45.56.96.162 - IPInfo

Basic Info

City: Newark

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.56.96.139	attack	ATTACKS ON 443 WEB ROUTER PANEL	2022-11-21 22:27:15
45.56.96.139	attackspambots	scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.	2020-09-24 02:48:11
45.56.96.139	attackspambots	TCP ports : 3307 / 5985 / 6375 / 6381 / 27017	2020-09-23 18:58:43

Type

Details

Datetime

45.56.96.139

attack

ATTACKS ON 443 WEB ROUTER PANEL

2022-11-21 22:27:15

45.56.96.139

attackspambots

scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.

2020-09-24 02:48:11

45.56.96.139

attackspambots

TCP ports : 3307 / 5985 / 6375 / 6381 / 27017

2020-09-23 18:58:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.56.96.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22167
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.56.96.162.			IN	A

;; AUTHORITY SECTION:
.			160	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092202 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 23 09:04:22 CST 2020
;; MSG SIZE  rcvd: 116

Host info

162.96.56.45.in-addr.arpa domain name pointer relay06.pop.ewr.plex.bz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
162.96.56.45.in-addr.arpa	name = relay06.pop.ewr.plex.bz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.41.119.65	attackbots	Lines containing failures of 59.41.119.65 Apr 22 09:12:26 nextcloud sshd[10898]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.41.119.65 user=r.r Apr 22 09:12:28 nextcloud sshd[10898]: Failed password for r.r from 59.41.119.65 port 61012 ssh2 Apr 22 09:12:29 nextcloud sshd[10898]: Received disconnect from 59.41.119.65 port 61012:11: Bye Bye [preauth] Apr 22 09:12:29 nextcloud sshd[10898]: Disconnected from authenticating user r.r 59.41.119.65 port 61012 [preauth] Apr 22 09:24:13 nextcloud sshd[12627]: Invalid user test from 59.41.119.65 port 60166 Apr 22 09:24:13 nextcloud sshd[12627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.41.119.65 Apr 22 09:24:16 nextcloud sshd[12627]: Failed password for invalid user test from 59.41.119.65 port 60166 ssh2 Apr 22 09:24:16 nextcloud sshd[12627]: Received disconnect from 59.41.119.65 port 60166:11: Bye Bye [preauth] Apr 22 09:24:16 nextclou........ ------------------------------	2020-04-22 20:35:38
94.176.189.134	attackspambots	Apr 22 14:05:08 server postfix/smtpd[5531]: NOQUEUE: reject: RCPT from srv134.uk-marketing.com[94.176.189.134]: 554 5.7.1 Service unavailable; Client host [94.176.189.134] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-04-22 20:21:32
118.101.184.191	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-04-22 20:14:45
129.28.166.61	attackspam	Apr 22 09:28:55 dns1 sshd[6805]: Failed password for root from 129.28.166.61 port 47010 ssh2 Apr 22 09:30:22 dns1 sshd[6987]: Failed password for root from 129.28.166.61 port 34230 ssh2	2020-04-22 20:37:39
192.144.172.50	attackbots	2020-04-22T02:15:59.4926791495-001 sshd[20787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.172.50 user=root 2020-04-22T02:16:01.8628091495-001 sshd[20787]: Failed password for root from 192.144.172.50 port 35044 ssh2 2020-04-22T02:18:14.6511721495-001 sshd[20933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.172.50 user=root 2020-04-22T02:18:16.8852621495-001 sshd[20933]: Failed password for root from 192.144.172.50 port 56248 ssh2 2020-04-22T02:20:29.5665071495-001 sshd[21021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.172.50 user=root 2020-04-22T02:20:31.3349301495-001 sshd[21021]: Failed password for root from 192.144.172.50 port 49210 ssh2 ...	2020-04-22 20:06:20
114.230.202.232	attackbots	Apr 22 07:57:24 NPSTNNYC01T sshd[6540]: Failed password for root from 114.230.202.232 port 58652 ssh2 Apr 22 08:01:55 NPSTNNYC01T sshd[6928]: Failed password for root from 114.230.202.232 port 40180 ssh2 Apr 22 08:05:12 NPSTNNYC01T sshd[7178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.230.202.232 ...	2020-04-22 20:18:33
113.210.150.107	attackbotsspam	fail2ban	2020-04-22 20:35:08
54.197.72.62	attackspam	Apr 22 13:29:09 ns382633 sshd\[20763\]: Invalid user admin10 from 54.197.72.62 port 58630 Apr 22 13:29:09 ns382633 sshd\[20763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.197.72.62 Apr 22 13:29:11 ns382633 sshd\[20763\]: Failed password for invalid user admin10 from 54.197.72.62 port 58630 ssh2 Apr 22 14:05:15 ns382633 sshd\[28600\]: Invalid user admin from 54.197.72.62 port 59004 Apr 22 14:05:15 ns382633 sshd\[28600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.197.72.62	2020-04-22 20:12:12
176.113.115.42	attackspambots	Apr 22 14:04:55 tuxlinux sshd[11163]: Invalid user test from 176.113.115.42 port 55310 Apr 22 14:04:55 tuxlinux sshd[11163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.113.115.42 Apr 22 14:04:55 tuxlinux sshd[11163]: Invalid user test from 176.113.115.42 port 55310 Apr 22 14:04:55 tuxlinux sshd[11163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.113.115.42 ...	2020-04-22 20:33:08
111.206.198.75	attackbotsspam	Bad bot/spoofed identity	2020-04-22 20:11:11
111.206.198.53	attack	Bad bot/spoofed identity	2020-04-22 20:32:52
188.223.97.79	attackbots	Honeypot attack, port: 5555, PTR: bcdf614f.skybroadband.com.	2020-04-22 20:27:23
174.138.64.163	attackbots	Apr 22 06:13:46 server1 sshd\[19316\]: Failed password for invalid user test from 174.138.64.163 port 58164 ssh2 Apr 22 06:18:14 server1 sshd\[20597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.64.163 user=root Apr 22 06:18:17 server1 sshd\[20597\]: Failed password for root from 174.138.64.163 port 43704 ssh2 Apr 22 06:22:47 server1 sshd\[21790\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.64.163 user=root Apr 22 06:22:49 server1 sshd\[21790\]: Failed password for root from 174.138.64.163 port 57476 ssh2 ...	2020-04-22 20:34:24
139.59.141.196	attackbots	139.59.141.196 - - [22/Apr/2020:14:05:15 +0200] "GET /wp-login.php HTTP/1.1" 200 5686 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [22/Apr/2020:14:05:17 +0200] "POST /wp-login.php HTTP/1.1" 200 5997 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 139.59.141.196 - - [22/Apr/2020:14:05:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-22 20:09:44
123.207.235.247	attack	Apr 22 14:12:03 mail sshd[18153]: Failed password for root from 123.207.235.247 port 59970 ssh2 Apr 22 14:15:51 mail sshd[18814]: Failed password for root from 123.207.235.247 port 49670 ssh2	2020-04-22 20:29:36

Recently Reported IPs

81.9.185.80	98.109.183.223	178.207.58.182	194.16.36.150
92.156.74.246	136.35.156.118	39.214.141.17	113.15.50.113
81.224.100.72	88.106.75.11	221.188.61.148	119.198.97.55
90.0.243.27	98.183.61.74	80.3.216.41	188.151.54.127
174.41.126.83	63.158.150.3	172.242.6.163	144.172.213.212