Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: GoDaddy.com LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:
Type Details Datetime
attackspambots
45.40.166.142 - - \[09/Feb/2020:09:20:29 +0100\] "POST /wp-login.php HTTP/1.0" 200 6997 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
45.40.166.142 - - \[09/Feb/2020:09:20:31 +0100\] "POST /wp-login.php HTTP/1.0" 200 6864 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
45.40.166.142 - - \[09/Feb/2020:09:20:33 +0100\] "POST /wp-login.php HTTP/1.0" 200 6860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2020-02-09 16:29:22
attackspam
xmlrpc attack
2020-01-08 16:41:38
attack
Automatic report - XMLRPC Attack
2019-12-20 04:22:57
attackspambots
45.40.166.142 - - \[09/Dec/2019:15:03:06 +0000\] "POST /wp-login.php HTTP/1.1" 200 6393 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
45.40.166.142 - - \[09/Dec/2019:15:03:07 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...
2019-12-10 01:39:23
attackspambots
WordPress brute force
2019-10-24 05:33:20
attack
Lines containing failures of 45.40.166.142
auth.log:Jul  3 18:57:01 omfg sshd[23061]: Connection from 45.40.166.142 port 39666 on 78.46.60.16 port 22
auth.log:Jul  3 18:57:01 omfg sshd[23061]: Did not receive identification string from 45.40.166.142
auth.log:Jul  3 18:57:01 omfg sshd[23062]: Connection from 45.40.166.142 port 58957 on 78.46.60.40 port 22
auth.log:Jul  3 18:57:01 omfg sshd[23062]: Did not receive identification string from 45.40.166.142
auth.log:Jul  3 18:57:01 omfg sshd[23064]: Connection from 45.40.166.142 port 48653 on 78.46.60.42 port 22
auth.log:Jul  3 18:57:01 omfg sshd[23064]: Did not receive identification string from 45.40.166.142
auth.log:Jul  3 18:57:01 omfg sshd[23063]: Connection from 45.40.166.142 port 41106 on 78.46.60.41 port 22
auth.log:Jul  3 18:57:01 omfg sshd[23065]: Connection from 45.40.166.142 port 47185 on 78.46.60.53 port 22
auth.log:Jul  3 18:57:01 omfg sshd[23063]: Did not receive identification string from 45.40.166.142
auth.lo........
------------------------------
2019-07-06 15:15:31
Comments on same subnet:
IP Type Details Datetime
45.40.166.136 attack
Automatic report - XMLRPC Attack
2020-09-03 20:48:30
45.40.166.136 attack
Automatic report - XMLRPC Attack
2020-09-03 12:32:37
45.40.166.136 attackbotsspam
Automatic report - XMLRPC Attack
2020-09-03 04:51:12
45.40.166.141 attack
Trolling for resource vulnerabilities
2020-08-31 18:03:02
45.40.166.162 attack
REQUESTED PAGE: /oldsite/wp-includes/wlwmanifest.xml
2020-08-25 07:34:02
45.40.166.170 attack
Automatic report - XMLRPC Attack
2020-08-05 17:54:39
45.40.166.166 attackspam
45.40.166.166 - - [31/Jul/2020:21:46:26 -0600] "GET /beta/wp-includes/wlwmanifest.xml HTTP/1.1" 301 501 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"
...
2020-08-01 20:01:42
45.40.166.167 attackspam
45.40.166.167 - - [30/Jul/2020:08:19:35 +0200] "POST /xmlrpc.php HTTP/1.1" 403 58645 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"
45.40.166.167 - - [30/Jul/2020:08:19:35 +0200] "POST /xmlrpc.php HTTP/1.1" 403 58575 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"
...
2020-07-30 18:19:42
45.40.166.162 attackbots
SS5,WP GET /blog/wp-includes/wlwmanifest.xml
2020-07-22 14:03:19
45.40.166.145 attack
C2,WP GET /wp2/wp-includes/wlwmanifest.xml
2020-07-21 04:58:29
45.40.166.171 attack
CMS (WordPress or Joomla) login attempt.
2020-07-08 21:00:31
45.40.166.147 attackbotsspam
Automatic report - XMLRPC Attack
2020-06-29 12:04:24
45.40.166.167 attackspam
Trolling for resource vulnerabilities
2020-06-28 19:47:14
45.40.166.172 attackspam
C1,WP GET /conni-club/test/wp-includes/wlwmanifest.xml
2020-06-09 01:16:51
45.40.166.2 attackspam
HTTP SQL Injection Attempt, PTR: p3nlhftpg379.shr.prod.phx3.secureserver.net.
2020-05-26 08:56:02
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.40.166.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18454
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.40.166.142.			IN	A

