City: Clifton
Region: New Jersey
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspambots | 157.245.13.204 - - \[14/Mar/2020:05:03:04 +0100\] "POST /wp-login.php HTTP/1.0" 200 7672 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.13.204 - - \[14/Mar/2020:05:03:06 +0100\] "POST /wp-login.php HTTP/1.0" 200 7680 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.13.204 - - \[14/Mar/2020:05:03:08 +0100\] "POST /wp-login.php HTTP/1.0" 200 7668 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-03-14 12:36:42 |
| attack | 157.245.13.204 - - \[12/Feb/2020:05:55:53 +0100\] "POST /wp-login.php HTTP/1.0" 200 6597 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.13.204 - - \[12/Feb/2020:05:55:55 +0100\] "POST /wp-login.php HTTP/1.0" 200 6575 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.13.204 - - \[12/Feb/2020:05:55:56 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-02-12 15:29:11 |
| attack | 157.245.13.204 - - [02/Feb/2020:04:51:51 +0000] "POST /wp/wp-login.php HTTP/1.1" 200 6040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.13.204 - - [02/Feb/2020:04:51:54 +0000] "POST /wp/wp-login.php HTTP/1.1" 200 5770 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-02-02 18:39:42 |
| attack | WordPress wp-login brute force :: 157.245.13.204 0.128 BYPASS [13/Jan/2020:13:09:18 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-01-13 21:54:30 |
| attackspam | C1,WP GET /suche/wordpress/wp-login.php |
2019-12-23 22:44:55 |
| attack | xmlrpc attack |
2019-12-23 00:56:15 |
| attackspambots | Automatic report - XMLRPC Attack |
2019-11-17 18:58:11 |
| attack | Automatic report - XMLRPC Attack |
2019-11-08 17:56:10 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 157.245.136.221 | botsattackproxy | SSH bot |
2024-04-26 12:58:07 |
| 157.245.133.2 | attack | Oct 6 06:25:35 ASUS sshd[4096]: Failed password for root from 157.245.133.2 port 51832 ssh2 Oct 6 06:25:35 ASUS sshd[4100]: Failed password for root from 157.245.133.2 port 51836 ssh2 |
2022-10-07 16:59:38 |
| 157.245.133.2 | attack | Oct 7 00:38:36 host sshd[1622]: Invalid user wxz from 178.128.196.240 port 34968 Oct 7 00:38:36 host sshd[1615]: Invalid user wxy from 178.128.196.240 port 34478 Oct 7 00:38:36 host sshd[1614]: Invalid user wxy from 178.128.196.240 port 34594 |
2022-10-07 16:58:23 |
| 157.245.133.2 | attack | Oct 6 06:25:31 HOST sshd[4021]: Failed password for root from 157.245.133.2 port 51892 ssh2 Oct 6 06:25:31 HOST sshd[4022]: Failed password for root from 157.245.133.2 port 51788 ssh2 Oct 6 06:25:31 HOST sshd[4025]: Failed password for root from 157.245.133.2 port 51674 ssh2 |
2022-10-07 16:57:27 |
| 157.245.137.145 | attack | Invalid user sunny from 157.245.137.145 port 44520 |
2020-10-13 01:27:38 |
| 157.245.137.145 | attackspambots | 157.245.137.145 (US/United States/-), 12 distributed sshd attacks on account [root] in the last 3600 secs |
2020-10-12 16:50:36 |
| 157.245.135.156 | attackbots | Brute%20Force%20SSH |
2020-10-03 03:45:09 |
| 157.245.135.156 | attackspam | Oct 2 17:36:39 vps639187 sshd\[13119\]: Invalid user virl from 157.245.135.156 port 45614 Oct 2 17:36:39 vps639187 sshd\[13119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.135.156 Oct 2 17:36:41 vps639187 sshd\[13119\]: Failed password for invalid user virl from 157.245.135.156 port 45614 ssh2 ... |
2020-10-03 02:33:16 |
| 157.245.135.156 | attack | Oct 2 16:26:03 sip sshd[17769]: Failed password for root from 157.245.135.156 port 55088 ssh2 Oct 2 16:31:47 sip sshd[19279]: Failed password for root from 157.245.135.156 port 49944 ssh2 |
2020-10-02 23:03:54 |
| 157.245.135.156 | attack | 2020-10-02T10:09:49.933254shield sshd\[17616\]: Invalid user ubuntu from 157.245.135.156 port 57478 2020-10-02T10:09:49.941735shield sshd\[17616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.135.156 2020-10-02T10:09:52.465788shield sshd\[17616\]: Failed password for invalid user ubuntu from 157.245.135.156 port 57478 ssh2 2020-10-02T10:13:19.672377shield sshd\[17975\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.135.156 user=root 2020-10-02T10:13:21.358575shield sshd\[17975\]: Failed password for root from 157.245.135.156 port 37182 ssh2 |
2020-10-02 19:34:34 |
| 157.245.135.156 | attackbots | Oct 2 10:05:58 itv-usvr-01 sshd[32472]: Invalid user test from 157.245.135.156 Oct 2 10:05:58 itv-usvr-01 sshd[32472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.135.156 Oct 2 10:05:58 itv-usvr-01 sshd[32472]: Invalid user test from 157.245.135.156 Oct 2 10:06:00 itv-usvr-01 sshd[32472]: Failed password for invalid user test from 157.245.135.156 port 38416 ssh2 Oct 2 10:12:00 itv-usvr-01 sshd[350]: Invalid user appadmin from 157.245.135.156 |
