City: unknown
Region: unknown
Country: United States of America
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspambots | 06/03/2020-06:02:27.033543 162.243.138.144 Protocol: 17 GPL SQL ping attempt |
2020-06-03 18:32:45 |
| attackspam | Automatic report - Port Scan Attack |
2020-05-07 03:25:09 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 162.243.138.127 | attackspambots | [Sun Jun 14 20:12:07 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439 |
2020-07-16 20:51:56 |
| 162.243.138.112 | attackbotsspam | Jun 15 02:19:24 mail postfix/postscreen[14056]: DNSBL rank 4 for [162.243.138.112]:51696 ... |
2020-07-14 13:10:42 |
| 162.243.138.127 | attack | [Sun Jun 14 20:12:09 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439 |
2020-07-13 03:14:52 |
| 162.243.138.96 | attackbots | [Sat May 23 01:11:21 2020] - DDoS Attack From IP: 162.243.138.96 Port: 38759 |
2020-07-09 03:41:31 |
| 162.243.138.122 | attackbots | [Sun May 24 09:17:21 2020] - DDoS Attack From IP: 162.243.138.122 Port: 43561 |
2020-07-09 03:34:09 |
| 162.243.138.189 | attackspambots | Unauthorized connection attempt detected from IP address 162.243.138.189 to port 465 |
2020-06-22 07:28:19 |
| 162.243.138.177 | attack | ZGrab Application Layer Scanner Detection |
2020-06-21 22:07:50 |
| 162.243.138.15 | attackspambots | scans once in preceeding hours on the ports (in chronological order) 8083 resulting in total of 51 scans from 162.243.0.0/16 block. |
2020-06-21 20:57:05 |
| 162.243.138.18 | attackbots | 9200/tcp 1337/tcp 8118/tcp... [2020-05-02/06-21]44pkt,32pt.(tcp),5pt.(udp) |
2020-06-21 20:56:33 |
| 162.243.138.54 | attackspam | scans once in preceeding hours on the ports (in chronological order) 3011 resulting in total of 51 scans from 162.243.0.0/16 block. |
2020-06-21 20:56:01 |
| 162.243.138.56 | attack | 33930/tcp 9300/tcp 28015/tcp... [2020-05-03/06-21]41pkt,34pt.(tcp) |
2020-06-21 20:55:09 |
| 162.243.138.70 | attackbots | scans once in preceeding hours on the ports (in chronological order) 3391 resulting in total of 51 scans from 162.243.0.0/16 block. |
2020-06-21 20:54:43 |
| 162.243.138.108 | attackbots | scans once in preceeding hours on the ports (in chronological order) 8080 resulting in total of 51 scans from 162.243.0.0/16 block. |
2020-06-21 20:54:24 |
| 162.243.138.182 | attackbotsspam | Port scan: Attack repeated for 24 hours |
2020-06-21 20:54:11 |
| 162.243.138.34 | attackspambots | firewall-block, port(s): 2379/tcp |
2020-06-21 02:45:54 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.138.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30630
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.138.144. IN A
;; AUTHORITY SECTION:
. 444 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020050601 1800 900 604800 86400
;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 03:25:05 CST 2020
;; MSG SIZE rcvd: 119144.138.243.162.in-addr.arpa domain name pointer zg-0428c-266.stretchoid.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
144.138.243.162.in-addr.arpa name = zg-0428c-266.stretchoid.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 222.122.60.110 | attack | Invalid user kelly from 222.122.60.110 port 54684 |
2020-04-28 03:44:25 |
| 93.174.95.106 | attackbotsspam | Apr 27 20:50:03 debian-2gb-nbg1-2 kernel: \[10272333.503975\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=93.174.95.106 DST=195.201.40.59 LEN=44 TOS=0x10 PREC=0x00 TTL=120 ID=45065 PROTO=TCP SPT=31236 DPT=54138 WINDOW=63558 RES=0x00 SYN URGP=0 |
2020-04-28 03:33:17 |
| 202.158.62.240 | attackspam | Apr 27 19:40:56 melroy-server sshd[5940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.158.62.240 Apr 27 19:40:58 melroy-server sshd[5940]: Failed password for invalid user cos from 202.158.62.240 port 58198 ssh2 ... |
2020-04-28 04:08:45 |
| 123.127.222.126 | attackbots | port scan and connect, tcp 1433 (ms-sql-s) |
2020-04-28 03:56:05 |
| 82.99.206.18 | attack | Apr 27 14:38:01 s158375 sshd[4216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.99.206.18 |
2020-04-28 04:09:38 |
| 138.117.76.219 | attackbots | Invalid user lucas from 138.117.76.219 port 40068 |
2020-04-28 03:49:11 |
| 43.240.247.234 | attackspam | 5x Failed Password |
2020-04-28 03:52:17 |
| 149.56.100.237 | attack | Apr 27 13:25:23 IngegnereFirenze sshd[2186]: Failed password for invalid user test from 149.56.100.237 port 50622 ssh2 ... |
2020-04-28 03:46:40 |
| 171.244.140.174 | attackspam | sshd |
2020-04-28 03:31:11 |
| 103.40.25.203 | attackspam | (sshd) Failed SSH login from 103.40.25.203 (CN/China/-): 5 in the last 3600 secs |
2020-04-28 03:39:16 |
| 159.65.37.144 | attackbotsspam | Apr 27 11:18:47 NPSTNNYC01T sshd[1729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.37.144 Apr 27 11:18:49 NPSTNNYC01T sshd[1729]: Failed password for invalid user mits from 159.65.37.144 port 60022 ssh2 Apr 27 11:22:51 NPSTNNYC01T sshd[5840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.37.144 ... |
2020-04-28 03:29:56 |
| 66.102.6.10 | attackbotsspam | [Mon Apr 27 18:48:56.427777 2020] [:error] [pid 5592:tid 140574997767936] [client 66.102.6.10:63881] [client 66.102.6.10] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/2787-kalender-tanam-katam-terpadu-pulau-sulawesi/kalender-tanam-katam-terpadu-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-kabupaten-mamasa-provinsi-sulawesi-barat/kalender-tanam-katam-terpadu-ke ... |
2020-04-28 03:48:25 |
| 54.38.185.131 | attackbots | Invalid user ew from 54.38.185.131 port 44104 |
2020-04-28 03:38:36 |
| 123.206.81.59 | attackbots | Invalid user ts from 123.206.81.59 port 46530 |
2020-04-28 04:01:32 |
| 180.166.141.58 | attack | [MK-VM6] Blocked by UFW |
2020-04-28 04:01:08 |