City: North Bergen
Region: New Jersey
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | Feb 12 23:06:34 JetsonHomeServer sshd[30820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 Feb 12 23:06:36 JetsonHomeServer sshd[30820]: Failed password for invalid user abc from 157.245.252.2 port 59842 ssh2 Feb 12 23:09:29 JetsonHomeServer sshd[1476]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 |
2020-02-13 04:24:13 |
| attackspam | Feb 8 23:36:01 hpm sshd\[18380\]: Invalid user gpn from 157.245.252.2 Feb 8 23:36:01 hpm sshd\[18380\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 Feb 8 23:36:03 hpm sshd\[18380\]: Failed password for invalid user gpn from 157.245.252.2 port 35512 ssh2 Feb 8 23:39:10 hpm sshd\[18865\]: Invalid user tsa from 157.245.252.2 Feb 8 23:39:10 hpm sshd\[18865\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 |
2020-02-09 21:26:20 |
| attackspam | 2020-02-07T23:32:47.9396831495-001 sshd[43205]: Invalid user rga from 157.245.252.2 port 49906 2020-02-07T23:32:47.9479771495-001 sshd[43205]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 2020-02-07T23:32:47.9396831495-001 sshd[43205]: Invalid user rga from 157.245.252.2 port 49906 2020-02-07T23:32:50.0083251495-001 sshd[43205]: Failed password for invalid user rga from 157.245.252.2 port 49906 ssh2 2020-02-07T23:43:21.9194431495-001 sshd[43804]: Invalid user xgr from 157.245.252.2 port 57464 2020-02-07T23:43:21.9243131495-001 sshd[43804]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 2020-02-07T23:43:21.9194431495-001 sshd[43804]: Invalid user xgr from 157.245.252.2 port 57464 2020-02-07T23:43:24.0198281495-001 sshd[43804]: Failed password for invalid user xgr from 157.245.252.2 port 57464 ssh2 2020-02-07T23:45:35.5550561495-001 sshd[43932]: Invalid user hxa from 157.245.25 ... |
2020-02-08 13:50:07 |
| attack | Feb 6 20:54:27 legacy sshd[13236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 Feb 6 20:54:30 legacy sshd[13236]: Failed password for invalid user sjs from 157.245.252.2 port 35514 ssh2 Feb 6 20:57:18 legacy sshd[13452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.2 ... |
2020-02-07 04:38:46 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 157.245.252.34 | attackspambots | Oct 12 15:08:42 localhost sshd[119500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root Oct 12 15:08:44 localhost sshd[119500]: Failed password for root from 157.245.252.34 port 51008 ssh2 Oct 12 15:12:17 localhost sshd[119796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root Oct 12 15:12:19 localhost sshd[119796]: Failed password for root from 157.245.252.34 port 54610 ssh2 Oct 12 15:15:42 localhost sshd[120098]: Invalid user carlo from 157.245.252.34 port 58214 ... |
2020-10-12 23:23:51 |
| 157.245.252.34 | attack | 2020-10-12T05:40:41.446305abusebot-6.cloudsearch.cf sshd[13097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root 2020-10-12T05:40:43.279740abusebot-6.cloudsearch.cf sshd[13097]: Failed password for root from 157.245.252.34 port 58976 ssh2 2020-10-12T05:44:19.665447abusebot-6.cloudsearch.cf sshd[13102]: Invalid user trade from 157.245.252.34 port 33580 2020-10-12T05:44:19.671738abusebot-6.cloudsearch.cf sshd[13102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 2020-10-12T05:44:19.665447abusebot-6.cloudsearch.cf sshd[13102]: Invalid user trade from 157.245.252.34 port 33580 2020-10-12T05:44:21.434594abusebot-6.cloudsearch.cf sshd[13102]: Failed password for invalid user trade from 157.245.252.34 port 33580 ssh2 2020-10-12T05:46:58.749306abusebot-6.cloudsearch.cf sshd[13113]: Invalid user its from 157.245.252.34 port 55134 ... |
2020-10-12 14:48:42 |
| 157.245.252.154 | attack | Failed password for root from 157.245.252.154 port 49176 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.154 user=root Failed password for root from 157.245.252.154 port 53796 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.154 user=root Failed password for root from 157.245.252.154 port 58412 ssh2 |
2020-10-11 05:14:45 |
