157.245.204.125

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Oct 1 15:46:07 mavik sshd[29518]: Invalid user u1 from 157.245.204.125 Oct 1 15:46:07 mavik sshd[29518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 15:46:09 mavik sshd[29518]: Failed password for invalid user u1 from 157.245.204.125 port 44562 ssh2 Oct 1 15:50:53 mavik sshd[29685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 user=root Oct 1 15:50:55 mavik sshd[29685]: Failed password for root from 157.245.204.125 port 53964 ssh2 ...	2020-10-02 05:49:04
attackbots	Oct 1 14:33:06 mavik sshd[26479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 14:33:08 mavik sshd[26479]: Failed password for invalid user ubuntu from 157.245.204.125 port 35350 ssh2 Oct 1 14:37:30 mavik sshd[26635]: Invalid user test from 157.245.204.125 Oct 1 14:37:30 mavik sshd[26635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 14:37:32 mavik sshd[26635]: Failed password for invalid user test from 157.245.204.125 port 44746 ssh2 ...	2020-10-01 22:11:09
attackbotsspam	Oct 1 07:56:56 srv-ubuntu-dev3 sshd[55847]: Invalid user tt from 157.245.204.125 Oct 1 07:56:56 srv-ubuntu-dev3 sshd[55847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 07:56:56 srv-ubuntu-dev3 sshd[55847]: Invalid user tt from 157.245.204.125 Oct 1 07:56:58 srv-ubuntu-dev3 sshd[55847]: Failed password for invalid user tt from 157.245.204.125 port 36206 ssh2 Oct 1 08:01:07 srv-ubuntu-dev3 sshd[56418]: Invalid user andy from 157.245.204.125 Oct 1 08:01:07 srv-ubuntu-dev3 sshd[56418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 08:01:07 srv-ubuntu-dev3 sshd[56418]: Invalid user andy from 157.245.204.125 Oct 1 08:01:09 srv-ubuntu-dev3 sshd[56418]: Failed password for invalid user andy from 157.245.204.125 port 45016 ssh2 Oct 1 08:05:30 srv-ubuntu-dev3 sshd[56937]: Invalid user abcs from 157.245.204.125 ...	2020-10-01 14:29:03

Type

Details

Datetime

attackbots

Oct  1 15:46:07 mavik sshd[29518]: Invalid user u1 from 157.245.204.125
Oct  1 15:46:07 mavik sshd[29518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125
Oct  1 15:46:09 mavik sshd[29518]: Failed password for invalid user u1 from 157.245.204.125 port 44562 ssh2
Oct  1 15:50:53 mavik sshd[29685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125  user=root
Oct  1 15:50:55 mavik sshd[29685]: Failed password for root from 157.245.204.125 port 53964 ssh2
...

2020-10-02 05:49:04

attackbots

Oct  1 14:33:06 mavik sshd[26479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125
Oct  1 14:33:08 mavik sshd[26479]: Failed password for invalid user ubuntu from 157.245.204.125 port 35350 ssh2
Oct  1 14:37:30 mavik sshd[26635]: Invalid user test from 157.245.204.125
Oct  1 14:37:30 mavik sshd[26635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125
Oct  1 14:37:32 mavik sshd[26635]: Failed password for invalid user test from 157.245.204.125 port 44746 ssh2
...

2020-10-01 22:11:09

attackbotsspam

Oct  1 07:56:56 srv-ubuntu-dev3 sshd[55847]: Invalid user tt from 157.245.204.125
Oct  1 07:56:56 srv-ubuntu-dev3 sshd[55847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125
Oct  1 07:56:56 srv-ubuntu-dev3 sshd[55847]: Invalid user tt from 157.245.204.125
Oct  1 07:56:58 srv-ubuntu-dev3 sshd[55847]: Failed password for invalid user tt from 157.245.204.125 port 36206 ssh2
Oct  1 08:01:07 srv-ubuntu-dev3 sshd[56418]: Invalid user andy from 157.245.204.125
Oct  1 08:01:07 srv-ubuntu-dev3 sshd[56418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125
Oct  1 08:01:07 srv-ubuntu-dev3 sshd[56418]: Invalid user andy from 157.245.204.125
Oct  1 08:01:09 srv-ubuntu-dev3 sshd[56418]: Failed password for invalid user andy from 157.245.204.125 port 45016 ssh2
Oct  1 08:05:30 srv-ubuntu-dev3 sshd[56937]: Invalid user abcs from 157.245.204.125
...

