157.245.95.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	"Found User-Agent associated with security scanner - Matched Data: nmap scripting engine found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; nmap scripting engine; hs://nmap.org/book/nse.html)"	2020-10-06 01:31:56
attackbots	"Found User-Agent associated with security scanner - Matched Data: nmap scripting engine found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; nmap scripting engine; hs://nmap.org/book/nse.html)"	2020-10-05 17:23:33

Type

Details

Datetime

attackbotsspam

"Found User-Agent associated with security scanner - Matched Data: nmap scripting engine found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; nmap scripting engine; hs://nmap.org/book/nse.html)"

2020-10-06 01:31:56

attackbots

"Found User-Agent associated with security scanner - Matched Data: nmap scripting engine found within REQUEST_HEADERS:User-Agent: mozilla/5.0 (compatible; nmap scripting engine; hs://nmap.org/book/nse.html)"

2020-10-05 17:23:33

Comments on same subnet:

IP	Type	Details	Datetime
157.245.95.16	attack	$f2bV_matches	2020-07-18 23:49:30
157.245.95.16	attack	Jul 8 14:59:42 rotator sshd\[30631\]: Invalid user alfred from 157.245.95.16Jul 8 14:59:43 rotator sshd\[30631\]: Failed password for invalid user alfred from 157.245.95.16 port 55522 ssh2Jul 8 15:03:10 rotator sshd\[31447\]: Invalid user ruben from 157.245.95.16Jul 8 15:03:12 rotator sshd\[31447\]: Failed password for invalid user ruben from 157.245.95.16 port 53752 ssh2Jul 8 15:06:18 rotator sshd\[32231\]: Invalid user guset from 157.245.95.16Jul 8 15:06:19 rotator sshd\[32231\]: Failed password for invalid user guset from 157.245.95.16 port 51978 ssh2 ...	2020-07-08 21:33:14
157.245.95.16	attack	Jul 1 02:20:01 ourumov-web sshd\[4142\]: Invalid user user from 157.245.95.16 port 52212 Jul 1 02:20:01 ourumov-web sshd\[4142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.95.16 Jul 1 02:20:03 ourumov-web sshd\[4142\]: Failed password for invalid user user from 157.245.95.16 port 52212 ssh2 ...	2020-07-02 07:46:14
157.245.95.16	attack	SSH Invalid Login	2020-07-02 05:23:51
157.245.95.16	attack	2020-06-21T23:56:08.756961linuxbox-skyline sshd[80074]: Invalid user ftp_user from 157.245.95.16 port 24804 ...	2020-06-22 15:21:13
157.245.95.16	attack	157.245.95.16 (US/United States/-), 12 distributed sshd attacks on account [root] in the last 3600 secs	2020-06-12 02:02:49
157.245.95.16	attackspambots	Jun 11 12:09:49 home sshd[19688]: Failed password for root from 157.245.95.16 port 15718 ssh2 Jun 11 12:13:21 home sshd[20057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.95.16 Jun 11 12:13:23 home sshd[20057]: Failed password for invalid user oqt from 157.245.95.16 port 19038 ssh2 ...	2020-06-11 18:16:13
157.245.95.16	attackspambots	2020-05-31T23:48:07.805926mail.thespaminator.com sshd[26139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.95.16 user=root 2020-05-31T23:48:10.146141mail.thespaminator.com sshd[26139]: Failed password for root from 157.245.95.16 port 61776 ssh2 ...	2020-06-01 17:13:08
