45.55.239.27 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user pgsql from 45.55.239.27 port 34980	2020-05-14 15:24:09
attackspambots	2020-05-01 09:55:41,230 fail2ban.actions: WARNING [ssh] Ban 45.55.239.27	2020-05-01 15:59:01
attackspambots	2020-04-28T23:34:21.782403abusebot-3.cloudsearch.cf sshd[20643]: Invalid user destin from 45.55.239.27 port 41638 2020-04-28T23:34:21.788442abusebot-3.cloudsearch.cf sshd[20643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 2020-04-28T23:34:21.782403abusebot-3.cloudsearch.cf sshd[20643]: Invalid user destin from 45.55.239.27 port 41638 2020-04-28T23:34:23.761633abusebot-3.cloudsearch.cf sshd[20643]: Failed password for invalid user destin from 45.55.239.27 port 41638 ssh2 2020-04-28T23:41:34.622016abusebot-3.cloudsearch.cf sshd[20998]: Invalid user openelec from 45.55.239.27 port 55912 2020-04-28T23:41:34.631998abusebot-3.cloudsearch.cf sshd[20998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 2020-04-28T23:41:34.622016abusebot-3.cloudsearch.cf sshd[20998]: Invalid user openelec from 45.55.239.27 port 55912 2020-04-28T23:41:36.715210abusebot-3.cloudsearch.cf sshd[20998]: Fail ...	2020-04-29 08:16:40
attackspam	2020-04-27T23:11:23.439580ns386461 sshd\[28641\]: Invalid user user from 45.55.239.27 port 57589 2020-04-27T23:11:23.444349ns386461 sshd\[28641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 2020-04-27T23:11:24.590663ns386461 sshd\[28641\]: Failed password for invalid user user from 45.55.239.27 port 57589 ssh2 2020-04-27T23:19:24.786783ns386461 sshd\[3768\]: Invalid user sybase from 45.55.239.27 port 52601 2020-04-27T23:19:24.791344ns386461 sshd\[3768\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.239.27 ...	2020-04-28 05:55:42

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.239.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61104
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.239.27.			IN	A

