45.40.57.56 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
45.40.57.177	attackbots	Sep 30 11:45:37 ntop sshd[32113]: Invalid user rack from 45.40.57.177 port 49372 Sep 30 11:45:39 ntop sshd[32113]: Failed password for invalid user rack from 45.40.57.177 port 49372 ssh2 Sep 30 11:45:40 ntop sshd[32113]: Received disconnect from 45.40.57.177 port 49372:11: Bye Bye [preauth] Sep 30 11:45:40 ntop sshd[32113]: Disconnected from 45.40.57.177 port 49372 [preauth] Sep 30 12:05:55 ntop sshd[1027]: Invalid user oy from 45.40.57.177 port 34426 Sep 30 12:05:57 ntop sshd[1027]: Failed password for invalid user oy from 45.40.57.177 port 34426 ssh2 Sep 30 12:05:57 ntop sshd[1027]: Received disconnect from 45.40.57.177 port 34426:11: Bye Bye [preauth] Sep 30 12:05:57 ntop sshd[1027]: Disconnected from 45.40.57.177 port 34426 [preauth] Sep 30 12:10:19 ntop sshd[1466]: Invalid user tmp from 45.40.57.177 port 47900 Sep 30 12:10:20 ntop sshd[1466]: Failed password for invalid user tmp from 45.40.57.177 port 47900 ssh2 Sep 30 12:10:21 ntop sshd[1466]: Received disconnect ........ -------------------------------	2019-10-01 17:43:02
45.40.57.126	attack	[Aegis] @ 2019-09-06 16:51:11 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-09-07 05:11:04

Type

Details

Datetime

45.40.57.177

attackbots

Sep 30 11:45:37 ntop sshd[32113]: Invalid user rack from 45.40.57.177 port 49372
Sep 30 11:45:39 ntop sshd[32113]: Failed password for invalid user rack from 45.40.57.177 port 49372 ssh2
Sep 30 11:45:40 ntop sshd[32113]: Received disconnect from 45.40.57.177 port 49372:11: Bye Bye [preauth]
Sep 30 11:45:40 ntop sshd[32113]: Disconnected from 45.40.57.177 port 49372 [preauth]
Sep 30 12:05:55 ntop sshd[1027]: Invalid user oy from 45.40.57.177 port 34426
Sep 30 12:05:57 ntop sshd[1027]: Failed password for invalid user oy from 45.40.57.177 port 34426 ssh2
Sep 30 12:05:57 ntop sshd[1027]: Received disconnect from 45.40.57.177 port 34426:11: Bye Bye [preauth]
Sep 30 12:05:57 ntop sshd[1027]: Disconnected from 45.40.57.177 port 34426 [preauth]
Sep 30 12:10:19 ntop sshd[1466]: Invalid user tmp from 45.40.57.177 port 47900
Sep 30 12:10:20 ntop sshd[1466]: Failed password for invalid user tmp from 45.40.57.177 port 47900 ssh2
Sep 30 12:10:21 ntop sshd[1466]: Received disconnect ........
-------------------------------

2019-10-01 17:43:02

45.40.57.126

attack

[Aegis] @ 2019-09-06 16:51:11  0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack

2019-09-07 05:11:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.40.57.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29954
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;45.40.57.56.			IN	A

