157.245.107.52

Basic Info

City: unknown

Region: unknown

Country: India

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Automatically reported by fail2ban report script (mx1)	2020-02-22 23:57:41
attackspambots	WordPress login Brute force / Web App Attack on client site.	2020-02-18 21:42:55

Comments on same subnet:

IP	Type	Details	Datetime
157.245.107.214	attackspambots	Automatic report - WordPress Brute Force	2020-03-04 16:00:41
157.245.107.214	attackbots	IP blocked	2020-02-17 06:00:46
157.245.107.153	attackbotsspam	Dec 13 15:03:58 sachi sshd\[18329\]: Invalid user guest from 157.245.107.153 Dec 13 15:03:59 sachi sshd\[18329\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 Dec 13 15:04:01 sachi sshd\[18329\]: Failed password for invalid user guest from 157.245.107.153 port 49900 ssh2 Dec 13 15:09:53 sachi sshd\[18995\]: Invalid user chaung from 157.245.107.153 Dec 13 15:09:53 sachi sshd\[18995\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153	2019-12-14 09:18:12
157.245.107.153	attackbotsspam	$f2bV_matches	2019-12-13 13:19:17
157.245.107.153	attackspam	Dec 9 23:28:54 cp sshd[13523]: Failed password for root from 157.245.107.153 port 48422 ssh2 Dec 9 23:28:54 cp sshd[13523]: Failed password for root from 157.245.107.153 port 48422 ssh2	2019-12-10 06:36:25
157.245.107.153	attack	2019-12-06T18:03:29.578745abusebot-4.cloudsearch.cf sshd\[27158\]: Invalid user seng from 157.245.107.153 port 48822	2019-12-07 03:06:22
157.245.107.153	attackspambots	Nov 25 10:09:50 web8 sshd\[15593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 user=bin Nov 25 10:09:52 web8 sshd\[15593\]: Failed password for bin from 157.245.107.153 port 33252 ssh2 Nov 25 10:17:11 web8 sshd\[19213\]: Invalid user kam from 157.245.107.153 Nov 25 10:17:11 web8 sshd\[19213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 Nov 25 10:17:13 web8 sshd\[19213\]: Failed password for invalid user kam from 157.245.107.153 port 41648 ssh2	2019-11-25 18:23:45
157.245.107.153	attackspambots	Nov 23 12:11:40 cp sshd[31380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 Nov 23 12:11:40 cp sshd[31380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153	2019-11-23 19:15:27
157.245.107.153	attack	Nov 9 07:49:04 ns381471 sshd[18405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 Nov 9 07:49:06 ns381471 sshd[18405]: Failed password for invalid user sai from 157.245.107.153 port 35440 ssh2	2019-11-09 22:42:59
157.245.107.153	attackspam	Nov 4 09:08:37 vpn01 sshd[13130]: Failed password for root from 157.245.107.153 port 46578 ssh2 ...	2019-11-04 18:03:56
157.245.107.153	attack	Nov 3 23:56:52 plusreed sshd[8568]: Invalid user eb from 157.245.107.153 Nov 3 23:56:52 plusreed sshd[8568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 Nov 3 23:56:52 plusreed sshd[8568]: Invalid user eb from 157.245.107.153 Nov 3 23:56:54 plusreed sshd[8568]: Failed password for invalid user eb from 157.245.107.153 port 34950 ssh2 Nov 4 00:00:59 plusreed sshd[9485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 user=root Nov 4 00:01:01 plusreed sshd[9485]: Failed password for root from 157.245.107.153 port 44970 ssh2 ...	2019-11-04 13:15:20
157.245.107.153	attack	Nov 1 20:22:49 *** sshd[10294]: User root from 157.245.107.153 not allowed because not listed in AllowUsers	2019-11-02 07:15:00
157.245.107.153	attackbots	Oct 30 19:34:58 h2177944 sshd\[16187\]: Invalid user ucpss from 157.245.107.153 port 41864 Oct 30 19:34:58 h2177944 sshd\[16187\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 Oct 30 19:35:00 h2177944 sshd\[16187\]: Failed password for invalid user ucpss from 157.245.107.153 port 41864 ssh2 Oct 30 20:07:14 h2177944 sshd\[17758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 user=root ...	2019-10-31 03:30:22
157.245.107.153	attackbotsspam	Automatic report - Banned IP Access	2019-10-27 16:29:07
157.245.107.153	attackspam	Oct 26 22:24:01 ovpn sshd\[7970\]: Invalid user pgadmin from 157.245.107.153 Oct 26 22:24:01 ovpn sshd\[7970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153 Oct 26 22:24:03 ovpn sshd\[7970\]: Failed password for invalid user pgadmin from 157.245.107.153 port 41506 ssh2 Oct 26 22:28:03 ovpn sshd\[8756\]: Invalid user roger from 157.245.107.153 Oct 26 22:28:03 ovpn sshd\[8756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.107.153	2019-10-27 05:25:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.107.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42057
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.107.52.			IN	A

