157.245.103.13

Basic Info

City: Bengaluru

Region: Karnataka

Country: India

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH Brute-Force. Ports scanning.	2020-07-24 16:00:27
attack	2020-07-23T07:52:37.855861ks3355764 sshd[30597]: Invalid user german from 157.245.103.13 port 41502 2020-07-23T07:52:40.236794ks3355764 sshd[30597]: Failed password for invalid user german from 157.245.103.13 port 41502 ssh2 ...	2020-07-23 15:29:46
attack	Jul 21 01:22:10 vps687878 sshd\[5846\]: Invalid user bottos from 157.245.103.13 port 47194 Jul 21 01:22:10 vps687878 sshd\[5846\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.13 Jul 21 01:22:12 vps687878 sshd\[5846\]: Failed password for invalid user bottos from 157.245.103.13 port 47194 ssh2 Jul 21 01:27:44 vps687878 sshd\[6441\]: Invalid user libsys from 157.245.103.13 port 35238 Jul 21 01:27:44 vps687878 sshd\[6441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.13 ...	2020-07-21 08:26:40

Type

Details

Datetime

attack

SSH Brute-Force. Ports scanning.

2020-07-24 16:00:27

attack

2020-07-23T07:52:37.855861ks3355764 sshd[30597]: Invalid user german from 157.245.103.13 port 41502
2020-07-23T07:52:40.236794ks3355764 sshd[30597]: Failed password for invalid user german from 157.245.103.13 port 41502 ssh2
...

2020-07-23 15:29:46

attack

Jul 21 01:22:10 vps687878 sshd\[5846\]: Invalid user bottos from 157.245.103.13 port 47194
Jul 21 01:22:10 vps687878 sshd\[5846\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.13
Jul 21 01:22:12 vps687878 sshd\[5846\]: Failed password for invalid user bottos from 157.245.103.13 port 47194 ssh2
Jul 21 01:27:44 vps687878 sshd\[6441\]: Invalid user libsys from 157.245.103.13 port 35238
Jul 21 01:27:44 vps687878 sshd\[6441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.13
...

2020-07-21 08:26:40

Comments on same subnet:

IP	Type	Details	Datetime
157.245.103.203	attackspam	Brute-force attempt banned	2020-09-16 03:32:16
157.245.103.203	attackbots	Sep 15 10:57:52 scw-focused-cartwright sshd[3372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.203 Sep 15 10:57:53 scw-focused-cartwright sshd[3372]: Failed password for invalid user yyu from 157.245.103.203 port 54948 ssh2	2020-09-15 19:37:25
157.245.103.203	attackspam	Ssh brute force	2020-08-27 08:19:55
157.245.103.203	attack	Aug 19 02:46:17 server sshd[14853]: Failed password for root from 157.245.103.203 port 48774 ssh2 Aug 19 02:57:49 server sshd[19908]: Failed password for invalid user tim from 157.245.103.203 port 54845 ssh2 Aug 19 03:04:31 server sshd[23954]: Failed password for invalid user jorge from 157.245.103.203 port 56019 ssh2	2020-08-19 09:15:11
157.245.103.173	attack	Erpressungsversuch! - Attempted extortion	2020-08-04 23:49:23
157.245.103.117	attackbots	$f2bV_matches	2020-03-29 21:50:39
157.245.103.117	attack	Mar 22 11:14:02 ewelt sshd[16470]: Invalid user brands from 157.245.103.117 port 42854 Mar 22 11:14:02 ewelt sshd[16470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117 Mar 22 11:14:02 ewelt sshd[16470]: Invalid user brands from 157.245.103.117 port 42854 Mar 22 11:14:04 ewelt sshd[16470]: Failed password for invalid user brands from 157.245.103.117 port 42854 ssh2 ...	2020-03-22 18:42:33
157.245.103.117	attack	Mar 22 04:44:27 itv-usvr-02 sshd[25746]: Invalid user abba from 157.245.103.117 port 49498 Mar 22 04:44:27 itv-usvr-02 sshd[25746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117 Mar 22 04:44:27 itv-usvr-02 sshd[25746]: Invalid user abba from 157.245.103.117 port 49498 Mar 22 04:44:29 itv-usvr-02 sshd[25746]: Failed password for invalid user abba from 157.245.103.117 port 49498 ssh2 Mar 22 04:49:45 itv-usvr-02 sshd[25904]: Invalid user trung from 157.245.103.117 port 54800	2020-03-22 06:38:47
157.245.103.117	attack	Mar 4 18:43:39 MK-Soft-VM7 sshd[17891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117 Mar 4 18:43:41 MK-Soft-VM7 sshd[17891]: Failed password for invalid user steam from 157.245.103.117 port 41224 ssh2 ...	2020-03-05 01:46:09
157.245.103.117	attackspambots	Feb 20 11:02:21 game-panel sshd[16914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117 Feb 20 11:02:23 game-panel sshd[16914]: Failed password for invalid user falcon2 from 157.245.103.117 port 51716 ssh2 Feb 20 11:05:09 game-panel sshd[17079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117	2020-02-20 21:21:19
157.245.103.117	attackbotsspam	Feb 11 01:17:47 plusreed sshd[30626]: Invalid user dxd from 157.245.103.117 ...	2020-02-11 14:59:37
157.245.103.117	attackspam	$f2bV_matches	2020-02-10 21:43:28
157.245.103.117	attack	Jan 23 02:06:51 www sshd\[55914\]: Invalid user test4 from 157.245.103.117Jan 23 02:06:53 www sshd\[55914\]: Failed password for invalid user test4 from 157.245.103.117 port 34852 ssh2Jan 23 02:08:57 www sshd\[55960\]: Failed password for root from 157.245.103.117 port 53750 ssh2 ...	2020-01-23 09:12:43
157.245.103.117	attack	Jan 1 15:52:13 amit sshd\[13700\]: Invalid user user from 157.245.103.117 Jan 1 15:52:13 amit sshd\[13700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117 Jan 1 15:52:15 amit sshd\[13700\]: Failed password for invalid user user from 157.245.103.117 port 34966 ssh2 ...	2020-01-02 00:27:30
157.245.103.117	attackbotsspam	Dec 29 07:17:10 pi sshd\[9899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117 user=mail Dec 29 07:17:13 pi sshd\[9899\]: Failed password for mail from 157.245.103.117 port 45778 ssh2 Dec 29 07:19:53 pi sshd\[9922\]: Invalid user luthra from 157.245.103.117 port 40492 Dec 29 07:19:53 pi sshd\[9922\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.117 Dec 29 07:19:54 pi sshd\[9922\]: Failed password for invalid user luthra from 157.245.103.117 port 40492 ssh2 ...	2019-12-29 21:58:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.103.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43894
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.103.13.			IN	A

