157.245.237.104

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
157.245.237.33	attack	(sshd) Failed SSH login from 157.245.237.33 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 09:15:51 server2 sshd[4215]: Invalid user zy from 157.245.237.33 Oct 12 09:15:51 server2 sshd[4215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 Oct 12 09:15:53 server2 sshd[4215]: Failed password for invalid user zy from 157.245.237.33 port 37958 ssh2 Oct 12 09:25:36 server2 sshd[9552]: Invalid user rd from 157.245.237.33 Oct 12 09:25:36 server2 sshd[9552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33	2020-10-13 04:29:05
157.245.237.33	attack	Oct 12 10:28:01 124388 sshd[7017]: Invalid user csoportok from 157.245.237.33 port 35802 Oct 12 10:28:01 124388 sshd[7017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 Oct 12 10:28:01 124388 sshd[7017]: Invalid user csoportok from 157.245.237.33 port 35802 Oct 12 10:28:04 124388 sshd[7017]: Failed password for invalid user csoportok from 157.245.237.33 port 35802 ssh2 Oct 12 10:31:11 124388 sshd[7259]: Invalid user db from 157.245.237.33 port 39570	2020-10-12 20:07:48
157.245.237.33	attackspam	SSH Bruteforce Attempt on Honeypot	2020-10-10 05:53:09
157.245.237.33	attackbotsspam	SSH Bruteforce Attempt on Honeypot	2020-10-09 22:00:16
157.245.237.33	attackspambots	Oct 9 03:36:28 pornomens sshd\[18253\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 user=root Oct 9 03:36:30 pornomens sshd\[18253\]: Failed password for root from 157.245.237.33 port 46500 ssh2 Oct 9 03:44:35 pornomens sshd\[18334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 user=root ...	2020-10-09 13:50:21
157.245.237.33	attack	Oct 4 00:49:59 web1 sshd\[18508\]: Invalid user telnet from 157.245.237.33 Oct 4 00:49:59 web1 sshd\[18508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 Oct 4 00:50:02 web1 sshd\[18508\]: Failed password for invalid user telnet from 157.245.237.33 port 44202 ssh2 Oct 4 00:53:15 web1 sshd\[18761\]: Invalid user dennis from 157.245.237.33 Oct 4 00:53:15 web1 sshd\[18761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33	2020-10-05 07:34:46
157.245.237.33	attackspambots	Oct 4 00:49:59 web1 sshd\[18508\]: Invalid user telnet from 157.245.237.33 Oct 4 00:49:59 web1 sshd\[18508\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 Oct 4 00:50:02 web1 sshd\[18508\]: Failed password for invalid user telnet from 157.245.237.33 port 44202 ssh2 Oct 4 00:53:15 web1 sshd\[18761\]: Invalid user dennis from 157.245.237.33 Oct 4 00:53:15 web1 sshd\[18761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33	2020-10-04 23:51:12
157.245.237.33	attackspam	Invalid user student from 157.245.237.33 port 35848	2020-10-04 15:35:36
157.245.237.33	attackbotsspam	Aug 26 16:19:46 XXX sshd[62569]: Invalid user ruben from 157.245.237.33 port 34424	2020-08-27 08:29:39
157.245.237.33	attackbots	Aug 17 13:01:16 rocket sshd[24989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 Aug 17 13:01:17 rocket sshd[24989]: Failed password for invalid user jboss from 157.245.237.33 port 53948 ssh2 ...	2020-08-17 22:13:25
157.245.237.33	attackspam	$f2bV_matches	2020-08-16 23:00:56
157.245.237.33	attackbots	Aug 14 13:34:42 localhost sshd[27482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 user=root Aug 14 13:34:45 localhost sshd[27482]: Failed password for root from 157.245.237.33 port 33396 ssh2 Aug 14 13:36:55 localhost sshd[27742]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 user=root Aug 14 13:36:57 localhost sshd[27742]: Failed password for root from 157.245.237.33 port 60032 ssh2 Aug 14 13:37:35 localhost sshd[27813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 user=root Aug 14 13:37:37 localhost sshd[27813]: Failed password for root from 157.245.237.33 port 41256 ssh2 ...	2020-08-15 02:35:03
157.245.237.33	attack	Aug 14 08:52:47 rancher-0 sshd[1078255]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.237.33 user=root Aug 14 08:52:49 rancher-0 sshd[1078255]: Failed password for root from 157.245.237.33 port 46882 ssh2 ...	2020-08-14 15:38:41
