157.245.155.13

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Jul 19 12:37:57 plex-server sshd[3773230]: Invalid user 123456 from 157.245.155.13 port 59320 Jul 19 12:37:57 plex-server sshd[3773230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 Jul 19 12:37:57 plex-server sshd[3773230]: Invalid user 123456 from 157.245.155.13 port 59320 Jul 19 12:37:59 plex-server sshd[3773230]: Failed password for invalid user 123456 from 157.245.155.13 port 59320 ssh2 Jul 19 12:41:31 plex-server sshd[3774383]: Invalid user ry from 157.245.155.13 port 52018 ...	2020-07-19 20:44:49
attackspam	Jul 14 13:29:55 pve1 sshd[4713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 Jul 14 13:29:57 pve1 sshd[4713]: Failed password for invalid user eugene from 157.245.155.13 port 52816 ssh2 ...	2020-07-14 20:01:43
attackbots	Bruteforce detected by fail2ban	2020-07-10 13:51:43
attack	Jul 7 23:57:44 h2865660 sshd[28381]: Invalid user kube from 157.245.155.13 port 35252 Jul 7 23:57:44 h2865660 sshd[28381]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 Jul 7 23:57:44 h2865660 sshd[28381]: Invalid user kube from 157.245.155.13 port 35252 Jul 7 23:57:46 h2865660 sshd[28381]: Failed password for invalid user kube from 157.245.155.13 port 35252 ssh2 Jul 8 00:08:21 h2865660 sshd[29074]: Invalid user asunci\363n from 157.245.155.13 port 41514 ...	2020-07-08 10:42:53
attackspam	Jul 7 15:19:06 debian-2gb-nbg1-2 kernel: \[16386550.014946\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=157.245.155.13 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x40 TTL=242 ID=40543 PROTO=TCP SPT=53379 DPT=12724 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-07 22:22:20
attackbots	Invalid user administracion from 157.245.155.13 port 51330	2020-07-04 14:51:30
attackspam	Invalid user openhab from 157.245.155.13 port 40294	2020-06-27 05:24:22
attack	2020-06-01T22:53:47.535057struts4.enskede.local sshd\[31433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 user=root 2020-06-01T22:53:51.099898struts4.enskede.local sshd\[31433\]: Failed password for root from 157.245.155.13 port 41966 ssh2 2020-06-01T22:57:30.175190struts4.enskede.local sshd\[31447\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 user=root 2020-06-01T22:57:33.160618struts4.enskede.local sshd\[31447\]: Failed password for root from 157.245.155.13 port 47366 ssh2 2020-06-01T23:01:20.761697struts4.enskede.local sshd\[31482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 user=root ...	2020-06-02 06:14:23
attack	May 26 18:22:39 legacy sshd[30864]: Failed password for root from 157.245.155.13 port 45668 ssh2 May 26 18:26:44 legacy sshd[30976]: Failed password for root from 157.245.155.13 port 51078 ssh2 ...	2020-05-27 05:23:35
attackspambots	May 14 16:23:32 MainVPS sshd[30252]: Invalid user rtorres from 157.245.155.13 port 49110 May 14 16:23:32 MainVPS sshd[30252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 May 14 16:23:32 MainVPS sshd[30252]: Invalid user rtorres from 157.245.155.13 port 49110 May 14 16:23:33 MainVPS sshd[30252]: Failed password for invalid user rtorres from 157.245.155.13 port 49110 ssh2 May 14 16:27:51 MainVPS sshd[1706]: Invalid user bwadmin from 157.245.155.13 port 57192 ...	2020-05-15 04:10:40
attackbotsspam	May 5 19:54:46 vmd48417 sshd[14583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13	2020-05-06 05:13:13
attack	2020-05-03T08:47:43.590889randservbullet-proofcloud-66.localdomain sshd[19798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.13 user=root 2020-05-03T08:47:45.813478randservbullet-proofcloud-66.localdomain sshd[19798]: Failed password for root from 157.245.155.13 port 44932 ssh2 2020-05-03T09:02:55.208434randservbullet-proofcloud-66.localdomain sshd[19884]: Invalid user student from 157.245.155.13 port 39764 ...	2020-05-03 18:06:29

相同子网IP讨论:

