45.55.40.146 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	unauthorized connection attempt	2020-01-24 00:54:09

Comments on same subnet:

IP	Type	Details	Datetime
45.55.40.149	attackspambots	20/4/27@02:23:54: FAIL: Alarm-Telnet address from=45.55.40.149 ...	2020-04-27 19:23:41
45.55.40.27	attack	abasicmove.de 45.55.40.27 \[08/Nov/2019:05:52:47 +0100\] "POST /wp-login.php HTTP/1.1" 200 5761 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" abasicmove.de 45.55.40.27 \[08/Nov/2019:05:52:48 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4141 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-08 14:25:35

Type

Details

Datetime

45.55.40.149

attackspambots

20/4/27@02:23:54: FAIL: Alarm-Telnet address from=45.55.40.149
...

2020-04-27 19:23:41

45.55.40.27

attack

abasicmove.de 45.55.40.27 \[08/Nov/2019:05:52:47 +0100\] "POST /wp-login.php HTTP/1.1" 200 5761 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
abasicmove.de 45.55.40.27 \[08/Nov/2019:05:52:48 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4141 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"

2019-11-08 14:25:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.40.146
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14997
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.40.146.			IN	A

;; AUTHORITY SECTION:
.			436	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012300 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 00:54:06 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 146.40.55.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 146.40.55.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
172.81.226.22	attackbots	Jan 25 05:42:54 hcbbdb sshd\[5666\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.226.22 user=root Jan 25 05:42:56 hcbbdb sshd\[5666\]: Failed password for root from 172.81.226.22 port 57280 ssh2 Jan 25 05:43:56 hcbbdb sshd\[5809\]: Invalid user tomcat from 172.81.226.22 Jan 25 05:43:56 hcbbdb sshd\[5809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.81.226.22 Jan 25 05:43:59 hcbbdb sshd\[5809\]: Failed password for invalid user tomcat from 172.81.226.22 port 36518 ssh2	2020-01-25 14:04:58
5.136.168.126	attack	Fail2Ban Ban Triggered	2020-01-25 14:25:31
172.104.76.217	attackbotsspam	unauthorized connection attempt	2020-01-25 14:10:45
86.211.102.59	attackspambots	21 attempts against mh-ssh on echoip	2020-01-25 14:15:48
151.80.146.228	attackbots	Jan 25 04:56:09 pi sshd[23299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.146.228 Jan 25 04:56:11 pi sshd[23299]: Failed password for invalid user cron from 151.80.146.228 port 46298 ssh2	2020-01-25 14:03:58
213.32.75.112	attackbots	Jan 24 19:39:56 eddieflores sshd\[1964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.75.112 user=root Jan 24 19:39:58 eddieflores sshd\[1964\]: Failed password for root from 213.32.75.112 port 36124 ssh2 Jan 24 19:43:02 eddieflores sshd\[2437\]: Invalid user odoo11 from 213.32.75.112 Jan 24 19:43:02 eddieflores sshd\[2437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.75.112 Jan 24 19:43:05 eddieflores sshd\[2437\]: Failed password for invalid user odoo11 from 213.32.75.112 port 38610 ssh2	2020-01-25 13:56:00
222.124.149.138	attackbots	2020-01-25T04:56:02.095529homeassistant sshd[21495]: Invalid user inventory from 222.124.149.138 port 40428 2020-01-25T04:56:02.102723homeassistant sshd[21495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.124.149.138 ...	2020-01-25 14:08:15
222.186.173.180	attack	2020-01-24 11:16:33,957 fail2ban.actions [2870]: NOTICE [sshd] Ban 222.186.173.180 2020-01-24 13:37:30,640 fail2ban.actions [2870]: NOTICE [sshd] Ban 222.186.173.180 2020-01-25 01:00:59,625 fail2ban.actions [2870]: NOTICE [sshd] Ban 222.186.173.180 2020-01-25 05:45:20,322 fail2ban.actions [2870]: NOTICE [sshd] Ban 222.186.173.180 2020-01-25 07:14:00,302 fail2ban.actions [2870]: NOTICE [sshd] Ban 222.186.173.180 ...	2020-01-25 14:22:16
51.75.254.172	attackspam	Jan 25 08:10:08 pkdns2 sshd\[50395\]: Invalid user admin from 51.75.254.172Jan 25 08:10:10 pkdns2 sshd\[50395\]: Failed password for invalid user admin from 51.75.254.172 port 51210 ssh2Jan 25 08:12:34 pkdns2 sshd\[50538\]: Invalid user transfer from 51.75.254.172Jan 25 08:12:35 pkdns2 sshd\[50538\]: Failed password for invalid user transfer from 51.75.254.172 port 43286 ssh2Jan 25 08:15:02 pkdns2 sshd\[50624\]: Failed password for root from 51.75.254.172 port 60004 ssh2Jan 25 08:17:26 pkdns2 sshd\[50808\]: Failed password for root from 51.75.254.172 port 51050 ssh2 ...	2020-01-25 14:20:31
104.131.14.14	attackspam	Unauthorized connection attempt detected from IP address 104.131.14.14 to port 2220 [J]	2020-01-25 14:02:46
222.186.30.145	attackbotsspam	Jan 25 00:42:55 debian sshd[27738]: Unable to negotiate with 222.186.30.145 port 60550: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Jan 25 00:51:48 debian sshd[28149]: Unable to negotiate with 222.186.30.145 port 39059: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-01-25 13:54:28
81.133.189.239	attackspambots	Jan 25 05:58:43 ns37 sshd[17407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.133.189.239	2020-01-25 14:22:33
79.166.0.109	attack	Telnet Server BruteForce Attack	2020-01-25 13:58:20
81.169.144.135	attackspambots	81.169.144.135 - - \[25/Jan/2020:05:56:26 +0100\] "GET /90-tage-challenge/90-tage.html/robots.txt HTTP/1.1" 301 887 "-" "Mozilla/5.0 \(compatible\; Googlebot/2.1\; +http://www.google.com/bot.html\)" ...	2020-01-25 13:53:50
185.10.68.35	attack	Automatic report - Banned IP Access	2020-01-25 14:08:34

Recently Reported IPs

104.244.77.150	186.61.164.113	99.0.169.114	210.240.74.194
90.77.236.115	103.138.13.22	68.84.195.183	14.49.176.53
125.168.86.64	154.52.132.184	131.5.47.120	212.188.4.10
23.79.115.79	46.101.140.240	112.205.93.239	213.31.223.164
166.16.44.48	64.187.94.118	143.22.93.243	144.115.206.54