45.55.34.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan detected! ...	2020-06-03 17:17:22
attack	firewall-block, port(s): 9102/tcp	2020-04-27 21:38:15
attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 10025 resulting in total of 3 scans from 45.55.0.0/16 block.	2020-04-26 00:02:33

Comments on same subnet:

IP	Type	Details	Datetime
45.55.34.87	attackbotsspam	familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5692 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:01 +0200\] "POST /wp-login.php HTTP/1.1" 200 5687 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-07-29 12:48:41
45.55.34.87	attackspam	45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-26 16:29:36

Type

Details

Datetime

45.55.34.87

attackbotsspam

familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 5692 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
familiengesundheitszentrum-fulda.de 45.55.34.87 \[28/Jul/2019:23:20:01 +0200\] "POST /wp-login.php HTTP/1.1" 200 5687 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-07-29 12:48:41

45.55.34.87

attackspam

45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:39 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:40 +0200] "POST /wp-login.php HTTP/1.1" 200 1489 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
45.55.34.87 - - [26/Jul/2019:02:53:41 +0200] "POST /wp-login.php HTTP/1.1" 200 1491 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2019-07-26 16:29:36

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.34.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57036
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.34.91.			IN	A

;; AUTHORITY SECTION:
.			385	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042500 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 26 00:02:27 CST 2020
;; MSG SIZE  rcvd: 115

Host info

91.34.55.45.in-addr.arpa domain name pointer jarpa.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
91.34.55.45.in-addr.arpa	name = jarpa.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.222.88.22	attack	Nov 4 13:46:31 server sshd\[1574\]: Invalid user betyortodontia from 92.222.88.22 Nov 4 13:46:31 server sshd\[1574\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1511.aguia.info Nov 4 13:46:33 server sshd\[1574\]: Failed password for invalid user betyortodontia from 92.222.88.22 port 57734 ssh2 Nov 4 14:01:26 server sshd\[5451\]: Invalid user leelavathi from 92.222.88.22 Nov 4 14:01:26 server sshd\[5451\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1511.aguia.info ...	2019-11-04 19:47:16
118.97.249.74	attack	2019-11-04T10:17:32.995007abusebot-6.cloudsearch.cf sshd\[17370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.97.249.74 user=root	2019-11-04 19:23:08
142.93.172.64	attackspambots	Nov 4 13:06:09 server sshd\[23899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.172.64 user=root Nov 4 13:06:11 server sshd\[23899\]: Failed password for root from 142.93.172.64 port 52184 ssh2 Nov 4 13:17:47 server sshd\[26791\]: Invalid user tomcat from 142.93.172.64 Nov 4 13:17:47 server sshd\[26791\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.172.64 Nov 4 13:17:50 server sshd\[26791\]: Failed password for invalid user tomcat from 142.93.172.64 port 34674 ssh2 ...	2019-11-04 19:20:46
1.179.146.156	attackspam	Nov 4 07:59:02 localhost sshd\[8467\]: Invalid user sbrown from 1.179.146.156 Nov 4 07:59:02 localhost sshd\[8467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.146.156 Nov 4 07:59:04 localhost sshd\[8467\]: Failed password for invalid user sbrown from 1.179.146.156 port 39944 ssh2 Nov 4 08:03:29 localhost sshd\[8725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.146.156 user=root Nov 4 08:03:32 localhost sshd\[8725\]: Failed password for root from 1.179.146.156 port 49848 ssh2 ...	2019-11-04 19:45:13
103.209.206.210	attackspambots	Automatic report - Banned IP Access	2019-11-04 19:39:20
103.110.88.76	attackbots	Unauthorised access (Nov 4) SRC=103.110.88.76 LEN=48 PREC=0x20 TTL=112 ID=17897 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-04 19:10:27
82.120.30.37	attack	Nov 3 22:04:31 host2 sshd[8266]: Did not receive identification string from 82.120.30.37 Nov 3 22:04:52 host2 sshd[9730]: Received disconnect from 82.120.30.37: 11: Bye Bye [preauth] Nov 3 22:04:57 host2 sshd[9994]: Invalid user admin from 82.120.30.37 Nov 3 22:04:57 host2 sshd[9994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.120.30.37 Nov 3 22:05:00 host2 sshd[9994]: Failed password for invalid user admin from 82.120.30.37 port 37292 ssh2 Nov 3 22:05:00 host2 sshd[9994]: Received disconnect from 82.120.30.37: 11: Bye Bye [preauth] Nov 3 22:05:02 host2 sshd[10374]: Invalid user ubuntu from 82.120.30.37 Nov 3 22:05:02 host2 sshd[10374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.120.30.37 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=82.120.30.37	2019-11-04 19:16:17
181.211.35.246	attackbotsspam	SPF Fail sender not permitted to send mail for @reply.com / Mail sent to address harvested from blog legal page	2019-11-04 19:10:08
112.64.32.118	attack	Nov 3 22:07:30 tdfoods sshd\[13458\]: Invalid user cn from 112.64.32.118 Nov 3 22:07:30 tdfoods sshd\[13458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.32.118 Nov 3 22:07:32 tdfoods sshd\[13458\]: Failed password for invalid user cn from 112.64.32.118 port 54968 ssh2 Nov 3 22:12:00 tdfoods sshd\[13891\]: Invalid user kjjjjjjjj from 112.64.32.118 Nov 3 22:12:00 tdfoods sshd\[13891\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.32.118	2019-11-04 19:28:49
178.156.202.252	attack	$f2bV_matches	2019-11-04 19:22:47
103.253.42.34	attackbotsspam	Bruteforce on smtp	2019-11-04 19:27:51
189.79.119.47	attack	ssh failed login	2019-11-04 19:12:00
46.38.144.17	attackbots	Nov 4 12:38:08 webserver postfix/smtpd\[947\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 4 12:39:20 webserver postfix/smtpd\[947\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 4 12:40:32 webserver postfix/smtpd\[32257\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 4 12:41:43 webserver postfix/smtpd\[32257\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 4 12:42:54 webserver postfix/smtpd\[947\]: warning: unknown\[46.38.144.17\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-04 19:44:17
206.189.149.9	attackspambots	Nov 4 12:03:52 dev0-dcde-rnet sshd[6876]: Failed password for root from 206.189.149.9 port 39652 ssh2 Nov 4 12:10:22 dev0-dcde-rnet sshd[6901]: Failed password for root from 206.189.149.9 port 50282 ssh2	2019-11-04 19:18:44
183.129.244.173	attackbotsspam	11/04/2019-01:23:39.817230 183.129.244.173 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-04 19:48:22

Recently Reported IPs

254.196.152.14	82.61.102.17	167.99.174.170	167.99.170.213
167.99.165.242	167.99.111.35	167.99.108.145	216.160.222.159
19.151.181.16	155.191.119.40	53.153.117.199	167.99.104.226
167.99.97.145	167.99.75.89	93.165.48.3	167.99.2.89
4.151.79.126	202.249.87.145	177.20.228.153	123.71.187.85