45.55.38.3 - IPInfo

Basic Info

City: Clifton

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH login attempts with user root.	2019-11-30 05:06:06

Comments on same subnet:

IP	Type	Details	Datetime
45.55.38.214	attack	[MK-VM4] Blocked by UFW	2020-06-20 18:46:38
45.55.38.39	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 28 - port: 15592 proto: TCP cat: Misc Attack	2020-06-07 01:41:42
45.55.38.39	attack	TCP (SYN) 45.55.38.39:52533 -> port 26927, len 44	2020-06-06 09:20:30
45.55.38.39	attackspambots	10924/tcp 441/tcp 17554/tcp... [2020-04-12/05-21]87pkt,31pt.(tcp)	2020-05-22 07:44:01
45.55.38.214	attackspambots	[Tue May 19 20:42:35.704921 2020] [:error] [pid 65425] [client 45.55.38.214:46148] [client 45.55.38.214] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "200.132.59.214"] [uri "/"] [unique_id "XsRu6xWXqa@P1X@JQcmibgAAAAU"] ...	2020-05-20 13:14:29
45.55.38.39	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 28 - port: 26429 proto: TCP cat: Misc Attack	2020-05-15 04:24:57
45.55.38.214	attackbots	Scanning an empty webserver with deny all robots.txt	2020-05-13 06:21:04
45.55.38.39	attackbotsspam	Fail2Ban Ban Triggered	2020-04-24 02:58:14
45.55.38.39	attack	Dec 13 19:11:18 sachi sshd\[11121\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 user=root Dec 13 19:11:20 sachi sshd\[11121\]: Failed password for root from 45.55.38.39 port 37552 ssh2 Dec 13 19:19:32 sachi sshd\[11817\]: Invalid user medias from 45.55.38.39 Dec 13 19:19:32 sachi sshd\[11817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 13 19:19:33 sachi sshd\[11817\]: Failed password for invalid user medias from 45.55.38.39 port 41011 ssh2	2019-12-14 13:34:00
45.55.38.39	attackspambots	Dec 9 19:22:14 cvbnet sshd[13093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 9 19:22:16 cvbnet sshd[13093]: Failed password for invalid user payan from 45.55.38.39 port 59020 ssh2 ...	2019-12-10 03:05:43
45.55.38.39	attackbotsspam	Dec 6 06:51:47 meumeu sshd[17756]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 6 06:51:50 meumeu sshd[17756]: Failed password for invalid user gerynowicz from 45.55.38.39 port 41403 ssh2 Dec 6 06:57:28 meumeu sshd[18640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 ...	2019-12-06 14:08:42
45.55.38.39	attackspambots	Dec 5 08:15:44 zeus sshd[29273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 5 08:15:47 zeus sshd[29273]: Failed password for invalid user borders from 45.55.38.39 port 35495 ssh2 Dec 5 08:24:15 zeus sshd[29509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 Dec 5 08:24:18 zeus sshd[29509]: Failed password for invalid user misra from 45.55.38.39 port 40810 ssh2	2019-12-05 16:28:41
45.55.38.39	attackspambots	Invalid user myron from 45.55.38.39 port 49777	2019-11-28 21:40:29
45.55.38.39	attackbotsspam	Fail2Ban Ban Triggered	2019-11-20 01:22:00
45.55.38.39	attack	2019-11-10T09:35:37.779656shield sshd\[12464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 user=root 2019-11-10T09:35:39.892828shield sshd\[12464\]: Failed password for root from 45.55.38.39 port 33384 ssh2 2019-11-10T09:39:35.905555shield sshd\[13260\]: Invalid user user from 45.55.38.39 port 52238 2019-11-10T09:39:35.909726shield sshd\[13260\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.38.39 2019-11-10T09:39:37.696532shield sshd\[13260\]: Failed password for invalid user user from 45.55.38.39 port 52238 ssh2	2019-11-10 18:15:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.55.38.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.55.38.3.			IN	A

