157.245.245.30

Basic Info

City: North Bergen

Region: New Jersey

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-10 06:24:58

Comments on same subnet:

IP	Type	Details	Datetime
157.245.245.246	botsproxy	SSH bot	2025-06-09 21:11:41
157.245.245.159	attackspam	157.245.245.159 - - [24/Sep/2020:06:28:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:16 +0200] "POST /wp-login.php HTTP/1.1" 200 2104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:17 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:17 +0200] "POST /wp-login.php HTTP/1.1" 200 2090 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:18 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:19 +0200] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-09-25 02:06:59
157.245.245.159	attackspam	157.245.245.159 - - [24/Sep/2020:06:28:16 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:16 +0200] "POST /wp-login.php HTTP/1.1" 200 2104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:17 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:17 +0200] "POST /wp-login.php HTTP/1.1" 200 2090 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:18 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [24/Sep/2020:06:28:19 +0200] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/ ...	2020-09-24 17:46:18
157.245.245.159	attackspambots	157.245.245.159 - - [13/Sep/2020:18:38:15 +1000] "POST /wp-login.php HTTP/1.1" 200 2511 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [13/Sep/2020:18:38:18 +1000] "POST /wp-login.php HTTP/1.1" 200 2496 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [14/Sep/2020:15:16:00 +1000] "POST /wp-login.php HTTP/1.1" 200 2511 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [14/Sep/2020:15:16:02 +1000] "POST /wp-login.php HTTP/1.1" 200 2496 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [14/Sep/2020:17:59:57 +1000] "POST /wp-login.php HTTP/1.1" 200 2511 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-14 23:34:33
157.245.245.159	attack	WordPress login Brute force / Web App Attack on client site.	2020-09-14 15:22:03
157.245.245.159	attackspam	157.245.245.159 - - [13/Sep/2020:18:55:46 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [13/Sep/2020:18:55:48 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [13/Sep/2020:18:55:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 07:17:42
157.245.245.159	attackbots	157.245.245.159 - - \[22/Aug/2020:10:35:52 +0200\] "POST /wp-login.php HTTP/1.0" 200 8727 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - \[22/Aug/2020:10:35:54 +0200\] "POST /wp-login.php HTTP/1.0" 200 8729 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - \[22/Aug/2020:10:36:00 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 935 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-22 17:54:15
157.245.245.159	attack	157.245.245.159 - - [05/Aug/2020:14:18:39 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [05/Aug/2020:14:18:46 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [05/Aug/2020:14:18:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-05 22:12:24
157.245.245.159	attackbotsspam	157.245.245.159 - - [02/Aug/2020:05:56:40 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [02/Aug/2020:05:56:42 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.245.159 - - [02/Aug/2020:05:56:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2037 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-02 18:52:42
157.245.245.59	attack	This IP# has tried to attack me several times and steal information. Norton kept alerting me but it worked.	2020-03-08 01:53:54
157.245.245.205	attackspam	GET /wp-feed.php HTTP/1.1 301 - Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36	2019-11-18 21:08:58

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.245.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54874
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;157.245.245.30.			IN	A

;; AUTHORITY SECTION:
.			365	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020901 1800 900 604800 86400

