180.182.245.145

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: CJ Hello Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Port probing on unauthorized port 8080	2020-06-22 18:43:29
attackbots	[portscan] tcp/23 [TELNET] *(RWIN=44738)(06240931)	2019-06-25 04:21:01

Comments on same subnet:

IP	Type	Details	Datetime
180.182.245.91	attackspambots	firewall-block, port(s): 8080/tcp	2020-04-03 04:37:44
180.182.245.94	attackbots	23/tcp 23/tcp [2019-12-15/2020-02-10]3pkt	2020-02-11 05:41:59
180.182.245.77	attackbots	Fail2Ban Ban Triggered	2020-01-31 13:46:41
180.182.245.133	attackspam	2323/tcp 23/tcp [2020-01-13/27]2pkt	2020-01-28 03:54:39
180.182.245.136	attackbots	unauthorized connection attempt	2020-01-12 16:53:29
180.182.245.83	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-12 21:41:16
180.182.245.93	attackspambots	23/tcp [2019-10-28]1pkt	2019-10-28 14:48:06
180.182.245.132	attackspam	8080/tcp [2019-09-27/10-15]2pkt	2019-10-16 06:52:17
180.182.245.132	attack	2323/tcp... [2019-06-03/07-11]4pkt,2pt.(tcp)	2019-07-11 17:25:08
180.182.245.93	attackbots	3389BruteforceFW21	2019-06-26 06:43:00
180.182.245.143	attackbots	" "	2019-06-24 10:51:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.182.245.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59571
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.182.245.145.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 25 04:20:56 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 145.245.182.180.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 145.245.182.180.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.89.113.252	attackspam	Aug 26 08:52:51 rancher-0 sshd[1279932]: Invalid user intern from 118.89.113.252 port 60970 ...	2020-08-26 15:09:07
51.15.114.170	attackspam	Aug 26 04:52:52 shivevps sshd[3824]: Bad protocol version identification '\024' from 51.15.114.170 port 49716 Aug 26 04:52:54 shivevps sshd[3972]: Bad protocol version identification '\024' from 51.15.114.170 port 50592 Aug 26 04:52:55 shivevps sshd[4037]: Bad protocol version identification '\024' from 51.15.114.170 port 51056 ...	2020-08-26 14:38:24
169.255.75.117	attack	Aug 26 04:41:44 shivevps sshd[25917]: Bad protocol version identification '\024' from 169.255.75.117 port 56186 Aug 26 04:44:18 shivevps sshd[30996]: Bad protocol version identification '\024' from 169.255.75.117 port 60709 Aug 26 04:44:21 shivevps sshd[31104]: Bad protocol version identification '\024' from 169.255.75.117 port 60791 ...	2020-08-26 15:05:27
117.239.149.94	attackbots	[Wed Aug 26 10:53:34.803560 2020] [:error] [pid 30543:tid 139707031746304] [client 117.239.149.94:63017] [client 117.239.149.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/manager/html"] [unique_id "X0XcviXBG@3tAFpdD8koaAAAAnY"] ...	2020-08-26 15:14:11
120.53.243.163	attack	Invalid user asterisk from 120.53.243.163 port 45734	2020-08-26 15:01:13
87.117.169.23	attack	Aug 26 04:42:20 shivevps sshd[26507]: Bad protocol version identification '\024' from 87.117.169.23 port 34166 Aug 26 04:44:07 shivevps sshd[30645]: Bad protocol version identification '\024' from 87.117.169.23 port 38810 Aug 26 04:44:20 shivevps sshd[31067]: Bad protocol version identification '\024' from 87.117.169.23 port 39463 Aug 26 04:44:21 shivevps sshd[31115]: Bad protocol version identification '\024' from 87.117.169.23 port 39543 ...	2020-08-26 15:16:59
41.66.75.247	attackspambots	Aug 26 04:38:54 shivevps sshd[21573]: Bad protocol version identification '\024' from 41.66.75.247 port 35720 Aug 26 04:43:34 shivevps sshd[29416]: Bad protocol version identification '\024' from 41.66.75.247 port 41933 Aug 26 04:44:08 shivevps sshd[30657]: Bad protocol version identification '\024' from 41.66.75.247 port 42337 Aug 26 04:44:15 shivevps sshd[30806]: Bad protocol version identification '\024' from 41.66.75.247 port 42408 ...	2020-08-26 14:57:28
