162.243.138.54

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	scans once in preceeding hours on the ports (in chronological order) 3011 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:56:01
attack	scans once in preceeding hours on the ports (in chronological order) 2404 resulting in total of 34 scans from 162.243.0.0/16 block.	2020-06-07 03:11:11

Type

Details

Datetime

attackspam

scans once in preceeding hours on the ports (in chronological order) 3011 resulting in total of 51 scans from 162.243.0.0/16 block.

2020-06-21 20:56:01

attack

scans once in preceeding hours on the ports (in chronological order) 2404 resulting in total of 34 scans from 162.243.0.0/16 block.

2020-06-07 03:11:11

Comments on same subnet:

IP	Type	Details	Datetime
162.243.138.127	attackspambots	[Sun Jun 14 20:12:07 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439	2020-07-16 20:51:56
162.243.138.112	attackbotsspam	Jun 15 02:19:24 mail postfix/postscreen[14056]: DNSBL rank 4 for [162.243.138.112]:51696 ...	2020-07-14 13:10:42
162.243.138.127	attack	[Sun Jun 14 20:12:09 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439	2020-07-13 03:14:52
162.243.138.96	attackbots	[Sat May 23 01:11:21 2020] - DDoS Attack From IP: 162.243.138.96 Port: 38759	2020-07-09 03:41:31
162.243.138.122	attackbots	[Sun May 24 09:17:21 2020] - DDoS Attack From IP: 162.243.138.122 Port: 43561	2020-07-09 03:34:09
162.243.138.189	attackspambots	Unauthorized connection attempt detected from IP address 162.243.138.189 to port 465	2020-06-22 07:28:19
162.243.138.177	attack	ZGrab Application Layer Scanner Detection	2020-06-21 22:07:50
162.243.138.15	attackspambots	scans once in preceeding hours on the ports (in chronological order) 8083 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:57:05
162.243.138.18	attackbots	9200/tcp 1337/tcp 8118/tcp... [2020-05-02/06-21]44pkt,32pt.(tcp),5pt.(udp)	2020-06-21 20:56:33
162.243.138.56	attack	33930/tcp 9300/tcp 28015/tcp... [2020-05-03/06-21]41pkt,34pt.(tcp)	2020-06-21 20:55:09
162.243.138.70	attackbots	scans once in preceeding hours on the ports (in chronological order) 3391 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:54:43
162.243.138.108	attackbots	scans once in preceeding hours on the ports (in chronological order) 8080 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:54:24
162.243.138.182	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-06-21 20:54:11
162.243.138.34	attackspambots	firewall-block, port(s): 2379/tcp	2020-06-21 02:45:54
162.243.138.163	attackspambots	Port scan: Attack repeated for 24 hours	2020-06-21 02:43:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.138.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18641
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.138.54.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060601 1800 900 604800 86400

;; Query time: 287 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 07 03:11:08 CST 2020
;; MSG SIZE  rcvd: 118

