45.56.96.162 - IPInfo

Basic Info

City: Newark

Region: New Jersey

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.56.96.139	attack	ATTACKS ON 443 WEB ROUTER PANEL	2022-11-21 22:27:15
45.56.96.139	attackspambots	scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.	2020-09-24 02:48:11
45.56.96.139	attackspambots	TCP ports : 3307 / 5985 / 6375 / 6381 / 27017	2020-09-23 18:58:43

Type

Details

Datetime

45.56.96.139

attack

ATTACKS ON 443 WEB ROUTER PANEL

2022-11-21 22:27:15

45.56.96.139

attackspambots

scans once in preceeding hours on the ports (in chronological order) 27017 resulting in total of 4 scans from 45.56.64.0/18 block.

2020-09-24 02:48:11

45.56.96.139

attackspambots

TCP ports : 3307 / 5985 / 6375 / 6381 / 27017

2020-09-23 18:58:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.56.96.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22167
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.56.96.162.			IN	A

;; AUTHORITY SECTION:
.			160	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092202 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 23 09:04:22 CST 2020
;; MSG SIZE  rcvd: 116

Host info

162.96.56.45.in-addr.arpa domain name pointer relay06.pop.ewr.plex.bz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
162.96.56.45.in-addr.arpa	name = relay06.pop.ewr.plex.bz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.100.253	attackbotsspam	Jul 2 05:50:12 MK-Soft-VM7 sshd\[30525\]: Invalid user rechnerplatine from 128.199.100.253 port 23061 Jul 2 05:50:12 MK-Soft-VM7 sshd\[30525\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.100.253 Jul 2 05:50:13 MK-Soft-VM7 sshd\[30525\]: Failed password for invalid user rechnerplatine from 128.199.100.253 port 23061 ssh2 ...	2019-07-02 13:59:09
14.231.200.231	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 02:35:08,720 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.231.200.231)	2019-07-02 13:44:00
37.59.38.65	attackspam	Jul 1 23:49:42 newdogma sshd[23152]: Invalid user admin from 37.59.38.65 port 33791 Jul 1 23:49:42 newdogma sshd[23152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.38.65 Jul 1 23:49:44 newdogma sshd[23152]: Failed password for invalid user admin from 37.59.38.65 port 33791 ssh2 Jul 1 23:49:44 newdogma sshd[23152]: Received disconnect from 37.59.38.65 port 33791:11: Bye Bye [preauth] Jul 1 23:49:44 newdogma sshd[23152]: Disconnected from 37.59.38.65 port 33791 [preauth] Jul 1 23:52:59 newdogma sshd[23184]: Invalid user saeed from 37.59.38.65 port 49086 Jul 1 23:52:59 newdogma sshd[23184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.38.65 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=37.59.38.65	2019-07-02 13:41:36
103.17.159.54	attackbotsspam	Jul 2 05:47:49 mail sshd[23994]: Invalid user titan from 103.17.159.54 Jul 2 05:47:49 mail sshd[23994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.17.159.54 Jul 2 05:47:49 mail sshd[23994]: Invalid user titan from 103.17.159.54 Jul 2 05:47:51 mail sshd[23994]: Failed password for invalid user titan from 103.17.159.54 port 55128 ssh2 Jul 2 05:53:35 mail sshd[24706]: Invalid user appltest from 103.17.159.54 ...	2019-07-02 13:20:46
81.100.188.235	attackbots	ssh failed login	2019-07-02 13:07:04
84.240.225.2	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 00:07:51,509 INFO [shellcode_manager] (84.240.225.2) no match, writing hexdump (90a9f25c3a11b02c7dfe253f0ed5a2d2 :2322553) - MS17010 (EternalBlue)	2019-07-02 13:21:10
147.75.116.179	attackspambots	2019-07-01 22:53:19 H=(dma-traprenovatie.nl) [147.75.116.179]:46057 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in zen.spamhaus.org (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-07-01 22:53:20 H=(dma-traprenovatie.nl) [147.75.116.179]:46057 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in zen.spamhaus.org (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-07-01 22:53:21 H=(dma-traprenovatie.nl) [147.75.116.179]:46057 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in zen.spamhaus.org (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-07-02 13:28:37
198.211.107.151	attackbotsspam	Jul 2 06:57:07 core01 sshd\[3169\]: Invalid user g from 198.211.107.151 port 34643 Jul 2 06:57:07 core01 sshd\[3169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.107.151 ...	2019-07-02 13:51:34
213.6.8.38	attackbotsspam	Jul 2 06:26:23 [host] sshd[25519]: Invalid user aravind from 213.6.8.38 Jul 2 06:26:23 [host] sshd[25519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.6.8.38 Jul 2 06:26:24 [host] sshd[25519]: Failed password for invalid user aravind from 213.6.8.38 port 54527 ssh2	2019-07-02 13:06:05
109.176.133.128	attackspambots	445/tcp 445/tcp 445/tcp... [2019-05-03/07-02]9pkt,1pt.(tcp)	2019-07-02 13:18:29
203.45.244.248	attackbots	port scan and connect, tcp 80 (http)	2019-07-02 13:19:57
201.69.247.69	attack	23/tcp 23/tcp [2019-06-03/07-02]2pkt	2019-07-02 13:49:39
122.54.254.14	attackspam	2019-07-01T23:47:11.030214stt-1.[munged] kernel: [6070854.756615] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:aa:c1:08:00 SRC=122.54.254.14 DST=[mungedIP1] LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=24299 DF PROTO=TCP SPT=62125 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-01T23:47:12.038519stt-1.[munged] kernel: [6070855.764911] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=122.54.254.14 DST=[mungedIP1] LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=24551 DF PROTO=TCP SPT=62307 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 2019-07-01T23:53:01.275061stt-1.[munged] kernel: [6071205.000358] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:97:36:58:84:78:ac:57:a8:41:08:00 SRC=122.54.254.14 DST=[mungedIP1] LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=28604 DF PROTO=TCP SPT=62880 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0	2019-07-02 13:48:57
113.160.158.12	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 02:34:37,247 INFO [amun_request_handler] PortScan Detected on Port: 445 (113.160.158.12)	2019-07-02 13:53:19
74.208.252.136	attackspambots	$f2bV_matches	2019-07-02 13:15:28

Recently Reported IPs

81.9.185.80	98.109.183.223	178.207.58.182	194.16.36.150
92.156.74.246	136.35.156.118	39.214.141.17	113.15.50.113
81.224.100.72	88.106.75.11	221.188.61.148	119.198.97.55
90.0.243.27	98.183.61.74	80.3.216.41	188.151.54.127
174.41.126.83	63.158.150.3	172.242.6.163	144.172.213.212