IP	类型	评论内容	时间
157.245.155.129	attackbotsspam	Feb 11 06:12:41 web8 sshd\[4411\]: Invalid user xjp from 157.245.155.129 Feb 11 06:12:41 web8 sshd\[4411\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.129 Feb 11 06:12:42 web8 sshd\[4411\]: Failed password for invalid user xjp from 157.245.155.129 port 57096 ssh2 Feb 11 06:15:31 web8 sshd\[5954\]: Invalid user fit from 157.245.155.129 Feb 11 06:15:31 web8 sshd\[5954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.129	2020-02-11 14:24:57
157.245.155.129	attackbots	(sshd) Failed SSH login from 157.245.155.129 (SG/Singapore/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 9 09:28:01 ubnt-55d23 sshd[11510]: Invalid user nik from 157.245.155.129 port 55814 Feb 9 09:28:03 ubnt-55d23 sshd[11510]: Failed password for invalid user nik from 157.245.155.129 port 55814 ssh2	2020-02-09 21:01:55
157.245.155.240	attack	Unauthorized connection attempt detected from IP address 157.245.155.240 to port 2220 [J]	2020-01-20 03:47:10
157.245.155.240	attackspambots	Unauthorized connection attempt detected from IP address 157.245.155.240 to port 2220 [J]	2020-01-15 17:21:43
157.245.155.230	attack	SSH/22 MH Probe, BF, Hack -	2019-11-13 18:09:40
157.245.155.230	attackbotsspam	Nov 12 22:41:19 gw1 sshd[20966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.155.230 Nov 12 22:41:20 gw1 sshd[20966]: Failed password for invalid user application from 157.245.155.230 port 55792 ssh2 ...	2019-11-13 01:42:31

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.155.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64634
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.155.13.			IN	A

;; AUTHORITY SECTION:
.			526	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050300 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 03 18:06:23 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 13.155.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 13.155.245.157.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
134.19.146.45	attackbotsspam	Aug 26 11:39:57 propaganda sshd[120265]: Connection from 134.19.146.45 port 50786 on 10.0.0.161 port 22 rdomain "" Aug 26 11:39:57 propaganda sshd[120265]: Connection closed by 134.19.146.45 port 50786 [preauth]	2020-08-27 03:45:59
187.160.239.75	attack	Unauthorised access (Aug 26) SRC=187.160.239.75 LEN=40 TOS=0x08 PREC=0x20 TTL=235 ID=42104 TCP DPT=445 WINDOW=1024 SYN	2020-08-27 03:29:17
95.219.156.162	attack	20/8/26@08:53:38: FAIL: Alarm-Network address from=95.219.156.162 20/8/26@08:53:38: FAIL: Alarm-Network address from=95.219.156.162 ...	2020-08-27 03:52:58
222.186.190.2	attack	Aug 26 21:42:39 nextcloud sshd\[25280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Aug 26 21:42:41 nextcloud sshd\[25280\]: Failed password for root from 222.186.190.2 port 47914 ssh2 Aug 26 21:42:59 nextcloud sshd\[25389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root	2020-08-27 03:45:37
69.10.62.109	attackspam	Automatic report - Port Scan	2020-08-27 03:46:51
54.38.53.251	attackspambots	Aug 26 15:44:26 eventyay sshd[20736]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.53.251 Aug 26 15:44:28 eventyay sshd[20736]: Failed password for invalid user xpp from 54.38.53.251 port 49180 ssh2 Aug 26 15:48:10 eventyay sshd[20850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.53.251 ...	2020-08-27 03:58:50
190.128.231.2	attack	2020-08-26T20:25:31.558338+02:00 sshd[21595]: Failed password for invalid user acc from 190.128.231.2 port 53238 ssh2	2020-08-27 03:54:45
106.12.68.150	attackspam	Aug 26 21:17:56 mout sshd[11802]: Invalid user ftpuser from 106.12.68.150 port 53102 Aug 26 21:17:58 mout sshd[11802]: Failed password for invalid user ftpuser from 106.12.68.150 port 53102 ssh2 Aug 26 21:17:59 mout sshd[11802]: Disconnected from invalid user ftpuser 106.12.68.150 port 53102 [preauth]	2020-08-27 03:24:28
113.53.201.211	attackspambots	Virus on this IP !	2020-08-27 03:34:19
118.190.145.4	attack	/js/admin.js	2020-08-27 03:52:23
95.167.225.85	attackbotsspam	Failed password for invalid user deploy from 95.167.225.85 port 39604 ssh2	2020-08-27 03:39:37
185.230.127.239	attack	0,22-16/18 [bc05/m49] PostRequest-Spammer scoring: zurich	2020-08-27 03:42:36
192.34.57.113	attackspambots	" "	2020-08-27 03:27:28
181.49.246.20	attackbots	Triggered by Fail2Ban at Ares web server	2020-08-27 03:29:29
85.97.121.108	attackspam	Unauthorized connection attempt from IP address 85.97.121.108 on Port 445(SMB)	2020-08-27 03:43:36

最近上报的IP列表

217.66.101.42	133.193.63.160	166.92.45.194	103.83.93.129
29.164.22.151	118.173.218.129	21.52.221.174	128.199.200.117
151.233.72.134	29.56.26.111	198.54.121.131	213.202.235.77
124.121.1.91	5.196.74.23	118.68.25.124	54.160.220.245
139.162.16.60	198.199.115.134	63.80.88.194	85.190.157.149