JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.56.173.55

45.56.173.55 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 0%: ?

ISP	Web2Objects LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62874
Domain Name	web2objects.com
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.56.173.55

Whois 45.56.173.55

IP Abuse Reports for 45.56.173.55:

This IP address has been reported a total of 20 times from 10 distinct sources. 45.56.173.55 was first reported on November 27th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 Inartis	2026-04-17 23:46:14 (1 month ago)	Apr 18 01:46:11 web4 sshd[3775124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid ... show more Apr 18 01:46:11 web4 sshd[3775124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.56.173.55 Apr 18 01:46:13 web4 sshd[3775124]: Failed password for invalid user admin from 45.56.173.55 port 40069 ssh2 ... show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-01-27 02:51:04 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 21:51:00.563939 2026] [security2:error] [pid 16656:tid 16681] [client 45.56.173.55:53597] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.kettlehill.kettlehill.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/\\\\windows/win.ini"] [unique_id "aXgoFD4D1upuVdMC6K4DEQAAAFY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 RoboSOC	2025-10-16 12:31:21 (7 months ago)	Elasticsearch Groovy Script Engine Remote Command Execution Vulnerability, PTR: PTR record not found	Hacking
Anonymous	2025-09-17 15:15:00 (8 months ago)	"Undesired, excess traffic against library/education infrastructure"	Brute-Force
🇺🇸 TPI-Abuse	2025-05-30 00:12:53 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 20:12:47.916193 2025] [security2:error] [pid 3820902:tid 3820902] [client 45.56.173.55:56893] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.farmers123.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.farmers123.com"] [uri "/header.php.bak"] [unique_id "aDj3_-5aMkyyGyaNaflPJgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-09-05 12:03:46 (1 year ago)	IP & Port Scan.	Port Scan Brute-Force SSH
🇺🇸 TPI-Abuse	2024-09-03 18:50:47 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 14:50:40.312331 2024] [security2:error] [pid 1395:tid 1395] [client 45.56.173.55:37653] [client 45.56.173.55] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.stdavids-media.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /card_scan.php?No=30&ReaderNo=%60cat%20/etc/passwd%20%3E%20aDicjiMTjM.txt%60"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.stdavids-media.com"] [uri "/card_scan.php"] [unique_id "ZtdagA_lh1N4vSn-95oVqgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-26 23:09:12 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 19:07:47.194369 2024] [security2:error] [pid 529544:tid 529611] [client 45.56.173.55:35149] [client 45.56.173.55] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|www.staging.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/count-per-day/download.php?n=1&f=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/wp-content/plugins/count-per-day/download.php"] [unique_id "Zs0KwwXOM9l8qzVVH2Y5IAAAAcA"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2024-07-14 01:02:53 (1 year ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
Anonymous	2024-06-26 20:01:04 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-05-28 23:01:13 (2 years ago)	(mod_security) mod_security (id:212620) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:212620) triggered by 45.56.173.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 19:00:48.315864 2024] [security2:error] [pid 6312:tid 47260695701248] [client 45.56.173.55:40021] [client 45.56.173.55] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|kettlehill.net\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /natemail.php?recipient=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.net"] [uri "/NateMail.php"] [unique_id "ZlZiINhrIDYsFMakWIzrAgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2024-05-20 21:48:07 (2 years ago)	Looking for CMS/PHP/SQL vulnerablilities - 13	Exploited Host Web App Attack
🇪🇸 10dencehispahard SL	2024-05-08 06:01:07 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
Anonymous	2024-04-16 01:35:48 (2 years ago)	Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇪🇸 10dencehispahard SL	2024-03-27 07:00:25 (2 years ago)	Unauthorized login attempts [ BI-16635]	Brute-Force

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.165.70.141

🇧🇷 177.131.29.167

🇸🇬 172.236.131.81

🇨🇦 154.3.159.234

🇳🇿 121.73.163.223

🇱🇦 115.84.87.211

🇨🇳 221.226.17.34

🇺🇸 54.191.144.50

🇬🇧 35.203.211.106

🇺🇸 34.181.236.69

🇺🇸 34.148.237.121

🇸🇪 192.178.92.25

🇩🇪 176.65.132.24

🇻🇳 160.25.81.6

🇷🇴 92.118.39.236

🇪🇬 41.46.117.87

🇬🇧 35.203.210.121

🇰🇷 1.238.106.229

🇺🇸 162.216.150.30

🇩🇪 134.122.88.158