157.245.95.107	attackspambots	157.245.95.107 - - [25/May/2020:00:32:14 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.95.107 - - [25/May/2020:00:32:15 +0200] "POST /wp-login.php HTTP/1.1" 200 1678 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.95.107 - - [25/May/2020:00:32:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.95.107 - - [25/May/2020:00:32:18 +0200] "POST /wp-login.php HTTP/1.1" 200 1677 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.95.107 - - [25/May/2020:00:32:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1256 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.95.107 - - [25/May/2020:00:32:22 +0200] "POST /wp-login.php HTTP/1.1" 200 1658 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-05-25 08:29:35
157.245.95.16	attackbots	Failed password for root from 157.245.95.16 port 15692 ssh2	2020-05-21 00:33:04
157.245.95.16	attackspam	May 13 08:11:07 server1 sshd\[8669\]: Failed password for invalid user ts3server3 from 157.245.95.16 port 13582 ssh2 May 13 08:13:48 server1 sshd\[9688\]: Invalid user rishou from 157.245.95.16 May 13 08:13:48 server1 sshd\[9688\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.95.16 May 13 08:13:51 server1 sshd\[9688\]: Failed password for invalid user rishou from 157.245.95.16 port 60206 ssh2 May 13 08:16:34 server1 sshd\[10542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.95.16 user=root ...	2020-05-13 22:18:30
157.245.95.16	attackbots	2020-05-05T01:03:11.727465abusebot-6.cloudsearch.cf sshd[7041]: Invalid user vlad from 157.245.95.16 port 51622 2020-05-05T01:03:11.743756abusebot-6.cloudsearch.cf sshd[7041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.95.16 2020-05-05T01:03:11.727465abusebot-6.cloudsearch.cf sshd[7041]: Invalid user vlad from 157.245.95.16 port 51622 2020-05-05T01:03:13.391307abusebot-6.cloudsearch.cf sshd[7041]: Failed password for invalid user vlad from 157.245.95.16 port 51622 ssh2 2020-05-05T01:07:37.560321abusebot-6.cloudsearch.cf sshd[7311]: Invalid user interview from 157.245.95.16 port 63120 2020-05-05T01:07:37.567065abusebot-6.cloudsearch.cf sshd[7311]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.95.16 2020-05-05T01:07:37.560321abusebot-6.cloudsearch.cf sshd[7311]: Invalid user interview from 157.245.95.16 port 63120 2020-05-05T01:07:39.731517abusebot-6.cloudsearch.cf sshd[7311]: Failed pa ...	2020-05-05 14:29:00
157.245.95.16	attackbots	Invalid user agent from 157.245.95.16 port 31136	2020-05-01 16:11:54
157.245.95.16	attack	Invalid user agent from 157.245.95.16 port 31136	2020-04-30 03:19:45
157.245.95.16	attackbots	Invalid user gw from 157.245.95.16 port 16512	2020-04-21 20:38:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.95.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55800
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.95.42.			IN	A

