45.40.57.56 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.40.57.177	attackbots	Sep 30 11:45:37 ntop sshd[32113]: Invalid user rack from 45.40.57.177 port 49372 Sep 30 11:45:39 ntop sshd[32113]: Failed password for invalid user rack from 45.40.57.177 port 49372 ssh2 Sep 30 11:45:40 ntop sshd[32113]: Received disconnect from 45.40.57.177 port 49372:11: Bye Bye [preauth] Sep 30 11:45:40 ntop sshd[32113]: Disconnected from 45.40.57.177 port 49372 [preauth] Sep 30 12:05:55 ntop sshd[1027]: Invalid user oy from 45.40.57.177 port 34426 Sep 30 12:05:57 ntop sshd[1027]: Failed password for invalid user oy from 45.40.57.177 port 34426 ssh2 Sep 30 12:05:57 ntop sshd[1027]: Received disconnect from 45.40.57.177 port 34426:11: Bye Bye [preauth] Sep 30 12:05:57 ntop sshd[1027]: Disconnected from 45.40.57.177 port 34426 [preauth] Sep 30 12:10:19 ntop sshd[1466]: Invalid user tmp from 45.40.57.177 port 47900 Sep 30 12:10:20 ntop sshd[1466]: Failed password for invalid user tmp from 45.40.57.177 port 47900 ssh2 Sep 30 12:10:21 ntop sshd[1466]: Received disconnect ........ -------------------------------	2019-10-01 17:43:02
45.40.57.126	attack	[Aegis] @ 2019-09-06 16:51:11 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-09-07 05:11:04

Type

Details

Datetime

45.40.57.177

attackbots

Sep 30 11:45:37 ntop sshd[32113]: Invalid user rack from 45.40.57.177 port 49372
Sep 30 11:45:39 ntop sshd[32113]: Failed password for invalid user rack from 45.40.57.177 port 49372 ssh2
Sep 30 11:45:40 ntop sshd[32113]: Received disconnect from 45.40.57.177 port 49372:11: Bye Bye [preauth]
Sep 30 11:45:40 ntop sshd[32113]: Disconnected from 45.40.57.177 port 49372 [preauth]
Sep 30 12:05:55 ntop sshd[1027]: Invalid user oy from 45.40.57.177 port 34426
Sep 30 12:05:57 ntop sshd[1027]: Failed password for invalid user oy from 45.40.57.177 port 34426 ssh2
Sep 30 12:05:57 ntop sshd[1027]: Received disconnect from 45.40.57.177 port 34426:11: Bye Bye [preauth]
Sep 30 12:05:57 ntop sshd[1027]: Disconnected from 45.40.57.177 port 34426 [preauth]
Sep 30 12:10:19 ntop sshd[1466]: Invalid user tmp from 45.40.57.177 port 47900
Sep 30 12:10:20 ntop sshd[1466]: Failed password for invalid user tmp from 45.40.57.177 port 47900 ssh2
Sep 30 12:10:21 ntop sshd[1466]: Received disconnect ........
-------------------------------

2019-10-01 17:43:02

45.40.57.126

attack

[Aegis] @ 2019-09-06 16:51:11  0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack

2019-09-07 05:11:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.40.57.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29954
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.40.57.56.			IN	A

