Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Portugal

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
No discussion about this IP yet. Click above link to make one.
Comments on same subnet:
IP Type Details Datetime
45.156.129.32 attack
Malicious IP
2024-06-11 21:03:25
45.156.129.23 attack
hacking
2024-02-21 16:21:38
Whois info:
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       45.154.220.0 - 45.157.167.255
CIDR:           45.157.128.0/19, 45.157.0.0/17, 45.156.0.0/16, 45.154.224.0/19, 45.155.0.0/16, 45.157.160.0/21, 45.154.220.0/22
NetName:        RIPE
NetHandle:      NET-45-154-220-0-1
Parent:         NET45 (NET-45-0-0-0-0)
NetType:        Early Registrations, Transferred to RIPE NCC
OriginAS:       
Organization:   RIPE Network Coordination Centre (RIPE)
RegDate:        2014-05-22
Updated:        2025-02-10
Comment:        These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois.
Ref:            https://rdap.arin.net/registry/ip/45.154.220.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois.ripe.net


OrgName:        RIPE Network Coordination Centre
OrgId:          RIPE
Address:        P.O. Box 10096
City:           Amsterdam
StateProv:      
PostalCode:     1001EB
Country:        NL
RegDate:        
Updated:        2013-07-29
Ref:            https://rdap.arin.net/registry/entity/RIPE

ReferralServer:  whois.ripe.net
ResourceLink:  https://apps.db.ripe.net/db-web-ui/query

OrgTechHandle: RNO29-ARIN
OrgTechName:   RIPE NCC Operations
OrgTechPhone:  +31 20 535 4444 
OrgTechEmail:  hostmaster@ripe.net
OrgTechRef:    https://rdap.arin.net/registry/entity/RNO29-ARIN

OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName:   Abuse Contact
OrgAbusePhone:  +31205354444 
OrgAbuseEmail:  abuse@ripe.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/ABUSE3850-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.156.129.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35807
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.156.129.120.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026071701 1800 900 604800 86400

;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 18 05:00:08 CST 2026
;; MSG SIZE  rcvd: 107
Host info
120.129.156.45.in-addr.arpa domain name pointer sh-chi-us-gp6-wk111a.internet-census.org.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
120.129.156.45.in-addr.arpa	name = sh-chi-us-gp6-wk111a.internet-census.org.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
167.172.212.14 attackspambots
Honeypot attack, port: 139, PTR: do-prod-us-west-clients-0106-9.do.binaryedge.ninja.
2020-09-10 08:45:04
5.188.84.19 attackbots
[portscan] Port scan
2020-09-10 12:27:51
117.103.2.114 attack
Sep  9 21:32:17 fhem-rasp sshd[15209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.103.2.114  user=root
Sep  9 21:32:19 fhem-rasp sshd[15209]: Failed password for root from 117.103.2.114 port 41876 ssh2
...
2020-09-10 12:10:38
45.167.9.145 attackspam
failed_logins
2020-09-10 12:22:24
120.132.13.131 attackbots
Sep 10 01:51:17 ovpn sshd\[17965\]: Invalid user steamsrv from 120.132.13.131
Sep 10 01:51:17 ovpn sshd\[17965\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131
Sep 10 01:51:19 ovpn sshd\[17965\]: Failed password for invalid user steamsrv from 120.132.13.131 port 48244 ssh2
Sep 10 02:02:45 ovpn sshd\[20771\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.13.131  user=games
Sep 10 02:02:47 ovpn sshd\[20771\]: Failed password for games from 120.132.13.131 port 57511 ssh2
2020-09-10 12:23:28
240e:390:1040:2795:241:5d40:6700:18a6 attackspambots
Unauthorized imap request
2020-09-10 12:11:30
124.156.166.151 attackbots
Sep  9 12:58:33 mail sshd\[7605\]: Invalid user e from 124.156.166.151
...
2020-09-10 12:28:49
104.236.33.155 attack
$f2bV_matches
2020-09-10 12:09:57
120.92.164.193 attack
detected by Fail2Ban
2020-09-10 08:45:29
209.205.200.13 attackbotsspam
(sshd) Failed SSH login from 209.205.200.13 (US/United States/-): 10 in the last 3600 secs
2020-09-10 12:26:23
185.163.21.208 attackspambots
srvr2: (mod_security) mod_security (id:920350) triggered by 185.163.21.208 (AT/-/-): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/09 18:58:54 [error] 862802#0: *448705 [client 185.163.21.208] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host'  [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "15996707344.371839"] [ref "o0,14v21,14"], client: 185.163.21.208, [redacted] request: "GET / HTTP/1.1" [redacted]
2020-09-10 12:16:30
5.57.33.71 attackbots
Time:     Wed Sep  9 16:57:58 2020 +0000
IP:       5.57.33.71 (IR/Iran/-)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked:  Permanent Block [LF_SSHD]

Log entries:

Sep  9 16:45:38 pv-14-ams2 sshd[26998]: Invalid user ian1 from 5.57.33.71 port 38162
Sep  9 16:45:40 pv-14-ams2 sshd[26998]: Failed password for invalid user ian1 from 5.57.33.71 port 38162 ssh2
Sep  9 16:54:28 pv-14-ams2 sshd[23280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.57.33.71  user=root
Sep  9 16:54:30 pv-14-ams2 sshd[23280]: Failed password for root from 5.57.33.71 port 15147 ssh2
Sep  9 16:57:54 pv-14-ams2 sshd[2034]: Invalid user wpyan from 5.57.33.71 port 26352
2020-09-10 12:06:41
213.32.91.216 attackbots
Sep 10 05:03:26 lnxweb62 sshd[1631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.91.216
2020-09-10 12:15:19
49.88.112.117 attack
Sep 10 04:44:51 OPSO sshd\[3836\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.117  user=root
Sep 10 04:44:54 OPSO sshd\[3836\]: Failed password for root from 49.88.112.117 port 40146 ssh2
Sep 10 04:44:56 OPSO sshd\[3836\]: Failed password for root from 49.88.112.117 port 40146 ssh2
Sep 10 04:44:59 OPSO sshd\[3836\]: Failed password for root from 49.88.112.117 port 40146 ssh2
Sep 10 04:45:55 OPSO sshd\[4177\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.117  user=root
2020-09-10 12:08:26
51.75.52.118 attack
$f2bV_matches
2020-09-10 12:18:17

Recently Reported IPs

210.109.204.0 210.109.204.33 134.35.157.110 164.155.74.132
161.33.32.69 2606:4700:10::ac43:1157 2606:4700:10::6816:3424 2606:4700:10::6814:6148
139.170.72.188 121.230.89.183 2606:4700:10::6814:8311 2606:4700:10::6816:2955
2606:4700:10::6816:3207 2606:4700:10::6816:4502 110.78.153.96 45.156.129.121
45.156.129.122 43.165.170.19 81.17.28.130 45.156.129.123