157.245.64.140

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	s2.hscode.pl - SSH Attack	2020-10-11 04:31:17
attackbots	2020-10-10 11:29:03,685 fail2ban.actions: WARNING [ssh] Ban 157.245.64.140	2020-10-10 20:27:35
attackbots	Scanned 3 times in the last 24 hours on port 22	2020-09-30 08:50:18
attack	reported through recidive - multiple failed attempts(SSH)	2020-09-30 01:42:33
attack	sshd: Failed password for .... from 157.245.64.140 port 55284 ssh2 (5 attempts)	2020-09-29 17:42:17
attack	Sep 16 15:40:21 mavik sshd[25319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 user=root Sep 16 15:40:23 mavik sshd[25319]: Failed password for root from 157.245.64.140 port 54918 ssh2 Sep 16 15:44:19 mavik sshd[25452]: Invalid user inmate from 157.245.64.140 Sep 16 15:44:19 mavik sshd[25452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 Sep 16 15:44:21 mavik sshd[25452]: Failed password for invalid user inmate from 157.245.64.140 port 38430 ssh2 ...	2020-09-16 23:05:10
attackspam	s2.hscode.pl - SSH Attack	2020-09-16 15:22:58
attackbots	Triggered by Fail2Ban at Ares web server	2020-09-16 07:23:11
attack	(sshd) Failed SSH login from 157.245.64.140 (NL/Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 15 06:40:20 server2 sshd[14130]: Invalid user diego from 157.245.64.140 Sep 15 06:40:20 server2 sshd[14130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 Sep 15 06:40:23 server2 sshd[14130]: Failed password for invalid user diego from 157.245.64.140 port 50970 ssh2 Sep 15 06:55:42 server2 sshd[24242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 user=root Sep 15 06:55:43 server2 sshd[24242]: Failed password for root from 157.245.64.140 port 52062 ssh2	2020-09-16 00:19:29
attack	2020-09-15 09:52:01 wonderland sshd[8538]: Invalid user shiori from 157.245.64.140 port 46364	2020-09-15 16:12:46
attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-14T22:43:02Z	2020-09-15 08:17:53
attackspam	Sep 13 13:18:42 ns382633 sshd\[686\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 user=root Sep 13 13:18:44 ns382633 sshd\[686\]: Failed password for root from 157.245.64.140 port 55932 ssh2 Sep 13 13:24:34 ns382633 sshd\[1914\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 user=root Sep 13 13:24:35 ns382633 sshd\[1914\]: Failed password for root from 157.245.64.140 port 33850 ssh2 Sep 13 13:28:18 ns382633 sshd\[2988\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 user=root	2020-09-13 22:09:29
attackbots	$f2bV_matches	2020-09-13 14:04:22
attack	Sep 12 19:04:39 scw-6657dc sshd[22971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 user=root Sep 12 19:04:39 scw-6657dc sshd[22971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 user=root Sep 12 19:04:42 scw-6657dc sshd[22971]: Failed password for root from 157.245.64.140 port 55220 ssh2 ...	2020-09-13 05:50:11
attackspambots	2020-08-27T16:04:38.649942abusebot-8.cloudsearch.cf sshd[12386]: Invalid user felix from 157.245.64.140 port 48132 2020-08-27T16:04:38.657608abusebot-8.cloudsearch.cf sshd[12386]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 2020-08-27T16:04:38.649942abusebot-8.cloudsearch.cf sshd[12386]: Invalid user felix from 157.245.64.140 port 48132 2020-08-27T16:04:40.707312abusebot-8.cloudsearch.cf sshd[12386]: Failed password for invalid user felix from 157.245.64.140 port 48132 ssh2 2020-08-27T16:08:23.323517abusebot-8.cloudsearch.cf sshd[12432]: Invalid user cheng from 157.245.64.140 port 54472 2020-08-27T16:08:23.330396abusebot-8.cloudsearch.cf sshd[12432]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 2020-08-27T16:08:23.323517abusebot-8.cloudsearch.cf sshd[12432]: Invalid user cheng from 157.245.64.140 port 54472 2020-08-27T16:08:25.269572abusebot-8.cloudsearch.cf sshd[12432]: ...	2020-08-28 01:20:44
attackbotsspam	Invalid user dstserver from 157.245.64.140 port 41232	2020-08-23 19:09:47
