45.56.96.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.56.96.139	attack	ATTACKS ON 443 WEB ROUTER PANEL	2022-11-21 22:27:15
45.56.96.139	attackspambots	scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.	2020-09-24 02:48:11
45.56.96.139	attackspambots	TCP ports : 3307 / 5985 / 6375 / 6381 / 27017	2020-09-23 18:58:43

Type

Details

Datetime

45.56.96.139

attack

ATTACKS ON 443 WEB ROUTER PANEL

2022-11-21 22:27:15

45.56.96.139

attackspambots

scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.

2020-09-24 02:48:11

45.56.96.139

attackspambots

TCP ports : 3307 / 5985 / 6375 / 6381 / 27017

2020-09-23 18:58:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.56.96.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62940
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.56.96.58.			IN	A

;; AUTHORITY SECTION:
.			473	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061501 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 16 01:41:51 CST 2022
;; MSG SIZE  rcvd: 104

Host info

58.96.56.45.in-addr.arpa domain name pointer 45-56-96-58.ip.linodeusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.96.56.45.in-addr.arpa	name = 45-56-96-58.ip.linodeusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.149.211.140	attackbotsspam	Lines containing failures of 123.149.211.140 (max 1000) Oct 3 19:22:20 UTC__SANYALnet-Labs__cac1 sshd[22204]: Connection from 123.149.211.140 port 5243 on 64.137.179.160 port 22 Oct 3 19:22:21 UTC__SANYALnet-Labs__cac1 sshd[22204]: Invalid user admin from 123.149.211.140 port 5243 Oct 3 19:22:21 UTC__SANYALnet-Labs__cac1 sshd[22204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.149.211.140 Oct 3 19:22:23 UTC__SANYALnet-Labs__cac1 sshd[22204]: Failed password for invalid user admin from 123.149.211.140 port 5243 ssh2 Oct 3 19:22:23 UTC__SANYALnet-Labs__cac1 sshd[22204]: Received disconnect from 123.149.211.140 port 5243:11: Bye Bye [preauth] Oct 3 19:22:23 UTC__SANYALnet-Labs__cac1 sshd[22204]: Disconnected from 123.149.211.140 port 5243 [preauth] Oct 3 19:25:38 UTC__SANYALnet-Labs__cac1 sshd[22319]: Connection from 123.149.211.140 port 5360 on 64.137.179.160 port 22 Oct 3 19:25:40 UTC__SANYALnet-Labs__cac1 sshd[22319........ ------------------------------	2020-10-04 21:10:19
85.209.0.103	attackbotsspam	Oct 4 15:28:32 dcd-gentoo sshd[6953]: User root from 85.209.0.103 not allowed because none of user's groups are listed in AllowGroups Oct 4 15:28:32 dcd-gentoo sshd[6954]: User root from 85.209.0.103 not allowed because none of user's groups are listed in AllowGroups Oct 4 15:28:32 dcd-gentoo sshd[6949]: User root from 85.209.0.103 not allowed because none of user's groups are listed in AllowGroups ...	2020-10-04 21:30:29
168.0.252.205	attackspam	Autoban 168.0.252.205 AUTH/CONNECT	2020-10-04 21:14:43
45.142.120.53	attackbotsspam	Oct 4 14:21:51 nlmail01.srvfarm.net postfix/smtpd[387770]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:21:59 nlmail01.srvfarm.net postfix/smtpd[387912]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:22:01 nlmail01.srvfarm.net postfix/smtpd[387915]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:22:04 nlmail01.srvfarm.net postfix/smtpd[387770]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 14:22:10 nlmail01.srvfarm.net postfix/smtpd[387920]: warning: unknown[45.142.120.53]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-10-04 21:35:39
13.76.251.4	attackspam	Oct 3 22:23:39 mail.srvfarm.net postfix/smtpd[660366]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:25:31 mail.srvfarm.net postfix/smtpd[661688]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:27:55 mail.srvfarm.net postfix/smtpd[660367]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:30:34 mail.srvfarm.net postfix/smtpd[660366]: NOQUEUE: reject: RCPT from unknown[13.76.251.4]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:3	2020-10-04 21:18:42
112.85.42.81	attack	Oct 4 14:36:12 mavik sshd[7338]: Failed password for root from 112.85.42.81 port 2194 ssh2 Oct 4 14:36:16 mavik sshd[7338]: Failed password for root from 112.85.42.81 port 2194 ssh2 Oct 4 14:36:19 mavik sshd[7338]: Failed password for root from 112.85.42.81 port 2194 ssh2 Oct 4 14:36:23 mavik sshd[7338]: Failed password for root from 112.85.42.81 port 2194 ssh2 Oct 4 14:36:27 mavik sshd[7338]: Failed password for root from 112.85.42.81 port 2194 ssh2 ...	2020-10-04 21:41:31
