162.243.136.144

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	scans once in preceeding hours on the ports (in chronological order) 1931 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 21:03:02
attackbots	Port Scan detected! ...	2020-05-27 00:13:47
attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 9200 39057 resulting in total of 54 scans from 162.243.0.0/16 block.	2020-05-22 01:15:55

Type

Details

Datetime

attackspambots

scans once in preceeding hours on the ports (in chronological order) 1931 resulting in total of 51 scans from 162.243.0.0/16 block.

2020-06-21 21:03:02

attackbots

Port Scan detected!
...

2020-05-27 00:13:47

attackspambots

scans 2 times in preceeding hours on the ports (in chronological order) 9200 39057 resulting in total of 54 scans from 162.243.0.0/16 block.

2020-05-22 01:15:55

Comments on same subnet:

IP	Type	Details	Datetime
162.243.136.186	attack	[Wed Jun 10 05:55:45 2020] - DDoS Attack From IP: 162.243.136.186 Port: 40597	2020-07-13 03:51:17
162.243.136.60	attackspambots	[Sun May 31 02:48:40 2020] - DDoS Attack From IP: 162.243.136.60 Port: 49864	2020-07-09 02:28:35
162.243.136.88	attack	scans 2 times in preceeding hours on the ports (in chronological order) 4545 60001 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 21:03:56
162.243.136.115	attackbotsspam	3011/tcp 7547/tcp 502/tcp... [2020-05-05/06-21]31pkt,27pt.(tcp),1pt.(udp)	2020-06-21 21:03:39
162.243.136.158	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 3011 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 21:02:40
162.243.136.160	attack	1720/tcp 8005/tcp 7777/tcp... [2020-04-29/06-21]42pkt,34pt.(tcp),2pt.(udp)	2020-06-21 21:02:12
162.243.136.182	attackbotsspam	2000/tcp 646/tcp 10880/tcp... [2020-04-30/06-21]57pkt,46pt.(tcp),4pt.(udp)	2020-06-21 20:59:23
162.243.136.192	attack	scans once in preceeding hours on the ports (in chronological order) 33930 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:58:58
162.243.136.27	attackbotsspam	firewall-block, port(s): 50070/tcp	2020-06-20 21:15:28
162.243.136.200	attackbots	RDP brute force attack detected by fail2ban	2020-06-20 14:05:31
162.243.136.27	attackspam	9001/tcp 47808/tcp 5984/tcp... [2020-05-03/06-19]31pkt,24pt.(tcp),2pt.(udp)	2020-06-20 06:28:31
162.243.136.192	attackspambots	Port scan denied	2020-06-18 17:45:40
162.243.136.24	attackbots	404 NOT FOUND	2020-06-17 14:44:54
162.243.136.216	attackspambots	162.243.136.216 - - - [17/Jun/2020:05:56:02 +0200] "GET /owa/auth/logon.aspx?url=https%3a%2f%2f1%2fecp%2f HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-06-17 13:09:29
162.243.136.95	attackspambots	20/6/15@23:54:21: FAIL: IoT-SSH address from=162.243.136.95 ...	2020-06-16 13:02:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.136.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33109
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.136.144.		IN	A

;; AUTHORITY SECTION:
.			428	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052101 1800 900 604800 86400

;; Query time: 147 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 22 01:15:52 CST 2020
;; MSG SIZE  rcvd: 119