;; AUTHORITY SECTION:
.			326	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022091500 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Sep 16 00:44:10 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 56.57.40.45.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 56.57.40.45.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.132.53.145	attackspam	2020-10-04T00:19:55.319686snf-827550 sshd[7118]: Invalid user oracle from 185.132.53.145 port 41440 2020-10-04T00:19:56.654396snf-827550 sshd[7118]: Failed password for invalid user oracle from 185.132.53.145 port 41440 ssh2 2020-10-04T00:19:58.686112snf-827550 sshd[7120]: Invalid user nagios from 185.132.53.145 port 48806 ...	2020-10-04 12:52:42
218.92.0.173	attack	Oct 4 06:31:49 ucs sshd\[25750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root Oct 4 06:31:51 ucs sshd\[25693\]: error: PAM: User not known to the underlying authentication module for root from 218.92.0.173 Oct 4 06:31:52 ucs sshd\[25858\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root ...	2020-10-04 12:39:03
139.59.211.245	attackspambots	detected by Fail2Ban	2020-10-04 12:36:51
106.12.174.227	attackspambots	SSH Invalid Login	2020-10-04 12:51:10
128.199.225.104	attackbots	Brute%20Force%20SSH	2020-10-04 12:41:17
62.99.90.10	attackbots	Oct 4 06:05:02 s2 sshd[8489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.99.90.10 Oct 4 06:05:04 s2 sshd[8489]: Failed password for invalid user test from 62.99.90.10 port 47556 ssh2 Oct 4 06:10:03 s2 sshd[8894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.99.90.10	2020-10-04 12:37:58
177.130.163.38	attackspam	Oct 3 22:23:11 mail.srvfarm.net postfix/smtpd[661691]: warning: unknown[177.130.163.38]: SASL PLAIN authentication failed: Oct 3 22:23:11 mail.srvfarm.net postfix/smtpd[661691]: lost connection after AUTH from unknown[177.130.163.38] Oct 3 22:24:32 mail.srvfarm.net postfix/smtps/smtpd[659335]: warning: unknown[177.130.163.38]: SASL PLAIN authentication failed: Oct 3 22:24:32 mail.srvfarm.net postfix/smtps/smtpd[659335]: lost connection after AUTH from unknown[177.130.163.38] Oct 3 22:27:31 mail.srvfarm.net postfix/smtps/smtpd[662247]: warning: unknown[177.130.163.38]: SASL PLAIN authentication failed:	2020-10-04 13:11:40
2001:41d0:1004:2384::1	attackbots	xmlrpc attack	2020-10-04 12:44:05
138.121.95.197	attack	Oct 3 22:03:58 mail.srvfarm.net postfix/smtpd[656172]: warning: 197-95-121-138.ebertinformatica.com.br[138.121.95.197]: SASL PLAIN authentication failed: Oct 3 22:03:59 mail.srvfarm.net postfix/smtpd[656172]: lost connection after AUTH from 197-95-121-138.ebertinformatica.com.br[138.121.95.197] Oct 3 22:06:14 mail.srvfarm.net postfix/smtps/smtpd[658135]: warning: 197-95-121-138.ebertinformatica.com.br[138.121.95.197]: SASL PLAIN authentication failed: Oct 3 22:06:14 mail.srvfarm.net postfix/smtps/smtpd[658135]: lost connection after AUTH from 197-95-121-138.ebertinformatica.com.br[138.121.95.197] Oct 3 22:13:43 mail.srvfarm.net postfix/smtpd[656144]: warning: 197-95-121-138.ebertinformatica.com.br[138.121.95.197]: SASL PLAIN authentication failed:	2020-10-04 13:14:07
212.70.149.5	attack	Oct 4 07:03:47 cho postfix/smtpd[4169349]: warning: unknown[212.70.149.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 07:04:08 cho postfix/smtpd[4168489]: warning: unknown[212.70.149.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 07:04:29 cho postfix/smtpd[4168489]: warning: unknown[212.70.149.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 07:04:50 cho postfix/smtpd[4169119]: warning: unknown[212.70.149.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 07:05:11 cho postfix/smtpd[4169349]: warning: unknown[212.70.149.5]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-04 13:07:06
124.156.102.254	attack	Oct 3 21:57:00 ws22vmsma01 sshd[50567]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.102.254 Oct 3 21:57:02 ws22vmsma01 sshd[50567]: Failed password for invalid user userftp from 124.156.102.254 port 57968 ssh2 Oct 3 22:06:04 ws22vmsma01 sshd[52852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.102.254 Oct 3 22:06:06 ws22vmsma01 sshd[52852]: Failed password for invalid user user2 from 124.156.102.254 port 44660 ssh2 ...	2020-10-04 12:32:29
187.87.13.63	attackbots	Oct 3 22:21:00 mail.srvfarm.net postfix/smtpd[661689]: warning: unknown[187.87.13.63]: SASL PLAIN authentication failed: Oct 3 22:21:00 mail.srvfarm.net postfix/smtpd[661689]: lost connection after AUTH from unknown[187.87.13.63] Oct 3 22:29:09 mail.srvfarm.net postfix/smtps/smtpd[659335]: warning: unknown[187.87.13.63]: SASL PLAIN authentication failed: Oct 3 22:29:09 mail.srvfarm.net postfix/smtps/smtpd[659335]: lost connection after AUTH from unknown[187.87.13.63] Oct 3 22:30:11 mail.srvfarm.net postfix/smtpd[661689]: warning: unknown[187.87.13.63]: SASL PLAIN authentication failed:	2020-10-04 13:09:14
88.208.80.33	attackspambots	Oct 4 04:52:05 mail.srvfarm.net postfix/smtpd[714208]: warning: unknown[88.208.80.33]: SASL PLAIN authentication failed: Oct 4 04:52:05 mail.srvfarm.net postfix/smtpd[714208]: lost connection after AUTH from unknown[88.208.80.33] Oct 4 04:58:08 mail.srvfarm.net postfix/smtps/smtpd[727053]: warning: unknown[88.208.80.33]: SASL PLAIN authentication failed: Oct 4 04:58:08 mail.srvfarm.net postfix/smtps/smtpd[727053]: lost connection after AUTH from unknown[88.208.80.33] Oct 4 05:01:18 mail.srvfarm.net postfix/smtpd[726747]: warning: unknown[88.208.80.33]: SASL PLAIN authentication failed:	2020-10-04 13:02:00
23.97.180.45	attackbotsspam	Oct 4 06:26:10 vps647732 sshd[8652]: Failed password for root from 23.97.180.45 port 57212 ssh2 ...	2020-10-04 12:51:25
193.35.51.23	attackbots	Oct 3 23:13:47 websrv1.derweidener.de postfix/smtpd[703184]: warning: unknown[193.35.51.23]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 3 23:13:47 websrv1.derweidener.de postfix/smtpd[703184]: lost connection after AUTH from unknown[193.35.51.23] Oct 3 23:13:52 websrv1.derweidener.de postfix/smtpd[703184]: lost connection after AUTH from unknown[193.35.51.23] Oct 3 23:13:56 websrv1.derweidener.de postfix/smtpd[703955]: lost connection after AUTH from unknown[193.35.51.23] Oct 3 23:14:01 websrv1.derweidener.de postfix/smtpd[703184]: lost connection after AUTH from unknown[193.35.51.23]	2020-10-04 13:07:36

Recently Reported IPs

103.27.222.21	89.151.139.54	45.199.134.139	182.52.231.130
20.68.163.72	179.1.133.33	116.110.1.24	116.23.110.85
112.91.140.156	103.251.65.96	112.91.140.133	23.254.101.140
103.100.235.175	43.142.176.195	101.43.171.231	2a00:5da0:1000:1::49
174.102.17.238	211.223.46.193	50.62.177.106	210.3.113.66