45.56.96.58 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.56.96.139	attack	ATTACKS ON 443 WEB ROUTER PANEL	2022-11-21 22:27:15
45.56.96.139	attackspambots	scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.	2020-09-24 02:48:11
45.56.96.139	attackspambots	TCP ports : 3307 / 5985 / 6375 / 6381 / 27017	2020-09-23 18:58:43

Type

Details

Datetime

45.56.96.139

attack

ATTACKS ON 443 WEB ROUTER PANEL

2022-11-21 22:27:15

45.56.96.139

attackspambots

scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.

2020-09-24 02:48:11

45.56.96.139

attackspambots

TCP ports : 3307 / 5985 / 6375 / 6381 / 27017

2020-09-23 18:58:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.56.96.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62940
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.56.96.58.			IN	A

;; AUTHORITY SECTION:
.			473	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022061501 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 16 01:41:51 CST 2022
;; MSG SIZE  rcvd: 104

Host info

58.96.56.45.in-addr.arpa domain name pointer 45-56-96-58.ip.linodeusercontent.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
58.96.56.45.in-addr.arpa	name = 45-56-96-58.ip.linodeusercontent.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
154.85.201.14	attack	Website hacking attempt: Improper php file access [php file]	2020-05-31 00:15:20
209.17.97.98	attackspam	Automatic report - Banned IP Access	2020-05-30 23:46:59
106.13.145.44	attackspambots	May 30 15:12:29 jane sshd[18332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.145.44 May 30 15:12:31 jane sshd[18332]: Failed password for invalid user welcome from 106.13.145.44 port 41970 ssh2 ...	2020-05-30 23:42:29
54.39.227.33	attackspambots	(sshd) Failed SSH login from 54.39.227.33 (CA/Canada/ip33.ip-54-39-227.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 30 15:06:26 s1 sshd[21617]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.227.33 user=root May 30 15:06:28 s1 sshd[21617]: Failed password for root from 54.39.227.33 port 43978 ssh2 May 30 15:09:44 s1 sshd[21777]: Invalid user default from 54.39.227.33 port 34576 May 30 15:09:46 s1 sshd[21777]: Failed password for invalid user default from 54.39.227.33 port 34576 ssh2 May 30 15:11:24 s1 sshd[21821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.227.33 user=root	2020-05-30 23:51:00
180.96.11.20	attackspam	Brute-force attempt banned	2020-05-30 23:49:30
45.143.223.169	attackspam	May 30 14:45:17 SRV001 postfix/smtpd[14770]: NOQUEUE: reject: RCPT from unknown[45.143.223.169]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from= to= proto=ESMTP helo= ...	2020-05-31 00:17:35
128.199.177.224	attackspambots	May 30 14:03:11 mail sshd[21244]: Failed password for root from 128.199.177.224 port 39108 ssh2 ...	2020-05-31 00:11:40
37.152.182.18	attackspam	May 30 11:48:15 firewall sshd[3913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.152.182.18 user=root May 30 11:48:18 firewall sshd[3913]: Failed password for root from 37.152.182.18 port 49410 ssh2 May 30 11:52:22 firewall sshd[4044]: Invalid user smmsp from 37.152.182.18 ...	2020-05-31 00:13:46
218.92.0.168	attackspam	May 30 17:58:09 vmi345603 sshd[20042]: Failed password for root from 218.92.0.168 port 58737 ssh2 May 30 17:58:13 vmi345603 sshd[20042]: Failed password for root from 218.92.0.168 port 58737 ssh2 ...	2020-05-31 00:07:33
176.31.40.50	attackbots	Drupal attack multi sites	2020-05-30 23:39:28
103.139.219.20	attackspam	2020-05-30T09:10:53.1755691495-001 sshd[2994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.219.20 user=root 2020-05-30T09:10:54.9000591495-001 sshd[2994]: Failed password for root from 103.139.219.20 port 41678 ssh2 2020-05-30T09:34:18.9227121495-001 sshd[3708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.219.20 user=root 2020-05-30T09:34:21.1986831495-001 sshd[3708]: Failed password for root from 103.139.219.20 port 60378 ssh2 2020-05-30T09:42:01.9673291495-001 sshd[3922]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.139.219.20 user=root 2020-05-30T09:42:04.1381021495-001 sshd[3922]: Failed password for root from 103.139.219.20 port 38378 ssh2 ...	2020-05-31 00:04:43
112.85.42.172	attack	May 30 18:19:10 host sshd\[9432\]: Unable to negotiate with 112.85.42.172 port 12954: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1 \[preauth\]	2020-05-31 00:19:27
79.232.172.18	attack	Brute-force attempt banned	2020-05-31 00:12:54
79.136.70.159	attackspambots	$f2bV_matches	2020-05-30 23:39:49
93.43.71.224	attackspam	93.43.71.224 - - [30/May/2020:14:11:25 +0200] "GET /adv,/cgi-bin/weblogin.cgi?username=admin%27%3Bls%20%23&password=asdf HTTP/1.1" 302 517 "-" "Mozilla/5.0"	2020-05-30 23:55:13

Recently Reported IPs

169.229.139.32	45.57.135.129	45.57.152.59	45.57.167.159
45.57.168.173	45.57.178.34	45.57.182.14	36.72.253.106
45.57.182.32	45.57.184.126	45.57.184.214	45.57.184.242
45.57.204.28	45.57.209.110	45.57.225.163	45.57.225.110
169.229.138.31	49.85.54.26	2.86.17.194	45.48.152.96