;; AUTHORITY SECTION:
.			462	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042702 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 28 05:55:34 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 27.239.55.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.239.55.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
35.239.60.149	attackbotsspam	Time: Sat Aug 22 18:40:58 2020 +0000 IP: 35.239.60.149 (US/United States/149.60.239.35.bc.googleusercontent.com) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 22 18:25:03 ca-1-ams1 sshd[31204]: Invalid user jimmy from 35.239.60.149 port 40116 Aug 22 18:25:05 ca-1-ams1 sshd[31204]: Failed password for invalid user jimmy from 35.239.60.149 port 40116 ssh2 Aug 22 18:38:03 ca-1-ams1 sshd[31635]: Invalid user testmail from 35.239.60.149 port 53458 Aug 22 18:38:04 ca-1-ams1 sshd[31635]: Failed password for invalid user testmail from 35.239.60.149 port 53458 ssh2 Aug 22 18:40:58 ca-1-ams1 sshd[31753]: Invalid user nagios from 35.239.60.149 port 49798	2020-08-23 03:07:18
115.159.153.180	attackspam	Aug 22 20:24:40 dev0-dcde-rnet sshd[28135]: Failed password for root from 115.159.153.180 port 51452 ssh2 Aug 22 20:26:03 dev0-dcde-rnet sshd[28149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.153.180 Aug 22 20:26:06 dev0-dcde-rnet sshd[28149]: Failed password for invalid user marconi from 115.159.153.180 port 58642 ssh2	2020-08-23 03:27:42
220.124.58.206	attackspam	SSH login attempts.	2020-08-23 03:14:37
112.251.174.92	attackbotsspam	Port Scan ...	2020-08-23 03:05:41
220.102.43.235	attackbots	Aug 22 19:33:40 hidden sshd[64212]: Failed password for invalid user stq from 220.102.43.235 port 13626 ssh2 Aug 22 19:47:04 hidden sshd[64559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.102.43.235 user=root Aug 22 19:47:07 hidden sshd[64559]: Failed password for hidden from 220.102.43.235 port 11436 ssh2	2020-08-23 03:16:08
65.151.160.89	attack	2020-08-22T17:51:17.857641mail.standpoint.com.ua sshd[16461]: Failed password for root from 65.151.160.89 port 36390 ssh2 2020-08-22T17:55:03.989945mail.standpoint.com.ua sshd[17207]: Invalid user fcs from 65.151.160.89 port 43472 2020-08-22T17:55:03.992500mail.standpoint.com.ua sshd[17207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.151.160.89 2020-08-22T17:55:03.989945mail.standpoint.com.ua sshd[17207]: Invalid user fcs from 65.151.160.89 port 43472 2020-08-22T17:55:06.812959mail.standpoint.com.ua sshd[17207]: Failed password for invalid user fcs from 65.151.160.89 port 43472 ssh2 ...	2020-08-23 03:08:25
114.34.33.165	attackspambots	Portscan detected	2020-08-23 03:09:52
85.57.145.133	attack	Aug 22 19:33:34 WHD8 dovecot: pop3-login: Disconnected \(auth failed, 1 attempts in 12 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Aug 22 19:33:34 WHD8 dovecot: pop3-login: Disconnected \(auth failed, 1 attempts in 10 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Aug 22 19:46:28 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Aug 22 19:46:31 WHD8 dovecot: pop3-login: Disconnected: Inactivity \(auth failed, 1 attempts in 180 secs\): user=\, method=PLAIN, rip=85.57.145.133, lip=10.64.89.208, session=\ Aug 22 19:59:33 WHD8 dovecot: pop3-login: Disconnected \(auth failed, 1 attempts in 65 secs\): user=\, method=PLA ...	2020-08-23 03:29:04
45.118.151.85	attackbotsspam	SSH Brute-Forcing (server1)	2020-08-23 03:18:05
107.170.18.163	attack	Aug 22 16:26:51 mellenthin sshd[5857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.18.163 Aug 22 16:26:52 mellenthin sshd[5857]: Failed password for invalid user sammy from 107.170.18.163 port 57053 ssh2	2020-08-23 03:35:23
45.91.226.66	attackspam	Port Scan ...	2020-08-23 02:59:51
191.193.206.49	attack	Aug 21 00:22:16 our-server-hostname sshd[26336]: reveeclipse mapping checking getaddrinfo for 191-193-206-49.user.vivozap.com.br [191.193.206.49] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 21 00:22:16 our-server-hostname sshd[26336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.193.206.49 user=r.r Aug 21 00:22:18 our-server-hostname sshd[26336]: Failed password for r.r from 191.193.206.49 port 55504 ssh2 Aug 21 00:31:58 our-server-hostname sshd[28066]: reveeclipse mapping checking getaddrinfo for 191-193-206-49.user.vivozap.com.br [191.193.206.49] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 21 00:31:58 our-server-hostname sshd[28066]: Invalid user abc123 from 191.193.206.49 Aug 21 00:31:58 our-server-hostname sshd[28066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.193.206.49 Aug 21 00:32:00 our-server-hostname sshd[28066]: Failed password for invalid user abc123 from 191.193.206.4........ -------------------------------	2020-08-23 03:19:44
182.77.90.44	attack	Aug 22 18:54:02 minden010 sshd[21774]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.77.90.44 Aug 22 18:54:04 minden010 sshd[21774]: Failed password for invalid user meet from 182.77.90.44 port 50460 ssh2 Aug 22 18:58:20 minden010 sshd[23276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.77.90.44 ...	2020-08-23 03:15:39
180.76.145.64	attackbots	2020-08-22T13:09:39.338558shield sshd\[23433\]: Invalid user clement from 180.76.145.64 port 55472 2020-08-22T13:09:39.348938shield sshd\[23433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.145.64 2020-08-22T13:09:40.991710shield sshd\[23433\]: Failed password for invalid user clement from 180.76.145.64 port 55472 ssh2 2020-08-22T13:12:34.270365shield sshd\[24168\]: Invalid user mq from 180.76.145.64 port 59798 2020-08-22T13:12:34.286614shield sshd\[24168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.145.64	2020-08-23 03:13:08
111.230.10.176	attackspam	Aug 22 09:30:58 george sshd[9944]: Invalid user user from 111.230.10.176 port 52854 Aug 22 09:30:58 george sshd[9944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.10.176 Aug 22 09:31:00 george sshd[9944]: Failed password for invalid user user from 111.230.10.176 port 52854 ssh2 Aug 22 09:35:55 george sshd[9984]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.10.176 user=root Aug 22 09:35:57 george sshd[9984]: Failed password for root from 111.230.10.176 port 48946 ssh2 ...	2020-08-23 03:08:00

Recently Reported IPs

143.205.201.72	13.14.178.155	108.88.167.87	197.196.225.152
27.70.56.255	173.44.153.200	66.254.199.190	101.206.211.222
187.167.43.44	113.85.183.23	223.110.238.121	39.186.155.144
189.171.202.189	77.93.210.150	173.198.247.16	223.203.6.60
110.103.13.144	183.184.152.120	94.196.203.222	112.186.1.234