;; AUTHORITY SECTION:
.			492	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072002 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jul 21 08:26:36 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 13.103.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.103.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.95.168.77	attackbotsspam	Jul 7 11:36:16 mail postfix/smtpd\[32700\]: warning: unknown\[45.95.168.77\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 7 11:36:16 mail postfix/smtpd\[316\]: warning: unknown\[45.95.168.77\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 7 11:36:16 mail postfix/smtpd\[315\]: warning: unknown\[45.95.168.77\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jul 7 12:16:02 mail postfix/smtpd\[1709\]: warning: unknown\[45.95.168.77\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-07-07 18:28:12
175.24.49.130	attackbotsspam	Jul 6 15:44:28 nbi-636 sshd[13937]: Invalid user adminixxxr from 175.24.49.130 port 48414 Jul 6 15:44:28 nbi-636 sshd[13937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.49.130 Jul 6 15:44:30 nbi-636 sshd[13937]: Failed password for invalid user adminixxxr from 175.24.49.130 port 48414 ssh2 Jul 6 15:44:30 nbi-636 sshd[13937]: Received disconnect from 175.24.49.130 port 48414:11: Bye Bye [preauth] Jul 6 15:44:30 nbi-636 sshd[13937]: Disconnected from invalid user adminixxxr 175.24.49.130 port 48414 [preauth] Jul 6 15:50:06 nbi-636 sshd[15424]: Invalid user temp from 175.24.49.130 port 39280 Jul 6 15:50:06 nbi-636 sshd[15424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.49.130 Jul 6 15:50:08 nbi-636 sshd[15424]: Failed password for invalid user temp from 175.24.49.130 port 39280 ssh2 Jul 6 15:50:11 nbi-636 sshd[15424]: Received disconnect from 175.24.49.130 por........ -------------------------------	2020-07-07 18:24:01
36.155.115.72	attack	Jul 7 11:17:21 sip sshd[857325]: Invalid user usuario from 36.155.115.72 port 53758 Jul 7 11:17:23 sip sshd[857325]: Failed password for invalid user usuario from 36.155.115.72 port 53758 ssh2 Jul 7 11:21:53 sip sshd[857341]: Invalid user ljf from 36.155.115.72 port 48885 ...	2020-07-07 18:13:15
60.30.98.194	attackbotsspam	SSH Brute-Force attacks	2020-07-07 17:53:47
87.251.74.18	attackspambots	TCP (SYN) 87.251.74.18:46519 -> port 33892, len 44	2020-07-07 17:58:59
122.51.96.57	attackspambots	Jul 7 05:59:07 localhost sshd\[21983\]: Invalid user test from 122.51.96.57 Jul 7 05:59:07 localhost sshd\[21983\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.96.57 Jul 7 05:59:09 localhost sshd\[21983\]: Failed password for invalid user test from 122.51.96.57 port 36378 ssh2 Jul 7 06:03:56 localhost sshd\[22216\]: Invalid user db from 122.51.96.57 Jul 7 06:03:56 localhost sshd\[22216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.96.57 ...	2020-07-07 18:24:53
222.186.180.41	attackbotsspam	web-1 [ssh] SSH Attack	2020-07-07 17:53:14
