Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Oracle Corporation

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackbotsspam
SSH bruteforce (Triggered fail2ban)
2019-08-15 05:19:20
attack
Aug  6 16:28:10 icinga sshd[23051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45
Aug  6 16:28:12 icinga sshd[23051]: Failed password for invalid user jetaero from 129.145.2.45 port 42067 ssh2
...
2019-08-07 01:12:01
attackbotsspam
Aug  6 04:48:05 microserver sshd[28886]: Invalid user www from 129.145.2.45 port 27728
Aug  6 04:48:05 microserver sshd[28886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45
Aug  6 04:48:08 microserver sshd[28886]: Failed password for invalid user www from 129.145.2.45 port 27728 ssh2
Aug  6 04:57:17 microserver sshd[30664]: Invalid user hector from 129.145.2.45 port 22339
Aug  6 04:57:17 microserver sshd[30664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45
Aug  6 05:11:52 microserver sshd[33405]: Invalid user save from 129.145.2.45 port 42474
Aug  6 05:11:52 microserver sshd[33405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45
Aug  6 05:11:54 microserver sshd[33405]: Failed password for invalid user save from 129.145.2.45 port 42474 ssh2
Aug  6 05:16:26 microserver sshd[34308]: Invalid user mathilda from 129.145.2.45 port 11509
Aug  6 05:16:26
2019-08-06 11:58:59
attackspambots
Aug  2 16:10:46 vps691689 sshd[21842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45
Aug  2 16:10:48 vps691689 sshd[21842]: Failed password for invalid user vanderlei from 129.145.2.45 port 41409 ssh2
...
2019-08-02 23:18:36
attack
Jul 28 23:55:17 dedicated sshd[16985]: Invalid user sad012 from 129.145.2.45 port 13507
2019-07-29 09:15:44
Comments on same subnet:
IP Type Details Datetime
129.145.2.238 attackspam
srvr2: (mod_security) mod_security (id:920350) triggered by 129.145.2.238 (US/-/oc-129-145-2-238.compute.oraclecloud.com): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/09 09:11:08 [error] 862802#0: *405716 [client 129.145.2.238] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host'  [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "15996354686.524278"] [ref "o0,17v21,17"], client: 129.145.2.238, [redacted] request: "GET / HTTP/1.1" [redacted]
2020-09-10 02:21:06
129.145.2.238 attack
srvr3: (mod_security) mod_security (id:920350) triggered by 129.145.2.238 (US/United States/oc-129-145-2-238.compute.oraclecloud.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/16 09:19:38 [error] 68179#0: *15814 [client 129.145.2.238] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host'  [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159756237818.407985"] [ref "o0,18v21,18"], client: 129.145.2.238, [redacted] request: "GET / HTTP/1.1" [redacted]
2020-08-16 19:43:35
129.145.21.172 attackbots
From bounce@info.sgs.com Tue Jun 02 09:02:02 2020
Received: from mail01.info.sgs.com ([129.145.21.172]:28331)
2020-06-03 02:17:47
129.145.2.238 attack
port scan and connect, tcp 22 (ssh)
2020-04-21 01:44:08
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.145.2.45
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48805
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;129.145.2.45.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Jul 29 09:15:39 CST 2019
;; MSG SIZE  rcvd: 116
Host info
45.2.145.129.in-addr.arpa domain name pointer oc-129-145-2-45.compute.oraclecloud.com.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
45.2.145.129.in-addr.arpa	name = oc-129-145-2-45.compute.oraclecloud.com.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
47.40.20.138 attackspambots
2019-12-21T16:00:13.3516141240 sshd\[12852\]: Invalid user ubuntu from 47.40.20.138 port 59000
2019-12-21T16:00:13.3541671240 sshd\[12852\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.40.20.138
2019-12-21T16:00:15.3416241240 sshd\[12852\]: Failed password for invalid user ubuntu from 47.40.20.138 port 59000 ssh2
...
2019-12-22 02:54:47
71.189.47.10 attackbots
Dec 21 17:58:47 server sshd\[2896\]: Invalid user bacem from 71.189.47.10
Dec 21 17:58:47 server sshd\[2896\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.ehmsllc.com 
Dec 21 17:58:49 server sshd\[2896\]: Failed password for invalid user bacem from 71.189.47.10 port 64015 ssh2
Dec 21 18:04:28 server sshd\[4327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mail.ehmsllc.com  user=root
Dec 21 18:04:29 server sshd\[4327\]: Failed password for root from 71.189.47.10 port 33417 ssh2
...
