45.55.38.3 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH login attempts with user root.	2019-11-30 05:06:06

Comments on same subnet:

IP	Type	Details	Datetime
45.55.38.214	attack	[MK-VM4] Blocked by UFW	2020-06-20 18:46:38
45.55.38.39	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 28 - port: 15592 proto: TCP cat: Misc Attack	2020-06-07 01:41:42
45.55.38.39	attack	TCP (SYN) 45.55.38.39:52533 -> port 26927, len 44	2020-06-06 09:20:30
45.55.38.39	attackspambots	10924/tcp 441/tcp 17554/tcp... [2020-04-12/05-21]87pkt,31pt.(tcp)	2020-05-22 07:44:01
45.55.38.214	attackspambots	[Tue May 19 20:42:35.704921 2020] [:error] [pid 65425] [client 45.55.38.214:46148] [client 45.55.38.214] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "200.132.59.214"] [uri "/"] [unique_id "XsRu6xWXqa@P1X@JQcmibgAAAAU"] ...	2020-05-20 13:14:29
45.55.38.39	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 28 - port: 26429 proto: TCP cat: Misc Attack	2020-05-15 04:24:57
45.55.38.214	attackbots	Scanning an empty webserver with deny all robots.txt	2020-05-13 06:21:04
45.55.38.39	attackbotsspam	Fail2Ban Ban Triggered	2020-04-24 02:58:14
45.55.38.39	attack	Dec 13 19:11:18 sachi sshd\[11121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 user=root Dec 13 19:11:20 sachi sshd\[11121\]: Failed password for root from 45.55.38.39 port 37552 ssh2 Dec 13 19:19:32 sachi sshd\[11817\]: Invalid user medias from 45.55.38.39 Dec 13 19:19:32 sachi sshd\[11817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 13 19:19:33 sachi sshd\[11817\]: Failed password for invalid user medias from 45.55.38.39 port 41011 ssh2	2019-12-14 13:34:00
45.55.38.39	attackspambots	Dec 9 19:22:14 cvbnet sshd[13093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 9 19:22:16 cvbnet sshd[13093]: Failed password for invalid user payan from 45.55.38.39 port 59020 ssh2 ...	2019-12-10 03:05:43
45.55.38.39	attackbotsspam	Dec 6 06:51:47 meumeu sshd[17756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 6 06:51:50 meumeu sshd[17756]: Failed password for invalid user gerynowicz from 45.55.38.39 port 41403 ssh2 Dec 6 06:57:28 meumeu sshd[18640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 ...	2019-12-06 14:08:42
45.55.38.39	attackspambots	Dec 5 08:15:44 zeus sshd[29273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 5 08:15:47 zeus sshd[29273]: Failed password for invalid user borders from 45.55.38.39 port 35495 ssh2 Dec 5 08:24:15 zeus sshd[29509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 5 08:24:18 zeus sshd[29509]: Failed password for invalid user misra from 45.55.38.39 port 40810 ssh2	2019-12-05 16:28:41
45.55.38.39	attackspambots	Invalid user myron from 45.55.38.39 port 49777	2019-11-28 21:40:29
45.55.38.39	attackbotsspam	Fail2Ban Ban Triggered	2019-11-20 01:22:00
45.55.38.39	attack	2019-11-10T09:35:37.779656shield sshd\[12464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 user=root 2019-11-10T09:35:39.892828shield sshd\[12464\]: Failed password for root from 45.55.38.39 port 33384 ssh2 2019-11-10T09:39:35.905555shield sshd\[13260\]: Invalid user user from 45.55.38.39 port 52238 2019-11-10T09:39:35.909726shield sshd\[13260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 2019-11-10T09:39:37.696532shield sshd\[13260\]: Failed password for invalid user user from 45.55.38.39 port 52238 ssh2	2019-11-10 18:15:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.38.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.38.3.			IN	A

;; AUTHORITY SECTION:
.			569	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 05:06:03 CST 2019
;; MSG SIZE  rcvd: 114

