157.245.143.80

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Web App Attack	2019-11-13 08:21:44

Comments on same subnet:

IP	Type	Details	Datetime
157.245.143.18	attackspambots	2020-07-31T20:17:46.030141ionos.janbro.de sshd[76395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.143.18 user=root 2020-07-31T20:17:47.315349ionos.janbro.de sshd[76395]: Failed password for root from 157.245.143.18 port 36338 ssh2 2020-07-31T20:21:18.859774ionos.janbro.de sshd[76398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.143.18 user=root 2020-07-31T20:21:20.250294ionos.janbro.de sshd[76398]: Failed password for root from 157.245.143.18 port 47394 ssh2 2020-07-31T20:24:41.588362ionos.janbro.de sshd[76404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.143.18 user=root 2020-07-31T20:24:43.179628ionos.janbro.de sshd[76404]: Failed password for root from 157.245.143.18 port 56682 ssh2 2020-07-31T20:27:56.123721ionos.janbro.de sshd[76421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=15 ...	2020-08-01 07:01:03
157.245.143.5	attackspam	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-05-26 14:24:15
157.245.143.5	attackbotsspam	WordPress wp-login brute force :: 157.245.143.5 0.068 BYPASS [12/May/2020:21:12:16 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2288 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-13 07:24:17
157.245.143.5	attackspam	WordPress wp-login brute force :: 157.245.143.5 0.116 - [11/Apr/2020:09:21:35 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 1804 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-04-11 17:41:16
157.245.143.5	attackbots	xmlrpc attack	2020-03-18 00:47:45
157.245.143.5	attack	/wp-login.php	2020-03-14 03:12:57
157.245.143.221	attackspam	Honeypot hit.	2019-10-07 20:41:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.143.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.143.80.			IN	A

;; AUTHORITY SECTION:
.			438	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111201 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Nov 13 08:21:41 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 80.143.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.143.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.241.220.59	attackspambots	Unauthorized SSH login attempts	2020-07-05 22:07:59
68.183.55.223	attack	TCP (SYN) 68.183.55.223:42841 -> port 26923, len 44	2020-07-05 21:58:53
23.95.242.76	attackspambots	TCP (SYN) 23.95.242.76:41829 -> port 23819, len 44	2020-07-05 22:26:57
5.94.20.9	attack	Automatic report - Banned IP Access	2020-07-05 22:04:37
62.210.189.183	attackspambots	07/05/2020-09:20:23.410564 62.210.189.183 Protocol: 17 ET SCAN Sipvicious Scan	2020-07-05 21:59:24
185.53.88.198	attackspambots	ET SCAN Sipvicious User-Agent Detected (friendly-scanner) - port: 5060 proto: UDP cat: Attempted Information Leak	2020-07-05 22:08:42
68.183.137.173	attackbots	Jul 5 14:56:58 debian-2gb-nbg1-2 kernel: \[16212432.076107\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=68.183.137.173 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=25870 PROTO=TCP SPT=53394 DPT=31874 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-05 21:58:37
8.34.78.237	attack	Unauthorised access (Jul 5) SRC=8.34.78.237 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=42837 TCP DPT=8080 WINDOW=15036 SYN Unauthorised access (Jul 4) SRC=8.34.78.237 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=8578 TCP DPT=8080 WINDOW=53007 SYN Unauthorised access (Jul 2) SRC=8.34.78.237 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=51142 TCP DPT=8080 WINDOW=15036 SYN	2020-07-05 22:27:25
104.248.122.143	attackspam	DATE:2020-07-05 15:37:36, IP:104.248.122.143, PORT:ssh SSH brute force auth (docker-dc)	2020-07-05 22:13:36
92.63.197.53	attackbots	TCP (SYN) 92.63.197.53:42003 -> port 3525, len 44	2020-07-05 22:39:30
27.184.148.19	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 10 - port: 23 proto: TCP cat: Misc Attack	2020-07-05 22:26:35
94.102.51.16	attackspambots	Jul 5 16:15:44 debian-2gb-nbg1-2 kernel: \[16217157.887682\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.51.16 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=44224 PROTO=TCP SPT=41772 DPT=44417 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-05 22:38:15
192.241.227.83	attack	ET DROP Dshield Block Listed Source group 1 - port: 4567 proto: TCP cat: Misc Attack	2020-07-05 22:28:08
125.117.96.125	attackbotsspam	Unauthorized connection attempt detected from IP address 125.117.96.125 to port 445	2020-07-05 22:36:29
64.227.24.206	attackbots	scans once in preceeding hours on the ports (in chronological order) 30427 resulting in total of 3 scans from 64.227.0.0/17 block.	2020-07-05 22:19:52

Recently Reported IPs

5.253.204.29	195.88.17.13	14.248.64.254	89.34.27.22
222.138.177.133	156.198.138.191	31.134.151.109	86.39.3.25
53.61.230.227	170.150.72.79	190.237.100.177	115.77.189.105
163.172.36.72	198.71.230.17	42.232.84.242	49.68.61.209
42.231.93.199	222.141.89.160	175.29.127.11	183.177.205.196