2019-12-22 03:13:55
202.184.35.206 attackspambots
Automatic report - Port Scan Attack
2019-12-22 02:47:24
51.38.33.178 attack
Dec  1 04:56:55 microserver sshd[24071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.33.178  user=root
Dec  1 04:56:57 microserver sshd[24071]: Failed password for root from 51.38.33.178 port 42167 ssh2
Dec  1 04:59:41 microserver sshd[24227]: Invalid user napoleoni from 51.38.33.178 port 59534
Dec  1 04:59:41 microserver sshd[24227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.33.178
Dec  1 04:59:43 microserver sshd[24227]: Failed password for invalid user napoleoni from 51.38.33.178 port 59534 ssh2
Dec  1 05:10:44 microserver sshd[26114]: Invalid user schoettle from 51.38.33.178 port 44305
Dec  1 05:10:44 microserver sshd[26114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.33.178
Dec  1 05:10:46 microserver sshd[26114]: Failed password for invalid user schoettle from 51.38.33.178 port 44305 ssh2
Dec  1 05:13:36 microserver sshd[26301]: Invalid user jouanny fro
2019-12-22 02:52:03
106.12.16.107 attackspambots
Dec 21 19:41:58 vserver sshd\[24895\]: Invalid user build from 106.12.16.107Dec 21 19:42:00 vserver sshd\[24895\]: Failed password for invalid user build from 106.12.16.107 port 42814 ssh2Dec 21 19:50:57 vserver sshd\[24948\]: Invalid user stawski from 106.12.16.107Dec 21 19:51:00 vserver sshd\[24948\]: Failed password for invalid user stawski from 106.12.16.107 port 40574 ssh2
...
2019-12-22 02:56:00
58.144.150.135 attackbotsspam
58.144.150.135 - - \[21/Dec/2019:15:52:02 +0100\] "GET /goip/cron.htm HTTP/1.1" 403 459 "-" "Mozilla/4.0 \(compatible\; MSIE 7.0\; Windows NT 6.1\; WOW64\; Trident/5.0\; SLCC2\; .NET CLR 2.0.50727\; .NET CLR 3.5.30729\; .NET CLR 3.0.30729\; Media Center PC 6.0\; .NET4.0C\; .NET4.0E\; InfoPath.3\; KB974488\)"
58.144.150.135 - - \[21/Dec/2019:15:52:02 +0100\] "GET / HTTP/1.1" 403 446 "-" "Mozilla/4.0 \(compatible\; MSIE 7.0\; Windows NT 6.1\; WOW64\; Trident/5.0\; SLCC2\; .NET CLR 2.0.50727\; .NET CLR 3.5.30729\; .NET CLR 3.0.30729\; Media Center PC 6.0\; .NET4.0C\; .NET4.0E\; InfoPath.3\; KB974488\)"
58.144.150.135 - - \[21/Dec/2019:15:52:03 +0100\] "GET /index.html\?findcli=-1 HTTP/1.1" 403 456 "-" "Mozilla/4.0 \(compatible\; MSIE 7.0\; Windows NT 6.1\; WOW64\; Trident/5.0\; SLCC2\; .NET CLR 2.0.50727\; .NET CLR 3.5.30729\; .NET CLR 3.0.30729\; Media Center PC 6.0\; .NET4.0C\; .NET4.0E\; InfoPath.3\; KB974488\)"
...
2019-12-22 03:00:40
119.29.65.240 attackspambots
$f2bV_matches
2019-12-22 03:00:16
51.68.230.54 attackbotsspam
Dec 21 19:16:54 nextcloud sshd\[22247\]: Invalid user user3 from 51.68.230.54
Dec 21 19:16:54 nextcloud sshd\[22247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.230.54
Dec 21 19:16:56 nextcloud sshd\[22247\]: Failed password for invalid user user3 from 51.68.230.54 port 50238 ssh2
...