attack	Aug 18 04:59:27 jumpserver sshd[197157]: Invalid user updater from 157.245.64.140 port 45970 Aug 18 04:59:29 jumpserver sshd[197157]: Failed password for invalid user updater from 157.245.64.140 port 45970 ssh2 Aug 18 05:03:38 jumpserver sshd[197198]: Invalid user tryton from 157.245.64.140 port 57522 ...	2020-08-18 14:07:16
attack	Invalid user sabina from 157.245.64.140 port 48846	2020-07-26 19:49:22
attack	2020-07-24T23:58:08.845318mail.broermann.family sshd[17502]: Invalid user wa from 157.245.64.140 port 51234 2020-07-24T23:58:08.852377mail.broermann.family sshd[17502]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 2020-07-24T23:58:08.845318mail.broermann.family sshd[17502]: Invalid user wa from 157.245.64.140 port 51234 2020-07-24T23:58:10.682632mail.broermann.family sshd[17502]: Failed password for invalid user wa from 157.245.64.140 port 51234 ssh2 2020-07-25T00:01:23.956587mail.broermann.family sshd[17639]: Invalid user audrey from 157.245.64.140 port 58004 ...	2020-07-25 07:16:17
attackspambots	$f2bV_matches	2020-07-17 16:42:52
attackspambots	Failed password for invalid user kevin from 157.245.64.140 port 57436 ssh2	2020-07-15 01:15:47
attack	Jul 11 01:57:14 vps46666688 sshd[10222]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 Jul 11 01:57:16 vps46666688 sshd[10222]: Failed password for invalid user shuangbo from 157.245.64.140 port 34068 ssh2 ...	2020-07-11 14:15:13
attackspambots	2020-07-10T21:09:34.940290abusebot-5.cloudsearch.cf sshd[8128]: Invalid user johnny from 157.245.64.140 port 48408 2020-07-10T21:09:34.945683abusebot-5.cloudsearch.cf sshd[8128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 2020-07-10T21:09:34.940290abusebot-5.cloudsearch.cf sshd[8128]: Invalid user johnny from 157.245.64.140 port 48408 2020-07-10T21:09:36.718923abusebot-5.cloudsearch.cf sshd[8128]: Failed password for invalid user johnny from 157.245.64.140 port 48408 ssh2 2020-07-10T21:16:38.692366abusebot-5.cloudsearch.cf sshd[8344]: Invalid user nicki from 157.245.64.140 port 58858 2020-07-10T21:16:38.697670abusebot-5.cloudsearch.cf sshd[8344]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 2020-07-10T21:16:38.692366abusebot-5.cloudsearch.cf sshd[8344]: Invalid user nicki from 157.245.64.140 port 58858 2020-07-10T21:16:40.681208abusebot-5.cloudsearch.cf sshd[8344]: Fail ...	2020-07-11 06:26:57
attackbots	$f2bV_matches	2020-07-09 15:35:19
attackbots	2020-07-08T22:21:47.496829SusPend.routelink.net.id sshd[540]: Invalid user terissa from 157.245.64.140 port 56436 2020-07-08T22:21:49.506686SusPend.routelink.net.id sshd[540]: Failed password for invalid user terissa from 157.245.64.140 port 56436 ssh2 2020-07-08T22:24:49.316155SusPend.routelink.net.id sshd[957]: Invalid user test2 from 157.245.64.140 port 53030 ...	2020-07-09 01:13:12
attackbots	<6 unauthorized SSH connections	2020-06-28 17:00:42
attackspam	Jun 26 06:52:12 master sshd[2323]: Failed password for root from 157.245.64.140 port 52646 ssh2 Jun 26 07:00:37 master sshd[2849]: Failed password for invalid user magento from 157.245.64.140 port 48928 ssh2 Jun 26 07:03:33 master sshd[2893]: Failed password for root from 157.245.64.140 port 47706 ssh2 Jun 26 07:06:27 master sshd[2949]: Failed password for invalid user admin from 157.245.64.140 port 46500 ssh2 Jun 26 07:09:31 master sshd[3030]: Failed password for root from 157.245.64.140 port 45282 ssh2 Jun 26 07:12:26 master sshd[3117]: Failed password for invalid user ron from 157.245.64.140 port 44068 ssh2 Jun 26 07:15:25 master sshd[3198]: Failed password for invalid user sy from 157.245.64.140 port 42870 ssh2 Jun 26 07:18:24 master sshd[3253]: Failed password for invalid user ftpuser from 157.245.64.140 port 41670 ssh2 Jun 26 07:21:20 master sshd[3340]: Failed password for invalid user b from 157.245.64.140 port 40470 ssh2	2020-06-26 17:28:28
attack	Jun 21 14:15:28 ajax sshd[9291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.64.140 Jun 21 14:15:30 ajax sshd[9291]: Failed password for invalid user tys from 157.245.64.140 port 45512 ssh2	2020-06-22 00:30:55
attackbots	20 attempts against mh-ssh on echoip	2020-06-20 13:48:59
attackbots	SSH login attempts.	2020-06-17 15:02:43

