45.55.167.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Oct 14 14:23:10 vps691689 sshd[24138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.58 Oct 14 14:23:10 vps691689 sshd[24140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.58 ...	2019-10-15 00:08:41
attackbots	2019-10-13T16:08:51.990850abusebot-3.cloudsearch.cf sshd\[14111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.58 user=root	2019-10-14 00:18:29

Type

Details

Datetime

attackspam

Oct 14 14:23:10 vps691689 sshd[24138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.58
Oct 14 14:23:10 vps691689 sshd[24140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.58
...

2019-10-15 00:08:41

attackbots

2019-10-13T16:08:51.990850abusebot-3.cloudsearch.cf sshd\[14111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.58  user=root

2019-10-14 00:18:29

Comments on same subnet:

IP	Type	Details	Datetime
45.55.167.217	attack	Oct 17 20:06:20 ns41 sshd[16319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217	2019-10-18 03:16:59
45.55.167.217	attackbots	Sep 25 02:19:50 hanapaa sshd\[29432\]: Invalid user octest from 45.55.167.217 Sep 25 02:19:50 hanapaa sshd\[29432\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=irarott.com Sep 25 02:19:51 hanapaa sshd\[29432\]: Failed password for invalid user octest from 45.55.167.217 port 33565 ssh2 Sep 25 02:23:50 hanapaa sshd\[29739\]: Invalid user jk from 45.55.167.217 Sep 25 02:23:50 hanapaa sshd\[29739\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=irarott.com	2019-09-25 20:35:09
45.55.167.217	attack	Sep 11 22:26:49 lcprod sshd\[17307\]: Invalid user ansibleuser from 45.55.167.217 Sep 11 22:26:49 lcprod sshd\[17307\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=irarott.com Sep 11 22:26:51 lcprod sshd\[17307\]: Failed password for invalid user ansibleuser from 45.55.167.217 port 36151 ssh2 Sep 11 22:32:46 lcprod sshd\[17853\]: Invalid user deploy from 45.55.167.217 Sep 11 22:32:47 lcprod sshd\[17853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=irarott.com	2019-09-12 16:36:09
45.55.167.217	attackbots	Sep 5 01:23:02 yesfletchmain sshd\[19224\]: Invalid user alexk from 45.55.167.217 port 32944 Sep 5 01:23:02 yesfletchmain sshd\[19224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 Sep 5 01:23:05 yesfletchmain sshd\[19224\]: Failed password for invalid user alexk from 45.55.167.217 port 32944 ssh2 Sep 5 01:27:08 yesfletchmain sshd\[19316\]: Invalid user support from 45.55.167.217 port 54467 Sep 5 01:27:08 yesfletchmain sshd\[19316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 ...	2019-09-05 12:21:55
45.55.167.217	attackspam	Aug 29 10:25:56 tdfoods sshd\[4929\]: Invalid user tomcat from 45.55.167.217 Aug 29 10:25:56 tdfoods sshd\[4929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=irarott.com Aug 29 10:25:58 tdfoods sshd\[4929\]: Failed password for invalid user tomcat from 45.55.167.217 port 49987 ssh2 Aug 29 10:29:53 tdfoods sshd\[5278\]: Invalid user college from 45.55.167.217 Aug 29 10:29:53 tdfoods sshd\[5278\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=irarott.com	2019-08-30 04:36:01
45.55.167.217	attackspambots	Aug 19 12:00:57 eventyay sshd[17425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 Aug 19 12:00:58 eventyay sshd[17425]: Failed password for invalid user user from 45.55.167.217 port 41778 ssh2 Aug 19 12:04:54 eventyay sshd[17532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 ...	2019-08-19 18:38:10
45.55.167.217	attack	Aug 18 14:17:57 XXX sshd[12272]: Invalid user hadoop from 45.55.167.217 port 55390	2019-08-19 02:07:08
45.55.167.217	attackspambots	Jul 26 15:00:19 eventyay sshd[31720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 Jul 26 15:00:20 eventyay sshd[31720]: Failed password for invalid user netapp from 45.55.167.217 port 53900 ssh2 Jul 26 15:04:46 eventyay sshd[399]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 ...	2019-07-26 21:14:30
45.55.167.217	attackbots	Jul 26 09:31:07 eventyay sshd[6417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 Jul 26 09:31:10 eventyay sshd[6417]: Failed password for invalid user gentoo from 45.55.167.217 port 48855 ssh2 Jul 26 09:35:30 eventyay sshd[7603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 ...	2019-07-26 15:52:17
45.55.167.217	attackspambots	2019-07-23T22:38:47.286178stark.klein-stark.info sshd\[18981\]: Invalid user luciano from 45.55.167.217 port 32927 2019-07-23T22:38:47.293114stark.klein-stark.info sshd\[18981\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=irarott.com 2019-07-23T22:38:49.923959stark.klein-stark.info sshd\[18981\]: Failed password for invalid user luciano from 45.55.167.217 port 32927 ssh2 ...	2019-07-24 05:48:09
45.55.167.217	attack	Jul 23 11:09:34 vps200512 sshd\[2200\]: Invalid user valda from 45.55.167.217 Jul 23 11:09:34 vps200512 sshd\[2200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 Jul 23 11:09:37 vps200512 sshd\[2200\]: Failed password for invalid user valda from 45.55.167.217 port 33147 ssh2 Jul 23 11:14:10 vps200512 sshd\[2259\]: Invalid user homekit from 45.55.167.217 Jul 23 11:14:10 vps200512 sshd\[2259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217	2019-07-23 23:24:37
45.55.167.217	attackbots	Jul 22 23:43:04 vps200512 sshd\[14424\]: Invalid user faxadmin from 45.55.167.217 Jul 22 23:43:04 vps200512 sshd\[14424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217 Jul 22 23:43:06 vps200512 sshd\[14424\]: Failed password for invalid user faxadmin from 45.55.167.217 port 50385 ssh2 Jul 22 23:47:41 vps200512 sshd\[14537\]: Invalid user tim from 45.55.167.217 Jul 22 23:47:42 vps200512 sshd\[14537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.167.217	2019-07-23 11:49:30
45.55.167.217	attackbotsspam	Repeated brute force against a port	2019-07-06 11:32:38

