162.243.138.212

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	IP 162.243.138.212 attacked honeypot on port: 9042 at 6/11/2020 11:27:15 PM	2020-06-12 07:38:52

Comments on same subnet:

IP	Type	Details	Datetime
162.243.138.127	attackspambots	[Sun Jun 14 20:12:07 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439	2020-07-16 20:51:56
162.243.138.112	attackbotsspam	Jun 15 02:19:24 mail postfix/postscreen[14056]: DNSBL rank 4 for [162.243.138.112]:51696 ...	2020-07-14 13:10:42
162.243.138.127	attack	[Sun Jun 14 20:12:09 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439	2020-07-13 03:14:52
162.243.138.96	attackbots	[Sat May 23 01:11:21 2020] - DDoS Attack From IP: 162.243.138.96 Port: 38759	2020-07-09 03:41:31
162.243.138.122	attackbots	[Sun May 24 09:17:21 2020] - DDoS Attack From IP: 162.243.138.122 Port: 43561	2020-07-09 03:34:09
162.243.138.189	attackspambots	Unauthorized connection attempt detected from IP address 162.243.138.189 to port 465	2020-06-22 07:28:19
162.243.138.177	attack	ZGrab Application Layer Scanner Detection	2020-06-21 22:07:50
162.243.138.15	attackspambots	scans once in preceeding hours on the ports (in chronological order) 8083 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:57:05
162.243.138.18	attackbots	9200/tcp 1337/tcp 8118/tcp... [2020-05-02/06-21]44pkt,32pt.(tcp),5pt.(udp)	2020-06-21 20:56:33
162.243.138.54	attackspam	scans once in preceeding hours on the ports (in chronological order) 3011 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:56:01
162.243.138.56	attack	33930/tcp 9300/tcp 28015/tcp... [2020-05-03/06-21]41pkt,34pt.(tcp)	2020-06-21 20:55:09
162.243.138.70	attackbots	scans once in preceeding hours on the ports (in chronological order) 3391 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:54:43
162.243.138.108	attackbots	scans once in preceeding hours on the ports (in chronological order) 8080 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:54:24
162.243.138.182	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-06-21 20:54:11
162.243.138.34	attackspambots	firewall-block, port(s): 2379/tcp	2020-06-21 02:45:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.138.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3320
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.138.212.		IN	A

;; AUTHORITY SECTION:
.			206	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061102 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 12 07:38:47 CST 2020
;; MSG SIZE  rcvd: 119