2020-10-01 14:29:03

Comments on same subnet:

IP	Type	Details	Datetime
157.245.204.142	attack	Oct 2 00:18:29 ajax sshd[29859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.142 Oct 2 00:18:31 ajax sshd[29859]: Failed password for invalid user laura from 157.245.204.142 port 33904 ssh2	2020-10-02 07:28:37
157.245.204.142	attackbots	Oct 1 20:48:56 gw1 sshd[6933]: Failed password for root from 157.245.204.142 port 60280 ssh2 Oct 1 20:53:30 gw1 sshd[6973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.142 ...	2020-10-02 00:00:53
157.245.204.142	attack	Oct 1 07:12:08 IngegnereFirenze sshd[24468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.142 user=root ...	2020-10-01 16:07:37
157.245.204.149	attackbotsspam	2020-09-23 18:28:46 wonderland sshd[18639]: Disconnected from invalid user root 157.245.204.149 port 37820 [preauth]	2020-09-24 01:03:02
157.245.204.149	attack	Sep 23 11:01:39 host1 sshd[120065]: Failed password for root from 157.245.204.149 port 49020 ssh2 Sep 23 11:05:55 host1 sshd[120371]: Invalid user guest2 from 157.245.204.149 port 58098 Sep 23 11:05:55 host1 sshd[120371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.149 Sep 23 11:05:55 host1 sshd[120371]: Invalid user guest2 from 157.245.204.149 port 58098 Sep 23 11:05:57 host1 sshd[120371]: Failed password for invalid user guest2 from 157.245.204.149 port 58098 ssh2 ...	2020-09-23 17:06:29
157.245.204.153	attackbots	fail2ban/Jun 29 14:39:28 h1962932 sshd[29747]: Invalid user swa from 157.245.204.153 port 39364 Jun 29 14:39:28 h1962932 sshd[29747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.153 Jun 29 14:39:28 h1962932 sshd[29747]: Invalid user swa from 157.245.204.153 port 39364 Jun 29 14:39:30 h1962932 sshd[29747]: Failed password for invalid user swa from 157.245.204.153 port 39364 ssh2 Jun 29 14:45:56 h1962932 sshd[13271]: Invalid user asia from 157.245.204.153 port 9421	2020-06-29 22:27:56
157.245.204.153	attack	Jun 24 14:00:23 roki-contabo sshd\[26326\]: Invalid user ts3srv from 157.245.204.153 Jun 24 14:00:23 roki-contabo sshd\[26326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.153 Jun 24 14:00:25 roki-contabo sshd\[26326\]: Failed password for invalid user ts3srv from 157.245.204.153 port 16258 ssh2 Jun 24 14:05:59 roki-contabo sshd\[26452\]: Invalid user admin from 157.245.204.153 Jun 24 14:05:59 roki-contabo sshd\[26452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.153 ...	2020-06-25 00:01:22
157.245.204.153	attack	Invalid user murai from 157.245.204.153 port 7556	2020-06-24 07:48:28
157.245.204.198	attackspambots	2020-04-09T03:54:22Z - RDP login failed multiple times. (157.245.204.198)	2020-04-09 14:40:30
157.245.204.198	attack	2020-04-01T09:24:55Z - RDP login failed multiple times. (157.245.204.198)	2020-04-01 18:28:50
157.245.204.227	attackbots	Unauthorized connection attempt detected from IP address 157.245.204.227 to port 2220 [J]	2020-01-25 02:13:48
157.245.204.139	attack	Jan 21 14:39:53 ns4 sshd[7762]: Invalid user dy from 157.245.204.139 Jan 21 14:39:53 ns4 sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.139 Jan 21 14:39:55 ns4 sshd[7762]: Failed password for invalid user dy from 157.245.204.139 port 56190 ssh2 Jan 21 14:44:55 ns4 sshd[8987]: Invalid user marco from 157.245.204.139 Jan 21 14:44:55 ns4 sshd[8987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.139 Jan 21 14:44:57 ns4 sshd[8987]: Failed password for invalid user marco from 157.245.204.139 port 38930 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.245.204.139	2020-01-21 23:14:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.204.125
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30084
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.204.125.		IN	A