139.155.74.240	attackspambots	2020-07-06 UTC: (147x) - VM,acct,acme,admin(4x),administrator,asterisk,azar,b,cacheusr,cam,carrie,comfort,cse,db2inst3,deploy,deployer,dge,dis,drcom,edu,emilio,erica,ethos,evv,frida,gisele,git,gitlab-runner,hadoop,hans,indu,james,jenkins,john1,joomla,kafka(2x),kg,las,lcr,mai,mc,mcserver,me,mf,monitor,mysql(2x),nexus,oem,opscode,oracle(2x),owncloud,pankaj,prashant,prem,premier,r,rachid,remote,roger,root(41x),ryan,sam,scott,sdv,shield,smbuser,stage,stone,student,superman,svaadmin,sysadmin,tahir,tapas,tb,tecnico,test(2x),test3,tomas,tomcat,toor,uat,ubuntu,user(2x),userftp,usher,wangwei,wayne,wbiadmin,webmaster,wfp,work,xt,yjlee,zc,zhangyang,zhangyong,zsh,zzz	2020-07-07 18:15:03
42.116.69.193	attackbotsspam	...	2020-07-07 18:30:16
172.82.230.4	attackspam	Jul 7 05:23:50 mail.srvfarm.net postfix/smtpd[2175937]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Jul 7 05:24:53 mail.srvfarm.net postfix/smtpd[2175938]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Jul 7 05:26:01 mail.srvfarm.net postfix/smtpd[2175938]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Jul 7 05:27:06 mail.srvfarm.net postfix/smtpd[2175937]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4] Jul 7 05:29:07 mail.srvfarm.net postfix/smtpd[2175938]: lost connection after STARTTLS from r4.news.eu.rvca.com[172.82.230.4]	2020-07-07 18:04:42
220.134.176.110	attack	TCP (SYN) 220.134.176.110:62008 -> port 80, len 40	2020-07-07 18:25:58
191.53.199.156	attackspam	Jul 7 05:12:05 mail.srvfarm.net postfix/smtpd[2162378]: warning: unknown[191.53.199.156]: SASL PLAIN authentication failed: Jul 7 05:12:05 mail.srvfarm.net postfix/smtpd[2162378]: lost connection after AUTH from unknown[191.53.199.156] Jul 7 05:12:14 mail.srvfarm.net postfix/smtps/smtpd[2175164]: warning: unknown[191.53.199.156]: SASL PLAIN authentication failed: Jul 7 05:12:15 mail.srvfarm.net postfix/smtps/smtpd[2175164]: lost connection after AUTH from unknown[191.53.199.156] Jul 7 05:14:20 mail.srvfarm.net postfix/smtpd[2176448]: warning: unknown[191.53.199.156]: SASL PLAIN authentication failed:	2020-07-07 18:02:39
51.77.111.30	attackbotsspam	Jul 7 02:36:00 propaganda sshd[3152]: Connection from 51.77.111.30 port 60338 on 10.0.0.160 port 22 rdomain "" Jul 7 02:36:03 propaganda sshd[3152]: Connection closed by 51.77.111.30 port 60338 [preauth]	2020-07-07 18:12:43
187.163.116.183	attack	Automatic report - Port Scan Attack	2020-07-07 18:19:06
14.226.87.80	attack	20/7/6@23:49:07: FAIL: Alarm-Network address from=14.226.87.80 ...	2020-07-07 18:17:55

Recently Reported IPs

206.124.52.89	59.40.86.216	23.28.236.43	104.180.196.63
156.221.133.218	116.44.125.235	94.77.245.119	111.72.196.249
111.139.9.134	18.167.66.127	187.111.7.193	46.25.86.59
208.28.211.102	112.218.76.163	47.170.29.21	42.226.163.194
47.133.221.196	105.14.158.181	68.142.175.70	52.24.38.230