;; Query time: 192 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 10 06:24:55 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 30.245.245.157.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 30.245.245.157.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.197.151.248	attack	Aug 1 01:24:23 ns41 sshd[27153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.151.248 Aug 1 01:24:23 ns41 sshd[27153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.151.248	2019-08-01 07:49:14
116.89.53.66	attack	Aug 1 01:01:03 MK-Soft-Root2 sshd\[669\]: Invalid user mint from 116.89.53.66 port 55794 Aug 1 01:01:03 MK-Soft-Root2 sshd\[669\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.89.53.66 Aug 1 01:01:05 MK-Soft-Root2 sshd\[669\]: Failed password for invalid user mint from 116.89.53.66 port 55794 ssh2 ...	2019-08-01 07:28:52
189.7.110.167	attackspam	Apr 15 20:26:10 ubuntu sshd[15410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.110.167 Apr 15 20:26:13 ubuntu sshd[15410]: Failed password for invalid user abbasciano from 189.7.110.167 port 35457 ssh2 Apr 15 20:29:34 ubuntu sshd[16368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.110.167 Apr 15 20:29:36 ubuntu sshd[16368]: Failed password for invalid user Outi from 189.7.110.167 port 48765 ssh2	2019-08-01 07:57:07
123.206.45.16	attack	Automatic report - Banned IP Access	2019-08-01 07:34:16
185.175.93.103	attack	Portscan or hack attempt detected by psad/fwsnort	2019-08-01 07:11:01
185.176.27.186	attack	proto=tcp . spt=50942 . dpt=3389 . src=185.176.27.186 . dst=xx.xx.4.1 . (listed on CINS badguys Jul 31) (1066)	2019-08-01 07:22:58
103.192.76.241	attackbots	Jul 31 21:25:07 master sshd[17426]: Failed password for invalid user admin from 103.192.76.241 port 1419 ssh2	2019-08-01 07:20:00
139.193.199.237	attackbots	BURG,WP GET /wp-login.php	2019-08-01 07:25:07
117.4.92.108	attackspambots	Jul 31 20:30:52 master sshd[17361]: Failed password for invalid user admin from 117.4.92.108 port 47018 ssh2	2019-08-01 07:26:12
189.7.73.170	attackbotsspam	May 31 06:36:01 ubuntu sshd[10957]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.73.170 May 31 06:36:03 ubuntu sshd[10957]: Failed password for invalid user ts3server from 189.7.73.170 port 56736 ssh2 May 31 06:39:29 ubuntu sshd[11269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.73.170 May 31 06:39:31 ubuntu sshd[11269]: Failed password for invalid user linux from 189.7.73.170 port 53116 ssh2	2019-08-01 07:32:12
222.170.63.27	attack	Aug 1 01:22:28 s64-1 sshd[19264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.170.63.27 Aug 1 01:22:30 s64-1 sshd[19264]: Failed password for invalid user htpguides from 222.170.63.27 port 5603 ssh2 Aug 1 01:25:43 s64-1 sshd[19317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.170.63.27 ...	2019-08-01 07:52:07
189.7.217.23	attackspambots	Jun 19 10:12:58 ubuntu sshd[30111]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.217.23 Jun 19 10:13:00 ubuntu sshd[30111]: Failed password for invalid user jolene from 189.7.217.23 port 55796 ssh2 Jun 19 10:17:00 ubuntu sshd[30225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.7.217.23	2019-08-01 07:40:05
79.137.86.205	attackspambots	Jul 31 23:28:47 localhost sshd\[25851\]: Invalid user fs from 79.137.86.205 port 35886 Jul 31 23:28:47 localhost sshd\[25851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.86.205 ...	2019-08-01 07:39:40
84.201.177.76	attack	Received: from HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (2603:10a6:802:1::35) by VI1PR0501MB2301.eurprd05.prod.outlook.com with HTTPS via VI1PR0902CA0046.EURPRD09.PROD.OUTLOOK.COM; Wed, 31 Jul 2019 16:52:30 +0000 Received: from HE1EUR01FT007.eop-EUR01.prod.protection.outlook.com (10.152.0.51) by HE1EUR01HT170.eop-EUR01.prod.protection.outlook.com (10.152.1.164) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2136.14; Wed, 31 Jul 2019 16:52:30 +0000 Authentication-Results: spf=none (sender IP is 169.159.171.139) smtp.mailfrom=luxido.cz; hotmail.co.uk; dkim=none (message not signed) header.d=none;hotmail.co.uk; dmarc=none action=none header.from=luxido.cz; Received-SPF: None (protection.outlook.com: luxido.cz does not designate permitted sender hosts) Received: from static-public-169.159.171.igen.co.za (169.159.171.139) by HE1EUR01FT007.mail.protection.outlook.com (10.152.1.243)	2019-08-01 07:15:14
181.55.95.52	attackbotsspam	2019-07-31T23:00:07.386580abusebot-8.cloudsearch.cf sshd\[14899\]: Invalid user hadoop from 181.55.95.52 port 34464	2019-08-01 07:25:55

Recently Reported IPs

123.205.60.90	220.176.99.11	92.193.175.158	41.231.5.207
122.165.247.254	171.224.193.44	117.207.208.72	78.38.29.28
80.11.172.198	185.82.216.14	86.120.44.244	45.143.223.149
180.249.202.224	58.11.157.0	13.127.205.81	52.172.131.106
73.91.248.131	185.63.152.197	180.167.233.253	85.143.112.35