157.245.94.136

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
157.245.94.161	attackbots	Hits on port : 10798	2020-04-14 00:38:45
157.245.94.61	attackspambots	Apr 7 16:30:36 lvps5-35-247-183 sshd[30741]: Invalid user ftpuser2 from 157.245.94.61 Apr 7 16:30:36 lvps5-35-247-183 sshd[30741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.94.61 Apr 7 16:30:38 lvps5-35-247-183 sshd[30741]: Failed password for invalid user ftpuser2 from 157.245.94.61 port 34142 ssh2 Apr 7 16:30:38 lvps5-35-247-183 sshd[30741]: Received disconnect from 157.245.94.61: 11: Bye Bye [preauth] Apr 7 16:35:01 lvps5-35-247-183 sshd[30931]: Invalid user cloudroute from 157.245.94.61 Apr 7 16:35:01 lvps5-35-247-183 sshd[30931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.94.61 Apr 7 16:35:03 lvps5-35-247-183 sshd[30931]: Failed password for invalid user cloudroute from 157.245.94.61 port 60692 ssh2 Apr 7 16:35:04 lvps5-35-247-183 sshd[30931]: Received disconnect from 157.245.94.61: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en	2020-04-09 03:02:04
157.245.94.120	attack	RDP Brute-Force (Grieskirchen RZ1)	2019-11-09 08:55:50

Type

Details

Datetime

157.245.94.161

attackbots

Hits on port : 10798

2020-04-14 00:38:45

157.245.94.61

attackspambots

Apr  7 16:30:36 lvps5-35-247-183 sshd[30741]: Invalid user ftpuser2 from 157.245.94.61
Apr  7 16:30:36 lvps5-35-247-183 sshd[30741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.94.61 
Apr  7 16:30:38 lvps5-35-247-183 sshd[30741]: Failed password for invalid user ftpuser2 from 157.245.94.61 port 34142 ssh2
Apr  7 16:30:38 lvps5-35-247-183 sshd[30741]: Received disconnect from 157.245.94.61: 11: Bye Bye [preauth]
Apr  7 16:35:01 lvps5-35-247-183 sshd[30931]: Invalid user cloudroute from 157.245.94.61
Apr  7 16:35:01 lvps5-35-247-183 sshd[30931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.94.61 
Apr  7 16:35:03 lvps5-35-247-183 sshd[30931]: Failed password for invalid user cloudroute from 157.245.94.61 port 60692 ssh2
Apr  7 16:35:04 lvps5-35-247-183 sshd[30931]: Received disconnect from 157.245.94.61: 11: Bye Bye [preauth]


........
-----------------------------------------------
https://www.blocklist.de/en

2020-04-09 03:02:04

157.245.94.120

attack

RDP Brute-Force (Grieskirchen RZ1)

2019-11-09 08:55:50

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.94.136
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13134
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;157.245.94.136.			IN	A