| 157.245.252.154 | attack | 2020-10-10T17:01:44.232380paragon sshd[828487]: Failed password for invalid user nishant from 157.245.252.154 port 46958 ssh2 2020-10-10T17:05:59.208429paragon sshd[828613]: Invalid user ftpuser from 157.245.252.154 port 52192 2020-10-10T17:05:59.212667paragon sshd[828613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.154 2020-10-10T17:05:59.208429paragon sshd[828613]: Invalid user ftpuser from 157.245.252.154 port 52192 2020-10-10T17:06:01.535740paragon sshd[828613]: Failed password for invalid user ftpuser from 157.245.252.154 port 52192 ssh2 ... |
2020-10-10 21:18:42 |
| 157.245.252.34 | attack | Oct 7 23:20:00 h2829583 sshd[21509]: Failed password for root from 157.245.252.34 port 43172 ssh2 |
2020-10-08 05:55:43 |
| 157.245.252.34 | attackspambots | $f2bV_matches |
2020-10-07 14:13:02 |
| 157.245.252.34 | attackbots | (sshd) Failed SSH login from 157.245.252.34 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 13:23:21 server2 sshd[29761]: Invalid user manager from 157.245.252.34 Sep 26 13:23:21 server2 sshd[29761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 Sep 26 13:23:22 server2 sshd[29761]: Failed password for invalid user manager from 157.245.252.34 port 46372 ssh2 Sep 26 13:28:45 server2 sshd[3125]: Invalid user centos from 157.245.252.34 Sep 26 13:28:45 server2 sshd[3125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 |
2020-09-27 05:24:32 |
| 157.245.252.34 | attack | (sshd) Failed SSH login from 157.245.252.34 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 26 12:07:36 server2 sshd[957]: Invalid user victor from 157.245.252.34 port 39100 Sep 26 12:07:39 server2 sshd[957]: Failed password for invalid user victor from 157.245.252.34 port 39100 ssh2 Sep 26 12:17:54 server2 sshd[3901]: Invalid user admin from 157.245.252.34 port 54238 Sep 26 12:17:55 server2 sshd[3901]: Failed password for invalid user admin from 157.245.252.34 port 54238 ssh2 Sep 26 12:20:22 server2 sshd[4480]: Invalid user julia from 157.245.252.34 port 44052 |
2020-09-26 21:39:21 |
| 157.245.252.34 | attack | 157.245.252.34 (US/United States/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 26 00:21:07 idl1-dfw sshd[3681305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.49.9.210 user=root Sep 26 00:21:09 idl1-dfw sshd[3681305]: Failed password for root from 178.49.9.210 port 60482 ssh2 Sep 26 00:18:04 idl1-dfw sshd[3679217]: Failed password for root from 157.245.252.34 port 49996 ssh2 Sep 26 00:18:02 idl1-dfw sshd[3679217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root Sep 26 00:24:26 idl1-dfw sshd[3683747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.106.68 user=root Sep 26 00:24:50 idl1-dfw sshd[3683920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.210.88.98 user=root IP Addresses Blocked: 178.49.9.210 (RU/Russia/-) |
2020-09-26 13:21:13 |
| 157.245.252.101 | attackbotsspam | Sep 15 19:54:11 ip106 sshd[24092]: Failed password for root from 157.245.252.101 port 56486 ssh2 ... |
2020-09-16 02:50:04 |
| 157.245.252.101 | attackspam | Sep 15 06:02:00 george sshd[21692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.101 user=root Sep 15 06:02:01 george sshd[21692]: Failed password for root from 157.245.252.101 port 58270 ssh2 Sep 15 06:05:39 george sshd[21722]: Invalid user chenys from 157.245.252.101 port 41988 Sep 15 06:05:39 george sshd[21722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.101 Sep 15 06:05:41 george sshd[21722]: Failed password for invalid user chenys from 157.245.252.101 port 41988 ssh2 ... |
2020-09-15 18:49:01 |
| 157.245.252.34 | attackspambots | Sep 12 11:52:04 web8 sshd\[4307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root Sep 12 11:52:07 web8 sshd\[4307\]: Failed password for root from 157.245.252.34 port 56234 ssh2 Sep 12 11:56:02 web8 sshd\[6382\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root Sep 12 11:56:05 web8 sshd\[6382\]: Failed password for root from 157.245.252.34 port 40066 ssh2 Sep 12 12:00:01 web8 sshd\[8280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root |
2020-09-12 20:06:34 |
| 157.245.252.34 | attack | 2020-09-12T04:03:52.899329shield sshd\[2074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 user=root 2020-09-12T04:03:54.469188shield sshd\[2074\]: Failed password for root from 157.245.252.34 port 58936 ssh2 2020-09-12T04:07:57.776421shield sshd\[2842\]: Invalid user smbtesting from 157.245.252.34 port 44444 2020-09-12T04:07:57.788218shield sshd\[2842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 2020-09-12T04:07:59.326846shield sshd\[2842\]: Failed password for invalid user smbtesting from 157.245.252.34 port 44444 ssh2 |