Comments on same subnet:

IP	Type	Details	Datetime
157.245.64.126	attackspam	2020-09-23 14:58:16,777 fail2ban.actions: WARNING [wp-login] Ban 157.245.64.126	2020-09-23 21:36:04
157.245.64.126	attackbots	Sep 23 06:38:40 10.23.102.230 wordpress(www.ruhnke.cloud)[69323]: Authentication attempt for unknown user slickpopupteam from 157.245.64.126 ...	2020-09-23 13:56:59
157.245.64.126	attackbots	Wordpress attack	2020-09-23 05:45:08
157.245.64.116	attackspam	157.245.64.116 - - [29/Jun/2020:04:58:14 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.64.116 - - [29/Jun/2020:04:58:20 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.64.116 - - [29/Jun/2020:04:58:20 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-29 12:20:32
157.245.64.116	attackbotsspam	157.245.64.116 - - [26/Jun/2020:19:20:55 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.64.116 - - [26/Jun/2020:19:20:56 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.64.116 - - [26/Jun/2020:19:20:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-27 02:34:02
157.245.64.96	attackbots	Unauthorized connection attempt detected from IP address 157.245.64.96 to port 8088	2020-01-10 00:53:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.64.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22496
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.64.140.			IN	A

;; AUTHORITY SECTION:
.			159	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012402 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 25 06:45:41 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 140.64.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 140.64.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.0.191.132	attackspambots	Icarus honeypot on github	2020-03-28 16:52:31
142.44.243.190	attackbots	Mar 28 10:08:54 server sshd\[27528\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.ip-142-44-243.net user=root Mar 28 10:08:56 server sshd\[27528\]: Failed password for root from 142.44.243.190 port 34966 ssh2 Mar 28 10:10:39 server sshd\[28317\]: Invalid user test from 142.44.243.190 Mar 28 10:10:39 server sshd\[28317\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.ip-142-44-243.net Mar 28 10:10:41 server sshd\[28317\]: Failed password for invalid user test from 142.44.243.190 port 48964 ssh2 ...	2020-03-28 16:11:53
46.17.121.109	attackbotsspam	firewall-block, port(s): 4567/tcp	2020-03-28 16:07:14
106.13.82.151	attackspambots	Mar 27 19:14:01 wbs sshd\[15147\]: Invalid user koeso from 106.13.82.151 Mar 27 19:14:01 wbs sshd\[15147\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.151 Mar 27 19:14:03 wbs sshd\[15147\]: Failed password for invalid user koeso from 106.13.82.151 port 52778 ssh2 Mar 27 19:18:07 wbs sshd\[15479\]: Invalid user xba from 106.13.82.151 Mar 27 19:18:07 wbs sshd\[15479\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.151	2020-03-28 16:24:15
123.235.36.26	attack	Mar 27 20:18:26 web1 sshd\[14683\]: Invalid user nee from 123.235.36.26 Mar 27 20:18:26 web1 sshd\[14683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.235.36.26 Mar 27 20:18:28 web1 sshd\[14683\]: Failed password for invalid user nee from 123.235.36.26 port 9049 ssh2 Mar 27 20:24:42 web1 sshd\[15345\]: Invalid user hnk from 123.235.36.26 Mar 27 20:24:42 web1 sshd\[15345\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.235.36.26	2020-03-28 16:19:51
103.246.240.30	attack	This client attempted to login to an administrator account on a Website, or abused from another resource.	2020-03-28 16:37:00
104.248.170.45	attackspam	Invalid user hdfs from 104.248.170.45 port 35094	2020-03-28 16:14:52
178.165.130.73	attackspambots	Brute force VPN server	2020-03-28 16:50:47
104.236.22.133	attackspam	Mar 28 04:39:25 firewall sshd[3317]: Invalid user xingzguo from 104.236.22.133 Mar 28 04:39:28 firewall sshd[3317]: Failed password for invalid user xingzguo from 104.236.22.133 port 57094 ssh2 Mar 28 04:47:32 firewall sshd[3771]: Invalid user nsk from 104.236.22.133 ...	2020-03-28 16:47:27
122.51.125.104	attack	$f2bV_matches	2020-03-28 16:12:22
1.9.46.177	attackbots	SSH/22 MH Probe, BF, Hack -	2020-03-28 16:40:44
181.115.249.180	attackbots	Brute force VPN server	2020-03-28 16:31:55
41.210.128.37	attackbots	Mar 28 04:44:40 firewall sshd[3630]: Invalid user lb from 41.210.128.37 Mar 28 04:44:42 firewall sshd[3630]: Failed password for invalid user lb from 41.210.128.37 port 34272 ssh2 Mar 28 04:48:45 firewall sshd[3881]: Invalid user ejl from 41.210.128.37 ...	2020-03-28 16:37:28
212.129.60.155	attack	" "	2020-03-28 16:44:33
117.102.94.74	attackspam	DATE:2020-03-28 04:45:51, IP:117.102.94.74, PORT:5900 VNC brute force auth on honeypot server (epe-honey1-hq)	2020-03-28 16:15:19

Recently Reported IPs

62.48.200.120	194.176.97.160	112.118.61.64	219.77.180.214
183.80.89.174	119.160.101.81	85.222.244.122	37.212.109.92
223.16.235.219	179.208.89.4	113.164.3.83	183.251.104.145
110.29.237.171	174.2.73.9	181.191.250.26	188.167.88.12
78.188.54.174	1.53.144.153	106.12.160.17	212.80.200.180