Host info

144.136.243.162.in-addr.arpa domain name pointer zg-0428c-96.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
144.136.243.162.in-addr.arpa	name = zg-0428c-96.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.206.141.5	attack	[Thu Aug 13 04:03:34.797619 2020] [:error] [pid 3529:tid 140197865977600] [client 113.206.141.5:56224] [client 113.206.141.5] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "127.0.0.1:80"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "127.0.0.1"] [uri "/shell"] [unique_id "XzRZJoqBmYA0JFMXc6nlZgAAAks"] ...	2020-08-13 05:43:32
192.141.107.58	attackspam	Aug 12 23:03:16 cosmoit sshd[22381]: Failed password for root from 192.141.107.58 port 48344 ssh2	2020-08-13 05:55:28
61.177.172.102	attack	Aug 12 21:58:50 124388 sshd[4084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root Aug 12 21:58:52 124388 sshd[4084]: Failed password for root from 61.177.172.102 port 29412 ssh2 Aug 12 21:58:50 124388 sshd[4084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.102 user=root Aug 12 21:58:52 124388 sshd[4084]: Failed password for root from 61.177.172.102 port 29412 ssh2 Aug 12 21:58:55 124388 sshd[4084]: Failed password for root from 61.177.172.102 port 29412 ssh2	2020-08-13 06:08:05
60.165.54.65	attack	Email rejected due to spam filtering	2020-08-13 06:07:31
163.172.32.190	attackbotsspam	163.172.32.190 - - [12/Aug/2020:23:13:09 +0100] "POST /wp-login.php HTTP/1.1" 200 1969 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.32.190 - - [12/Aug/2020:23:13:14 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 163.172.32.190 - - [12/Aug/2020:23:13:14 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-13 06:19:11
188.251.94.87	attack	Email rejected due to spam filtering	2020-08-13 05:57:21
51.91.105.6	attackspambots	51.91.105.6 - - \[12/Aug/2020:23:02:55 +0200\] "POST /wp-login.php HTTP/1.0" 200 6390 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 51.91.105.6 - - \[12/Aug/2020:23:02:56 +0200\] "POST /wp-login.php HTTP/1.0" 200 6359 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 51.91.105.6 - - \[12/Aug/2020:23:02:56 +0200\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2020-08-13 06:11:44
61.178.58.15	attackbotsspam	Email rejected due to spam filtering	2020-08-13 06:07:12
112.85.42.104	attackbots	Aug 13 00:10:11 vps sshd[960942]: Failed password for root from 112.85.42.104 port 26124 ssh2 Aug 13 00:10:14 vps sshd[960942]: Failed password for root from 112.85.42.104 port 26124 ssh2 Aug 13 00:10:16 vps sshd[961934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.104 user=root Aug 13 00:10:18 vps sshd[961934]: Failed password for root from 112.85.42.104 port 12588 ssh2 Aug 13 00:10:21 vps sshd[961934]: Failed password for root from 112.85.42.104 port 12588 ssh2 ...	2020-08-13 06:17:14
194.87.139.75	attackbotsspam	Unauthorised access (Aug 13) SRC=194.87.139.75 LEN=40 TOS=0x10 PREC=0x40 TTL=56 ID=61725 TCP DPT=8080 WINDOW=34987 SYN Unauthorised access (Aug 12) SRC=194.87.139.75 LEN=40 TOS=0x10 PREC=0x40 TTL=56 ID=46691 TCP DPT=8080 WINDOW=16739 SYN Unauthorised access (Aug 11) SRC=194.87.139.75 LEN=40 TOS=0x10 PREC=0x40 TTL=56 ID=65425 TCP DPT=8080 WINDOW=34987 SYN	2020-08-13 05:51:31
141.98.9.137	attack	2020-08-12T09:04:11.433208correo.[domain] sshd[21669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.137 2020-08-12T09:04:11.425704correo.[domain] sshd[21669]: Invalid user support from 141.98.9.137 port 47500 2020-08-12T09:04:13.926599correo.[domain] sshd[21669]: Failed password for invalid user support from 141.98.9.137 port 47500 ssh2 ...	2020-08-13 06:19:33
49.232.162.53	attackbots	Aug 12 23:40:38 fhem-rasp sshd[18383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.162.53 user=root Aug 12 23:40:40 fhem-rasp sshd[18383]: Failed password for root from 49.232.162.53 port 51904 ssh2 ...	2020-08-13 06:05:29
42.117.178.89	attackspambots	Port probing on unauthorized port 23	2020-08-13 05:56:00
218.92.0.148	attackbotsspam	Aug 13 00:11:38 vps647732 sshd[7089]: Failed password for root from 218.92.0.148 port 26856 ssh2 ...	2020-08-13 06:12:30
106.12.209.57	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-08-13 06:06:54

Recently Reported IPs

123.23.171.134	87.117.9.245	224.148.92.14	23.108.216.242
83.102.135.203	109.197.194.34	128.9.63.139	27.3.193.120
198.55.103.210	188.165.231.68	147.210.25.46	185.243.12.60
193.189.200.253	154.2.55.93	60.77.43.242	33.139.135.92
131.113.34.100	94.119.182.89	5.101.107.190	83.110.213.216