157.245.204.149

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2020-09-23 18:28:46 wonderland sshd[18639]: Disconnected from invalid user root 157.245.204.149 port 37820 [preauth]	2020-09-24 01:03:02
attack	Sep 23 11:01:39 host1 sshd[120065]: Failed password for root from 157.245.204.149 port 49020 ssh2 Sep 23 11:05:55 host1 sshd[120371]: Invalid user guest2 from 157.245.204.149 port 58098 Sep 23 11:05:55 host1 sshd[120371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.149 Sep 23 11:05:55 host1 sshd[120371]: Invalid user guest2 from 157.245.204.149 port 58098 Sep 23 11:05:57 host1 sshd[120371]: Failed password for invalid user guest2 from 157.245.204.149 port 58098 ssh2 ...	2020-09-23 17:06:29

Type

Details

Datetime

attackbotsspam

2020-09-23 18:28:46 wonderland sshd[18639]: Disconnected from invalid user root 157.245.204.149 port 37820 [preauth]

2020-09-24 01:03:02

attack

Sep 23 11:01:39 host1 sshd[120065]: Failed password for root from 157.245.204.149 port 49020 ssh2
Sep 23 11:05:55 host1 sshd[120371]: Invalid user guest2 from 157.245.204.149 port 58098
Sep 23 11:05:55 host1 sshd[120371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.149 
Sep 23 11:05:55 host1 sshd[120371]: Invalid user guest2 from 157.245.204.149 port 58098
Sep 23 11:05:57 host1 sshd[120371]: Failed password for invalid user guest2 from 157.245.204.149 port 58098 ssh2
...

2020-09-23 17:06:29

Comments on same subnet:

IP	Type	Details	Datetime
157.245.204.142	attack	Oct 2 00:18:29 ajax sshd[29859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.142 Oct 2 00:18:31 ajax sshd[29859]: Failed password for invalid user laura from 157.245.204.142 port 33904 ssh2	2020-10-02 07:28:37
157.245.204.125	attackbots	Oct 1 15:46:07 mavik sshd[29518]: Invalid user u1 from 157.245.204.125 Oct 1 15:46:07 mavik sshd[29518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 15:46:09 mavik sshd[29518]: Failed password for invalid user u1 from 157.245.204.125 port 44562 ssh2 Oct 1 15:50:53 mavik sshd[29685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 user=root Oct 1 15:50:55 mavik sshd[29685]: Failed password for root from 157.245.204.125 port 53964 ssh2 ...	2020-10-02 05:49:04
157.245.204.142	attackbots	Oct 1 20:48:56 gw1 sshd[6933]: Failed password for root from 157.245.204.142 port 60280 ssh2 Oct 1 20:53:30 gw1 sshd[6973]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.142 ...	2020-10-02 00:00:53
157.245.204.125	attackbots	Oct 1 14:33:06 mavik sshd[26479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 14:33:08 mavik sshd[26479]: Failed password for invalid user ubuntu from 157.245.204.125 port 35350 ssh2 Oct 1 14:37:30 mavik sshd[26635]: Invalid user test from 157.245.204.125 Oct 1 14:37:30 mavik sshd[26635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 14:37:32 mavik sshd[26635]: Failed password for invalid user test from 157.245.204.125 port 44746 ssh2 ...	2020-10-01 22:11:09
157.245.204.142	attack	Oct 1 07:12:08 IngegnereFirenze sshd[24468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.142 user=root ...	2020-10-01 16:07:37
157.245.204.125	attackbotsspam	Oct 1 07:56:56 srv-ubuntu-dev3 sshd[55847]: Invalid user tt from 157.245.204.125 Oct 1 07:56:56 srv-ubuntu-dev3 sshd[55847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 07:56:56 srv-ubuntu-dev3 sshd[55847]: Invalid user tt from 157.245.204.125 Oct 1 07:56:58 srv-ubuntu-dev3 sshd[55847]: Failed password for invalid user tt from 157.245.204.125 port 36206 ssh2 Oct 1 08:01:07 srv-ubuntu-dev3 sshd[56418]: Invalid user andy from 157.245.204.125 Oct 1 08:01:07 srv-ubuntu-dev3 sshd[56418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.125 Oct 1 08:01:07 srv-ubuntu-dev3 sshd[56418]: Invalid user andy from 157.245.204.125 Oct 1 08:01:09 srv-ubuntu-dev3 sshd[56418]: Failed password for invalid user andy from 157.245.204.125 port 45016 ssh2 Oct 1 08:05:30 srv-ubuntu-dev3 sshd[56937]: Invalid user abcs from 157.245.204.125 ...	2020-10-01 14:29:03
157.245.204.153	attackbots	fail2ban/Jun 29 14:39:28 h1962932 sshd[29747]: Invalid user swa from 157.245.204.153 port 39364 Jun 29 14:39:28 h1962932 sshd[29747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.153 Jun 29 14:39:28 h1962932 sshd[29747]: Invalid user swa from 157.245.204.153 port 39364 Jun 29 14:39:30 h1962932 sshd[29747]: Failed password for invalid user swa from 157.245.204.153 port 39364 ssh2 Jun 29 14:45:56 h1962932 sshd[13271]: Invalid user asia from 157.245.204.153 port 9421	2020-06-29 22:27:56
157.245.204.153	attack	Jun 24 14:00:23 roki-contabo sshd\[26326\]: Invalid user ts3srv from 157.245.204.153 Jun 24 14:00:23 roki-contabo sshd\[26326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.153 Jun 24 14:00:25 roki-contabo sshd\[26326\]: Failed password for invalid user ts3srv from 157.245.204.153 port 16258 ssh2 Jun 24 14:05:59 roki-contabo sshd\[26452\]: Invalid user admin from 157.245.204.153 Jun 24 14:05:59 roki-contabo sshd\[26452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.153 ...	2020-06-25 00:01:22
157.245.204.153	attack	Invalid user murai from 157.245.204.153 port 7556	2020-06-24 07:48:28
157.245.204.198	attackspambots	2020-04-09T03:54:22Z - RDP login failed multiple times. (157.245.204.198)	2020-04-09 14:40:30
157.245.204.198	attack	2020-04-01T09:24:55Z - RDP login failed multiple times. (157.245.204.198)	2020-04-01 18:28:50
157.245.204.227	attackbots	Unauthorized connection attempt detected from IP address 157.245.204.227 to port 2220 [J]	2020-01-25 02:13:48
157.245.204.139	attack	Jan 21 14:39:53 ns4 sshd[7762]: Invalid user dy from 157.245.204.139 Jan 21 14:39:53 ns4 sshd[7762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.139 Jan 21 14:39:55 ns4 sshd[7762]: Failed password for invalid user dy from 157.245.204.139 port 56190 ssh2 Jan 21 14:44:55 ns4 sshd[8987]: Invalid user marco from 157.245.204.139 Jan 21 14:44:55 ns4 sshd[8987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.204.139 Jan 21 14:44:57 ns4 sshd[8987]: Failed password for invalid user marco from 157.245.204.139 port 38930 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.245.204.139	2020-01-21 23:14:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.204.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63011
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.204.149.		IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092300 1800 900 604800 86400

