157.245.58.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Feb 21 05:36:48 ns382633 sshd\[20846\]: Invalid user a from 157.245.58.92 port 37680 Feb 21 05:36:48 ns382633 sshd\[20846\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.92 Feb 21 05:36:50 ns382633 sshd\[20846\]: Failed password for invalid user a from 157.245.58.92 port 37680 ssh2 Feb 21 05:50:58 ns382633 sshd\[23085\]: Invalid user user from 157.245.58.92 port 60872 Feb 21 05:50:58 ns382633 sshd\[23085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.92	2020-02-21 18:26:37
attack	Feb 20 15:15:36 markkoudstaal sshd[16642]: Failed password for gnats from 157.245.58.92 port 52196 ssh2 Feb 20 15:16:54 markkoudstaal sshd[16870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.92 Feb 20 15:16:56 markkoudstaal sshd[16870]: Failed password for invalid user gitlab-prometheus from 157.245.58.92 port 33148 ssh2	2020-02-20 22:47:17
attack	SSH brutforce	2020-02-20 06:09:30

Type

Details

Datetime

attackspam

Feb 21 05:36:48 ns382633 sshd\[20846\]: Invalid user a from 157.245.58.92 port 37680
Feb 21 05:36:48 ns382633 sshd\[20846\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.92
Feb 21 05:36:50 ns382633 sshd\[20846\]: Failed password for invalid user a from 157.245.58.92 port 37680 ssh2
Feb 21 05:50:58 ns382633 sshd\[23085\]: Invalid user user from 157.245.58.92 port 60872
Feb 21 05:50:58 ns382633 sshd\[23085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.92

2020-02-21 18:26:37

attack

Feb 20 15:15:36 markkoudstaal sshd[16642]: Failed password for gnats from 157.245.58.92 port 52196 ssh2
Feb 20 15:16:54 markkoudstaal sshd[16870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.92
Feb 20 15:16:56 markkoudstaal sshd[16870]: Failed password for invalid user gitlab-prometheus from 157.245.58.92 port 33148 ssh2

2020-02-20 22:47:17

attack

SSH brutforce

2020-02-20 06:09:30

Comments on same subnet:

IP	Type	Details	Datetime
157.245.58.40	attack	20 attempts against mh_ha-misbehave-ban on air	2020-01-24 04:44:35
157.245.58.40	attackbots	20 attempts against mh_ha-misbehave-ban on air.magehost.pro	2020-01-19 13:33:05
157.245.58.203	attack	Dec 12 09:36:36 nextcloud sshd\[23301\]: Invalid user hhhhhhh from 157.245.58.203 Dec 12 09:36:36 nextcloud sshd\[23301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.203 Dec 12 09:36:39 nextcloud sshd\[23301\]: Failed password for invalid user hhhhhhh from 157.245.58.203 port 50480 ssh2 ...	2019-12-12 16:45:04

Type

Details

Datetime

157.245.58.40

attack

20 attempts against mh_ha-misbehave-ban on air

2020-01-24 04:44:35

157.245.58.40

attackbots

20 attempts against mh_ha-misbehave-ban on air.magehost.pro

2020-01-19 13:33:05

157.245.58.203

attack

Dec 12 09:36:36 nextcloud sshd\[23301\]: Invalid user hhhhhhh from 157.245.58.203
Dec 12 09:36:36 nextcloud sshd\[23301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.58.203
Dec 12 09:36:39 nextcloud sshd\[23301\]: Failed password for invalid user hhhhhhh from 157.245.58.203 port 50480 ssh2
...

2019-12-12 16:45:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.58.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59808
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.58.92.			IN	A

;; AUTHORITY SECTION:
.			384	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021901 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 06:09:27 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 92.58.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.58.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.237.98.104	attackbots	SpamScore above: 10.0	2020-10-02 13:33:25
125.44.14.0	attack	Listed on zen-spamhaus also abuseat.org / proto=6 . srcport=42223 . dstport=5555 . (3843)	2020-10-02 13:15:27
173.206.143.242	attack	Telnet Honeypot -> Telnet Bruteforce / Login	2020-10-02 13:29:42
177.106.21.117	attack	1601584836 - 10/01/2020 22:40:36 Host: 177.106.21.117/177.106.21.117 Port: 445 TCP Blocked	2020-10-02 13:31:05
106.75.231.227	attackspambots	Oct 1 05:33:10 m3 sshd[13461]: Invalid user db from 106.75.231.227 Oct 1 05:33:11 m3 sshd[13461]: Failed password for invalid user db from 106.75.231.227 port 57632 ssh2 Oct 1 05:45:48 m3 sshd[14865]: Invalid user demo from 106.75.231.227 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=106.75.231.227	2020-10-02 13:42:24
217.11.188.156	attack	Listed on abuseat.org plus barracudaCentral and zen-spamhaus / proto=6 . srcport=58313 . dstport=445 SMB . (3839)	2020-10-02 13:34:10
104.131.60.112	attack	Invalid user admin from 104.131.60.112 port 37012	2020-10-02 13:29:13
102.37.12.59	attack	2020-10-01 17:55:49.636053-0500 localhost sshd[70167]: Failed password for invalid user eva from 102.37.12.59 port 1088 ssh2	2020-10-02 13:40:38
125.43.69.155	attackspam	Invalid user cloud from 125.43.69.155 port 19408	2020-10-02 13:25:31
45.77.176.234	attack	Oct 2 06:17:53 vps8769 sshd[18562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.77.176.234 Oct 2 06:17:54 vps8769 sshd[18562]: Failed password for invalid user hdfs from 45.77.176.234 port 11230 ssh2 ...	2020-10-02 13:15:01
196.191.79.125	attack	Unauthorized access to SSH at 1/Oct/2020:20:40:25 +0000.	2020-10-02 13:45:23
168.119.107.140	attack	Oct 1 23:35:01 server postfix/smtpd[30134]: NOQUEUE: reject: RCPT from static.140.107.119.168.clients.your-server.de[168.119.107.140]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Oct 1 23:40:13 server postfix/smtpd[30058]: NOQUEUE: reject: RCPT from static.140.107.119.168.clients.your-server.de[168.119.107.140]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Oct 1 23:44:05 server postfix/smtpd[30086]: NOQUEUE: reject: RCPT from static.140.107.119.168.clients.your-server.de[168.119.107.140]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo=	2020-10-02 13:33:08
124.70.66.245	attack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-02 13:17:39
40.114.197.106	attackspambots	2020-10-01T22:44:04.044087mail.broermann.family sshd[8088]: Invalid user www from 40.114.197.106 port 60884 2020-10-01T22:44:04.049233mail.broermann.family sshd[8088]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.114.197.106 2020-10-01T22:44:04.044087mail.broermann.family sshd[8088]: Invalid user www from 40.114.197.106 port 60884 2020-10-01T22:44:06.644814mail.broermann.family sshd[8088]: Failed password for invalid user www from 40.114.197.106 port 60884 ssh2 2020-10-01T22:48:17.971000mail.broermann.family sshd[8444]: Invalid user pepe from 40.114.197.106 port 42090 ...	2020-10-02 13:36:06
76.69.154.149	attack	trying to access non-authorized port	2020-10-02 13:42:56

Recently Reported IPs

45.233.10.183	212.113.98.243	78.47.49.168	105.159.19.190
71.87.32.87	45.143.221.46	123.48.139.168	36.63.213.189
193.201.202.192	122.246.94.126	203.228.122.8	68.143.72.19
144.140.223.13	45.99.90.225	14.28.88.60	35.236.26.234
49.140.106.46	98.242.122.183	101.17.92.234	61.2.129.64