45.55.34.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan detected! ...	2020-06-03 17:17:22
attack	firewall-block, port(s): 9102/tcp	2020-04-27 21:38:15
attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 10025 resulting in total of 3 scans from 45.55.0.0/16 block.	2020-04-26 00:02:33

Comments on same subnet:

IP	Type	Details	Datetime
45.55.34.87	attackbotsspam	familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5692 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:01 +0200\] "POST /wp-login.php HTTP/1.1" 200 5687 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-29 12:48:41
45.55.34.87	attackspam	45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-26 16:29:36

Type

Details

Datetime

45.55.34.87

attackbotsspam

familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5692 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:01 +0200\] "POST /wp-login.php HTTP/1.1" 200 5687 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-07-29 12:48:41

45.55.34.87

attackspam

45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-07-26 16:29:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.34.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57036
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.34.91.			IN	A

;; AUTHORITY SECTION:
.			385	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 26 00:02:27 CST 2020
;; MSG SIZE  rcvd: 115

Host info

91.34.55.45.in-addr.arpa domain name pointer jarpa.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
91.34.55.45.in-addr.arpa	name = jarpa.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.210.121.225	attackbots	(sshd) Failed SSH login from 179.210.121.225 (BR/Brazil/b3d279e1.virtua.com.br): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 00:58:37 optimus sshd[29458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.210.121.225 user=root Oct 11 00:58:40 optimus sshd[29458]: Failed password for root from 179.210.121.225 port 37803 ssh2 Oct 11 01:03:41 optimus sshd[31636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.210.121.225 user=root Oct 11 01:03:43 optimus sshd[31636]: Failed password for root from 179.210.121.225 port 40695 ssh2 Oct 11 01:08:43 optimus sshd[468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.210.121.225 user=root	2020-10-11 17:01:09
200.87.134.84	attackspam	Unauthorized connection attempt from IP address 200.87.134.84 on Port 445(SMB)	2020-10-11 16:55:13
59.177.38.94	attack	1602362692 - 10/11/2020 03:44:52 Host: triband-del-59.177.38.94.bol.net.in/59.177.38.94 Port: 23 TCP Blocked ...	2020-10-11 17:09:15
217.182.90.178	attack	Unauthorized connection attempt from IP address 217.182.90.178 on Port 445(SMB)	2020-10-11 17:12:48
46.101.175.35	attackbots	2020-10-11T03:01:35.605682server.mjenks.net sshd[392592]: Failed password for root from 46.101.175.35 port 52784 ssh2 2020-10-11T03:05:04.763054server.mjenks.net sshd[392848]: Invalid user testovh from 46.101.175.35 port 56922 2020-10-11T03:05:04.769013server.mjenks.net sshd[392848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.175.35 2020-10-11T03:05:04.763054server.mjenks.net sshd[392848]: Invalid user testovh from 46.101.175.35 port 56922 2020-10-11T03:05:06.666881server.mjenks.net sshd[392848]: Failed password for invalid user testovh from 46.101.175.35 port 56922 ssh2 ...	2020-10-11 16:57:18
206.81.8.136	attackspambots	SSH Bruteforce Attempt on Honeypot	2020-10-11 17:21:09
178.128.226.2	attackspambots	12726/tcp 31372/tcp 22592/tcp... [2020-08-10/10-10]199pkt,68pt.(tcp)	2020-10-11 17:08:45