2019-12-22 02:49:28
165.22.78.222 attackspam
Dec 21 04:58:35 web1 sshd\[9397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.222  user=root
Dec 21 04:58:37 web1 sshd\[9397\]: Failed password for root from 165.22.78.222 port 43618 ssh2
Dec 21 05:03:50 web1 sshd\[9979\]: Invalid user named from 165.22.78.222
Dec 21 05:03:50 web1 sshd\[9979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.78.222
Dec 21 05:03:52 web1 sshd\[9979\]: Failed password for invalid user named from 165.22.78.222 port 47874 ssh2
2019-12-22 02:57:23
117.50.13.29 attackbotsspam
Dec 21 20:07:03 server sshd\[6087\]: Invalid user user from 117.50.13.29
Dec 21 20:07:03 server sshd\[6087\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 
Dec 21 20:07:05 server sshd\[6087\]: Failed password for invalid user user from 117.50.13.29 port 59346 ssh2
Dec 21 20:33:29 server sshd\[13063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29  user=root
Dec 21 20:33:31 server sshd\[13063\]: Failed password for root from 117.50.13.29 port 55616 ssh2
...
2019-12-22 03:19:23
68.183.48.172 attackbotsspam
2019-12-21T19:33:52.066237  sshd[20249]: Invalid user 123456 from 68.183.48.172 port 44458
2019-12-21T19:33:52.080537  sshd[20249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172
2019-12-21T19:33:52.066237  sshd[20249]: Invalid user 123456 from 68.183.48.172 port 44458
2019-12-21T19:33:54.558633  sshd[20249]: Failed password for invalid user 123456 from 68.183.48.172 port 44458 ssh2
2019-12-21T19:39:32.133759  sshd[20332]: Invalid user v9p57z56 from 68.183.48.172 port 46711
...
2019-12-22 02:59:46
51.255.168.202 attackbotsspam
Dec 21 07:08:07 tdfoods sshd\[2108\]: Invalid user jjjjjjjj from 51.255.168.202
Dec 21 07:08:07 tdfoods sshd\[2108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.ip-51-255-168.eu
Dec 21 07:08:09 tdfoods sshd\[2108\]: Failed password for invalid user jjjjjjjj from 51.255.168.202 port 39398 ssh2
Dec 21 07:13:11 tdfoods sshd\[2700\]: Invalid user brucker from 51.255.168.202
Dec 21 07:13:11 tdfoods sshd\[2700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.ip-51-255-168.eu
2019-12-22 02:54:19
185.127.24.213 attack
Dec 21 17:15:54 lnxweb61 sshd[24439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.127.24.213
2019-12-22 02:55:38
113.164.8.154 attackbots
Unauthorized connection attempt detected from IP address 113.164.8.154 to port 445
2019-12-22 02:49:06
68.183.190.34 attackspam
Dec 21 15:35:58 wh01 sshd[9404]: Invalid user test from 68.183.190.34 port 53162
Dec 21 15:35:58 wh01 sshd[9404]: Failed password for invalid user test from 68.183.190.34 port 53162 ssh2
Dec 21 15:35:58 wh01 sshd[9404]: Received disconnect from 68.183.190.34 port 53162:11: Bye Bye [preauth]
Dec 21 15:35:58 wh01 sshd[9404]: Disconnected from 68.183.190.34 port 53162 [preauth]
Dec 21 15:47:45 wh01 sshd[10477]: Invalid user sara from 68.183.190.34 port 57318
Dec 21 15:47:45 wh01 sshd[10477]: Failed password for invalid user sara from 68.183.190.34 port 57318 ssh2
Dec 21 15:47:46 wh01 sshd[10477]: Received disconnect from 68.183.190.34 port 57318:11: Bye Bye [preauth]
Dec 21 15:47:46 wh01 sshd[10477]: Disconnected from 68.183.190.34 port 57318 [preauth]
Dec 21 16:13:23 wh01 sshd[12922]: Invalid user klevesahl from 68.183.190.34 port 54104
Dec 21 16:13:23 wh01 sshd[12922]: Failed password for invalid user klevesahl from 68.183.190.34 port 54104 ssh2
Dec 21 16:39:38 wh01 sshd[15016]: Failed
2019-12-22 02:48:21

Recently Reported IPs

109.194.149.133 115.178.24.72 202.148.4.100 128.199.154.85
14.248.75.136 138.97.224.220 62.109.11.25 177.54.195.82
2a01:4f8:202:4381::2 51.82.234.78 177.21.131.117 183.6.159.236
45.4.254.86 185.123.220.178 203.196.52.45 51.75.70.30
45.76.238.132 58.210.169.162 207.37.92.140 59.88.68.222