122.51.221.250	attackspambots	Aug 26 07:51:01 vps647732 sshd[9571]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.221.250 Aug 26 07:51:03 vps647732 sshd[9571]: Failed password for invalid user cct from 122.51.221.250 port 47326 ssh2 ...	2020-08-26 15:03:45
181.48.138.242	attackspambots	Aug 26 02:11:04 george sshd[19349]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.138.242 Aug 26 02:11:06 george sshd[19349]: Failed password for invalid user matilda from 181.48.138.242 port 59310 ssh2 Aug 26 02:15:15 george sshd[19427]: Invalid user ifp from 181.48.138.242 port 38734 Aug 26 02:15:15 george sshd[19427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.138.242 Aug 26 02:15:18 george sshd[19427]: Failed password for invalid user ifp from 181.48.138.242 port 38734 ssh2 ...	2020-08-26 15:00:51
94.141.235.180	attack	Aug 26 04:42:39 shivevps sshd[27591]: Bad protocol version identification '\024' from 94.141.235.180 port 46323 Aug 26 04:44:15 shivevps sshd[30795]: Bad protocol version identification '\024' from 94.141.235.180 port 47736 Aug 26 04:44:20 shivevps sshd[31082]: Bad protocol version identification '\024' from 94.141.235.180 port 47914 Aug 26 04:44:22 shivevps sshd[31169]: Bad protocol version identification '\024' from 94.141.235.180 port 47971 ...	2020-08-26 14:53:16
47.33.161.231	attackspam	Aug 25 23:53:33 aragorn sshd[28267]: Invalid user admin from 47.33.161.231 Aug 25 23:53:34 aragorn sshd[28269]: Invalid user admin from 47.33.161.231 Aug 25 23:53:35 aragorn sshd[28273]: Invalid user admin from 47.33.161.231 Aug 25 23:53:36 aragorn sshd[28275]: Invalid user admin from 47.33.161.231 ...	2020-08-26 15:13:38
140.207.96.235	attackspambots	Aug 26 08:30:10 OPSO sshd\[27834\]: Invalid user my from 140.207.96.235 port 33792 Aug 26 08:30:10 OPSO sshd\[27834\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.96.235 Aug 26 08:30:12 OPSO sshd\[27834\]: Failed password for invalid user my from 140.207.96.235 port 33792 ssh2 Aug 26 08:31:33 OPSO sshd\[28464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.207.96.235 user=root Aug 26 08:31:35 OPSO sshd\[28464\]: Failed password for root from 140.207.96.235 port 33302 ssh2	2020-08-26 14:57:05
5.188.84.119	attack	0,31-01/02 [bc01/m16] PostRequest-Spammer scoring: Lusaka01	2020-08-26 14:48:36
179.109.1.93	attackbotsspam	Aug 26 04:52:53 shivevps sshd[3850]: Bad protocol version identification '\024' from 179.109.1.93 port 55480 Aug 26 04:52:53 shivevps sshd[3915]: Bad protocol version identification '\024' from 179.109.1.93 port 55484 Aug 26 04:52:54 shivevps sshd[4008]: Bad protocol version identification '\024' from 179.109.1.93 port 55488 ...	2020-08-26 14:39:51
222.186.180.17	attackbotsspam	Aug 25 23:32:36 dignus sshd[8005]: Failed password for root from 222.186.180.17 port 57912 ssh2 Aug 25 23:32:39 dignus sshd[8005]: Failed password for root from 222.186.180.17 port 57912 ssh2 Aug 25 23:32:42 dignus sshd[8005]: Failed password for root from 222.186.180.17 port 57912 ssh2 Aug 25 23:32:46 dignus sshd[8005]: Failed password for root from 222.186.180.17 port 57912 ssh2 Aug 25 23:32:49 dignus sshd[8005]: Failed password for root from 222.186.180.17 port 57912 ssh2 ...	2020-08-26 14:43:24

Recently Reported IPs

129.98.214.222	116.96.152.84	146.0.200.152	203.72.249.44
5.61.174.116	125.234.109.236	123.136.30.98	122.55.251.110
120.253.198.103	120.57.118.76	119.54.32.74	118.97.112.74
118.70.128.68	117.206.81.73	116.100.190.49	104.184.200.156
103.228.0.17	167.74.188.31	103.225.95.197	13.169.190.65