2020-09-12 12:09:59 |
| 157.245.252.34 | attack | Sep 11 18:27:36 localhost sshd[3854918]: Failed password for invalid user hplip from 157.245.252.34 port 36320 ssh2 Sep 11 18:30:54 localhost sshd[3861796]: Invalid user bot from 157.245.252.34 port 40706 Sep 11 18:30:54 localhost sshd[3861796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.252.34 Sep 11 18:30:54 localhost sshd[3861796]: Invalid user bot from 157.245.252.34 port 40706 Sep 11 18:30:56 localhost sshd[3861796]: Failed password for invalid user bot from 157.245.252.34 port 40706 ssh2 ... |
2020-09-12 03:57:40 |
| 157.245.252.34 | attackbots | ssh intrusion attempt |
2020-09-10 22:07:52 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.252.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5081
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.252.2. IN A
;; AUTHORITY SECTION:
. 472 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020020601 1800 900 604800 86400
;; Query time: 228 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 07 04:38:41 CST 2020
;; MSG SIZE rcvd: 117
Host 2.252.245.157.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 2.252.245.157.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 36.57.65.52 | attackbotsspam | Jul 25 18:05:07 srv01 postfix/smtpd\[5751\]: warning: unknown\[36.57.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 25 18:05:18 srv01 postfix/smtpd\[5751\]: warning: unknown\[36.57.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 25 18:05:35 srv01 postfix/smtpd\[5751\]: warning: unknown\[36.57.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 25 18:05:54 srv01 postfix/smtpd\[5751\]: warning: unknown\[36.57.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 25 18:06:06 srv01 postfix/smtpd\[5751\]: warning: unknown\[36.57.65.52\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-07-26 00:25:32 |
| 141.98.81.81 | attackspambots | Exploited Host. |
2020-07-25 23:44:59 |
| 161.35.32.43 | attackspambots | Jul 25 17:16:08 ip106 sshd[23527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=161.35.32.43 Jul 25 17:16:10 ip106 sshd[23527]: Failed password for invalid user admin from 161.35.32.43 port 48718 ssh2 ... |
2020-07-25 23:55:23 |
| 124.61.214.44 | attack | Jul 25 11:13:27 george sshd[29190]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.61.214.44 Jul 25 11:13:29 george sshd[29190]: Failed password for invalid user tir from 124.61.214.44 port 46874 ssh2 Jul 25 11:18:14 george sshd[29213]: Invalid user esp from 124.61.214.44 port 59470 Jul 25 11:18:14 george sshd[29213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.61.214.44 Jul 25 11:18:16 george sshd[29213]: Failed password for invalid user esp from 124.61.214.44 port 59470 ssh2 ... |
2020-07-25 23:54:29 |
| 41.59.96.17 | attackspam | Unauthorized connection attempt from IP address 41.59.96.17 on Port 445(SMB) |
2020-07-25 23:59:17 |
| 122.51.52.154 | attack | IP blocked |
2020-07-26 00:09:38 |
| 140.143.57.159 | attack | Exploited Host. |
2020-07-26 00:26:27 |
| 121.134.138.166 | attackbotsspam | Honeypot attack, port: 5555, PTR: PTR record not found |
2020-07-25 23:35:28 |
| 27.8.117.54 | attackbotsspam | Honeypot attack, port: 5555, PTR: PTR record not found |
2020-07-25 23:48:51 |
| 117.196.229.30 | attackbots | Unauthorized connection attempt from IP address 117.196.229.30 on Port 445(SMB) |
2020-07-26 00:06:45 |
| 129.204.196.245 | attack | Port probing on unauthorized port 1099 |
2020-07-25 23:40:50 |
| 201.77.146.254 | attackbots | $f2bV_matches |
2020-07-25 23:51:49 |
| 187.160.239.74 | attack | Unauthorized connection attempt from IP address 187.160.239.74 on Port 445(SMB) |
2020-07-25 23:39:57 |
| 193.169.253.48 | attack | Rude login attack (60 tries in 1d) |
2020-07-26 00:19:14 |
| 222.186.180.8 | attack | Jul 25 17:56:19 nextcloud sshd\[13360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root Jul 25 17:56:22 nextcloud sshd\[13360\]: Failed password for root from 222.186.180.8 port 7792 ssh2 Jul 25 17:56:42 nextcloud sshd\[13788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.8 user=root |
2020-07-26 00:10:43 |