162.243.145.98

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 162.243.145.98 on Port 3389(RDP)	2019-08-15 11:23:05
attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-12 01:36:11,188 INFO [amun_request_handler] PortScan Detected on Port: 143 (162.243.145.98)	2019-08-12 19:31:12
attack	Portscan or hack attempt detected by psad/fwsnort	2019-07-25 06:04:35
attackbots	" "	2019-06-30 01:52:24

Comments on same subnet:

IP	Type	Details	Datetime
162.243.145.195	attack	162.243.145.195 - - [01/Oct/2020:17:05:46 +0100] "POST /wp-login.php HTTP/1.1" 200 2596 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:17:05:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:17:05:49 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 00:44:39
162.243.145.195	attackbots	162.243.145.195 - - [01/Oct/2020:09:22:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2862 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:09:23:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2831 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:09:23:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2866 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 16:50:20
162.243.145.195	attack	162.243.145.195 - - [21/Sep/2020:16:10:29 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [21/Sep/2020:16:10:31 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [21/Sep/2020:16:10:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-22 00:20:13
162.243.145.195	attack	Automatic report generated by Wazuh	2020-09-21 16:01:43
162.243.145.195	attackspam	CMS (WordPress or Joomla) login attempt.	2020-09-21 07:55:55
162.243.145.195	attackspam	Sep 20 16:08:16 10.23.102.230 wordpress(www.ruhnke.cloud)[41055]: Blocked authentication attempt for admin from 162.243.145.195 ...	2020-09-20 22:49:49
162.243.145.195	attackbotsspam	162.243.145.195 - - \[20/Sep/2020:08:30:11 +0200\] "POST /wp-login.php HTTP/1.0" 200 9641 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[20/Sep/2020:08:30:13 +0200\] "POST /wp-login.php HTTP/1.0" 200 9639 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[20/Sep/2020:08:30:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 9487 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-20 14:40:56
162.243.145.195	attack	162.243.145.195 - - \[19/Sep/2020:22:59:17 +0200\] "POST /wp-login.php HTTP/1.0" 200 8786 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[19/Sep/2020:22:59:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 8612 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[19/Sep/2020:22:59:22 +0200\] "POST /wp-login.php HTTP/1.0" 200 8607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-09-20 06:39:46
162.243.145.36	attack	[Fri Jun 12 05:30:57 2020] - DDoS Attack From IP: 162.243.145.36 Port: 35586	2020-07-16 21:19:34
162.243.145.80	attackbotsspam	[Mon Jun 15 02:54:26 2020] - DDoS Attack From IP: 162.243.145.80 Port: 35122	2020-07-16 20:47:35
162.243.145.9	attack	[Fri Jun 19 22:32:56 2020] - DDoS Attack From IP: 162.243.145.9 Port: 55083	2020-07-16 20:02:50
162.243.145.78	attackbots	[Sun Jun 21 02:59:49 2020] - DDoS Attack From IP: 162.243.145.78 Port: 38625	2020-07-16 19:59:34
162.243.145.36	attackbots	[Fri Jun 12 05:30:59 2020] - DDoS Attack From IP: 162.243.145.36 Port: 35586	2020-07-13 03:28:40
162.243.145.80	attack	[Mon Jun 15 02:54:28 2020] - DDoS Attack From IP: 162.243.145.80 Port: 35122	2020-07-13 03:13:20
162.243.145.9	attackbots	[Fri Jun 19 22:32:58 2020] - DDoS Attack From IP: 162.243.145.9 Port: 55083	2020-07-13 02:44:34

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.145.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12863
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.145.98.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 15:08:28 +08 2019
;; MSG SIZE  rcvd: 118

Host info

98.145.243.162.in-addr.arpa domain name pointer zg-0326a-30.stretchoid.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
98.145.243.162.in-addr.arpa	name = zg-0326a-30.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.53.198.147	attackspam	Brute force attack stopped by firewall	2019-07-08 15:33:15
168.195.208.176	attack	Brute force attack stopped by firewall	2019-07-08 15:30:45
167.250.90.8	attackspambots	Unauthorized IMAP connection attempt.	2019-07-08 15:53:00
200.24.84.8	attack	Unauthorized IMAP connection attempt.	2019-07-08 16:03:09
177.154.234.44	attack	Brute force attack stopped by firewall	2019-07-08 15:30:20
110.80.25.6	attackspam	HTTP/80/443 Probe, BF, WP, Hack -	2019-07-08 16:15:58
187.1.25.141	attack	Brute force attack stopped by firewall	2019-07-08 15:24:10
168.228.148.118	attackspambots	Brute force attack to crack SMTP password (port 25 / 587)	2019-07-08 15:56:13
191.53.220.231	attackbots	Brute force attack stopped by firewall	2019-07-08 15:23:47
5.39.6.89	attackspambots	Jul 8 01:35:56 OPSO sshd\[11358\]: Invalid user crm from 5.39.6.89 port 44776 Jul 8 01:35:56 OPSO sshd\[11358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.6.89 Jul 8 01:35:57 OPSO sshd\[11358\]: Failed password for invalid user crm from 5.39.6.89 port 44776 ssh2 Jul 8 01:35:58 OPSO sshd\[11360\]: Invalid user iwx from 5.39.6.89 port 49722 Jul 8 01:35:58 OPSO sshd\[11360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.39.6.89	2019-07-08 15:40:34
185.53.88.34	attack	Caught in portsentry honeypot	2019-07-08 16:11:09
110.80.25.8	attackspambots	firewall-block_invalid_GET_Request	2019-07-08 16:13:39
177.38.4.30	attackbots	Brute force attack stopped by firewall	2019-07-08 16:01:14
86.57.6.126	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-08 15:28:11
191.53.197.81	attack	Brute force attack stopped by firewall	2019-07-08 15:58:23

Recently Reported IPs

36.74.51.10	129.28.76.98	202.182.51.129	183.192.248.10
37.193.148.153	111.231.255.184	71.6.233.249	27.164.31.85
37.59.158.100	156.197.240.198	111.9.116.190	107.170.238.234
54.38.50.99	182.119.212.209	107.160.222.232	49.247.214.54
168.90.125.131	103.254.94.72	170.0.124.141	185.35.64.211