;; AUTHORITY SECTION:
.			310	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021801 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 18 21:42:48 CST 2020
;; MSG SIZE  rcvd: 118

Host info

52.107.245.157.in-addr.arpa domain name pointer sg771.kwikfunnels.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.107.245.157.in-addr.arpa	name = sg771.kwikfunnels.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.82.153.5	attack	28.07.2019 07:30:15 Connection to port 7555 blocked by firewall	2019-07-28 15:47:18
177.52.252.221	attackbots	Port scan and direct access per IP instead of hostname	2019-07-28 15:36:34
159.89.169.109	attackbots	SSH invalid-user multiple login try	2019-07-28 15:33:17
203.153.46.89	attackspambots	Jul 28 04:38:42 host sshd\[50838\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.153.46.89 user=root Jul 28 04:38:44 host sshd\[50838\]: Failed password for root from 203.153.46.89 port 57406 ssh2 ...	2019-07-28 15:45:15
185.104.71.78	attackspambots	Port scan and direct access per IP instead of hostname	2019-07-28 15:19:44
202.43.164.46	attackbots	ssh failed login	2019-07-28 15:06:30
195.206.105.217	attackspam	Jul 28 08:39:23 km20725 sshd\[6681\]: Failed password for root from 195.206.105.217 port 34092 ssh2Jul 28 08:39:41 km20725 sshd\[6692\]: Invalid user admin from 195.206.105.217Jul 28 08:39:44 km20725 sshd\[6692\]: Failed password for invalid user admin from 195.206.105.217 port 55894 ssh2Jul 28 08:39:46 km20725 sshd\[6692\]: Failed password for invalid user admin from 195.206.105.217 port 55894 ssh2 ...	2019-07-28 14:46:23
37.28.154.68	attack	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.28.154.68 user=root Failed password for root from 37.28.154.68 port 35357 ssh2 Failed password for root from 37.28.154.68 port 35357 ssh2 Failed password for root from 37.28.154.68 port 35357 ssh2 Failed password for root from 37.28.154.68 port 35357 ssh2	2019-07-28 14:59:13
202.131.85.53	attackbots	Port scan and direct access per IP instead of hostname	2019-07-28 14:40:22
85.104.33.169	attack	19/7/27@21:08:57: FAIL: IoT-Telnet address from=85.104.33.169 ...	2019-07-28 14:53:52
198.108.67.16	attackspambots	Port scan and direct access per IP instead of hostname	2019-07-28 14:47:25
137.74.175.67	attackbotsspam	Jul 28 02:47:24 mail sshd[17926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.175.67 user=root Jul 28 02:47:26 mail sshd[17926]: Failed password for root from 137.74.175.67 port 56314 ssh2 Jul 28 03:03:59 mail sshd[19997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.175.67 user=root Jul 28 03:04:01 mail sshd[19997]: Failed password for root from 137.74.175.67 port 52574 ssh2 Jul 28 03:08:06 mail sshd[20600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.175.67 user=root Jul 28 03:08:08 mail sshd[20600]: Failed password for root from 137.74.175.67 port 47050 ssh2 ...	2019-07-28 15:28:00
182.138.163.104	attack	GET /qnfxcjqr HTTP/1.1	2019-07-28 15:26:12
117.60.142.240	attack	20 attempts against mh-ssh on ice.magehost.pro	2019-07-28 15:19:23
49.86.177.175	attackspam	Jul 28 05:01:49 microserver sshd[25255]: Invalid user guile from 49.86.177.175 port 44476 Jul 28 05:01:49 microserver sshd[25255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.86.177.175 Jul 28 05:01:51 microserver sshd[25255]: Failed password for invalid user guile from 49.86.177.175 port 44476 ssh2 Jul 28 05:09:00 microserver sshd[26032]: Invalid user QWErty!2 from 49.86.177.175 port 40650 Jul 28 05:09:00 microserver sshd[26032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.86.177.175 Jul 28 05:22:50 microserver sshd[27927]: Invalid user egami from 49.86.177.175 port 32972 Jul 28 05:22:50 microserver sshd[27927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.86.177.175 Jul 28 05:22:53 microserver sshd[27927]: Failed password for invalid user egami from 49.86.177.175 port 32972 ssh2 Jul 28 05:29:30 microserver sshd[28644]: Invalid user dioden from 49.86.177.175 port 57351 J	2019-07-28 14:51:47

Recently Reported IPs

252.160.7.88	103.125.95.63	89.36.214.11	79.45.249.12
73.35.213.36	67.143.176.47	118.42.72.81	80.164.246.15
4.167.178.220	180.205.101.219	1.189.90.30	107.150.4.125
103.125.95.58	212.154.12.131	223.245.212.218	186.109.237.152
168.232.13.50	103.125.93.168	217.30.255.34	26.119.199.195