;; Query time: 62 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 23 17:06:25 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 149.204.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.204.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.23.35	attack	" "	2019-10-19 17:59:21
103.28.57.86	attackbotsspam	Automatic report - Banned IP Access	2019-10-19 17:59:47
170.238.46.6	attack	SSH bruteforce (Triggered fail2ban)	2019-10-19 17:58:28
85.192.35.167	attackspam	Oct 19 11:20:42 webhost01 sshd[26975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.35.167 Oct 19 11:20:43 webhost01 sshd[26975]: Failed password for invalid user tester from 85.192.35.167 port 43938 ssh2 ...	2019-10-19 18:09:30
128.199.247.115	attackspambots	$f2bV_matches	2019-10-19 18:04:29
45.141.84.13	attack	2019-10-19T04:23:39Z - RDP login failed multiple times. (45.141.84.13)	2019-10-19 18:10:53
37.187.79.117	attackbotsspam	Oct 19 12:19:10 lnxmail61 sshd[5379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.79.117	2019-10-19 18:25:30
89.248.168.217	attackbots	10/19/2019-11:28:21.319264 89.248.168.217 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2019-10-19 17:57:24
54.38.241.162	attackbots	2019-10-19T11:34:26.1368981240 sshd\[1731\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162 user=root 2019-10-19T11:34:27.7702391240 sshd\[1731\]: Failed password for root from 54.38.241.162 port 51048 ssh2 2019-10-19T11:42:14.0376521240 sshd\[2172\]: Invalid user ry from 54.38.241.162 port 55370 2019-10-19T11:42:14.0410041240 sshd\[2172\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162 ...	2019-10-19 18:06:40
117.66.241.112	attackbots	Oct 19 07:07:28 game-panel sshd[11749]: Failed password for root from 117.66.241.112 port 34074 ssh2 Oct 19 07:12:23 game-panel sshd[11996]: Failed password for root from 117.66.241.112 port 52691 ssh2	2019-10-19 18:04:43
185.197.74.201	attackspam	2019-10-19T08:03:45.372442scmdmz1 sshd\[5713\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.197.74.201 user=root 2019-10-19T08:03:47.950547scmdmz1 sshd\[5713\]: Failed password for root from 185.197.74.201 port 25716 ssh2 2019-10-19T08:03:48.386518scmdmz1 sshd\[5715\]: Invalid user support from 185.197.74.201 port 53182 ...	2019-10-19 17:50:57
202.62.56.26	attackspam	Fail2Ban Ban Triggered	2019-10-19 18:13:20
180.151.225.195	attack	Oct 19 05:44:42 xeon sshd[2757]: Failed password for root from 180.151.225.195 port 42082 ssh2	2019-10-19 18:01:11
114.94.125.163	attackspam	Oct 19 06:07:48 minden010 sshd[23870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.94.125.163 Oct 19 06:07:50 minden010 sshd[23870]: Failed password for invalid user valerie from 114.94.125.163 port 2625 ssh2 Oct 19 06:12:36 minden010 sshd[26602]: Failed password for root from 114.94.125.163 port 2626 ssh2 ...	2019-10-19 17:53:23
49.88.112.70	attackbots	Oct 19 10:55:55 MK-Soft-VM7 sshd[1578]: Failed password for root from 49.88.112.70 port 23411 ssh2 Oct 19 10:55:58 MK-Soft-VM7 sshd[1578]: Failed password for root from 49.88.112.70 port 23411 ssh2 ...	2019-10-19 17:55:17

Recently Reported IPs

51.210.43.189	5.1.83.121	130.162.161.205	203.93.19.36
80.51.145.216	83.255.209.56	247.89.40.25	39.128.250.210
132.28.153.74	3.134.245.98	139.176.41.189	185.191.171.24
125.138.115.217	94.102.57.178	3.104.13.187	176.111.176.71
1.174.94.117	174.246.137.136	42.2.73.56	51.178.29.209