45.40.134.107 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): GoDaddy.com LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	WordPress wp-login brute force :: 45.40.134.107 0.128 BYPASS [07/Aug/2019:15:21:12 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-07 14:27:41
attack	fail2ban honeypot	2019-07-28 22:01:51

类型

评论内容

时间

attackbots

WordPress wp-login brute force :: 45.40.134.107 0.128 BYPASS [07/Aug/2019:15:21:12  1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

2019-08-07 14:27:41

attack

fail2ban honeypot

2019-07-28 22:01:51

相同子网IP讨论:

IP	类型	评论内容	时间
45.40.134.20	attackspambots	45.40.134.20 - - [04/Sep/2019:01:15:27 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:27 +0200] "POST /wp-login.php HTTP/1.1" 200 1704 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:28 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:28 +0200] "POST /wp-login.php HTTP/1.1" 200 1684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:29 +0200] "GET /wp-login.php HTTP/1.1" 200 1301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.40.134.20 - - [04/Sep/2019:01:15:29 +0200] "POST /wp-login.php HTTP/1.1" 200 1688 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-09-04 09:53:50
45.40.134.20	attackspambots	01.09.2019 20:04:54 - Wordpress fail Detected by ELinOX-ALM	2019-09-02 03:49:12
45.40.134.20	attackbots	blogonese.net 45.40.134.20 \[27/Aug/2019:06:56:33 +0200\] "POST /wp-login.php HTTP/1.1" 200 5769 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" blogonese.net 45.40.134.20 \[27/Aug/2019:06:56:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 5768 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-08-27 13:01:52
45.40.134.20	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-08-26 09:34:56
45.40.134.20	attack	WordPress login Brute force / Web App Attack on client site.	2019-08-20 11:18:40
45.40.134.20	attack	xmlrpc attack	2019-08-14 18:04:17
45.40.134.20	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-08-09 05:46:51
45.40.134.20	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-07-20 04:08:29
45.40.134.20	attack	xmlrpc attack	2019-07-19 12:26:42

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.40.134.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48120
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;45.40.134.107.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 22:01:37 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

107.134.40.45.in-addr.arpa domain name pointer ip-45-40-134-107.ip.secureserver.net.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
107.134.40.45.in-addr.arpa	name = ip-45-40-134-107.ip.secureserver.net.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
66.240.236.119	attackbotsspam	Feb 25 15:35:07 debian-2gb-nbg1-2 kernel: \[4900505.840243\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=66.240.236.119 DST=195.201.40.59 LEN=44 TOS=0x10 PREC=0x00 TTL=110 ID=1095 PROTO=TCP SPT=19330 DPT=11112 WINDOW=63810 RES=0x00 SYN URGP=0	2020-02-25 23:20:28
192.227.153.234	attack	[2020-02-25 10:14:17] NOTICE[1148][C-0000be37] chan_sip.c: Call from '' (192.227.153.234:63659) to extension '00746812111443' rejected because extension not found in context 'public'. [2020-02-25 10:14:17] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-25T10:14:17.282-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="00746812111443",SessionID="0x7fd82c3faf98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/192.227.153.234/63659",ACLName="no_extension_match" [2020-02-25 10:18:46] NOTICE[1148][C-0000be3e] chan_sip.c: Call from '' (192.227.153.234:57611) to extension '80046812111443' rejected because extension not found in context 'public'. [2020-02-25 10:18:46] SECURITY[1163] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-02-25T10:18:46.519-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="80046812111443",SessionID="0x7fd82c3c9898",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD ...	2020-02-25 23:21:03
188.163.104.67	attack	02/25/2020-17:55:57.273657 188.163.104.67 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-02-26 01:09:58
37.220.156.115	attack	1582615065 - 02/25/2020 08:17:45 Host: 37.220.156.115/37.220.156.115 Port: 445 TCP Blocked	2020-02-25 22:50:35
106.13.77.243	attack	Feb 24 22:30:38 hpm sshd\[6168\]: Invalid user oracle from 106.13.77.243 Feb 24 22:30:38 hpm sshd\[6168\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.77.243 Feb 24 22:30:40 hpm sshd\[6168\]: Failed password for invalid user oracle from 106.13.77.243 port 38886 ssh2 Feb 24 22:37:28 hpm sshd\[6777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.77.243 user=root Feb 24 22:37:30 hpm sshd\[6777\]: Failed password for root from 106.13.77.243 port 50848 ssh2	2020-02-25 23:17:53
67.207.91.133	attack	Feb 25 14:43:08 sshd\[8613\]: Invalid user 01 from 67.207.91.133Feb 25 14:43:10 sshd\[8613\]: Failed password for invalid user 01 from 67.207.91.133 port 37668 ssh2 ...	2020-02-25 23:28:49
202.177.243.248	attack	Automatic report - Port Scan Attack	2020-02-25 23:09:10
95.107.53.155	attackbotsspam	Automatic report - Banned IP Access	2020-02-25 23:28:03
110.164.77.46	attackspambots	Unauthorized connection attempt from IP address 110.164.77.46 on Port 445(SMB)	2020-02-25 22:53:28
92.118.37.53	attackbots	Feb 25 17:59:34 debian-2gb-nbg1-2 kernel: \[4909172.409914\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.53 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=32173 PROTO=TCP SPT=46983 DPT=42906 WINDOW=1024 RES=0x00 SYN URGP=0	2020-02-26 01:07:48
120.29.77.125	attackspambots	$f2bV_matches	2020-02-25 23:05:11
106.12.74.123	attackspambots	Feb 25 14:51:49 MK-Soft-VM6 sshd[19993]: Failed password for irc from 106.12.74.123 port 44946 ssh2 ...	2020-02-25 22:52:24
180.242.25.244	attack	Unauthorized connection attempt from IP address 180.242.25.244 on Port 445(SMB)	2020-02-25 22:58:51
91.87.59.8	attackspam	Feb 25 14:43:11 sshd\[8611\]: Invalid user ts3srv from 91.87.59.8Feb 25 14:43:13 sshd\[8611\]: Failed password for invalid user ts3srv from 91.87.59.8 port 49320 ssh2 ...	2020-02-25 23:08:11
49.145.104.249	attackspambots	1582615057 - 02/25/2020 08:17:37 Host: 49.145.104.249/49.145.104.249 Port: 445 TCP Blocked	2020-02-25 22:54:00

最近上报的IP列表

138.68.96.199	167.71.46.127	216.29.205.90	107.13.186.21
191.53.254.133	5.62.51.44	90.126.88.220	111.231.100.167
171.236.139.238	51.15.118.122	2.206.26.156	178.72.73.147
134.73.129.144	193.144.61.81	104.24.121.159	61.50.255.248
145.239.91.37	84.109.74.138	153.126.144.31	234.171.28.21