162.243.1.245 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH brutforce	2019-11-28 23:53:29
attackbotsspam	Sep 3 20:12:31 shadeyouvpn sshd[27437]: Connection closed by 162.243.1.245 [preauth] Sep 3 21:56:58 shadeyouvpn sshd[2975]: Connection closed by 162.243.1.245 [preauth] Sep 3 23:06:34 shadeyouvpn sshd[16436]: Connection closed by 162.243.1.245 [preauth] Sep 4 00:20:45 shadeyouvpn sshd[29210]: Invalid user uno85 from 162.243.1.245 Sep 4 00:20:45 shadeyouvpn sshd[29210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.1.245 Sep 4 00:20:47 shadeyouvpn sshd[29210]: Failed password for invalid user uno85 from 162.243.1.245 port 56690 ssh2 Sep 4 00:20:47 shadeyouvpn sshd[29210]: Received disconnect from 162.243.1.245: 11: Normal Shutdown, Thank you for playing [preauth] Sep 4 00:21:59 shadeyouvpn sshd[29998]: Invalid user uno85 from 162.243.1.245 Sep 4 00:21:59 shadeyouvpn sshd[29998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.1.245 Sep 4 00:22:01 shadeyouvpn sshd........ -------------------------------	2019-09-04 15:19:36

Type

Details

Datetime

attack

SSH brutforce

2019-11-28 23:53:29

attackbotsspam

Sep  3 20:12:31 shadeyouvpn sshd[27437]: Connection closed by 162.243.1.245 [preauth]
Sep  3 21:56:58 shadeyouvpn sshd[2975]: Connection closed by 162.243.1.245 [preauth]
Sep  3 23:06:34 shadeyouvpn sshd[16436]: Connection closed by 162.243.1.245 [preauth]
Sep  4 00:20:45 shadeyouvpn sshd[29210]: Invalid user uno85 from 162.243.1.245
Sep  4 00:20:45 shadeyouvpn sshd[29210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.1.245 
Sep  4 00:20:47 shadeyouvpn sshd[29210]: Failed password for invalid user uno85 from 162.243.1.245 port 56690 ssh2
Sep  4 00:20:47 shadeyouvpn sshd[29210]: Received disconnect from 162.243.1.245: 11: Normal Shutdown, Thank you for playing [preauth]
Sep  4 00:21:59 shadeyouvpn sshd[29998]: Invalid user uno85 from 162.243.1.245
Sep  4 00:21:59 shadeyouvpn sshd[29998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.1.245 
Sep  4 00:22:01 shadeyouvpn sshd........
-------------------------------

2019-09-04 15:19:36

Comments on same subnet:

IP	Type	Details	Datetime
162.243.144.9	botsattackproxy	Malicious IP	2024-05-07 14:14:53
162.243.134.57	attack	Malicious IP	2024-04-30 13:38:55
162.243.141.19	attack	Malicious IP	2024-04-17 12:08:10
162.243.140.31	proxy	VPN fraud	2023-03-06 14:00:29
162.243.133.18	proxy	VPN fraud	2023-03-02 13:53:25
162.243.139.21	proxy	VPN fraud	2023-02-24 13:44:38
162.243.150.11	proxy	VPN	2023-02-17 21:52:08
162.243.141.23	proxy	VPN	2023-01-31 13:52:10
162.243.139.19	proxy	VPN	2023-01-23 14:02:03
162.243.128.132	attackbotsspam	SP-Scan 43646:9042 detected 2020.10.13 21:22:22 blocked until 2020.12.02 13:25:09	2020-10-14 07:02:01
162.243.128.189	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-13 02:32:26
162.243.128.189	attackspambots	Port scanning [3 denied]	2020-10-12 17:58:27
162.243.128.12	attackbotsspam	TCP port : 631	2020-10-12 03:55:08
162.243.160.106	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-11T16:31:12Z and 2020-10-11T16:37:53Z	2020-10-12 03:26:17
162.243.128.133	attackspambots	7210/tcp 1521/tcp 8090/tcp... [2020-08-21/10-10]28pkt,26pt.(tcp),1pt.(udp)	2020-10-12 02:41:08