77.45.86.61	attackspambots	$f2bV_matches	2020-10-04 21:16:55
190.109.43.205	attack	Oct 3 22:26:38 mail.srvfarm.net postfix/smtpd[660374]: warning: unknown[190.109.43.205]: SASL PLAIN authentication failed: Oct 3 22:26:39 mail.srvfarm.net postfix/smtpd[660374]: lost connection after AUTH from unknown[190.109.43.205] Oct 3 22:32:48 mail.srvfarm.net postfix/smtps/smtpd[663268]: warning: unknown[190.109.43.205]: SASL PLAIN authentication failed: Oct 3 22:32:48 mail.srvfarm.net postfix/smtps/smtpd[663268]: lost connection after AUTH from unknown[190.109.43.205] Oct 3 22:33:03 mail.srvfarm.net postfix/smtps/smtpd[662243]: warning: unknown[190.109.43.205]: SASL PLAIN authentication failed:	2020-10-04 21:12:36
218.104.225.140	attackbotsspam	Oct 4 14:47:05 buvik sshd[22009]: Invalid user asecruc from 218.104.225.140 Oct 4 14:47:05 buvik sshd[22009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.104.225.140 Oct 4 14:47:07 buvik sshd[22009]: Failed password for invalid user asecruc from 218.104.225.140 port 32543 ssh2 ...	2020-10-04 21:01:46
156.96.56.56	attackspam	2020-10-04 H=$BXXOXyXO$ \[156.96.56.56\] F=\<REMOVEDREMOVEDREMOVED_perl@REMOVED.de\> rejected RCPT \: relay not permitted 2020-10-04 dovecot_login authenticator failed for $6qYnLdL$ \[156.96.56.56\]: 535 Incorrect authentication data $set_id=REMOVEDREMOVEDREMOVED_perl$ 2020-10-04 dovecot_login authenticator failed for $srG4Gi82$ \[156.96.56.56\]: 535 Incorrect authentication data $set_id=REMOVEDREMOVEDREMOVED_perl$	2020-10-04 21:25:42
5.3.6.82	attack	Oct 4 11:41:56 email sshd\[8920\]: Invalid user simone from 5.3.6.82 Oct 4 11:41:56 email sshd\[8920\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.82 Oct 4 11:41:58 email sshd\[8920\]: Failed password for invalid user simone from 5.3.6.82 port 39700 ssh2 Oct 4 11:45:19 email sshd\[9492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.3.6.82 user=root Oct 4 11:45:21 email sshd\[9492\]: Failed password for root from 5.3.6.82 port 49720 ssh2 ...	2020-10-04 21:08:08
45.160.136.66	attackspambots	Oct 4 08:28:52 mail.srvfarm.net postfix/smtpd[756560]: warning: unknown[45.160.136.66]: SASL PLAIN authentication failed: Oct 4 08:28:53 mail.srvfarm.net postfix/smtpd[756560]: lost connection after AUTH from unknown[45.160.136.66] Oct 4 08:35:01 mail.srvfarm.net postfix/smtpd[756744]: warning: unknown[45.160.136.66]: SASL PLAIN authentication failed: Oct 4 08:35:02 mail.srvfarm.net postfix/smtpd[756744]: lost connection after AUTH from unknown[45.160.136.66] Oct 4 08:35:42 mail.srvfarm.net postfix/smtpd[756518]: warning: unknown[45.160.136.66]: SASL PLAIN authentication failed:	2020-10-04 21:17:45
112.85.42.120	attack	Oct 4 15:21:29 vps647732 sshd[19965]: Failed password for root from 112.85.42.120 port 56058 ssh2 Oct 4 15:21:32 vps647732 sshd[19965]: Failed password for root from 112.85.42.120 port 56058 ssh2 ...	2020-10-04 21:27:58
103.18.242.18	attack	Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:10:06 mail.srvfarm.net postfix/smtpd[660372]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed: Oct 3 22:15:36 mail.srvfarm.net postfix/smtps/smtpd[658711]: lost connection after AUTH from unknown[103.18.242.18] Oct 3 22:16:51 mail.srvfarm.net postfix/smtps/smtpd[658711]: warning: unknown[103.18.242.18]: SASL PLAIN authentication failed:	2020-10-04 21:29:56
40.69.101.174	attackspambots	Oct 3 22:23:30 web01.agentur-b-2.de postfix/smtpd[1085509]: NOQUEUE: reject: RCPT from unknown[40.69.101.174]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:25:36 web01.agentur-b-2.de postfix/smtpd[1085420]: NOQUEUE: reject: RCPT from unknown[40.69.101.174]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:27:52 web01.agentur-b-2.de postfix/smtpd[1085479]: NOQUEUE: reject: RCPT from unknown[40.69.101.174]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo= Oct 3 22:29:52 web01.agentur-b-2.de postfix/smtpd[1085479]: NOQUEUE: reject: RCPT from unknown[40.69.101.174]: 450 4.7.1 : Helo command rejected: Host not found; from=<> to= proto=ESMTP helo=	2020-10-04 21:18:06

Recently Reported IPs

169.229.139.32	45.57.135.129	45.57.152.59	45.57.167.159
45.57.168.173	45.57.178.34	45.57.182.14	36.72.253.106
45.57.182.32	45.57.184.126	45.57.184.214	45.57.184.242
45.57.204.28	45.57.209.110	45.57.225.163	45.57.225.110
169.229.138.31	49.85.54.26	2.86.17.194	45.48.152.96