157.245.239.139

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Nov 29 13:57:11 scivo sshd[26481]: Invalid user fake from 157.245.239.139 Nov 29 13:57:11 scivo sshd[26481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.139 Nov 29 13:57:13 scivo sshd[26481]: Failed password for invalid user fake from 157.245.239.139 port 49200 ssh2 Nov 29 13:57:13 scivo sshd[26481]: Received disconnect from 157.245.239.139: 11: Bye Bye [preauth] Nov 29 13:57:14 scivo sshd[26483]: Invalid user admin from 157.245.239.139 Nov 29 13:57:14 scivo sshd[26483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.139 Nov 29 13:57:16 scivo sshd[26483]: Failed password for invalid user admin from 157.245.239.139 port 34524 ssh2 Nov 29 13:57:17 scivo sshd[26483]: Received disconnect from 157.245.239.139: 11: Bye Bye [preauth] Nov 29 13:57:18 scivo sshd[26485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.1........ -------------------------------	2019-11-29 14:04:21

Type

Details

Datetime

attackbots

Nov 29 13:57:11 scivo sshd[26481]: Invalid user fake from 157.245.239.139
Nov 29 13:57:11 scivo sshd[26481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.139 
Nov 29 13:57:13 scivo sshd[26481]: Failed password for invalid user fake from 157.245.239.139 port 49200 ssh2
Nov 29 13:57:13 scivo sshd[26481]: Received disconnect from 157.245.239.139: 11: Bye Bye [preauth]
Nov 29 13:57:14 scivo sshd[26483]: Invalid user admin from 157.245.239.139
Nov 29 13:57:14 scivo sshd[26483]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.139 
Nov 29 13:57:16 scivo sshd[26483]: Failed password for invalid user admin from 157.245.239.139 port 34524 ssh2
Nov 29 13:57:17 scivo sshd[26483]: Received disconnect from 157.245.239.139: 11: Bye Bye [preauth]
Nov 29 13:57:18 scivo sshd[26485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.239.1........
-------------------------------

2019-11-29 14:04:21

Comments on same subnet:

IP	Type	Details	Datetime
157.245.239.1	attackspam	SSH login attempts with user root.	2019-11-30 06:17:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.239.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20801
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.239.139.		IN	A

;; AUTHORITY SECTION:
.			289	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112802 1800 900 604800 86400

;; Query time: 594 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 29 14:04:15 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 139.239.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 139.239.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.15.59.190	attackspam	Feb 20 04:52:08 srv1 sshd[28531]: Invalid user sunlei from 51.15.59.190 Feb 20 04:52:11 srv1 sshd[28531]: Failed password for invalid user sunlei from 51.15.59.190 port 38698 ssh2 Feb 20 04:53:50 srv1 sshd[29516]: Invalid user plex from 51.15.59.190 Feb 20 04:53:52 srv1 sshd[29516]: Failed password for invalid user plex from 51.15.59.190 port 52686 ssh2 Feb 20 04:54:55 srv1 sshd[30128]: Invalid user m4 from 51.15.59.190 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=51.15.59.190	2020-02-23 06:16:46
46.235.11.63	attack	Automatic report - XMLRPC Attack	2020-02-23 06:17:57
77.202.192.113	attackspam	Invalid user pi from 77.202.192.113 port 51972	2020-02-23 06:23:28
118.184.186.79	attackspambots	Feb 22 22:17:37 vps670341 sshd[22832]: Invalid user admin from 118.184.186.79 port 60681	2020-02-23 06:03:16
123.125.71.45	attackbots	Automatic report - Banned IP Access	2020-02-23 06:08:03
104.248.71.7	attackbotsspam	Feb 22 21:11:53 XXXXXX sshd[53894]: Invalid user at from 104.248.71.7 port 35704	2020-02-23 06:06:14
63.82.50.49	attackbotsspam	2020-02-22 10:44:34 H=(d4-data.agency) [63.82.50.49]:29176 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in sip-sip24.73t3wsbtnrhe.invaluement.com (127.0.0.2) (Blocked by ivmSIP and/or ivmSIP/24 - see https://www.invaluement.com/lookup/?item=63.82.50.49) 2020-02-22 10:44:35 H=(d4-data.agency) [63.82.50.49]:21872 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2020-02-22 10:44:36 H=(d4-data.agency) [63.82.50.49]:10994 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2020-02-23 06:24:41
211.141.35.72	attackspambots	Feb 22 02:46:10 server sshd\[11936\]: Invalid user gmodserver1 from 211.141.35.72 Feb 22 02:46:10 server sshd\[11936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.141.35.72 Feb 22 02:46:12 server sshd\[11936\]: Failed password for invalid user gmodserver1 from 211.141.35.72 port 55024 ssh2 Feb 22 19:45:02 server sshd\[1008\]: Invalid user test from 211.141.35.72 Feb 22 19:45:02 server sshd\[1008\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.141.35.72 ...	2020-02-23 06:01:13
134.90.149.147	attackbots	(From afonsosreis@msn.com) UРDАTE: Crуptoсurrenсy Investing Strategу - Q2 2020. Rеcеivе рassive incomе of $ 70,000 рer month: https://links.wtf/oAhi	2020-02-23 06:27:43
45.74.205.164	attackspambots	Fail2Ban Ban Triggered	2020-02-23 06:19:49
181.112.159.194	attackspam	suspicious action Sat, 22 Feb 2020 13:44:51 -0300	2020-02-23 06:14:47
164.132.203.169	attackspambots	suspicious action Sat, 22 Feb 2020 13:44:09 -0300	2020-02-23 06:39:48
123.207.149.93	attackspambots	Feb 22 08:43:25 hpm sshd\[4242\]: Invalid user www from 123.207.149.93 Feb 22 08:43:25 hpm sshd\[4242\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.149.93 Feb 22 08:43:27 hpm sshd\[4242\]: Failed password for invalid user www from 123.207.149.93 port 33712 ssh2 Feb 22 08:46:23 hpm sshd\[4535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.149.93 user=root Feb 22 08:46:25 hpm sshd\[4535\]: Failed password for root from 123.207.149.93 port 54798 ssh2	2020-02-23 06:28:04
123.125.71.107	attack	Automatic report - Banned IP Access	2020-02-23 06:16:15
106.13.222.216	attackspambots	Invalid user hdfs from 106.13.222.216 port 40002	2020-02-23 06:04:19

Recently Reported IPs

13.173.63.192	154.83.16.47	5.233.153.166	176.109.231.237
185.249.40.246	163.44.207.13	112.53.97.139	79.155.110.106
43.247.145.214	1.80.216.207	217.182.74.253	137.74.60.119
137.74.60.114	122.241.81.237	118.123.252.179	117.158.220.190
138.106.163.180	113.173.179.17	111.249.176.219	94.185.30.223