Host info

54.138.243.162.in-addr.arpa domain name pointer zg-0428c-231.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.138.243.162.in-addr.arpa	name = zg-0428c-231.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.15.18	attack	Jul 9 10:33:41 ny01 sshd[11806]: Failed password for root from 222.186.15.18 port 47903 ssh2 Jul 9 10:35:05 ny01 sshd[11962]: Failed password for root from 222.186.15.18 port 47990 ssh2	2020-07-09 22:41:26
51.91.247.125	attackbotsspam	TCP (SYN) 51.91.247.125:35271 -> port 25, len 40	2020-07-09 22:48:51
51.83.134.233	attack	Failed password for invalid user ftp_leshan from 51.83.134.233 port 35928 ssh2	2020-07-09 22:57:27
213.230.67.48	attack	Jul 9 14:07:44 smtp postfix/smtpd[65739]: NOQUEUE: reject: RCPT from unknown[213.230.67.48]: 554 5.7.1 Service unavailable; Client host [213.230.67.48] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?213.230.67.48; from= to= proto=ESMTP helo=<[213.230.67.48]> ...	2020-07-09 22:55:31
5.88.84.13	attackspambots	postfix (unknown user, SPF fail or relay access denied)	2020-07-09 22:51:40
54.37.159.12	attackspambots	Jul 9 20:52:40 webhost01 sshd[4952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.159.12 Jul 9 20:52:42 webhost01 sshd[4952]: Failed password for invalid user shenhao from 54.37.159.12 port 36302 ssh2 ...	2020-07-09 22:50:06
134.209.197.218	attackbots	Jul 9 16:45:32 xeon sshd[13916]: Failed password for invalid user songlin from 134.209.197.218 port 11458 ssh2	2020-07-09 23:04:12
83.48.29.116	attack	Jul 9 12:07:29 ip-172-31-61-156 sshd[30555]: Invalid user zhima from 83.48.29.116 Jul 9 12:07:30 ip-172-31-61-156 sshd[30555]: Failed password for invalid user zhima from 83.48.29.116 port 11390 ssh2 Jul 9 12:07:29 ip-172-31-61-156 sshd[30555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.48.29.116 Jul 9 12:07:29 ip-172-31-61-156 sshd[30555]: Invalid user zhima from 83.48.29.116 Jul 9 12:07:30 ip-172-31-61-156 sshd[30555]: Failed password for invalid user zhima from 83.48.29.116 port 11390 ssh2 ...	2020-07-09 23:08:42
93.51.29.92	attackbotsspam	5x Failed Password	2020-07-09 22:46:14
37.6.166.164	attackbots	postfix (unknown user, SPF fail or relay access denied)	2020-07-09 23:05:06
125.124.43.25	attackspam	2020-07-09T13:59:44.600486mail.csmailer.org sshd[32162]: Invalid user sergio from 125.124.43.25 port 43507 2020-07-09T13:59:44.604549mail.csmailer.org sshd[32162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.124.43.25 2020-07-09T13:59:44.600486mail.csmailer.org sshd[32162]: Invalid user sergio from 125.124.43.25 port 43507 2020-07-09T13:59:46.647090mail.csmailer.org sshd[32162]: Failed password for invalid user sergio from 125.124.43.25 port 43507 ssh2 2020-07-09T14:03:27.406810mail.csmailer.org sshd[32437]: Invalid user node from 125.124.43.25 port 59291 ...	2020-07-09 22:47:50
51.91.123.235	attack	51.91.123.235 - - [09/Jul/2020:14:43:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1948 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.91.123.235 - - [09/Jul/2020:14:43:37 +0100] "POST /wp-login.php HTTP/1.1" 200 1890 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.91.123.235 - - [09/Jul/2020:14:43:38 +0100] "POST /wp-login.php HTTP/1.1" 200 1926 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-09 22:26:18
192.144.239.96	attack	Jul 9 14:25:30 vps sshd[136305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.239.96 Jul 9 14:25:32 vps sshd[136305]: Failed password for invalid user john from 192.144.239.96 port 56222 ssh2 Jul 9 14:29:22 vps sshd[151533]: Invalid user user from 192.144.239.96 port 52246 Jul 9 14:29:22 vps sshd[151533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.144.239.96 Jul 9 14:29:24 vps sshd[151533]: Failed password for invalid user user from 192.144.239.96 port 52246 ssh2 ...	2020-07-09 23:09:27
132.232.37.228	attackbotsspam	21 attempts against mh-ssh on pluto	2020-07-09 22:31:11
139.226.34.37	attack	Jul 8 22:03:39 ns4 sshd[18440]: Invalid user fedul from 139.226.34.37 Jul 8 22:03:39 ns4 sshd[18440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.226.34.37 Jul 8 22:03:41 ns4 sshd[18440]: Failed password for invalid user fedul from 139.226.34.37 port 11681 ssh2 Jul 8 22:17:06 ns4 sshd[20389]: Invalid user zumlot from 139.226.34.37 Jul 8 22:17:06 ns4 sshd[20389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.226.34.37 Jul 8 22:17:08 ns4 sshd[20389]: Failed password for invalid user zumlot from 139.226.34.37 port 60323 ssh2 Jul 8 22:19:50 ns4 sshd[21006]: Invalid user bernard from 139.226.34.37 Jul 8 22:19:50 ns4 sshd[21006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.226.34.37 Jul 8 22:19:52 ns4 sshd[21006]: Failed password for invalid user bernard from 139.226.34.37 port 39266 ssh2 ........ ----------------------------------------------- https://www.block	2020-07-09 22:28:55

Recently Reported IPs

239.201.0.89	243.227.36.113	106.92.67.204	230.183.175.64
34.188.144.253	149.74.150.13	31.64.249.94	132.84.78.135
229.219.132.100	59.4.78.92	0.205.96.9	224.170.139.138
46.235.49.80	218.103.155.211	41.140.80.173	183.80.25.250
109.38.143.51	178.62.37.215	101.32.1.249	46.128.92.113