216.245.220.158

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
216.245.220.166	attack	\[2019-10-06 07:49:44\] NOTICE\[1887\] chan_sip.c: Registration from '"100" \' failed for '216.245.220.166:5362' - Wrong password \[2019-10-06 07:49:44\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-06T07:49:44.995-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="100",SessionID="0x7fc3ac906718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.220.166/5362",Challenge="14e1bab8",ReceivedChallenge="14e1bab8",ReceivedHash="186566f8f04191775bf66c5ab2822b93" \[2019-10-06 07:49:45\] NOTICE\[1887\] chan_sip.c: Registration from '"100" \' failed for '216.245.220.166:5362' - Wrong password \[2019-10-06 07:49:45\] SECURITY\[1898\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-06T07:49:45.059-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="100",SessionID="0x7fc3ac62e4e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-10-06 20:01:30
216.245.220.166	attack	\[2019-10-03 14:06:13\] NOTICE\[1948\] chan_sip.c: Registration from '"203" \' failed for '216.245.220.166:5215' - Wrong password \[2019-10-03 14:06:13\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-03T14:06:13.390-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="203",SessionID="0x7f1e1c2bed58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.220.166/5215",Challenge="18f04039",ReceivedChallenge="18f04039",ReceivedHash="0d6e79170e82f00a58d6f48dcf3f4d45" \[2019-10-03 14:06:13\] NOTICE\[1948\] chan_sip.c: Registration from '"203" \' failed for '216.245.220.166:5215' - Wrong password \[2019-10-03 14:06:13\] SECURITY\[2006\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-10-03T14:06:13.475-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="203",SessionID="0x7f1e1c1e96b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UD	2019-10-04 02:25:35
216.245.220.166	attack	firewall-block, port(s): 5060/udp	2019-09-24 00:32:56
216.245.220.166	attackspam	\[2019-09-22 08:47:23\] NOTICE\[2270\] chan_sip.c: Registration from '"2001" \' failed for '216.245.220.166:5549' - Wrong password \[2019-09-22 08:47:23\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-22T08:47:23.849-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2001",SessionID="0x7fcd8c856e68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.220.166/5549",Challenge="33d126c8",ReceivedChallenge="33d126c8",ReceivedHash="f710819cdc614cc60b3e28b5a491595d" \[2019-09-22 08:47:23\] NOTICE\[2270\] chan_sip.c: Registration from '"2001" \' failed for '216.245.220.166:5549' - Wrong password \[2019-09-22 08:47:23\] SECURITY\[2283\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-22T08:47:23.918-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2001",SessionID="0x7fcd8c1615d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="I	2019-09-22 21:12:07
216.245.220.166	attack	SIPVicious Scanner Detection	2019-09-17 00:58:35
216.245.220.166	attackbots	\[2019-09-14 18:03:22\] NOTICE\[20685\] chan_sip.c: Registration from '"801" \' failed for '216.245.220.166:5171' - Wrong password \[2019-09-14 18:03:22\] SECURITY\[20693\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-14T18:03:22.268-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="801",SessionID="0x7f8a6c329f48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.220.166/5171",Challenge="4748f7b0",ReceivedChallenge="4748f7b0",ReceivedHash="2cf223c09b932e03c2a26ad8b15b3540" \[2019-09-14 18:03:22\] NOTICE\[20685\] chan_sip.c: Registration from '"801" \' failed for '216.245.220.166:5171' - Wrong password \[2019-09-14 18:03:22\] SECURITY\[20693\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-14T18:03:22.344-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="801",SessionID="0x7f8a6c840658",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV	2019-09-15 06:20:56
216.245.220.166	attackbotsspam	\[2019-09-06 01:19:34\] NOTICE\[1829\] chan_sip.c: Registration from '"4444" \' failed for '216.245.220.166:5311' - Wrong password \[2019-09-06 01:19:34\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-06T01:19:34.683-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4444",SessionID="0x7f7b30130248",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.220.166/5311",Challenge="457b46a4",ReceivedChallenge="457b46a4",ReceivedHash="097f06626fd0a39efba8bcd8e649f125" \[2019-09-06 01:19:34\] NOTICE\[1829\] chan_sip.c: Registration from '"4444" \' failed for '216.245.220.166:5311' - Wrong password \[2019-09-06 01:19:34\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-09-06T01:19:34.789-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="4444",SessionID="0x7f7b30484c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="I	2019-09-06 19:38:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.245.220.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26199
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;216.245.220.158.		IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021801 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 19 01:50:29 CST 2022
;; MSG SIZE  rcvd: 108

