157.245.109.114

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
157.245.109.222	attackbots	SSH Brute-Force. Ports scanning.	2020-09-04 12:28:01
157.245.109.222	attackbots	invalid user teste from 157.245.109.222 port 40136 ssh2	2020-09-01 07:21:01
157.245.109.222	attack	Invalid user it from 157.245.109.222 port 42106	2020-08-21 05:32:16
157.245.109.213	attackbotsspam	Apr 19 08:15:51 ny01 sshd[16326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.109.213 Apr 19 08:15:53 ny01 sshd[16326]: Failed password for invalid user ubuntu from 157.245.109.213 port 48934 ssh2 Apr 19 08:19:40 ny01 sshd[16826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.109.213	2020-04-19 21:26:00
157.245.109.213	attack	Apr 18 10:31:53 Enigma sshd[26521]: Failed password for invalid user lg from 157.245.109.213 port 51776 ssh2 Apr 18 10:36:27 Enigma sshd[27034]: Invalid user xs from 157.245.109.213 port 59308 Apr 18 10:36:27 Enigma sshd[27034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=caratred.studio Apr 18 10:36:27 Enigma sshd[27034]: Invalid user xs from 157.245.109.213 port 59308 Apr 18 10:36:29 Enigma sshd[27034]: Failed password for invalid user xs from 157.245.109.213 port 59308 ssh2	2020-04-18 18:12:05
157.245.109.223	attack	(sshd) Failed SSH login from 157.245.109.223 (IN/India/-): 5 in the last 3600 secs	2020-04-07 09:11:21
157.245.109.223	attack	Apr 6 23:40:30 tor-proxy-02 sshd\[24800\]: Invalid user sales from 157.245.109.223 port 52790 Apr 6 23:42:31 tor-proxy-02 sshd\[24806\]: Invalid user t7inst from 157.245.109.223 port 44562 Apr 6 23:44:31 tor-proxy-02 sshd\[24808\]: Invalid user admin from 157.245.109.223 port 36322 ...	2020-04-07 05:52:51
157.245.109.223	attack	Multiple SSH login attempts.	2020-03-30 03:33:12
157.245.109.223	attackspam	$f2bV_matches	2020-03-29 02:27:02
157.245.109.223	attackspam	T: f2b ssh aggressive 3x	2020-03-27 22:46:37
157.245.109.223	attackspambots	SSH brute-force attempt	2020-03-14 13:49:33
157.245.109.223	attackspambots	FTP Brute-Force reported by Fail2Ban	2020-03-11 09:34:20
157.245.109.223	attack	leo_www	2020-03-05 17:59:52
157.245.109.223	attackbotsspam	2020-03-04T23:10:06.410875scmdmz1 sshd[27419]: Invalid user partspronto from 157.245.109.223 port 53174 2020-03-04T23:10:08.924046scmdmz1 sshd[27419]: Failed password for invalid user partspronto from 157.245.109.223 port 53174 ssh2 2020-03-04T23:13:54.270960scmdmz1 sshd[27705]: Invalid user partspronto.cms from 157.245.109.223 port 51136 ...	2020-03-05 06:57:40
157.245.109.127	attackbots	firewall-block, port(s): 49004/udp	2019-11-07 00:56:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.109.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12055
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;157.245.109.114.		IN	A

;; AUTHORITY SECTION:
.			354	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 36 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 05:03:00 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 114.109.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 114.109.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.80.32.131	attackspambots	Unauthorized connection attempt from IP address 189.80.32.131 on Port 445(SMB)	2020-09-03 15:09:24
178.128.14.102	attackbots	Invalid user kds from 178.128.14.102 port 60106	2020-09-03 14:57:59
41.38.232.224	attackspambots	Unauthorized connection attempt from IP address 41.38.232.224 on Port 445(SMB)	2020-09-03 14:48:10
190.205.7.148	attackbotsspam	Attempted connection to port 445.	2020-09-03 15:05:52
187.1.178.102	attack	Honeypot attack, port: 445, PTR: 187-1-178-102.centurytelecom.net.br.	2020-09-03 14:40:11
51.75.126.115	attackbots	$f2bV_matches	2020-09-03 15:02:17
85.114.122.114	attackbots	Sep 2 13:42:30 sip sshd[4979]: Failed password for root from 85.114.122.114 port 51540 ssh2 Sep 2 16:26:38 sip sshd[16007]: Failed password for root from 85.114.122.114 port 43412 ssh2	2020-09-03 14:50:31
31.223.43.131	attack	Attempted connection to port 80.	2020-09-03 15:00:47
41.224.59.78	attack	2020-09-03T05:01:33+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-09-03 14:57:02
88.147.152.146	attack	srvr1: (mod_security) mod_security (id:920350) triggered by 88.147.152.146 (RU/-/88-147-152-146.dynamic.152.147.88.in-addr.arpa): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/03 06:32:36 [error] 194005#0: 337763 [client 88.147.152.146] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159911475637.598198"] [ref "o0,16v21,16"], client: 88.147.152.146, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-03 15:11:05
182.61.161.121	attack	Invalid user grafana from 182.61.161.121 port 52400	2020-09-03 14:51:18
122.160.84.31	attackbots	Unauthorized connection attempt from IP address 122.160.84.31 on Port 445(SMB)	2020-09-03 14:55:18
116.92.213.114	attackspambots	(sshd) Failed SSH login from 116.92.213.114 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 2 23:07:31 cvps sshd[27026]: Invalid user jader from 116.92.213.114 Sep 2 23:07:31 cvps sshd[27026]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.92.213.114 Sep 2 23:07:33 cvps sshd[27026]: Failed password for invalid user jader from 116.92.213.114 port 53992 ssh2 Sep 2 23:19:14 cvps sshd[31006]: Invalid user uftp from 116.92.213.114 Sep 2 23:19:14 cvps sshd[31006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.92.213.114	2020-09-03 15:10:36
45.142.120.166	attack	SASL LOGIN authentication failed: authentication failure	2020-09-03 14:39:09
45.125.222.120	attack	Sep 3 06:14:50 cp sshd[2963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.125.222.120	2020-09-03 14:35:34

Recently Reported IPs

27.36.177.51	157.245.106.98	157.245.107.123	157.245.109.13
157.245.110.217	157.245.107.227	157.245.109.3	157.245.110.248
157.245.111.100	157.245.111.148	157.245.111.137	157.245.113.224
157.245.111.154	157.245.117.243	157.245.112.188	157.245.114.224
157.245.117.116	157.245.115.172	157.245.121.248	157.245.118.216