City: unknown
Region: unknown
Country: Portugal
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.156.128.17 | attack | Malicious IP |
2024-04-15 12:12:05 |
| 45.156.128.22 | botsattack | port attack |
2024-03-10 17:48:47 |
| 45.156.128.27 | attack | hacking |
2024-02-16 13:30:44 |
| 45.156.128.36 | proxy | VPN fraud |
2023-05-31 12:39:57 |
| 45.156.128.33 | proxy | VPN fraud |
2023-05-31 12:37:48 |
| 45.156.128.20 | proxy | VPN fraud connection |
2023-05-22 13:09:02 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 45.154.220.0 - 45.157.167.255
CIDR: 45.155.0.0/16, 45.154.224.0/19, 45.154.220.0/22, 45.156.0.0/16, 45.157.0.0/17, 45.157.160.0/21, 45.157.128.0/19
NetName: RIPE
NetHandle: NET-45-154-220-0-1
Parent: NET45 (NET-45-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2014-05-22
Updated: 2025-02-10
Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois.
Ref: https://rdap.arin.net/registry/ip/45.154.220.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.ripe.net
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
ReferralServer: whois.ripe.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.156.128.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42135
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;45.156.128.173. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026061801 1800 900 604800 86400
;; Query time: 29 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 19 04:30:08 CST 2026
;; MSG SIZE rcvd: 107173.128.156.45.in-addr.arpa domain name pointer sh-ams-nl-gp6-wk130b.internet-census.org.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
173.128.156.45.in-addr.arpa name = sh-ams-nl-gp6-wk130b.internet-census.org.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 123.243.25.76 | attackspam | detected by Fail2Ban |
2020-02-19 06:26:50 |
| 83.30.105.73 | attackspambots | Automatic report - Port Scan Attack |
2020-02-19 06:11:06 |
| 118.97.79.211 | attackspambots | Feb 18 22:55:32 srv-ubuntu-dev3 sshd[93403]: Invalid user ftp from 118.97.79.211 Feb 18 22:55:32 srv-ubuntu-dev3 sshd[93403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.79.211 Feb 18 22:55:32 srv-ubuntu-dev3 sshd[93403]: Invalid user ftp from 118.97.79.211 Feb 18 22:55:33 srv-ubuntu-dev3 sshd[93403]: Failed password for invalid user ftp from 118.97.79.211 port 43615 ssh2 Feb 18 22:59:06 srv-ubuntu-dev3 sshd[93739]: Invalid user user from 118.97.79.211 Feb 18 22:59:06 srv-ubuntu-dev3 sshd[93739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.79.211 Feb 18 22:59:06 srv-ubuntu-dev3 sshd[93739]: Invalid user user from 118.97.79.211 Feb 18 22:59:08 srv-ubuntu-dev3 sshd[93739]: Failed password for invalid user user from 118.97.79.211 port 58342 ssh2 Feb 18 23:02:37 srv-ubuntu-dev3 sshd[94157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.79.21 ... |
2020-02-19 06:23:33 |
| 115.159.185.71 | attackbotsspam | Feb 19 01:22:45 server sshd\[20912\]: Invalid user user3 from 115.159.185.71 Feb 19 01:22:45 server sshd\[20912\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.185.71 Feb 19 01:22:47 server sshd\[20912\]: Failed password for invalid user user3 from 115.159.185.71 port 50044 ssh2 Feb 19 01:27:53 server sshd\[21753\]: Invalid user backup from 115.159.185.71 Feb 19 01:27:53 server sshd\[21753\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.185.71 ... |
2020-02-19 06:28:43 |
| 112.85.42.173 | attack | Feb 18 22:29:02 localhost sshd\[90938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173 user=root Feb 18 22:29:04 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 Feb 18 22:29:07 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 Feb 18 22:29:10 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 Feb 18 22:29:14 localhost sshd\[90938\]: Failed password for root from 112.85.42.173 port 8681 ssh2 ... |
2020-02-19 06:35:12 |
| 182.140.235.149 | attackbots | Portscan or hack attempt detected by psad/fwsnort |
2020-02-19 06:19:40 |
| 112.85.42.188 | attack | 02/18/2020-17:29:04.680700 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan |
2020-02-19 06:29:12 |
| 185.86.164.109 | attack | brute force on admin |
2020-02-19 06:24:35 |
| 195.208.130.130 | attack | Unauthorised access (Feb 19) SRC=195.208.130.130 LEN=40 PREC=0x20 TTL=50 ID=4362 TCP DPT=23 WINDOW=1992 SYN |
2020-02-19 06:34:10 |
| 195.43.5.11 | attack | TCP Port Scanning |
2020-02-19 06:36:38 |
| 94.191.89.84 | attackbots | SSH Bruteforce attack |
2020-02-19 05:59:36 |
| 181.221.208.229 | attack | Unauthorized connection attempt from IP address 181.221.208.229 on Port 445(SMB) |
2020-02-19 06:34:38 |
| 148.70.18.221 | attackspambots | Feb 18 20:01:01 goofy sshd\[25189\]: Invalid user debian from 148.70.18.221 Feb 18 20:01:01 goofy sshd\[25189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.18.221 Feb 18 20:01:02 goofy sshd\[25189\]: Failed password for invalid user debian from 148.70.18.221 port 48318 ssh2 Feb 18 20:04:23 goofy sshd\[25338\]: Invalid user user14 from 148.70.18.221 Feb 18 20:04:23 goofy sshd\[25338\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.18.221 |
2020-02-19 06:02:11 |
| 193.31.24.113 | attack | 02/18/2020-23:02:52.462719 193.31.24.113 Protocol: 6 SURICATA TLS invalid record/traffic |
2020-02-19 06:16:18 |
| 209.50.143.181 | attackbotsspam | Unauthorized connection attempt from IP address 209.50.143.181 on Port 445(SMB) |
2020-02-19 06:28:04 |