;; AUTHORITY SECTION:
.			131	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020093002 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 01 14:28:57 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 125.204.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 125.204.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.171.32.55	attackbotsspam	(sshd) Failed SSH login from 223.171.32.55 (KR/South Korea/-): 12 in the last 3600 secs	2020-07-30 03:35:00
37.152.181.57	attack	2020-07-29T21:31:06.809001ks3355764 sshd[2701]: Invalid user bxb from 37.152.181.57 port 60796 2020-07-29T21:31:09.289264ks3355764 sshd[2701]: Failed password for invalid user bxb from 37.152.181.57 port 60796 ssh2 ...	2020-07-30 03:31:48
72.167.226.88	attackspambots	72.167.226.88 - - [29/Jul/2020:16:53:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 72.167.226.88 - - [29/Jul/2020:16:53:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2401 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 72.167.226.88 - - [29/Jul/2020:16:53:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-30 03:33:06
114.34.129.31	attackspambots	Attempted connection to port 88.	2020-07-30 03:37:05
45.129.33.8	attack	TCP (SYN) 45.129.33.8:50509 -> port 9679, len 44	2020-07-30 03:53:30
10.0.9.10	attackspambots	Unsolicited subscription spam sent by: e-scoutcraft.com Link to site: lastoffersforyou.live Authentication-Results: spf=neutral (sender IP is 52.183.46.57) smtp.mailfrom=e-scoutcraft.com; hotmail.com; dkim=none (message not signed) header.d=none;hotmail.com; dmarc=none action=none header.from=lastoffersforyou.live;compauth=fail reason=001 Received-SPF: Neutral (protection.outlook.com: 52.183.46.57 is neither permitted nor denied by domain of e-scoutcraft.com) Received: from e-scoutcraft.com (52.183.46.57) ******** Received: from e-scoutcraft.com (10.0.9.10) by e-scoutcraft.com id tBuLK**X for <*****>; Tue, 28 Jul 2020 19:24:44 +0200 (envelope-from ********** X-Sender-IP: 52.183.46.57 X-SID-PRA: FROM@LASTOFFERSFORYOU.LIVE X-SID-Result: NONE ****** X-Forefront-Antispam-Report: CIP:52.183.46.57;CTRY:US;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:e-scoutcraft.com;PTR:InfoDomainNonexistent;CAT:NONE;SFTY:;SFS:;DIR:INB;SFP:; ******	2020-07-30 03:46:45
111.229.67.3	attackbots	Jul 29 21:43:40 rancher-0 sshd[648443]: Invalid user zhangchx from 111.229.67.3 port 56092 ...	2020-07-30 03:58:59
185.186.240.2	attackbotsspam	$f2bV_matches	2020-07-30 03:53:47
91.121.89.189	attackbotsspam	Automatic report - XMLRPC Attack	2020-07-30 03:49:44
182.61.168.185	attack	Jul 29 21:07:42 sip sshd[1124957]: Invalid user tongxin from 182.61.168.185 port 53150 Jul 29 21:07:44 sip sshd[1124957]: Failed password for invalid user tongxin from 182.61.168.185 port 53150 ssh2 Jul 29 21:11:50 sip sshd[1124978]: Invalid user xiang from 182.61.168.185 port 60250 ...	2020-07-30 03:35:43
37.59.56.107	attack	Attempting to access Wordpress login on a honeypot or private system.	2020-07-30 03:59:30
188.131.178.32	attackbots	Jul 29 16:35:58 minden010 sshd[27432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.178.32 Jul 29 16:36:00 minden010 sshd[27432]: Failed password for invalid user nxroot from 188.131.178.32 port 40638 ssh2 Jul 29 16:41:32 minden010 sshd[29494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.178.32 ...	2020-07-30 03:51:51
95.84.146.201	attack	2020-07-29T09:11:54.234154vps2034 sshd[6684]: Invalid user maty from 95.84.146.201 port 44668 2020-07-29T09:11:54.247299vps2034 sshd[6684]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=broadband-95-84-146-201.ip.moscow.rt.ru 2020-07-29T09:11:54.234154vps2034 sshd[6684]: Invalid user maty from 95.84.146.201 port 44668 2020-07-29T09:11:56.267569vps2034 sshd[6684]: Failed password for invalid user maty from 95.84.146.201 port 44668 ssh2 2020-07-29T09:15:40.525785vps2034 sshd[16229]: Invalid user yanzihan from 95.84.146.201 port 52774 ...	2020-07-30 03:54:07
51.15.227.83	attackspam	Invalid user shiqian from 51.15.227.83 port 47208	2020-07-30 03:59:13
156.200.110.113	attackbotsspam	20/7/29@08:05:57: FAIL: Alarm-Network address from=156.200.110.113 ...	2020-07-30 03:57:49

Recently Reported IPs

186.197.248.134	50.189.138.162	41.39.213.89	171.83.14.83
101.206.162.247	42.48.194.164	227.40.30.140	229.39.60.146
86.110.26.66	212.180.221.36	18.140.79.183	39.74.189.19
27.66.125.219	51.75.205.10	34.106.93.46	189.207.102.3
163.61.137.113	168.138.140.50	149.176.180.36	114.13.145.113