2020-10-02 12:26:04 |
| 157.245.135.156 | attack | Invalid user albert from 157.245.135.156 port 54708 |
2020-09-28 03:42:42 |
| 157.245.135.156 | attack | Sep 27 13:31:40 con01 sshd[3098566]: Invalid user teamspeak3 from 157.245.135.156 port 39260 Sep 27 13:31:42 con01 sshd[3098566]: Failed password for invalid user teamspeak3 from 157.245.135.156 port 39260 ssh2 Sep 27 13:34:56 con01 sshd[3104552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.135.156 user=root Sep 27 13:34:58 con01 sshd[3104552]: Failed password for root from 157.245.135.156 port 41756 ssh2 Sep 27 13:38:18 con01 sshd[3110610]: Invalid user oracle from 157.245.135.156 port 44254 ... |
2020-09-27 19:56:16 |
| 157.245.137.145 | attack | Automatic report BANNED IP |
2020-09-24 23:12:29 |
| 157.245.137.145 | attack | Brute force attempt |
2020-09-24 15:00:19 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.13.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16911
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.13.204. IN A
;; AUTHORITY SECTION:
. 585 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019110800 1800 900 604800 86400
;; Query time: 132 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 08 17:56:03 CST 2019
;; MSG SIZE rcvd: 118Host 204.13.245.157.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 204.13.245.157.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 129.204.71.207 | attack | webdav, phpmyadmin... |
2019-06-23 05:46:47 |
| 41.203.72.247 | attackspam | Unauthorized connection attempt from IP address 41.203.72.247 on Port 445(SMB) |
2019-06-23 05:52:47 |
| 49.67.70.18 | attack | 2019-06-22T14:44:34.473849 X postfix/smtpd[35208]: warning: unknown[49.67.70.18]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T15:14:35.131439 X postfix/smtpd[36497]: warning: unknown[49.67.70.18]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-06-22T16:33:32.306923 X postfix/smtpd[50851]: warning: unknown[49.67.70.18]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2019-06-23 05:26:30 |
| 125.209.85.2 | attackbots | Unauthorized connection attempt from IP address 125.209.85.2 on Port 445(SMB) |
2019-06-23 05:36:06 |
| 45.61.247.214 | attackbotsspam | Unauthorised access (Jun 22) SRC=45.61.247.214 LEN=40 TOS=0x14 TTL=241 ID=52768 TCP DPT=23 WINDOW=0 SYN |
2019-06-23 05:26:52 |
| 100.35.197.249 | attack | Jun 18 02:21:31 vayu sshd[281649]: Invalid user tarika from 100.35.197.249 Jun 18 02:21:31 vayu sshd[281649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=pool-100-35-197-249.nwrknj.fios.verizon.net Jun 18 02:21:33 vayu sshd[281649]: Failed password for invalid user tarika from 100.35.197.249 port 36542 ssh2 Jun 18 02:21:33 vayu sshd[281649]: Received disconnect from 100.35.197.249: 11: Bye Bye [preauth] Jun 18 02:29:50 vayu sshd[284495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=pool-100-35-197-249.nwrknj.fios.verizon.net user=dovecot Jun 18 02:29:52 vayu sshd[284495]: Failed password for dovecot from 100.35.197.249 port 46134 ssh2 Jun 18 02:29:53 vayu sshd[284495]: Received disconnect from 100.35.197.249: 11: Bye Bye [preauth] Jun 18 02:30:13 vayu sshd[285140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=pool-100-35-197-249.nwrknj.fios........ ------------------------------- |
2019-06-23 05:55:33 |
| 41.82.64.70 | attackspambots | Autoban 41.82.64.70 AUTH/CONNECT |
2019-06-23 05:46:02 |
| 106.75.84.197 | attackbotsspam | ¯\_(ツ)_/¯ |
2019-06-23 05:27:56 |
| 52.91.142.205 | attackbots | 1561214039 - 06/22/2019 21:33:59 Host: ec2-52-91-142-205.compute-1.amazonaws.com/52.91.142.205 Port: 21 TCP Blocked ... |
2019-06-23 05:16:50 |
| 186.91.164.71 | attackbots | Unauthorized connection attempt from IP address 186.91.164.71 on Port 445(SMB) |
2019-06-23 05:34:26 |
| 190.57.236.234 | attack | php WP PHPmyadamin ABUSE blocked for 12h |
2019-06-23 05:38:57 |
| 123.30.188.214 | attackspambots | Unauthorized connection attempt from IP address 123.30.188.214 on Port 445(SMB) |
2019-06-23 05:42:37 |
| 191.53.248.80 | attack | failed_logins |
2019-06-23 05:18:57 |
| 177.37.166.74 | attackbotsspam | Unauthorized connection attempt from IP address 177.37.166.74 on Port 445(SMB) |
2019-06-23 05:27:25 |
| 60.6.185.230 | attack | port 23 attempt blocked |
2019-06-23 05:24:06 |