45.40.165.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Automatic report - Banned IP Access	2020-09-01 04:29:40
attackbots	28.05.2020 22:08:10 - Wordpress fail Detected by ELinOX-ALM	2020-05-29 06:29:55
attack	Automatic report - XMLRPC Attack	2020-02-28 16:48:19
attack	POST /xmlrpc.php. Part of botnet attack -- 34 POST requests from 19 different IP addresses.	2019-12-27 00:04:42

Comments on same subnet:

IP	Type	Details	Datetime
45.40.165.21	attackspambots	MLV GET /store/wp-includes/wlwmanifest.xml	2020-06-01 01:43:41
45.40.165.38	attackspambots	Automatic report - XMLRPC Attack	2019-10-24 17:06:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.40.165.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54110
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.40.165.142.			IN	A

;; AUTHORITY SECTION:
.			3315	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090200 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 02 16:03:27 CST 2019
;; MSG SIZE  rcvd: 117

Host info

142.165.40.45.in-addr.arpa domain name pointer p3nlhg2078.shr.prod.phx3.secureserver.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.165.40.45.in-addr.arpa	name = p3nlhg2078.shr.prod.phx3.secureserver.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.53.88.71	attackbots	16.10.2019 19:34:35 Connection to port 5060 blocked by firewall	2019-10-17 03:58:40
185.232.30.130	attack	Oct 16 21:29:43 mc1 kernel: \[2540553.546151\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.30.130 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=13299 PROTO=TCP SPT=49176 DPT=23333 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 16 21:32:17 mc1 kernel: \[2540707.670213\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.30.130 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=4638 PROTO=TCP SPT=49176 DPT=33899 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 16 21:37:29 mc1 kernel: \[2541018.954399\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.232.30.130 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=56576 PROTO=TCP SPT=49176 DPT=53333 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-17 03:50:51
43.241.146.246	attackbotsspam	Oct 15 20:50:48 ahost sshd[13111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.241.146.246 user=r.r Oct 15 20:50:50 ahost sshd[13111]: Failed password for r.r from 43.241.146.246 port 4477 ssh2 Oct 15 20:50:51 ahost sshd[13111]: Received disconnect from 43.241.146.246: 11: Bye Bye [preauth] Oct 15 20:56:55 ahost sshd[13144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.241.146.246 user=r.r Oct 15 20:56:57 ahost sshd[13144]: Failed password for r.r from 43.241.146.246 port 4549 ssh2 Oct 15 20:56:57 ahost sshd[13144]: Received disconnect from 43.241.146.246: 11: Bye Bye [preauth] Oct 15 21:02:54 ahost sshd[20765]: Invalid user server from 43.241.146.246 Oct 15 21:02:54 ahost sshd[20765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.241.146.246 Oct 15 21:02:56 ahost sshd[20765]: Failed password for invalid user server from 43.241.146......... ------------------------------	2019-10-17 03:40:10
5.8.88.185	attackbotsspam	Port Scan	2019-10-17 03:39:33
217.182.196.164	attackbots	Automatic report - Port Scan Attack	2019-10-17 03:33:28
45.148.10.72	attack	Rude login attack (70 tries in 1d)	2019-10-17 03:21:07
110.185.166.137	attackspam	SSHScan	2019-10-17 03:31:15
116.113.99.171	attack	Port Scan	2019-10-17 03:52:36
93.185.75.61	attackbotsspam	" "	2019-10-17 03:54:00
106.13.144.8	attackbots	Oct 16 22:13:29 server sshd\[31208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 user=root Oct 16 22:13:31 server sshd\[31208\]: Failed password for root from 106.13.144.8 port 52644 ssh2 Oct 16 22:29:37 server sshd\[2834\]: Invalid user timemachine from 106.13.144.8 Oct 16 22:29:37 server sshd\[2834\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.144.8 Oct 16 22:29:38 server sshd\[2834\]: Failed password for invalid user timemachine from 106.13.144.8 port 35232 ssh2 ...	2019-10-17 03:46:48
91.222.19.225	attackbotsspam	Brute force SMTP login attempted. ...	2019-10-17 03:48:54
125.130.110.20	attackbots	2019-10-16T19:41:28.487606shield sshd\[7789\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.130.110.20 user=root 2019-10-16T19:41:30.580044shield sshd\[7789\]: Failed password for root from 125.130.110.20 port 44042 ssh2 2019-10-16T19:45:34.405379shield sshd\[8305\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.130.110.20 user=root 2019-10-16T19:45:35.935774shield sshd\[8305\]: Failed password for root from 125.130.110.20 port 34742 ssh2 2019-10-16T19:49:36.873632shield sshd\[8824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.130.110.20 user=root	2019-10-17 03:51:29
124.205.224.179	attackspam	Lines containing failures of 124.205.224.179 Oct 16 21:22:17 shared09 sshd[17626]: Invalid user mwilheim from 124.205.224.179 port 43942 Oct 16 21:22:17 shared09 sshd[17626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.205.224.179 Oct 16 21:22:19 shared09 sshd[17626]: Failed password for invalid user mwilheim from 124.205.224.179 port 43942 ssh2 Oct 16 21:22:19 shared09 sshd[17626]: Received disconnect from 124.205.224.179 port 43942:11: Bye Bye [preauth] Oct 16 21:22:19 shared09 sshd[17626]: Disconnected from invalid user mwilheim 124.205.224.179 port 43942 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=124.205.224.179	2019-10-17 03:42:41
195.154.119.48	attackspam	Oct 16 11:54:08 hcbbdb sshd\[26245\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=just.hemaristhysbe.com user=root Oct 16 11:54:10 hcbbdb sshd\[26245\]: Failed password for root from 195.154.119.48 port 41302 ssh2 Oct 16 11:58:09 hcbbdb sshd\[26649\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=just.hemaristhysbe.com user=root Oct 16 11:58:10 hcbbdb sshd\[26649\]: Failed password for root from 195.154.119.48 port 51778 ssh2 Oct 16 12:02:03 hcbbdb sshd\[27055\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=just.hemaristhysbe.com user=root	2019-10-17 03:23:47
151.80.75.127	attackspambots	Oct 16 19:30:00 postfix/smtpd: warning: unknown[151.80.75.127]: SASL LOGIN authentication failed	2019-10-17 03:31:55

Recently Reported IPs

118.143.178.133	194.150.248.215	49.88.112.114	199.83.94.250
118.233.220.85	112.237.143.137	115.84.76.105	112.104.147.167
27.197.29.175	22.197.113.64	95.10.42.180	156.213.131.3
86.102.84.126	36.224.110.227	115.48.31.22	1.165.109.118
137.63.246.39	61.190.124.195	49.235.198.166	14.253.0.174