;; AUTHORITY SECTION:
.			205	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100500 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 05 17:23:27 CST 2020
;; MSG SIZE  rcvd: 117

Host info

42.95.245.157.in-addr.arpa domain name pointer agent-01.natlas.io.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.95.245.157.in-addr.arpa	name = agent-01.natlas.io.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.93.12	attack	Oct 20 06:25:22 meumeu sshd[7785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.12 Oct 20 06:25:24 meumeu sshd[7785]: Failed password for invalid user cisco from 106.12.93.12 port 53186 ssh2 Oct 20 06:30:19 meumeu sshd[8396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.93.12 ...	2019-10-20 16:16:02
151.70.39.105	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/151.70.39.105/ IT - 1H : (92) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN1267 IP : 151.70.39.105 CIDR : 151.70.0.0/16 PREFIX COUNT : 161 UNIQUE IP COUNT : 6032640 ATTACKS DETECTED ASN1267 : 1H - 2 3H - 5 6H - 5 12H - 6 24H - 17 DateTime : 2019-10-20 05:51:24 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-20 16:22:01
152.0.79.108	attack	2019-10-20T07:41:54.644300hub.schaetter.us sshd\[3265\]: Invalid user rancid from 152.0.79.108 port 49265 2019-10-20T07:41:54.654985hub.schaetter.us sshd\[3265\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.0.79.108 2019-10-20T07:41:56.906015hub.schaetter.us sshd\[3265\]: Failed password for invalid user rancid from 152.0.79.108 port 49265 ssh2 2019-10-20T07:48:17.783387hub.schaetter.us sshd\[3339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.0.79.108 user=root 2019-10-20T07:48:19.612845hub.schaetter.us sshd\[3339\]: Failed password for root from 152.0.79.108 port 41262 ssh2 ...	2019-10-20 16:15:43
203.193.184.35	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-10-20 16:50:05
220.248.17.34	attack	Oct 19 19:27:24 wbs sshd\[9210\]: Invalid user 12345 from 220.248.17.34 Oct 19 19:27:24 wbs sshd\[9210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.248.17.34 Oct 19 19:27:25 wbs sshd\[9210\]: Failed password for invalid user 12345 from 220.248.17.34 port 54979 ssh2 Oct 19 19:32:36 wbs sshd\[9655\]: Invalid user iloveyou from 220.248.17.34 Oct 19 19:32:36 wbs sshd\[9655\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.248.17.34	2019-10-20 16:44:41
202.5.20.192	attackbots	Invalid user maroon from 202.5.20.192 port 46103	2019-10-20 16:41:14
223.171.46.146	attackbots	Oct 20 08:59:24 MK-Soft-VM4 sshd[17007]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.171.46.146 Oct 20 08:59:25 MK-Soft-VM4 sshd[17007]: Failed password for invalid user bcampion from 223.171.46.146 port 41900 ssh2 ...	2019-10-20 16:17:23
106.12.189.235	attackspambots	Oct 20 06:21:51 *** sshd[10670]: User root from 106.12.189.235 not allowed because not listed in AllowUsers	2019-10-20 16:52:37
223.16.216.92	attack	2019-10-20T09:42:07.074883scmdmz1 sshd\[30908\]: Invalid user alison from 223.16.216.92 port 38840 2019-10-20T09:42:07.077823scmdmz1 sshd\[30908\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.16.216.92 2019-10-20T09:42:08.781259scmdmz1 sshd\[30908\]: Failed password for invalid user alison from 223.16.216.92 port 38840 ssh2 ...	2019-10-20 16:24:53
62.24.102.106	attack	2019-10-20T08:08:15.898350abusebot.cloudsearch.cf sshd\[22473\]: Invalid user cat from 62.24.102.106 port 40785 2019-10-20T08:08:15.903011abusebot.cloudsearch.cf sshd\[22473\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.24.102.106	2019-10-20 16:29:41
112.196.185.130	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/112.196.185.130/ IN - 1H : (56) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IN NAME ASN : ASN45184 IP : 112.196.185.130 CIDR : 112.196.185.0/24 PREFIX COUNT : 97 UNIQUE IP COUNT : 24832 ATTACKS DETECTED ASN45184 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-20 05:51:03 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-20 16:33:16
210.57.22.204	attackspam	Oct 20 07:23:27 MK-Soft-VM5 sshd[14638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.57.22.204 Oct 20 07:23:29 MK-Soft-VM5 sshd[14638]: Failed password for invalid user siraj from 210.57.22.204 port 31967 ssh2 ...	2019-10-20 16:42:20
54.39.75.1	attackspambots	Oct 20 10:38:27 vps647732 sshd[12077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.75.1 Oct 20 10:38:29 vps647732 sshd[12077]: Failed password for invalid user yhyuan from 54.39.75.1 port 52842 ssh2 ...	2019-10-20 16:41:32
187.162.143.111	attackbots	Automatic report - Port Scan Attack	2019-10-20 16:45:33
49.232.16.241	attackbots	Oct 20 05:45:24 * sshd[27465]: Failed password for root from 49.232.16.241 port 49848 ssh2 Oct 20 05:51:00 * sshd[28103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.16.241	2019-10-20 16:36:37

Recently Reported IPs

23.29.143.87	5.9.190.52	104.41.56.48	101.127.155.33
35.192.99.43	115.50.250.226	36.66.243.115	185.141.171.147
156.209.164.15	139.99.55.150	112.169.60.225	125.137.13.64
183.154.18.88	1.222.105.27	77.40.2.105	24.200.190.39
154.123.181.152	85.9.251.137	5.9.19.37	190.248.133.62