Host info

158.220.245.216.in-addr.arpa domain name pointer static.domainonair.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
158.220.245.216.in-addr.arpa	name = static.domainonair.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.32.161.113	attack	firewall-block, port(s): 3391/tcp	2019-11-12 07:33:49
200.116.105.213	attackbotsspam	Nov 12 00:27:06 eventyay sshd[11620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.116.105.213 Nov 12 00:27:09 eventyay sshd[11620]: Failed password for invalid user asterisk from 200.116.105.213 port 36378 ssh2 Nov 12 00:31:12 eventyay sshd[11692]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.116.105.213 ...	2019-11-12 07:42:37
41.223.232.196	attack	Nov 12 09:04:21 our-server-hostname postfix/smtpd[26315]: connect from unknown[41.223.232.196] Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x Nov x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.223.232.196	2019-11-12 07:54:47
145.239.88.31	attackspam	145.239.88.31 - - \[11/Nov/2019:23:43:15 +0100\] "POST /wp-login.php HTTP/1.0" 200 4604 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 145.239.88.31 - - \[11/Nov/2019:23:43:18 +0100\] "POST /wp-login.php HTTP/1.0" 200 4410 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 145.239.88.31 - - \[11/Nov/2019:23:43:21 +0100\] "POST /wp-login.php HTTP/1.0" 200 4408 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 07:30:16
217.160.44.145	attackspam	Nov 10 10:21:09 microserver sshd[3436]: Invalid user ibm from 217.160.44.145 port 57986 Nov 10 10:21:09 microserver sshd[3436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.44.145 Nov 10 10:21:11 microserver sshd[3436]: Failed password for invalid user ibm from 217.160.44.145 port 57986 ssh2 Nov 10 10:24:53 microserver sshd[3651]: Invalid user l4dserver from 217.160.44.145 port 38432 Nov 10 10:24:53 microserver sshd[3651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.44.145 Nov 10 10:38:04 microserver sshd[5539]: Invalid user tomcat from 217.160.44.145 port 36250 Nov 10 10:38:04 microserver sshd[5539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.160.44.145 Nov 10 10:38:06 microserver sshd[5539]: Failed password for invalid user tomcat from 217.160.44.145 port 36250 ssh2 Nov 10 10:41:49 microserver sshd[6284]: pam_unix(sshd:auth): authentication failure; logname=	2019-11-12 07:39:36
41.236.240.102	attackbots	Lines containing failures of 41.236.240.102 Nov 11 23:31:12 shared02 sshd[14116]: Invalid user admin from 41.236.240.102 port 53812 Nov 11 23:31:12 shared02 sshd[14116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.236.240.102 Nov 11 23:31:13 shared02 sshd[14116]: Failed password for invalid user admin from 41.236.240.102 port 53812 ssh2 Nov 11 23:31:14 shared02 sshd[14116]: Connection closed by invalid user admin 41.236.240.102 port 53812 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.236.240.102	2019-11-12 07:45:36
81.208.42.145	attackspambots	81.208.42.145 - - \[11/Nov/2019:23:42:22 +0100\] "POST /wp-login.php HTTP/1.0" 200 15320 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 81.208.42.145 - - \[11/Nov/2019:23:42:22 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 81.208.42.145 - - \[11/Nov/2019:23:42:43 +0100\] "POST /wp-login.php HTTP/1.0" 200 14645 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-11-12 08:00:41
84.244.180.7	attackbots	2019-11-12T00:42:45.247664mail01 postfix/smtpd[29697]: warning: opzetborstelshop.nl[84.244.180.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-12T00:46:14.168279mail01 postfix/smtpd[29697]: warning: opzetborstelshop.nl[84.244.180.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-12T00:46:46.191497mail01 postfix/smtpd[27458]: warning: opzetborstelshop.nl[84.244.180.7]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-12 07:51:56
134.175.151.155	attack	Nov 12 00:47:08 legacy sshd[26738]: Failed password for root from 134.175.151.155 port 58358 ssh2 Nov 12 00:51:28 legacy sshd[26852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.175.151.155 Nov 12 00:51:31 legacy sshd[26852]: Failed password for invalid user com from 134.175.151.155 port 39144 ssh2 ...	2019-11-12 07:55:02
114.40.160.38	attackspam	port 23 attempt blocked	2019-11-12 07:25:56
171.242.127.198	attackbots	Lines containing failures of 171.242.127.198 Nov 11 23:25:12 shared12 sshd[31684]: Invalid user admin from 171.242.127.198 port 40803 Nov 11 23:25:12 shared12 sshd[31684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.242.127.198 Nov 11 23:25:14 shared12 sshd[31684]: Failed password for invalid user admin from 171.242.127.198 port 40803 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=171.242.127.198	2019-11-12 07:26:17
155.94.254.102	attack	Nov 12 01:45:13 ncomp sshd[3765]: Invalid user test from 155.94.254.102 Nov 12 01:45:13 ncomp sshd[3765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=155.94.254.102 Nov 12 01:45:13 ncomp sshd[3765]: Invalid user test from 155.94.254.102 Nov 12 01:45:15 ncomp sshd[3765]: Failed password for invalid user test from 155.94.254.102 port 51240 ssh2	2019-11-12 08:01:13
180.250.18.87	attackspambots	Nov 12 05:43:42 webhost01 sshd[25291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.18.87 Nov 12 05:43:45 webhost01 sshd[25291]: Failed password for invalid user comuzzi from 180.250.18.87 port 59236 ssh2 ...	2019-11-12 07:32:08
86.43.103.111	attack	2019-11-11T22:55:51.582634abusebot-4.cloudsearch.cf sshd\[22132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=86.43.103.111 user=root	2019-11-12 07:36:46
222.87.0.79	attack	2019-11-11T23:17:44.128446abusebot-5.cloudsearch.cf sshd\[7712\]: Invalid user lukasz from 222.87.0.79 port 41375	2019-11-12 07:37:24

Recently Reported IPs

216.245.209.236	216.245.223.146	216.246.112.118	216.246.112.106
216.246.112.133	216.246.112.154	216.246.112.38	216.246.112.165
216.246.112.54	216.246.112.69	216.246.112.62	216.246.112.39
216.246.112.87	216.246.112.92	216.246.112.86	216.246.113.171
216.246.112.71	216.246.113.223	216.246.113.230	216.246.113.21