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.167.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35188
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.167.58.			IN	A

;; AUTHORITY SECTION:
.			584	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101300 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 14 00:18:22 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 58.167.55.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 58.167.55.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.227.91.191	attack	Mar 30 05:53:23 legacy sshd[25893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.91.191 Mar 30 05:53:25 legacy sshd[25893]: Failed password for invalid user dwk from 165.227.91.191 port 54626 ssh2 Mar 30 05:56:59 legacy sshd[25968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.91.191 ...	2020-03-30 12:09:31
154.8.223.29	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-03-30 12:01:06
101.254.183.205	attack	Unauthorized SSH login attempts	2020-03-30 12:07:01
51.38.137.110	attackbots	Mar 30 01:50:03 vpn01 sshd[32191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.137.110 Mar 30 01:50:06 vpn01 sshd[32191]: Failed password for invalid user ttl from 51.38.137.110 port 58026 ssh2 ...	2020-03-30 09:46:12
124.251.110.148	attackspam	Mar 29 20:56:37 mockhub sshd[10706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.251.110.148 Mar 29 20:56:39 mockhub sshd[10706]: Failed password for invalid user jiv from 124.251.110.148 port 39682 ssh2 ...	2020-03-30 12:30:43
37.49.231.127	attackbotsspam	Mar 30 05:56:59 debian-2gb-nbg1-2 kernel: \[7799678.173285\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=37.49.231.127 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=6427 PROTO=TCP SPT=50511 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-30 12:09:11
114.119.167.162	attackspam	[Mon Mar 30 10:56:45.434205 2020] [:error] [pid 4604:tid 140217289807616] [client 114.119.167.162:16006] [client 114.119.167.162] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/3219-kalender-tanam-katam-terpadu-pulau-kalimantan/kalender-tanam-katam-terpadu-provinsi-kalimantan-barat/kalender-tanam-katam-terpadu-kota-pontianak-provinsi-kalimantan-barat/kalender-tanam-kata ...	2020-03-30 12:23:31
106.52.179.55	attackspambots	Mar 30 03:01:46 h1745522 sshd[18534]: Invalid user puy from 106.52.179.55 port 40582 Mar 30 03:01:46 h1745522 sshd[18534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.179.55 Mar 30 03:01:46 h1745522 sshd[18534]: Invalid user puy from 106.52.179.55 port 40582 Mar 30 03:01:48 h1745522 sshd[18534]: Failed password for invalid user puy from 106.52.179.55 port 40582 ssh2 Mar 30 03:05:43 h1745522 sshd[18620]: Invalid user cgj from 106.52.179.55 port 59730 Mar 30 03:05:43 h1745522 sshd[18620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.179.55 Mar 30 03:05:43 h1745522 sshd[18620]: Invalid user cgj from 106.52.179.55 port 59730 Mar 30 03:05:45 h1745522 sshd[18620]: Failed password for invalid user cgj from 106.52.179.55 port 59730 ssh2 Mar 30 03:09:50 h1745522 sshd[18775]: Invalid user fce from 106.52.179.55 port 50654 ...	2020-03-30 09:41:26