;; AUTHORITY SECTION:
.			326	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091500 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 00:44:10 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 56.57.40.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 56.57.40.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.55.173.225	attack	Oct 27 07:45:35 vps01 sshd[21409]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.173.225 Oct 27 07:45:37 vps01 sshd[21409]: Failed password for invalid user media123 from 45.55.173.225 port 36238 ssh2	2019-10-27 14:57:55
190.42.182.2	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/190.42.182.2/ US - 1H : (197) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN6147 IP : 190.42.182.2 CIDR : 190.42.180.0/22 PREFIX COUNT : 2296 UNIQUE IP COUNT : 1456128 ATTACKS DETECTED ASN6147 : 1H - 1 3H - 1 6H - 2 12H - 5 24H - 9 DateTime : 2019-10-27 04:54:13 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-27 14:40:43
211.222.70.62	attackspam	Oct 27 04:54:04 srv01 sshd[18613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.222.70.62 user=root Oct 27 04:54:06 srv01 sshd[18613]: Failed password for root from 211.222.70.62 port 35938 ssh2 Oct 27 04:54:09 srv01 sshd[18613]: Failed password for root from 211.222.70.62 port 35938 ssh2 Oct 27 04:54:04 srv01 sshd[18613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.222.70.62 user=root Oct 27 04:54:06 srv01 sshd[18613]: Failed password for root from 211.222.70.62 port 35938 ssh2 Oct 27 04:54:09 srv01 sshd[18613]: Failed password for root from 211.222.70.62 port 35938 ssh2 Oct 27 04:54:04 srv01 sshd[18613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.222.70.62 user=root Oct 27 04:54:06 srv01 sshd[18613]: Failed password for root from 211.222.70.62 port 35938 ssh2 Oct 27 04:54:09 srv01 sshd[18613]: Failed password for root from 211.222.70.62 po ...	2019-10-27 14:45:24
54.37.233.163	attack	Oct 27 04:41:49 h2812830 sshd[15578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.ip-54-37-233.eu user=root Oct 27 04:41:51 h2812830 sshd[15578]: Failed password for root from 54.37.233.163 port 57507 ssh2 Oct 27 04:50:23 h2812830 sshd[15687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.ip-54-37-233.eu user=root Oct 27 04:50:24 h2812830 sshd[15687]: Failed password for root from 54.37.233.163 port 33648 ssh2 Oct 27 04:54:05 h2812830 sshd[15738]: Invalid user tara from 54.37.233.163 port 52845 ...	2019-10-27 14:51:04
84.196.70.84	attackbots	2019-10-27T04:49:48.743591lon01.zurich-datacenter.net sshd\[15908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d54c44654.access.telenet.be user=root 2019-10-27T04:49:50.374565lon01.zurich-datacenter.net sshd\[15908\]: Failed password for root from 84.196.70.84 port 35866 ssh2 2019-10-27T04:54:12.990658lon01.zurich-datacenter.net sshd\[16006\]: Invalid user cl from 84.196.70.84 port 49038 2019-10-27T04:54:12.997954lon01.zurich-datacenter.net sshd\[16006\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=d54c44654.access.telenet.be 2019-10-27T04:54:14.991520lon01.zurich-datacenter.net sshd\[16006\]: Failed password for invalid user cl from 84.196.70.84 port 49038 ssh2 ...	2019-10-27 14:41:32
211.159.196.125	botsattack	DS 的 IP 地址 [103.255.216.166] 已被 SSH 锁定	2019-10-27 15:09:33
206.161.150.37	attack	Oct 27 09:11:04 ns postfix/smtpd[21052]: NOQUEUE: reject: RCPT from unknown[206.161.150.37]: 554 5.7.1 : Helo command rejected: Access denied; from= to=<@> proto=ESMTP helo=	2019-10-27 14:32:35
182.253.222.199	attack	Oct 27 06:16:02 server sshd\[4614\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.222.199 user=root Oct 27 06:16:03 server sshd\[4614\]: Failed password for root from 182.253.222.199 port 53340 ssh2 Oct 27 06:20:01 server sshd\[5196\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.222.199 user=root Oct 27 06:20:03 server sshd\[5196\]: Failed password for root from 182.253.222.199 port 48710 ssh2 Oct 27 06:53:53 server sshd\[13059\]: Invalid user discover from 182.253.222.199 Oct 27 06:53:53 server sshd\[13059\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.222.199 ...	2019-10-27 14:55:16
165.227.80.114	attackbots	Oct 27 08:05:01 vps691689 sshd[24494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.80.114 Oct 27 08:05:04 vps691689 sshd[24494]: Failed password for invalid user niklas from 165.227.80.114 port 49974 ssh2 Oct 27 08:08:39 vps691689 sshd[24555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.80.114 ...	2019-10-27 15:19:36
83.97.20.47	attack	10/27/2019-05:51:12.041397 83.97.20.47 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-27 14:39:27
176.99.138.154	attack	port scan and connect, tcp 23 (telnet)	2019-10-27 15:19:12
200.233.131.21	attack	Oct 27 06:31:40 server sshd\[8187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.233.131.21 user=ftp Oct 27 06:31:42 server sshd\[8187\]: Failed password for ftp from 200.233.131.21 port 23022 ssh2 Oct 27 06:54:13 server sshd\[13122\]: Invalid user nasshare from 200.233.131.21 Oct 27 06:54:13 server sshd\[13122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.233.131.21 Oct 27 06:54:15 server sshd\[13122\]: Failed password for invalid user nasshare from 200.233.131.21 port 6166 ssh2 ...	2019-10-27 14:40:17
103.245.181.2	attack	Oct 26 18:39:38 friendsofhawaii sshd\[27650\]: Invalid user redmine123 from 103.245.181.2 Oct 26 18:39:38 friendsofhawaii sshd\[27650\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.181.2 Oct 26 18:39:39 friendsofhawaii sshd\[27650\]: Failed password for invalid user redmine123 from 103.245.181.2 port 59153 ssh2 Oct 26 18:43:54 friendsofhawaii sshd\[28014\]: Invalid user 121212 from 103.245.181.2 Oct 26 18:43:54 friendsofhawaii sshd\[28014\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.245.181.2	2019-10-27 14:48:48
115.238.236.74	attackbots	Oct 27 06:55:22 vpn01 sshd[2549]: Failed password for root from 115.238.236.74 port 10600 ssh2 ...	2019-10-27 14:47:44
78.128.113.119	attackspam	Oct 27 07:44:46 andromeda postfix/smtpd\[24210\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 27 07:44:47 andromeda postfix/smtpd\[21090\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 27 07:45:25 andromeda postfix/smtpd\[21090\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 27 07:45:26 andromeda postfix/smtpd\[24210\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure Oct 27 07:45:37 andromeda postfix/smtpd\[24210\]: warning: unknown\[78.128.113.119\]: SASL PLAIN authentication failed: authentication failure	2019-10-27 15:16:41

Recently Reported IPs

103.27.222.21	89.151.139.54	45.199.134.139	182.52.231.130
20.68.163.72	179.1.133.33	116.110.1.24	116.23.110.85
112.91.140.156	103.251.65.96	112.91.140.133	23.254.101.140
103.100.235.175	43.142.176.195	101.43.171.231	2a00:5da0:1000:1::49
174.102.17.238	211.223.46.193	50.62.177.106	210.3.113.66