157.245.237.33	attackspam	Aug 3 07:15:00 server sshd[14052]: Failed password for root from 157.245.237.33 port 56226 ssh2 Aug 3 07:20:59 server sshd[15907]: Failed password for root from 157.245.237.33 port 56662 ssh2 Aug 3 07:23:48 server sshd[16739]: Failed password for root from 157.245.237.33 port 48176 ssh2	2020-08-03 14:19:06
157.245.237.33	attackbots	Aug 1 06:29:41 NPSTNNYC01T sshd[12020]: Failed password for root from 157.245.237.33 port 53428 ssh2 Aug 1 06:33:32 NPSTNNYC01T sshd[12428]: Failed password for root from 157.245.237.33 port 37728 ssh2 ...	2020-08-01 18:54:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.237.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23714
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;157.245.237.104.		IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:28:45 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 104.237.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.237.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.180.8	attackspam	Aug 27 21:36:56 ip-172-30-0-108 sshd[27597]: refused connect from 222.186.180.8 (222.186.180.8) Aug 27 21:40:03 ip-172-30-0-108 sshd[27758]: refused connect from 222.186.180.8 (222.186.180.8) Aug 27 21:43:25 ip-172-30-0-108 sshd[27975]: refused connect from 222.186.180.8 (222.186.180.8) ...	2020-08-28 08:44:44
45.224.70.57	attackbots	Aug 27 05:13:24 mail.srvfarm.net postfix/smtps/smtpd[1355752]: warning: unknown[45.224.70.57]: SASL PLAIN authentication failed: Aug 27 05:13:24 mail.srvfarm.net postfix/smtps/smtpd[1355752]: lost connection after AUTH from unknown[45.224.70.57] Aug 27 05:16:55 mail.srvfarm.net postfix/smtps/smtpd[1355004]: warning: unknown[45.224.70.57]: SASL PLAIN authentication failed: Aug 27 05:16:56 mail.srvfarm.net postfix/smtps/smtpd[1355004]: lost connection after AUTH from unknown[45.224.70.57] Aug 27 05:20:11 mail.srvfarm.net postfix/smtps/smtpd[1357934]: warning: unknown[45.224.70.57]: SASL PLAIN authentication failed:	2020-08-28 08:20:44
117.57.88.66	attackbots	(smtpauth) Failed SMTP AUTH login from 117.57.88.66 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-28 01:36:27 login authenticator failed for (okwpgtokxf.com) [117.57.88.66]: 535 Incorrect authentication data (set_id=info@arafan.com)	2020-08-28 08:46:57
103.237.56.216	attack	Aug 27 12:20:10 mail.srvfarm.net postfix/smtps/smtpd[1538101]: warning: unknown[103.237.56.216]: SASL PLAIN authentication failed: Aug 27 12:20:10 mail.srvfarm.net postfix/smtps/smtpd[1538101]: lost connection after AUTH from unknown[103.237.56.216] Aug 27 12:27:43 mail.srvfarm.net postfix/smtpd[1525591]: warning: unknown[103.237.56.216]: SASL PLAIN authentication failed: Aug 27 12:27:43 mail.srvfarm.net postfix/smtpd[1525591]: lost connection after AUTH from unknown[103.237.56.216] Aug 27 12:29:45 mail.srvfarm.net postfix/smtps/smtpd[1541116]: warning: unknown[103.237.56.216]: SASL PLAIN authentication failed:	2020-08-28 08:14:35
177.81.22.247	attackbotsspam	Aug 27 23:06:25 server postfix/smtpd[10974]: NOQUEUE: reject: RCPT from unknown[177.81.22.247]: 554 5.7.1 Service unavailable; Client host [177.81.22.247] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/177.81.22.247; from= to= proto=ESMTP helo=	2020-08-28 08:55:10
129.213.107.56	attackbots	Aug 28 07:42:39 webhost01 sshd[21044]: Failed password for root from 129.213.107.56 port 38852 ssh2 ...	2020-08-28 08:46:23
51.103.129.9	attackbotsspam	Aug 27 14:12:43 web02.agentur-b-2.de postfix/smtps/smtpd[306243]: warning: unknown[51.103.129.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 14:14:30 web02.agentur-b-2.de postfix/smtps/smtpd[306489]: warning: unknown[51.103.129.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 14:16:19 web02.agentur-b-2.de postfix/smtps/smtpd[306718]: warning: unknown[51.103.129.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 14:18:08 web02.agentur-b-2.de postfix/smtps/smtpd[306958]: warning: unknown[51.103.129.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 14:19:55 web02.agentur-b-2.de postfix/smtps/smtpd[307080]: warning: unknown[51.103.129.9]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-08-28 08:19:53
