45.40.134.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	45.40.134.20 - - [04/Sep/2019:01:15:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:28 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:29 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:29 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-04 09:53:50
attackspambots	01.09.2019 20:04:54 - Wordpress fail Detected by ELinOX-ALM	2019-09-02 03:49:12
attackbots	blogonese.net 45.40.134.20 \[27/Aug/2019:06:56:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5769 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" blogonese.net 45.40.134.20 \[27/Aug/2019:06:56:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 5768 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-08-27 13:01:52
attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-08-26 09:34:56
attack	WordPress login Brute force / Web App Attack on client site.	2019-08-20 11:18:40
attack	xmlrpc attack	2019-08-14 18:04:17
attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-08-09 05:46:51
attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-07-20 04:08:29
attack	xmlrpc attack	2019-07-19 12:26:42

Comments on same subnet:

IP	Type	Details	Datetime
45.40.134.107	attackbots	WordPress wp-login brute force :: 45.40.134.107 0.128 BYPASS [07/Aug/2019:15:21:12 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-07 14:27:41
45.40.134.107	attack	fail2ban honeypot	2019-07-28 22:01:51

Type

Details

Datetime

45.40.134.107

attackbots

WordPress wp-login brute force :: 45.40.134.107 0.128 BYPASS [07/Aug/2019:15:21:12  1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2019-08-07 14:27:41

45.40.134.107

attack

fail2ban honeypot

2019-07-28 22:01:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.40.134.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22233
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.40.134.20.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 12:26:36 CST 2019
;; MSG SIZE  rcvd: 116