Host info

Host 3.38.55.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.38.55.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.3.189.69	attackspambots	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-30 17:25:02
196.196.217.50	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-11-30 17:51:50
24.221.19.57	attack	Nov 29 20:26:11 web9 sshd\[30125\]: Invalid user pi from 24.221.19.57 Nov 29 20:26:11 web9 sshd\[30124\]: Invalid user pi from 24.221.19.57 Nov 29 20:26:11 web9 sshd\[30124\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.221.19.57 Nov 29 20:26:11 web9 sshd\[30125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.221.19.57 Nov 29 20:26:13 web9 sshd\[30124\]: Failed password for invalid user pi from 24.221.19.57 port 49974 ssh2 Nov 29 20:26:13 web9 sshd\[30125\]: Failed password for invalid user pi from 24.221.19.57 port 49972 ssh2	2019-11-30 17:48:54
211.159.241.77	attackbots	Nov 30 06:26:34 zx01vmsma01 sshd[167212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.159.241.77 Nov 30 06:26:36 zx01vmsma01 sshd[167212]: Failed password for invalid user admin from 211.159.241.77 port 45396 ssh2 ...	2019-11-30 17:31:07
132.232.52.60	attackbotsspam	Sep 18 04:53:45 meumeu sshd[18226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.52.60 Sep 18 04:53:47 meumeu sshd[18226]: Failed password for invalid user disk from 132.232.52.60 port 56474 ssh2 Sep 18 04:58:46 meumeu sshd[18892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.52.60 ...	2019-11-30 17:30:50
124.43.16.244	attack	Nov 30 10:18:55 pkdns2 sshd\[16565\]: Invalid user 000000000 from 124.43.16.244Nov 30 10:18:57 pkdns2 sshd\[16565\]: Failed password for invalid user 000000000 from 124.43.16.244 port 49996 ssh2Nov 30 10:22:29 pkdns2 sshd\[16739\]: Invalid user Pass1 from 124.43.16.244Nov 30 10:22:31 pkdns2 sshd\[16739\]: Failed password for invalid user Pass1 from 124.43.16.244 port 57854 ssh2Nov 30 10:26:05 pkdns2 sshd\[16922\]: Invalid user tobiassen from 124.43.16.244Nov 30 10:26:07 pkdns2 sshd\[16922\]: Failed password for invalid user tobiassen from 124.43.16.244 port 37476 ssh2 ...	2019-11-30 17:58:12
181.41.216.137	attack	2019-11-30 H=$\[181.41.216.131\]$ \[181.41.216.137\] F=\ rejected RCPT \: Unrouteable address 2019-11-30 H=$\[181.41.216.131\]$ \[181.41.216.137\] F=\ rejected RCPT \: Unrouteable address 2019-11-30 H=$\[181.41.216.131\]$ \[181.41.216.137\] F=\ rejected RCPT \: Unrouteable address	2019-11-30 17:36:26
112.85.42.176	attackspambots	Nov 30 10:35:19 vps666546 sshd\[5641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Nov 30 10:35:22 vps666546 sshd\[5641\]: Failed password for root from 112.85.42.176 port 47265 ssh2 Nov 30 10:35:25 vps666546 sshd\[5641\]: Failed password for root from 112.85.42.176 port 47265 ssh2 Nov 30 10:35:28 vps666546 sshd\[5641\]: Failed password for root from 112.85.42.176 port 47265 ssh2 Nov 30 10:35:31 vps666546 sshd\[5641\]: Failed password for root from 112.85.42.176 port 47265 ssh2 ...	2019-11-30 17:36:40
152.67.1.55	attack	Port scan on 2 port(s): 2375 4243	2019-11-30 17:53:04
77.42.81.132	attackbotsspam	Fail2Ban Ban Triggered	2019-11-30 17:57:39
218.92.0.147	attackbots	Nov3010:10:08server2sshd[22997]:refusedconnectfrom218.92.0.147$218.92.0.147$Nov3010:10:08server2sshd[22998]:refusedconnectfrom218.92.0.147$218.92.0.147$Nov3010:10:08server2sshd[23000]:refusedconnectfrom218.92.0.147$218.92.0.147$Nov3010:10:08server2sshd[23001]:refusedconnectfrom218.92.0.147$218.92.0.147$Nov3010:10:09server2sshd[23060]:refusedconnectfrom218.92.0.147$218.92.0.147$Nov3010:19:11server2sshd[25232]:refusedconnectfrom218.92.0.147$218.92.0.147$Nov3010:19:11server2sshd[25233]:refusedconnectfrom218.92.0.147$218.92.0.147$Nov3010:19:11server2sshd[25234]:refusedconnectfrom218.92.0.147$218.92.0.147$	2019-11-30 17:22:33
188.170.78.4	spamattack	Can	2019-11-30 17:28:52
159.203.81.28	attackbots	$f2bV_matches	2019-11-30 17:55:20
51.75.67.69	attackbots	Nov 30 10:16:40 SilenceServices sshd[7458]: Failed password for root from 51.75.67.69 port 44024 ssh2 Nov 30 10:19:41 SilenceServices sshd[8238]: Failed password for backup from 51.75.67.69 port 51160 ssh2	2019-11-30 17:42:40
185.238.208.54	attackbotsspam	[portscan] Port scan	2019-11-30 17:46:52

Recently Reported IPs

84.5.12.198	176.13.134.39	37.59.107.1	82.160.56.144
37.41.196.2	80.133.247.8	37.187.114.1	36.154.39.1
194.74.248.126	121.81.244.242	35.187.234.1	3.65.160.77
113.101.199.123	102.163.134.124	118.92.205.142	150.109.182.163
109.135.79.103	99.132.174.37	37.47.118.125	73.234.186.226