162.243.145.98

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 162.243.145.98 on Port 3389(RDP)	2019-08-15 11:23:05
attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-12 01:36:11,188 INFO [amun_request_handler] PortScan Detected on Port: 143 (162.243.145.98)	2019-08-12 19:31:12
attack	Portscan or hack attempt detected by psad/fwsnort	2019-07-25 06:04:35
attackbots	" "	2019-06-30 01:52:24

Comments on same subnet:

IP	Type	Details	Datetime
162.243.145.195	attack	162.243.145.195 - - [01/Oct/2020:17:05:46 +0100] "POST /wp-login.php HTTP/1.1" 200 2596 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:17:05:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:17:05:49 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-02 00:44:39
162.243.145.195	attackbots	162.243.145.195 - - [01/Oct/2020:09:22:59 +0100] "POST /wp-login.php HTTP/1.1" 200 2862 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:09:23:00 +0100] "POST /wp-login.php HTTP/1.1" 200 2831 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [01/Oct/2020:09:23:02 +0100] "POST /wp-login.php HTTP/1.1" 200 2866 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 16:50:20
162.243.145.195	attack	162.243.145.195 - - [21/Sep/2020:16:10:29 +0200] "GET /wp-login.php HTTP/1.1" 200 8558 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [21/Sep/2020:16:10:31 +0200] "POST /wp-login.php HTTP/1.1" 200 8809 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.243.145.195 - - [21/Sep/2020:16:10:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-22 00:20:13
162.243.145.195	attack	Automatic report generated by Wazuh	2020-09-21 16:01:43
162.243.145.195	attackspam	CMS (WordPress or Joomla) login attempt.	2020-09-21 07:55:55
162.243.145.195	attackspam	Sep 20 16:08:16 10.23.102.230 wordpress(www.ruhnke.cloud)[41055]: Blocked authentication attempt for admin from 162.243.145.195 ...	2020-09-20 22:49:49
162.243.145.195	attackbotsspam	162.243.145.195 - - \[20/Sep/2020:08:30:11 +0200\] "POST /wp-login.php HTTP/1.0" 200 9641 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[20/Sep/2020:08:30:13 +0200\] "POST /wp-login.php HTTP/1.0" 200 9639 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[20/Sep/2020:08:30:15 +0200\] "POST /wp-login.php HTTP/1.0" 200 9487 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-20 14:40:56
162.243.145.195	attack	162.243.145.195 - - \[19/Sep/2020:22:59:17 +0200\] "POST /wp-login.php HTTP/1.0" 200 8786 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[19/Sep/2020:22:59:20 +0200\] "POST /wp-login.php HTTP/1.0" 200 8612 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 162.243.145.195 - - \[19/Sep/2020:22:59:22 +0200\] "POST /wp-login.php HTTP/1.0" 200 8607 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-09-20 06:39:46
162.243.145.36	attack	[Fri Jun 12 05:30:57 2020] - DDoS Attack From IP: 162.243.145.36 Port: 35586	2020-07-16 21:19:34
162.243.145.80	attackbotsspam	[Mon Jun 15 02:54:26 2020] - DDoS Attack From IP: 162.243.145.80 Port: 35122	2020-07-16 20:47:35
162.243.145.9	attack	[Fri Jun 19 22:32:56 2020] - DDoS Attack From IP: 162.243.145.9 Port: 55083	2020-07-16 20:02:50
162.243.145.78	attackbots	[Sun Jun 21 02:59:49 2020] - DDoS Attack From IP: 162.243.145.78 Port: 38625	2020-07-16 19:59:34
162.243.145.36	attackbots	[Fri Jun 12 05:30:59 2020] - DDoS Attack From IP: 162.243.145.36 Port: 35586	2020-07-13 03:28:40
162.243.145.80	attack	[Mon Jun 15 02:54:28 2020] - DDoS Attack From IP: 162.243.145.80 Port: 35122	2020-07-13 03:13:20
162.243.145.9	attackbots	[Fri Jun 19 22:32:58 2020] - DDoS Attack From IP: 162.243.145.9 Port: 55083	2020-07-13 02:44:34

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.145.98
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12863
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.145.98.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Apr 05 15:08:28 +08 2019
;; MSG SIZE  rcvd: 118