177.200.64.234	attackspam	Aug 27 04:54:25 mail.srvfarm.net postfix/smtpd[1334721]: warning: 177-200-64-234.static.skysever.com.br[177.200.64.234]: SASL PLAIN authentication failed: Aug 27 04:54:26 mail.srvfarm.net postfix/smtpd[1334721]: lost connection after AUTH from 177-200-64-234.static.skysever.com.br[177.200.64.234] Aug 27 04:57:30 mail.srvfarm.net postfix/smtps/smtpd[1337554]: warning: 177-200-64-234.static.skysever.com.br[177.200.64.234]: SASL PLAIN authentication failed: Aug 27 04:57:31 mail.srvfarm.net postfix/smtps/smtpd[1337554]: lost connection after AUTH from 177-200-64-234.static.skysever.com.br[177.200.64.234] Aug 27 04:59:26 mail.srvfarm.net postfix/smtpd[1341948]: warning: 177-200-64-234.static.skysever.com.br[177.200.64.234]: SASL PLAIN authentication failed:	2020-08-28 08:32:52
138.122.97.41	attackbotsspam	Unauthorized SMTP/IMAP/POP3 connection attempt	2020-08-28 08:34:53
45.227.98.70	attackspambots	Aug 27 16:06:50 mail.srvfarm.net postfix/smtpd[1619456]: warning: unknown[45.227.98.70]: SASL PLAIN authentication failed: Aug 27 16:06:51 mail.srvfarm.net postfix/smtpd[1619456]: lost connection after AUTH from unknown[45.227.98.70] Aug 27 16:08:32 mail.srvfarm.net postfix/smtpd[1619456]: warning: unknown[45.227.98.70]: SASL PLAIN authentication failed: Aug 27 16:08:32 mail.srvfarm.net postfix/smtpd[1619456]: lost connection after AUTH from unknown[45.227.98.70] Aug 27 16:13:35 mail.srvfarm.net postfix/smtpd[1619455]: warning: unknown[45.227.98.70]: SASL PLAIN authentication failed:	2020-08-28 08:20:26
213.39.55.13	attack	2020-08-28T00:31:33.411082vps1033 sshd[13714]: Invalid user tspeak from 213.39.55.13 port 42320 2020-08-28T00:31:33.415524vps1033 sshd[13714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.39.55.13 2020-08-28T00:31:33.411082vps1033 sshd[13714]: Invalid user tspeak from 213.39.55.13 port 42320 2020-08-28T00:31:35.581223vps1033 sshd[13714]: Failed password for invalid user tspeak from 213.39.55.13 port 42320 ssh2 2020-08-28T00:35:42.234346vps1033 sshd[22445]: Invalid user fileshare from 213.39.55.13 port 48494 ...	2020-08-28 08:43:52
41.139.4.90	attackspambots	Aug 27 04:59:50 mail.srvfarm.net postfix/smtpd[1342033]: warning: unknown[41.139.4.90]: SASL PLAIN authentication failed: Aug 27 04:59:50 mail.srvfarm.net postfix/smtpd[1342033]: lost connection after AUTH from unknown[41.139.4.90] Aug 27 05:00:51 mail.srvfarm.net postfix/smtpd[1347722]: warning: unknown[41.139.4.90]: SASL PLAIN authentication failed: Aug 27 05:00:51 mail.srvfarm.net postfix/smtpd[1347722]: lost connection after AUTH from unknown[41.139.4.90] Aug 27 05:01:30 mail.srvfarm.net postfix/smtps/smtpd[1337554]: warning: unknown[41.139.4.90]: SASL PLAIN authentication failed:	2020-08-28 08:42:48
189.168.230.180	attackspambots	SMB Server BruteForce Attack	2020-08-28 08:53:18
89.238.167.38	attack	0,83-01/02 [bc00/m50] PostRequest-Spammer scoring: essen	2020-08-28 08:18:06
149.72.34.79	attackbots	Aug 27 23:16:51 web01.agentur-b-2.de postfix/smtpd[2704863]: NOQUEUE: reject: RCPT from unknown[149.72.34.79]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Aug 27 23:16:51 web01.agentur-b-2.de postfix/smtpd[2704863]: lost connection after RCPT from unknown[149.72.34.79] Aug 27 23:19:30 web01.agentur-b-2.de postfix/smtpd[2704863]: NOQUEUE: reject: RCPT from unknown[149.72.34.79]: 450 4.7.1 : Helo command rejected: Host not found; from= to= proto=ESMTP helo= Aug 27 23:20:54 web01.agentur-b-2.de postfix/smtpd[2704861]: NOQUEUE: reject: RCPT from unknown[149.72.34.79]: 450 4.7.1 : Helo command rejected: Host not fou	2020-08-28 08:14:20

Recently Reported IPs

157.245.24.26	157.245.244.194	157.245.242.152	157.245.245.11
157.245.243.222	157.245.243.65	157.245.248.133	157.245.248.21
157.245.247.139	157.245.244.207	157.245.241.108	157.245.25.130
157.245.253.180	157.245.27.15	157.245.253.189	157.245.28.36
157.245.28.16	157.245.32.107	157.245.31.188	157.245.31.85