;; AUTHORITY SECTION:
.			3341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052401 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat May 25 11:13:52 CST 2019
;; MSG SIZE  rcvd: 117

Host info
142.166.40.45.in-addr.arpa domain name pointer p3nlhg2053.shr.prod.phx3.secureserver.net.
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.166.40.45.in-addr.arpa	name = p3nlhg2053.shr.prod.phx3.secureserver.net.

Authoritative answers can be found from:

Related IP info:
Related comments:
IP Type Details Datetime
202.77.122.67 attack
Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445
2019-06-30 07:28:36
209.141.62.45 attackspam
Jun 29 23:29:28 vmi181237 sshd\[30565\]: refused connect from 209.141.62.45 \(209.141.62.45\)
Jun 29 23:29:33 vmi181237 sshd\[30572\]: refused connect from 209.141.62.45 \(209.141.62.45\)
Jun 29 23:29:39 vmi181237 sshd\[30580\]: refused connect from 209.141.62.45 \(209.141.62.45\)
Jun 29 23:29:44 vmi181237 sshd\[30587\]: refused connect from 209.141.62.45 \(209.141.62.45\)
Jun 29 23:29:50 vmi181237 sshd\[30595\]: refused connect from 209.141.62.45 \(209.141.62.45\)
2019-06-30 07:28:21
92.118.160.21 attackspambots
Port scan: Attack repeated for 24 hours
2019-06-30 07:16:27
121.226.62.209 attack
2019-06-29T20:19:12.204004 X postfix/smtpd[18856]: warning: unknown[121.226.62.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-29T20:44:46.055326 X postfix/smtpd[29428]: warning: unknown[121.226.62.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-29T20:56:02.281306 X postfix/smtpd[29428]: warning: unknown[121.226.62.209]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
2019-06-30 07:57:50
46.3.96.71 attackspambots
29.06.2019 23:00:34 Connection to port 60121 blocked by firewall
2019-06-30 07:24:22
83.97.20.36 attack
29.06.2019 23:19:34 Connection to port 47094 blocked by firewall
2019-06-30 07:20:41
92.252.156.184 attack
Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445
2019-06-30 07:39:28
88.214.26.74 attackspambots
firewall-block, port(s): 3411/tcp
2019-06-30 07:19:40
106.2.124.185 attackbotsspam
port scan and connect, tcp 8080 (http-proxy)
2019-06-30 07:54:25
181.30.45.227 attackspambots
FTP Brute-Force reported by Fail2Ban
2019-06-30 07:55:44
92.50.248.124 attackbots
Scanning (more than 2 packets) random ports - tries to find possible vulnerable services
2019-06-30 07:17:54
157.230.119.89 attackbots
Invalid user student from 157.230.119.89 port 47280
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.119.89
Failed password for invalid user student from 157.230.119.89 port 47280 ssh2
Invalid user redmine from 157.230.119.89 port 36220
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.119.89
2019-06-30 07:51:34
77.172.202.250 attackspambots
Malicious/Probing: /wp-login.php
2019-06-30 07:11:29
89.248.168.3 attackbotsspam
firewall-block, port(s): 1052/tcp, 1053/tcp
2019-06-30 07:18:28
191.53.222.196 attackspambots
SMTP-sasl brute force
...
2019-06-30 07:59:53

Recently Reported IPs

38.121.144.105 116.144.16.235 93.2.101.143 92.127.203.93
213.42.137.83 21.146.251.127 200.71.187.149 47.94.201.37
176.55.28.61 190.214.21.185 156.155.136.254 60.190.56.6
211.140.48.6 106.13.129.246 195.211.101.86 134.209.84.42
123.38.73.207 84.205.232.6 124.81.107.153 185.111.183.116