45.55.239.27 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user pgsql from 45.55.239.27 port 34980	2020-05-14 15:24:09
attackspambots	2020-05-01 09:55:41,230 fail2ban.actions: WARNING [ssh] Ban 45.55.239.27	2020-05-01 15:59:01
attackspambots	2020-04-28T23:34:21.782403abusebot-3.cloudsearch.cf sshd[20643]: Invalid user destin from 45.55.239.27 port 41638 2020-04-28T23:34:21.788442abusebot-3.cloudsearch.cf sshd[20643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 2020-04-28T23:34:21.782403abusebot-3.cloudsearch.cf sshd[20643]: Invalid user destin from 45.55.239.27 port 41638 2020-04-28T23:34:23.761633abusebot-3.cloudsearch.cf sshd[20643]: Failed password for invalid user destin from 45.55.239.27 port 41638 ssh2 2020-04-28T23:41:34.622016abusebot-3.cloudsearch.cf sshd[20998]: Invalid user openelec from 45.55.239.27 port 55912 2020-04-28T23:41:34.631998abusebot-3.cloudsearch.cf sshd[20998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 2020-04-28T23:41:34.622016abusebot-3.cloudsearch.cf sshd[20998]: Invalid user openelec from 45.55.239.27 port 55912 2020-04-28T23:41:36.715210abusebot-3.cloudsearch.cf sshd[20998]: Fail ...	2020-04-29 08:16:40
attackspam	2020-04-27T23:11:23.439580ns386461 sshd\[28641\]: Invalid user user from 45.55.239.27 port 57589 2020-04-27T23:11:23.444349ns386461 sshd\[28641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 2020-04-27T23:11:24.590663ns386461 sshd\[28641\]: Failed password for invalid user user from 45.55.239.27 port 57589 ssh2 2020-04-27T23:19:24.786783ns386461 sshd\[3768\]: Invalid user sybase from 45.55.239.27 port 52601 2020-04-27T23:19:24.791344ns386461 sshd\[3768\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 ...	2020-04-28 05:55:42

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.239.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61104
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.239.27.			IN	A

;; AUTHORITY SECTION:
.			462	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042702 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 28 05:55:34 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 27.239.55.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.239.55.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.159.212.18	attackbotsspam	trying to access non-authorized port	2020-02-15 05:53:05
119.28.73.77	attackspam	Automatic report - Banned IP Access	2020-02-15 05:58:54
77.247.110.87	attackspambots	Feb 14 21:31:40 debian-2gb-nbg1-2 kernel: \[3971524.786453\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=77.247.110.87 DST=195.201.40.59 LEN=440 TOS=0x00 PREC=0x00 TTL=54 ID=61472 DF PROTO=UDP SPT=5065 DPT=5060 LEN=420	2020-02-15 06:11:45
45.143.223.93	attackbotsspam	Feb 14 13:44:31 nopemail postfix/smtpd[20889]: NOQUEUE: reject: RCPT from unknown[45.143.223.93]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo= ...	2020-02-15 05:56:36
177.1.214.207	attack	$f2bV_matches	2020-02-15 06:14:32
125.141.56.230	attack	Feb 11 23:46:18 km20725 sshd[7842]: Invalid user rouse from 125.141.56.230 Feb 11 23:46:18 km20725 sshd[7842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.56.230 Feb 11 23:46:19 km20725 sshd[7842]: Failed password for invalid user rouse from 125.141.56.230 port 50208 ssh2 Feb 11 23:46:19 km20725 sshd[7842]: Received disconnect from 125.141.56.230: 11: Bye Bye [preauth] Feb 12 00:00:29 km20725 sshd[8552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.56.230 user=www-data Feb 12 00:00:31 km20725 sshd[8552]: Failed password for www-data from 125.141.56.230 port 45476 ssh2 Feb 12 00:00:32 km20725 sshd[8552]: Received disconnect from 125.141.56.230: 11: Bye Bye [preauth] Feb 12 00:04:46 km20725 sshd[8744]: Invalid user irmserv from 125.141.56.230 Feb 12 00:04:46 km20725 sshd[8744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.1........ -------------------------------	2020-02-15 06:01:47
195.154.191.180	attackspambots	GET /xmlrpc.php	2020-02-15 06:10:44
128.199.177.16	attackspam	Feb 14 14:43:37 vps647732 sshd[17755]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.177.16 Feb 14 14:43:40 vps647732 sshd[17755]: Failed password for invalid user razor from 128.199.177.16 port 42702 ssh2 ...	2020-02-15 05:58:06
69.229.6.8	attackbots	2020-02-14T21:55:24.398052 sshd[21852]: Invalid user 123 from 69.229.6.8 port 56116 2020-02-14T21:55:24.411888 sshd[21852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.229.6.8 2020-02-14T21:55:24.398052 sshd[21852]: Invalid user 123 from 69.229.6.8 port 56116 2020-02-14T21:55:26.532097 sshd[21852]: Failed password for invalid user 123 from 69.229.6.8 port 56116 ssh2 ...	2020-02-15 06:11:07
185.209.0.90	attackbots	02/14/2020-22:56:32.587598 185.209.0.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-15 06:11:27
179.222.60.239	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 06:02:23
95.9.220.134	attackbots	Telnet Server BruteForce Attack	2020-02-15 06:21:22
39.100.157.74	attackbotsspam	GET /evox/about GET /HNAP1 GET /nmaplowercheck1581636540 POST /sdk	2020-02-15 05:48:33
179.220.203.147	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 06:08:43
221.14.155.156	attackbots	Attempted to connect 2 times to port 23 TCP	2020-02-15 06:00:18

Recently Reported IPs

143.205.201.72	13.14.178.155	108.88.167.87	197.196.225.152
27.70.56.255	173.44.153.200	66.254.199.190	101.206.211.222
187.167.43.44	113.85.183.23	223.110.238.121	39.186.155.144
189.171.202.189	77.93.210.150	173.198.247.16	223.203.6.60
110.103.13.144	183.184.152.120	94.196.203.222	112.186.1.234