;; AUTHORITY SECTION:
.			569	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 61 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 05:06:03 CST 2019
;; MSG SIZE  rcvd: 114

Host info

Host 3.38.55.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.38.55.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.210.160.6	attack	Mar 11 11:31:22 pl3server sshd[4778]: reveeclipse mapping checking getaddrinfo for 186-210-160-6.xd-dynamic.algarnetsuper.com.br [186.210.160.6] failed - POSSIBLE BREAK-IN ATTEMPT! Mar 11 11:31:22 pl3server sshd[4778]: Invalid user admin from 186.210.160.6 Mar 11 11:31:22 pl3server sshd[4778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.210.160.6 Mar 11 11:31:23 pl3server sshd[4778]: Failed password for invalid user admin from 186.210.160.6 port 58440 ssh2 Mar 11 11:31:24 pl3server sshd[4778]: Connection closed by 186.210.160.6 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=186.210.160.6	2020-03-11 23:54:05
217.64.18.46	attack	1583923377 - 03/11/2020 11:42:57 Host: 217.64.18.46/217.64.18.46 Port: 445 TCP Blocked	2020-03-11 23:49:54
202.104.179.221	attack	Helo	2020-03-11 23:33:04
205.185.113.140	attackbotsspam	Mar 11 13:35:10 pkdns2 sshd\[7042\]: Invalid user 123456 from 205.185.113.140Mar 11 13:35:11 pkdns2 sshd\[7042\]: Failed password for invalid user 123456 from 205.185.113.140 port 37488 ssh2Mar 11 13:37:48 pkdns2 sshd\[7123\]: Invalid user Password123 from 205.185.113.140Mar 11 13:37:50 pkdns2 sshd\[7123\]: Failed password for invalid user Password123 from 205.185.113.140 port 60016 ssh2Mar 11 13:40:31 pkdns2 sshd\[7277\]: Invalid user Password222 from 205.185.113.140Mar 11 13:40:34 pkdns2 sshd\[7277\]: Failed password for invalid user Password222 from 205.185.113.140 port 54312 ssh2 ...	2020-03-11 23:15:21
62.234.95.136	attack	Mar 11 12:54:00 ks10 sshd[1620407]: Failed password for root from 62.234.95.136 port 53082 ssh2 ...	2020-03-11 23:13:15
203.97.190.198	attackspam	SSH login attempts.	2020-03-11 23:46:44
51.77.202.172	attack	SSH login attempts.	2020-03-11 23:29:02
158.69.220.178	attackspambots	SSH login attempts.	2020-03-11 23:30:50
112.203.15.173	attackbots	1583923392 - 03/11/2020 11:43:12 Host: 112.203.15.173/112.203.15.173 Port: 445 TCP Blocked	2020-03-11 23:31:07
113.199.119.206	attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-11 23:58:07
191.252.0.53	attack	SSH invalid-user multiple login try	2020-03-11 23:39:57
180.183.72.60	attackspam	1583923379 - 03/11/2020 11:42:59 Host: 180.183.72.60/180.183.72.60 Port: 445 TCP Blocked	2020-03-11 23:47:07
165.227.96.190	attack	$f2bV_matches	2020-03-11 23:47:30
171.249.11.172	attackspam	SSH bruteforce more then 50 syn to 22 port per 10 seconds.	2020-03-11 23:25:58
119.226.66.66	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-11 23:27:51

Recently Reported IPs

84.5.12.198	176.13.134.39	37.59.107.1	82.160.56.144
37.41.196.2	80.133.247.8	37.187.114.1	36.154.39.1
194.74.248.126	121.81.244.242	35.187.234.1	3.65.160.77
113.101.199.123	102.163.134.124	118.92.205.142	150.109.182.163
109.135.79.103	99.132.174.37	37.47.118.125	73.234.186.226