157.245.42.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
157.245.42.25	attack	Scan port	2022-09-26 12:24:49
157.245.42.253	attack	157.245.42.253 - - [23/Aug/2020:15:07:54 +0200] "GET /wp-login.php HTTP/1.1" 200 8691 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - [23/Aug/2020:15:08:00 +0200] "POST /wp-login.php HTTP/1.1" 200 8921 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - [23/Aug/2020:15:08:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-24 02:28:43
157.245.42.253	attackspambots	[Wed Aug 19 11:43:40.116539 2020] [php7:error] [pid 1400] [client 157.245.42.253:51238] script /Library/Server/Web/Data/Sites/interfaithministryservices.com/wp-login.php not found or unable to stat, referer: http://reverendrhonda.com/wp-login.php	2020-08-20 01:51:48
157.245.42.253	attackspambots	157.245.42.253 - - [15/Aug/2020:15:42:24 +0200] "GET /wp-login.php HTTP/1.1" 200 8775 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - [15/Aug/2020:15:42:26 +0200] "POST /wp-login.php HTTP/1.1" 200 9026 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - [15/Aug/2020:15:42:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-15 22:08:31
157.245.42.253	attackspambots	157.245.42.253 - - \[07/Aug/2020:14:08:23 +0200\] "POST /wp-login.php HTTP/1.0" 200 6462 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - \[07/Aug/2020:14:08:34 +0200\] "POST /wp-login.php HTTP/1.0" 200 6431 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - \[07/Aug/2020:14:08:35 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-08-07 20:32:16
157.245.42.253	attackspam	157.245.42.253 - - [29/Jul/2020:13:54:43 +0200] "POST /xmlrpc.php HTTP/1.1" 403 10684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - [29/Jul/2020:14:12:58 +0200] "POST /xmlrpc.php HTTP/1.1" 403 20980 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-29 21:45:25
157.245.42.253	attackspam	Automatic report - Banned IP Access	2020-07-21 12:20:11
157.245.42.253	attackspambots	xmlrpc attack	2020-06-15 17:10:59
157.245.42.253	attackspambots	Attempt to log in with non-existing username	2020-05-17 04:18:58
157.245.42.253	attackspam	Apr 29 19:45:56 wordpress[]: XML-RPC authentication failure [host:] [remote:157.245.42.253] May 1 00:43:19 wordpress[]: blocked authentication attempt for [] [host:] [remote:157.245.42.253] May 1 14:17:26 wordpress[]: blocked authentication attempt for [] [host:] [remote:157.245.42.253] May 2 00:22:55 wordpress[]: blocked authentication attempt for [] [host:] [remote:157.245.42.253] May 2 14:49:42 wordpress[]: XML-RPC authentication failure [host:] [remote:157.245.42.253] May 3 14:06:56 wordpress[]: authentication attempt for unknown user []] [host:] [remote:157.245.42.253] May 3 14:06:56 wordpress[]: XML-RPC authentication failure [host:] [remote:157.245.42.253]	2020-05-04 02:30:49
157.245.42.253	attack	05/03/2020-08:37:19.081794 157.245.42.253 Protocol: 6 ET POLICY Cleartext WordPress Login	2020-05-03 17:25:46
157.245.42.253	attackbots	157.245.42.253 - - \[21/Apr/2020:21:48:26 +0200\] "POST /wp-login.php HTTP/1.0" 200 6811 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - \[21/Apr/2020:21:48:37 +0200\] "POST /wp-login.php HTTP/1.0" 200 6626 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 157.245.42.253 - - \[21/Apr/2020:21:48:43 +0200\] "POST /wp-login.php HTTP/1.0" 200 6623 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-04-22 06:14:15
157.245.42.253	attackspam	157.245.42.253 - - [28/Mar/2020:15:42:51 +0300] "POST /wp-login.php HTTP/1.1" 200 2790 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-28 23:51:58
157.245.42.171	attackspambots	Sep 16 01:14:01 nextcloud sshd\[6673\]: Invalid user dev from 157.245.42.171 Sep 16 01:14:01 nextcloud sshd\[6673\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.42.171 Sep 16 01:14:02 nextcloud sshd\[6673\]: Failed password for invalid user dev from 157.245.42.171 port 55994 ssh2 ...	2019-09-16 13:28:34
157.245.42.171	attack	Sep 15 19:04:14 [host] sshd[18805]: Invalid user ian from 157.245.42.171 Sep 15 19:04:14 [host] sshd[18805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.42.171 Sep 15 19:04:15 [host] sshd[18805]: Failed password for invalid user ian from 157.245.42.171 port 34738 ssh2	2019-09-16 04:03:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 157.245.42.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23289
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;157.245.42.94.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021800 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 13:28:57 CST 2022
;; MSG SIZE  rcvd: 106