188.166.212.238	attackspam	memoran 188.166.212.238 [10/Oct/2020:00:42:35 "-" "POST /wp-login.php 200 2955 188.166.212.238 [11/Oct/2020:03:39:46 "-" "GET /wp-login.php 200 2836 188.166.212.238 [11/Oct/2020:03:39:47 "-" "POST /wp-login.php 200 2955	2020-10-11 17:00:39
112.85.42.96	attackbotsspam	Oct 11 10:37:37 hidden sshd[14020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.96 user=root Oct 11 10:37:39 hidden sshd[14020]: Failed password for hidden from 112.85.42.96 port 28734 ssh2 Oct 11 10:37:43 hidden sshd[14020]: Failed password for hidden from 112.85.42.96 port 28734 ssh2	2020-10-11 16:51:39
114.67.95.61	attackspam	Oct 11 02:43:14 ns308116 sshd[719]: Invalid user tphan from 114.67.95.61 port 59880 Oct 11 02:43:14 ns308116 sshd[719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.95.61 Oct 11 02:43:16 ns308116 sshd[719]: Failed password for invalid user tphan from 114.67.95.61 port 59880 ssh2 Oct 11 02:46:23 ns308116 sshd[1585]: Invalid user mm from 114.67.95.61 port 39666 Oct 11 02:46:23 ns308116 sshd[1585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.95.61 ...	2020-10-11 16:50:14
101.99.20.59	attackspambots	Oct 11 09:55:37 gospond sshd[18398]: Failed password for root from 101.99.20.59 port 34606 ssh2 Oct 11 10:03:54 gospond sshd[18514]: Invalid user demo from 101.99.20.59 port 38694 Oct 11 10:03:54 gospond sshd[18514]: Invalid user demo from 101.99.20.59 port 38694 ...	2020-10-11 17:17:20
101.95.86.34	attackbots	Oct 11 14:28:15 dhoomketu sshd[3757083]: Failed password for root from 101.95.86.34 port 53954 ssh2 Oct 11 14:32:14 dhoomketu sshd[3757138]: Invalid user sql from 101.95.86.34 port 50109 Oct 11 14:32:14 dhoomketu sshd[3757138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.95.86.34 Oct 11 14:32:14 dhoomketu sshd[3757138]: Invalid user sql from 101.95.86.34 port 50109 Oct 11 14:32:15 dhoomketu sshd[3757138]: Failed password for invalid user sql from 101.95.86.34 port 50109 ssh2 ...	2020-10-11 17:17:38
179.219.97.149	attackspam	[f2b] sshd bruteforce, retries: 1	2020-10-11 17:05:00
212.73.81.242	attackbots	Oct 11 10:28:26 h1745522 sshd[6958]: Invalid user user1 from 212.73.81.242 port 36136 Oct 11 10:28:26 h1745522 sshd[6958]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.73.81.242 Oct 11 10:28:26 h1745522 sshd[6958]: Invalid user user1 from 212.73.81.242 port 36136 Oct 11 10:28:28 h1745522 sshd[6958]: Failed password for invalid user user1 from 212.73.81.242 port 36136 ssh2 Oct 11 10:32:43 h1745522 sshd[7112]: Invalid user carol from 212.73.81.242 port 9964 Oct 11 10:32:43 h1745522 sshd[7112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.73.81.242 Oct 11 10:32:43 h1745522 sshd[7112]: Invalid user carol from 212.73.81.242 port 9964 Oct 11 10:32:46 h1745522 sshd[7112]: Failed password for invalid user carol from 212.73.81.242 port 9964 ssh2 Oct 11 10:36:47 h1745522 sshd[7229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.73.81.242 user=list Oct 11 10 ...	2020-10-11 17:18:02
58.56.40.210	attackbotsspam	2020-10-11T00:57:00.777404morrigan.ad5gb.com sshd[66855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.56.40.210 user=root 2020-10-11T00:57:02.794778morrigan.ad5gb.com sshd[66855]: Failed password for root from 58.56.40.210 port 37017 ssh2	2020-10-11 16:54:06

Recently Reported IPs

254.196.152.14	82.61.102.17	167.99.174.170	167.99.170.213
167.99.165.242	167.99.111.35	167.99.108.145	216.160.222.159
19.151.181.16	155.191.119.40	53.153.117.199	167.99.104.226
167.99.97.145	167.99.75.89	93.165.48.3	167.99.2.89
4.151.79.126	202.249.87.145	177.20.228.153	123.71.187.85