Host info

98.145.243.162.in-addr.arpa domain name pointer zg-0326a-30.stretchoid.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
98.145.243.162.in-addr.arpa	name = zg-0326a-30.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
27.148.190.100	attack	Sep 8 02:40:29 ns381471 sshd[21334]: Failed password for root from 27.148.190.100 port 37636 ssh2	2020-09-08 15:38:59
119.45.151.125	attack	Aug 4 15:52:12 server sshd[5691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.151.125 user=root Aug 4 15:52:14 server sshd[5691]: Failed password for invalid user root from 119.45.151.125 port 39852 ssh2 Aug 4 16:14:41 server sshd[7767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.151.125 user=root Aug 4 16:14:43 server sshd[7767]: Failed password for invalid user root from 119.45.151.125 port 44496 ssh2	2020-09-08 15:58:11
1.220.68.196	attackbotsspam	DATE:2020-09-07 18:50:52, IP:1.220.68.196, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-09-08 15:56:11
42.3.31.69	attackspam	Sep 7 18:50:46 ks10 sshd[894795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.3.31.69 Sep 7 18:50:48 ks10 sshd[894795]: Failed password for invalid user ubuntu from 42.3.31.69 port 55530 ssh2 ...	2020-09-08 15:58:30
64.225.35.135	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 57 - port: 3329 proto: tcp cat: Misc Attackbytes: 60	2020-09-08 15:42:06
68.204.88.29	attackspambots	Honeypot attack, port: 81, PTR: 68-204-88-29.res.bhn.net.	2020-09-08 16:13:01
122.116.247.59	attackspambots	Port scan denied	2020-09-08 16:12:11
176.192.126.27	attackbotsspam	...	2020-09-08 15:56:38
45.142.120.121	attackbots	2020-09-08 10:37:29 auth_plain authenticator failed for (User) [45.142.120.121]: 535 Incorrect authentication data (set_id=m.fr@com.ua) 2020-09-08 10:38:08 auth_plain authenticator failed for (User) [45.142.120.121]: 535 Incorrect authentication data (set_id=jino@com.ua) ...	2020-09-08 15:41:01
179.113.169.216	attack	Sep 8 09:59:49 markkoudstaal sshd[19598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.113.169.216 Sep 8 09:59:51 markkoudstaal sshd[19598]: Failed password for invalid user rstudio-server from 179.113.169.216 port 43346 ssh2 Sep 8 10:00:55 markkoudstaal sshd[19867]: Failed password for root from 179.113.169.216 port 36684 ssh2 ...	2020-09-08 16:03:01
185.191.171.10	attackspambots	[Mon Sep 07 12:57:26.783349 2020] [authz_core:error] [pid 17347:tid 139674030905088] [client 185.191.171.10:40812] AH01630: client denied by server configuration: /home/vestibte/public_rsrc/ErrDocs/error.php [Mon Sep 07 23:33:24.428893 2020] [authz_core:error] [pid 17345:tid 139674030905088] [client 185.191.171.10:21832] AH01630: client denied by server configuration: /home/vestibte/public_html/robots.txt [Mon Sep 07 23:33:24.433730 2020] [authz_core:error] [pid 17345:tid 139674030905088] [client 185.191.171.10:21832] AH01630: client denied by server configuration: /home/vestibte/public_rsrc/ErrDocs/error.php ...	2020-09-08 16:00:29
103.151.182.6	attack	SSH brute force attempt	2020-09-08 16:01:54
202.88.237.15	attackspambots	Ssh brute force	2020-09-08 16:07:28
81.230.58.228	attackspam	Bruteforce detected by fail2ban	2020-09-08 15:53:15
51.77.109.98	attackspam	$f2bV_matches	2020-09-08 15:51:27

Recently Reported IPs

36.74.51.10	129.28.76.98	202.182.51.129	183.192.248.10
37.193.148.153	111.231.255.184	71.6.233.249	27.164.31.85
37.59.158.100	156.197.240.198	111.9.116.190	107.170.238.234
54.38.50.99	182.119.212.209	107.160.222.232	49.247.214.54
168.90.125.131	103.254.94.72	170.0.124.141	185.35.64.211