Host info

94.42.245.157.in-addr.arpa domain name pointer skchase.wpmudev.host.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
94.42.245.157.in-addr.arpa	name = skchase.wpmudev.host.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
13.77.203.75	attackspambots	RDP Bruteforce	2020-04-24 06:04:36
45.141.86.145	attack	Attempting to brute-force a VPN connection	2020-04-24 06:29:46
120.132.66.117	attack	Invalid user qp from 120.132.66.117 port 48865	2020-04-24 06:19:52
185.175.93.15	attack	Apr 24 00:00:51 debian-2gb-nbg1-2 kernel: \[9938198.527251\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.15 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=62170 PROTO=TCP SPT=45252 DPT=7399 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-24 06:12:14
222.186.31.204	attack	Apr 24 00:11:24 plex sshd[31097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.204 user=root Apr 24 00:11:25 plex sshd[31097]: Failed password for root from 222.186.31.204 port 48736 ssh2	2020-04-24 06:15:20
115.159.65.195	attack	Invalid user hv from 115.159.65.195 port 45302	2020-04-24 06:31:45
213.244.123.182	attackspam	SSH Invalid Login	2020-04-24 06:05:17
80.82.77.212	attackbots	Multiport scan : 7 ports scanned 1723 1900 3283 3702 5353 8888 32769	2020-04-24 06:32:43
112.85.42.89	attackbotsspam	Apr 24 00:26:22 vmd38886 sshd\[13615\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.89 user=root Apr 24 00:26:24 vmd38886 sshd\[13615\]: Failed password for root from 112.85.42.89 port 10155 ssh2 Apr 24 00:26:27 vmd38886 sshd\[13615\]: Failed password for root from 112.85.42.89 port 10155 ssh2	2020-04-24 06:29:07
40.115.113.251	attackspam	Repeated RDP login failures. Last user: admin	2020-04-24 05:59:42
189.126.168.43	attack	firewall-block, port(s): 1433/tcp	2020-04-24 06:19:22
151.80.61.70	attack	Invalid user oracle from 151.80.61.70 port 50586	2020-04-24 06:12:53
222.186.175.202	attack	Apr 23 22:56:33 combo sshd[10863]: Failed password for root from 222.186.175.202 port 64322 ssh2 Apr 23 22:56:36 combo sshd[10863]: Failed password for root from 222.186.175.202 port 64322 ssh2 Apr 23 22:56:39 combo sshd[10863]: Failed password for root from 222.186.175.202 port 64322 ssh2 ...	2020-04-24 06:08:55
123.235.36.26	attack	Invalid user cc from 123.235.36.26 port 27316	2020-04-24 06:36:27
96.73.79.150	attackbotsspam	/boaform/admin/formPing	2020-04-24 06:02:01

Recently Reported IPs

157.245.42.82	157.245.33.27	157.245.33.156	157.245.38.152
157.245.47.159	157.245.46.249	157.245.48.221	157.245.56.250
157.245.56.91	157.245.53.42	157.245.47.175	157.245.56.150
157.245.63.51	157.245.53.173	157.245.65.101	157.245.66.73
157.245.57.76	157.245.68.11	157.245.65.162	157.245.69.179