Host info

212.138.243.162.in-addr.arpa domain name pointer zg-0428c-299.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
212.138.243.162.in-addr.arpa	name = zg-0428c-299.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.108.202	attack	Oct 24 23:58:09 dedicated sshd[23361]: Invalid user cjr7080 from 129.211.108.202 port 38788	2019-10-25 06:46:15
188.165.241.103	attack	Oct 24 23:52:37 vps647732 sshd[11143]: Failed password for root from 188.165.241.103 port 58700 ssh2 Oct 24 23:56:30 vps647732 sshd[11200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.165.241.103 ...	2019-10-25 06:36:47
118.25.108.198	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.108.198 user=root Failed password for root from 118.25.108.198 port 53066 ssh2 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.108.198 user=root Failed password for root from 118.25.108.198 port 34456 ssh2 Invalid user openelec from 118.25.108.198 port 43510	2019-10-25 07:06:58
198.199.83.59	attackbots	Oct 24 12:26:21 hanapaa sshd\[32270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.83.59 user=root Oct 24 12:26:22 hanapaa sshd\[32270\]: Failed password for root from 198.199.83.59 port 40360 ssh2 Oct 24 12:30:10 hanapaa sshd\[32563\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.83.59 user=root Oct 24 12:30:12 hanapaa sshd\[32563\]: Failed password for root from 198.199.83.59 port 60338 ssh2 Oct 24 12:34:11 hanapaa sshd\[594\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.199.83.59 user=root	2019-10-25 07:10:24
178.219.183.6	attack	Chat Spam	2019-10-25 06:46:48
85.93.20.84	attackbots	191024 17:03:22 \[Warning\] Access denied for user 'root'@'85.93.20.84' \(using password: YES\) 191024 17:30:07 \[Warning\] Access denied for user 'root'@'85.93.20.84' \(using password: YES\) 191024 17:32:41 \[Warning\] Access denied for user 'root'@'85.93.20.84' \(using password: YES\) ...	2019-10-25 07:05:39
112.64.34.165	attackspambots	Oct 24 17:26:45 Tower sshd[20654]: Connection from 112.64.34.165 port 42489 on 192.168.10.220 port 22 Oct 24 17:26:47 Tower sshd[20654]: Invalid user angelo from 112.64.34.165 port 42489 Oct 24 17:26:47 Tower sshd[20654]: error: Could not get shadow information for NOUSER Oct 24 17:26:47 Tower sshd[20654]: Failed password for invalid user angelo from 112.64.34.165 port 42489 ssh2 Oct 24 17:26:47 Tower sshd[20654]: Received disconnect from 112.64.34.165 port 42489:11: Bye Bye [preauth] Oct 24 17:26:47 Tower sshd[20654]: Disconnected from invalid user angelo 112.64.34.165 port 42489 [preauth]	2019-10-25 06:48:56
202.122.23.70	attackbotsspam	Oct 24 20:14:03 thevastnessof sshd[4177]: Failed password for root from 202.122.23.70 port 24573 ssh2 ...	2019-10-25 06:42:28
139.99.121.6	attackbotsspam	139.99.121.6 - - \[24/Oct/2019:20:14:14 +0000\] "POST /wp-login.php HTTP/1.1" 200 4358 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 139.99.121.6 - - \[24/Oct/2019:20:14:15 +0000\] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-10-25 06:38:12
178.128.59.109	attackspambots	Automatic report - Banned IP Access	2019-10-25 06:58:03
5.189.181.29	attackbotsspam	Oct 24 10:25:43 web1 sshd\[17070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.189.181.29 user=root Oct 24 10:25:45 web1 sshd\[17070\]: Failed password for root from 5.189.181.29 port 47680 ssh2 Oct 24 10:29:34 web1 sshd\[17389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.189.181.29 user=root Oct 24 10:29:37 web1 sshd\[17389\]: Failed password for root from 5.189.181.29 port 57980 ssh2 Oct 24 10:33:38 web1 sshd\[17713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.189.181.29 user=root	2019-10-25 06:39:38
110.88.129.90	attackbots	" "	2019-10-25 06:53:08
66.108.165.215	attack	Oct 25 01:58:38 www sshd\[45480\]: Invalid user abigail from 66.108.165.215Oct 25 01:58:40 www sshd\[45480\]: Failed password for invalid user abigail from 66.108.165.215 port 60916 ssh2Oct 25 02:02:04 www sshd\[45502\]: Failed password for root from 66.108.165.215 port 43096 ssh2 ...	2019-10-25 07:09:29
118.126.65.207	attackbotsspam	Oct 24 22:25:39 OPSO sshd\[29522\]: Invalid user trackmania from 118.126.65.207 port 40626 Oct 24 22:25:39 OPSO sshd\[29522\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.65.207 Oct 24 22:25:42 OPSO sshd\[29522\]: Failed password for invalid user trackmania from 118.126.65.207 port 40626 ssh2 Oct 24 22:29:30 OPSO sshd\[29915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.65.207 user=root Oct 24 22:29:33 OPSO sshd\[29915\]: Failed password for root from 118.126.65.207 port 45798 ssh2	2019-10-25 06:41:32
138.68.53.163	attackbots	2019-10-25T00:14:15.994142scmdmz1 sshd\[26420\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.53.163 user=admin 2019-10-25T00:14:17.277932scmdmz1 sshd\[26420\]: Failed password for admin from 138.68.53.163 port 55034 ssh2 2019-10-25T00:17:40.822839scmdmz1 sshd\[26678\]: Invalid user art from 138.68.53.163 port 37124 ...	2019-10-25 06:35:12

Recently Reported IPs

116.24.65.215	144.172.73.40	20.137.2.74	40.85.17.24
45.95.168.126	97.15.50.93	197.135.4.15	196.138.156.11
184.88.99.252	77.145.241.178	216.64.46.48	226.102.237.165
118.25.49.56	173.223.79.89	122.119.67.221	67.95.182.223
175.14.190.143	235.82.178.20	79.127.175.33	241.213.44.64