Host info

20.134.40.45.in-addr.arpa domain name pointer ip-45-40-134-20.ip.secureserver.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
20.134.40.45.in-addr.arpa	name = ip-45-40-134-20.ip.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.38.186.47	attackspambots	Oct 5 17:02:26 DAAP sshd[29400]: Invalid user 12qwaszx from 51.38.186.47 port 49930 Oct 5 17:02:26 DAAP sshd[29400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.47 Oct 5 17:02:26 DAAP sshd[29400]: Invalid user 12qwaszx from 51.38.186.47 port 49930 Oct 5 17:02:28 DAAP sshd[29400]: Failed password for invalid user 12qwaszx from 51.38.186.47 port 49930 ssh2 Oct 5 17:02:26 DAAP sshd[29400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.186.47 Oct 5 17:02:26 DAAP sshd[29400]: Invalid user 12qwaszx from 51.38.186.47 port 49930 Oct 5 17:02:28 DAAP sshd[29400]: Failed password for invalid user 12qwaszx from 51.38.186.47 port 49930 ssh2 ...	2019-10-06 03:30:20
211.43.13.237	attackbots	Invalid user rh from 211.43.13.237 port 38540	2019-10-06 03:42:49
45.80.64.127	attackbots	Oct 5 15:55:26 docs sshd\[55474\]: Invalid user Retail2017 from 45.80.64.127Oct 5 15:55:28 docs sshd\[55474\]: Failed password for invalid user Retail2017 from 45.80.64.127 port 51284 ssh2Oct 5 15:59:19 docs sshd\[55524\]: Invalid user Oral@2017 from 45.80.64.127Oct 5 15:59:20 docs sshd\[55524\]: Failed password for invalid user Oral@2017 from 45.80.64.127 port 59526 ssh2Oct 5 16:03:17 docs sshd\[55579\]: Invalid user Poker@123 from 45.80.64.127Oct 5 16:03:19 docs sshd\[55579\]: Failed password for invalid user Poker@123 from 45.80.64.127 port 39540 ssh2 ...	2019-10-06 03:36:47
211.169.249.156	attackbots	Oct 5 15:37:26 TORMINT sshd\[6670\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156 user=root Oct 5 15:37:28 TORMINT sshd\[6670\]: Failed password for root from 211.169.249.156 port 59354 ssh2 Oct 5 15:41:50 TORMINT sshd\[6933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.169.249.156 user=root ...	2019-10-06 03:56:26
159.65.12.204	attackspambots	2019-10-05T19:42:01.701743abusebot-6.cloudsearch.cf sshd\[18706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.12.204 user=root	2019-10-06 03:50:26
34.95.193.176	attackspambots	Time: Sat Oct 5 11:59:33 2019 -0300 IP: 34.95.193.176 (US/United States/176.193.95.34.bc.googleusercontent.com) Failures: 30 (smtpauth) Interval: 3600 seconds Blocked: Permanent Block	2019-10-06 03:21:21
222.184.233.222	attack	Oct 5 15:40:44 MK-Soft-VM6 sshd[10340]: Failed password for root from 222.184.233.222 port 47074 ssh2 ...	2019-10-06 03:42:19
125.110.143.143	attackbots	Time: Sat Oct 5 07:20:39 2019 -0400 IP: 125.110.143.143 (CN/China/-) Failures: 10 (ftpd) Interval: 3600 seconds Blocked: Permanent Block	2019-10-06 03:22:36
106.52.202.59	attack	Oct 5 17:49:28 tuxlinux sshd[7322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.202.59 user=root Oct 5 17:49:30 tuxlinux sshd[7322]: Failed password for root from 106.52.202.59 port 39940 ssh2 Oct 5 17:49:28 tuxlinux sshd[7322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.202.59 user=root Oct 5 17:49:30 tuxlinux sshd[7322]: Failed password for root from 106.52.202.59 port 39940 ssh2 Oct 5 18:10:14 tuxlinux sshd[7842]: Invalid user 123 from 106.52.202.59 port 47086 ...	2019-10-06 03:38:49
176.31.250.160	attackspam	Oct 5 15:11:37 ny01 sshd[22558]: Failed password for root from 176.31.250.160 port 35856 ssh2 Oct 5 15:15:48 ny01 sshd[23265]: Failed password for root from 176.31.250.160 port 47762 ssh2	2019-10-06 03:34:25
210.92.91.223	attackspambots	2019-10-05 13:29:26,636 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 210.92.91.223 2019-10-05 14:07:31,608 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 210.92.91.223 2019-10-05 14:46:04,759 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 210.92.91.223 2019-10-05 15:16:12,469 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 210.92.91.223 2019-10-05 15:46:20,089 fail2ban.actions \[946\]: NOTICE \[sshd\] Ban 210.92.91.223 ...	2019-10-06 03:23:39
185.176.27.6	attackbotsspam	Oct 5 19:35:50 TCP Attack: SRC=185.176.27.6 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=244 PROTO=TCP SPT=47363 DPT=6008 WINDOW=1024 RES=0x00 SYN URGP=0	2019-10-06 03:37:37
222.186.175.169	attack	Oct 5 21:25:20 dcd-gentoo sshd[25222]: User root from 222.186.175.169 not allowed because none of user's groups are listed in AllowGroups Oct 5 21:25:24 dcd-gentoo sshd[25222]: error: PAM: Authentication failure for illegal user root from 222.186.175.169 Oct 5 21:25:20 dcd-gentoo sshd[25222]: User root from 222.186.175.169 not allowed because none of user's groups are listed in AllowGroups Oct 5 21:25:24 dcd-gentoo sshd[25222]: error: PAM: Authentication failure for illegal user root from 222.186.175.169 Oct 5 21:25:20 dcd-gentoo sshd[25222]: User root from 222.186.175.169 not allowed because none of user's groups are listed in AllowGroups Oct 5 21:25:24 dcd-gentoo sshd[25222]: error: PAM: Authentication failure for illegal user root from 222.186.175.169 Oct 5 21:25:24 dcd-gentoo sshd[25222]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.169 port 10428 ssh2 ...	2019-10-06 03:27:59
222.161.221.230	attackbots	222.161.221.230 has been banned from MailServer for Abuse ...	2019-10-06 03:25:53
94.42.178.137	attackspambots	Oct 6 00:40:50 areeb-Workstation sshd[9077]: Failed password for root from 94.42.178.137 port 37604 ssh2 ...	2019-10-06 03:23:08

Recently Reported IPs

163.172.35.93	163.172.28.192	233.209.143.61	99.176.33.142
190.75.50.169	163.172.225.11	83.201.210.96	163.172.23.10
27.254.130.97	222.127.1.115	225.86.65.54	163.172.224.181
163.172.220.47	163.172.214.237	77.199.142.153	163.172.213.80
163.172.206.233	40.90.222.189	218.90.65.150	182.96.50.67