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.1.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52257
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.1.245.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090400 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Sep 04 15:19:29 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 245.1.243.162.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 245.1.243.162.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.104.111.127	attackspambots	TCP port 445 (SMB) attempt blocked by firewall. [2019-07-05 09:49:21]	2019-07-06 01:48:07
187.62.209.142	attackspam	firewall-block, port(s): 445/tcp	2019-07-06 01:56:13
132.148.152.198	attackspam	www.goldgier.de 132.148.152.198 \[05/Jul/2019:16:05:54 +0200\] "POST /wp-login.php HTTP/1.1" 200 8727 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.goldgier.de 132.148.152.198 \[05/Jul/2019:16:05:56 +0200\] "POST /wp-login.php HTTP/1.1" 200 8727 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-06 01:25:37
185.245.42.88	attack	Scanning and Vuln Attempts	2019-07-06 01:38:31
157.230.113.218	attack	Jul 5 16:25:42 tux-35-217 sshd\[6255\]: Invalid user dmitry from 157.230.113.218 port 37984 Jul 5 16:25:42 tux-35-217 sshd\[6255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.113.218 Jul 5 16:25:43 tux-35-217 sshd\[6255\]: Failed password for invalid user dmitry from 157.230.113.218 port 37984 ssh2 Jul 5 16:27:53 tux-35-217 sshd\[6330\]: Invalid user lucasb from 157.230.113.218 port 34876 Jul 5 16:27:53 tux-35-217 sshd\[6330\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.113.218 ...	2019-07-06 01:23:30
202.91.86.100	attackbots	Jul 5 10:22:43 [host] sshd[14505]: Invalid user temp from 202.91.86.100 Jul 5 10:22:43 [host] sshd[14505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.91.86.100 Jul 5 10:22:45 [host] sshd[14505]: Failed password for invalid user temp from 202.91.86.100 port 56218 ssh2	2019-07-06 01:19:09
200.23.230.98	attack	mail.log:Jun 19 22:57:39 mail postfix/smtpd[29580]: warning: unknown[200.23.230.98]: SASL PLAIN authentication failed: authentication failure	2019-07-06 01:34:56
85.117.118.34	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 06:39:54,133 INFO [shellcode_manager] (85.117.118.34) no match, writing hexdump (97f0c8efe91fcad4b29cc958020b1451 :2100567) - MS17010 (EternalBlue)	2019-07-06 01:39:59
185.213.165.11	attackbotsspam	Scanning and Vuln Attempts	2019-07-06 01:46:14
191.53.239.184	attackbotsspam	failed_logins	2019-07-06 01:50:10
107.170.202.18	attackspambots	39153/tcp 465/tcp 49152/tcp... [2019-05-06/07-05]23pkt,19pt.(tcp),3pt.(udp)	2019-07-06 01:52:37
148.70.108.156	attack	Jul 5 10:50:36 hosting sshd[11381]: Invalid user james from 148.70.108.156 port 56936 ...	2019-07-06 01:24:31
51.75.126.28	attackspam	Invalid user gmodserver from 51.75.126.28 port 59524	2019-07-06 01:59:09
23.126.140.33	attack	$f2bV_matches	2019-07-06 01:14:32
200.23.239.39	attackbotsspam	mail.log:Jun 19 15:25:08 mail postfix/smtpd[24486]: warning: unknown[200.23.239.39]: SASL PLAIN authentication failed: authentication failure	2019-07-06 01:36:10

Recently Reported IPs

244.134.114.159	88.173.153.99	133.187.76.166	87.223.169.192
155.108.59.188	16.192.32.112	31.132.95.90	199.150.38.209
86.123.234.171	212.227.136.209	121.121.4.205	35.188.72.153
122.117.251.56	107.26.109.22	89.139.58.118	114.33.154.237
186.4.143.88	189.39.57.94	121.183.244.112	201.182.33.150