;; AUTHORITY SECTION:
.			306	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:29:17 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 136.94.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 136.94.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.203.241	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-09-09 14:12:36
222.186.15.110	attack	Sep 9 08:04:18 andromeda sshd\[53947\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.110 user=root Sep 9 08:04:21 andromeda sshd\[53947\]: Failed password for root from 222.186.15.110 port 46001 ssh2 Sep 9 08:04:23 andromeda sshd\[53947\]: Failed password for root from 222.186.15.110 port 46001 ssh2	2019-09-09 14:25:37
119.60.255.90	attack	Sep 9 08:03:50 mail sshd\[11207\]: Invalid user ts from 119.60.255.90 port 57742 Sep 9 08:03:50 mail sshd\[11207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.60.255.90 Sep 9 08:03:52 mail sshd\[11207\]: Failed password for invalid user ts from 119.60.255.90 port 57742 ssh2 Sep 9 08:08:54 mail sshd\[12188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.60.255.90 user=root Sep 9 08:08:55 mail sshd\[12188\]: Failed password for root from 119.60.255.90 port 39818 ssh2	2019-09-09 14:13:56
51.68.170.178	attack	loopsrockreggae.com 51.68.170.178 \[09/Sep/2019:08:34:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 5615 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" loopsrockreggae.com 51.68.170.178 \[09/Sep/2019:08:34:16 +0200\] "POST /wp-login.php HTTP/1.1" 200 5583 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-09-09 14:54:32
180.76.246.38	attackbots	Sep 9 06:27:04 hcbbdb sshd\[20716\]: Invalid user postgres from 180.76.246.38 Sep 9 06:27:04 hcbbdb sshd\[20716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.38 Sep 9 06:27:06 hcbbdb sshd\[20716\]: Failed password for invalid user postgres from 180.76.246.38 port 51336 ssh2 Sep 9 06:33:29 hcbbdb sshd\[21368\]: Invalid user test from 180.76.246.38 Sep 9 06:33:29 hcbbdb sshd\[21368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.246.38	2019-09-09 14:34:34
206.189.108.59	attackbots	Sep 8 20:21:27 hcbb sshd\[11353\]: Invalid user passw0rd from 206.189.108.59 Sep 8 20:21:27 hcbb sshd\[11353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.108.59 Sep 8 20:21:29 hcbb sshd\[11353\]: Failed password for invalid user passw0rd from 206.189.108.59 port 37160 ssh2 Sep 8 20:27:31 hcbb sshd\[12503\]: Invalid user gmod from 206.189.108.59 Sep 8 20:27:31 hcbb sshd\[12503\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.108.59	2019-09-09 14:31:56
142.93.151.152	attack	Sep 8 20:31:35 tdfoods sshd\[1468\]: Invalid user server from 142.93.151.152 Sep 8 20:31:35 tdfoods sshd\[1468\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.152 Sep 8 20:31:36 tdfoods sshd\[1468\]: Failed password for invalid user server from 142.93.151.152 port 37614 ssh2 Sep 8 20:37:46 tdfoods sshd\[2113\]: Invalid user user from 142.93.151.152 Sep 8 20:37:46 tdfoods sshd\[2113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.151.152	2019-09-09 14:45:40
159.65.34.82	attackspambots	Sep 9 08:03:18 mail sshd\[11134\]: Invalid user test01 from 159.65.34.82 port 40376 Sep 9 08:03:18 mail sshd\[11134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.34.82 Sep 9 08:03:20 mail sshd\[11134\]: Failed password for invalid user test01 from 159.65.34.82 port 40376 ssh2 Sep 9 08:08:43 mail sshd\[12145\]: Invalid user guest from 159.65.34.82 port 44464 Sep 9 08:08:43 mail sshd\[12145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.34.82	2019-09-09 14:12:52
100.26.104.241	attackbots	WordPress login Brute force / Web App Attack on client site.	2019-09-09 14:51:09
179.182.65.213	attackspam	Sep 9 03:01:14 TORMINT sshd\[18759\]: Invalid user ansible@123 from 179.182.65.213 Sep 9 03:01:14 TORMINT sshd\[18759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.182.65.213 Sep 9 03:01:16 TORMINT sshd\[18759\]: Failed password for invalid user ansible@123 from 179.182.65.213 port 54853 ssh2 ...	2019-09-09 15:06:11
132.232.18.128	attackspam	Sep 8 20:29:51 php1 sshd\[11239\]: Invalid user 1 from 132.232.18.128 Sep 8 20:29:51 php1 sshd\[11239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.18.128 Sep 8 20:29:54 php1 sshd\[11239\]: Failed password for invalid user 1 from 132.232.18.128 port 34902 ssh2 Sep 8 20:37:02 php1 sshd\[12213\]: Invalid user wocloud from 132.232.18.128 Sep 8 20:37:02 php1 sshd\[12213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.18.128	2019-09-09 14:52:37
157.230.171.210	attackbotsspam	Sep 9 07:57:35 mail sshd\[9681\]: Invalid user test from 157.230.171.210 port 34734 Sep 9 07:57:35 mail sshd\[9681\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.171.210 Sep 9 07:57:37 mail sshd\[9681\]: Failed password for invalid user test from 157.230.171.210 port 34734 ssh2 Sep 9 08:03:05 mail sshd\[11094\]: Invalid user test from 157.230.171.210 port 38354 Sep 9 08:03:05 mail sshd\[11094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.171.210	2019-09-09 14:13:34
79.137.77.131	attack	$f2bV_matches	2019-09-09 15:02:13
94.23.208.211	attackbotsspam	Sep 8 19:58:02 lcprod sshd\[7639\]: Invalid user 1q2w3e4r from 94.23.208.211 Sep 8 19:58:02 lcprod sshd\[7639\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns303460.ip-94-23-208.eu Sep 8 19:58:04 lcprod sshd\[7639\]: Failed password for invalid user 1q2w3e4r from 94.23.208.211 port 59678 ssh2 Sep 8 20:04:09 lcprod sshd\[8199\]: Invalid user 1q2w3e4r from 94.23.208.211 Sep 8 20:04:09 lcprod sshd\[8199\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns303460.ip-94-23-208.eu	2019-09-09 14:55:40
109.167.98.27	attackspam	Sep 9 02:00:56 ny01 sshd[16457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.167.98.27 Sep 9 02:00:58 ny01 sshd[16457]: Failed password for invalid user 106 from 109.167.98.27 port 39336 ssh2 Sep 9 02:06:40 ny01 sshd[17427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.167.98.27	2019-09-09 14:41:52

Recently Reported IPs

157.245.89.138	157.245.96.225	157.245.89.94	157.245.94.170
157.245.97.109	157.245.97.107	157.249.120.69	157.245.99.185
157.245.99.35	157.245.96.6	157.249.121.5	157.25.173.106
157.25.173.103	157.25.173.112	157.25.173.118	157.25.173.108
157.25.173.114	157.25.173.111	157.25.173.158	157.25.173.160