This IP address has been reported a total of
34
times from
24 distinct
sources.
20.64.48.167 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
SSH brute-force attack detected via Cowrie SSH honeypot. Tried 1 credential combination(s) including ...
show moreSSH brute-force attack detected via Cowrie SSH honeypot. Tried 1 credential combination(s) including username="root". Automated report from Olympus SOC.
show less
2026-07-15T10:31:41.095699+02:00 domotica sshd-session[24124]: Failed password for root from 20.64.4 ...
show more2026-07-15T10:31:41.095699+02:00 domotica sshd-session[24124]: Failed password for root from 20.64.48.167 port 53227 ssh2
...
show less
SSH brute-force attack detected via Cowrie SSH honeypot. Tried 1 credential combination(s) including ...
show moreSSH brute-force attack detected via Cowrie SSH honeypot. Tried 1 credential combination(s) including username="root". Automated report from Olympus SOC.
show less
2026-07-14T11:48:18.715421mail.dondessert.com sshd[646005]: Failed password for root from 20.64.48.1 ...
show more2026-07-14T11:48:18.715421mail.dondessert.com sshd[646005]: Failed password for root from 20.64.48.167 port 57501 ssh2
2026-07-14T11:48:19.208322mail.dondessert.com sshd[646005]: Connection closed by authenticating user root 20.64.48.167 port 57501 [preauth]
...
show less
Jul 14 02:22:00 web sshd[550967]: User root from 20.64.48.167 not allowed because none of user's gro ...
show moreJul 14 02:22:00 web sshd[550967]: User root from 20.64.48.167 not allowed because none of user's groups are listed in AllowGroups
Jul 14 02:22:01 web sshd[550967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.64.48.167 user=root
Jul 14 02:22:05 web sshd[550967]: Failed password for invalid user root from 20.64.48.167 port 54317 ssh2
...
show less