]
2020-01-06 08:19:46

最近上报的IP列表

92.225.91.169 223.178.167.17 245.183.26.44 80.255.5.219
91.132.139.119 220.144.45.42 89.107.250.14 139.101.147.124
104.248.93.179 176.109.184.155 60.50.121.122 146.169.254.12
114.225.221.100 235.223.9.105 54.36.148.200 93.174.89.190
183.145.60.212 37.212.235.149 68.11.26.186 104.238.120.38