106.13.36.185	attack	2020-03-30T03:51:19.874447shield sshd\[2979\]: Invalid user sinusbot from 106.13.36.185 port 42378 2020-03-30T03:51:19.878291shield sshd\[2979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.185 2020-03-30T03:51:21.683853shield sshd\[2979\]: Failed password for invalid user sinusbot from 106.13.36.185 port 42378 ssh2 2020-03-30T03:56:58.878942shield sshd\[5260\]: Invalid user fvi from 106.13.36.185 port 45128 2020-03-30T03:56:58.883961shield sshd\[5260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.36.185	2020-03-30 12:09:57
49.232.64.41	attackspambots	Mar 29 22:08:57 server1 sshd\[1882\]: Invalid user hxx from 49.232.64.41 Mar 29 22:08:57 server1 sshd\[1882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.64.41 Mar 29 22:08:59 server1 sshd\[1882\]: Failed password for invalid user hxx from 49.232.64.41 port 50434 ssh2 Mar 29 22:12:03 server1 sshd\[2770\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.64.41 user=mail Mar 29 22:12:05 server1 sshd\[2770\]: Failed password for mail from 49.232.64.41 port 56284 ssh2 ...	2020-03-30 12:18:37
103.89.252.123	attack	Mar 29 18:11:21 hanapaa sshd\[27450\]: Invalid user arma3 from 103.89.252.123 Mar 29 18:11:21 hanapaa sshd\[27450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.89.252.123 Mar 29 18:11:23 hanapaa sshd\[27450\]: Failed password for invalid user arma3 from 103.89.252.123 port 50418 ssh2 Mar 29 18:15:20 hanapaa sshd\[27726\]: Invalid user zwr from 103.89.252.123 Mar 29 18:15:20 hanapaa sshd\[27726\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.89.252.123	2020-03-30 12:20:40
87.251.74.19	attackspambots	Mar 30 06:12:06 debian-2gb-nbg1-2 kernel: \[7800585.506374\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=87.251.74.19 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=35683 PROTO=TCP SPT=51460 DPT=8506 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-30 12:31:13
116.48.99.233	attackspam	Honeypot attack, port: 5555, PTR: n1164899233.netvigator.com.	2020-03-30 12:17:30
195.214.223.84	attackbotsspam	Mar 30 06:18:50 srv206 sshd[20105]: Invalid user xgz from 195.214.223.84 ...	2020-03-30 12:25:34
213.32.91.71	attackbotsspam	213.32.91.71 - - [30/Mar/2020:05:57:00 +0200] "GET /wp-login.php HTTP/1.1" 200 5821 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 213.32.91.71 - - [30/Mar/2020:05:57:01 +0200] "POST /wp-login.php HTTP/1.1" 200 6600 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 213.32.91.71 - - [30/Mar/2020:05:57:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-30 12:03:44

Recently Reported IPs

99.157.234.219	90.142.57.229	83.97.20.177	93.86.214.156
98.128.139.96	42.228.2.150	111.67.203.63	34.97.196.155
182.50.151.11	78.172.39.119	183.239.185.172	67.213.69.94
103.205.244.70	93.70.224.106	175.193.206.200	74.208.80.172
66.249.79.1	137.74.111.39	104.223.170.240	212.202.56.148