162.243.139.153

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	TCP (SYN) 162.243.139.153:51124 -> port 587, len 44	2020-06-11 06:56:52

Comments on same subnet:

IP	Type	Details	Datetime
162.243.139.21	proxy	VPN fraud	2023-02-24 13:44:38
162.243.139.19	proxy	VPN	2023-01-23 14:02:03
162.243.139.98	attack	[Fri Jun 12 03:31:39 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-16 21:22:30
162.243.139.167	attack	[Sun Jun 14 03:12:01 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-16 20:56:22
162.243.139.150	attack	[Wed Jun 17 15:34:21 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-16 20:29:09
162.243.139.246	attack	[Wed Jun 17 21:52:27 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-16 20:26:41
162.243.139.98	attackspam	[Fri Jun 12 03:31:41 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-13 03:31:45
162.243.139.167	attackspambots	[Sun Jun 14 03:12:03 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-13 03:17:58
162.243.139.150	attackbotsspam	[Wed Jun 17 15:34:23 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-13 03:02:20
162.243.139.246	attackspam	[Wed Jun 17 21:52:29 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-13 03:00:05
162.243.139.196	attack	[Fri May 22 02:56:34 2020] - DDoS Attack From IP: 162.243.139.196 Port: 39583	2020-07-09 03:49:00
162.243.139.226	attackspam	[Mon May 25 12:06:40 2020] - DDoS Attack From IP: 162.243.139.226 Port: 59688	2020-07-09 03:24:42
162.243.139.40	attackspam	[Thu May 28 02:37:02 2020] - DDoS Attack From IP: 162.243.139.40 Port: 48945	2020-07-09 03:18:45
162.243.139.241	attackbotsspam	[Thu May 28 12:09:43 2020] - DDoS Attack From IP: 162.243.139.241 Port: 46028	2020-07-09 03:12:30
162.243.139.141	attackbots	[Fri May 29 12:54:48 2020] - DDoS Attack From IP: 162.243.139.141 Port: 55461	2020-07-09 02:53:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.139.153
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56173
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.139.153.		IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061001 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 11 06:56:49 CST 2020
;; MSG SIZE  rcvd: 119

Host info

153.139.243.162.in-addr.arpa domain name pointer zg-0428c-364.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
153.139.243.162.in-addr.arpa	name = zg-0428c-364.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.30.167	attackspam	2020-07-15T14:24:29.470149vps751288.ovh.net sshd\[9322\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root 2020-07-15T14:24:31.234250vps751288.ovh.net sshd\[9322\]: Failed password for root from 222.186.30.167 port 34992 ssh2 2020-07-15T14:24:33.211661vps751288.ovh.net sshd\[9322\]: Failed password for root from 222.186.30.167 port 34992 ssh2 2020-07-15T14:24:35.796349vps751288.ovh.net sshd\[9322\]: Failed password for root from 222.186.30.167 port 34992 ssh2 2020-07-15T14:24:43.487062vps751288.ovh.net sshd\[9326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root	2020-07-15 20:32:20
47.52.239.42	attack	47.52.239.42 - - \[15/Jul/2020:13:40:02 +0200\] "POST /wp-login.php HTTP/1.0" 200 6400 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 47.52.239.42 - - \[15/Jul/2020:13:40:05 +0200\] "POST /wp-login.php HTTP/1.0" 200 6412 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 47.52.239.42 - - \[15/Jul/2020:13:40:08 +0200\] "POST /wp-login.php HTTP/1.0" 200 6404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-15 20:30:52
45.95.168.94	attack	Jul 15 19:23:46 webhost01 sshd[8108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.95.168.94 Jul 15 19:23:48 webhost01 sshd[8108]: Failed password for invalid user harrison from 45.95.168.94 port 38506 ssh2 ...	2020-07-15 20:26:04
212.64.16.31	attack	Jul 15 13:15:15 nextcloud sshd\[29039\]: Invalid user adam from 212.64.16.31 Jul 15 13:15:15 nextcloud sshd\[29039\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.16.31 Jul 15 13:15:17 nextcloud sshd\[29039\]: Failed password for invalid user adam from 212.64.16.31 port 48736 ssh2	2020-07-15 20:55:59
148.70.129.112	attack	Invalid user admin from 148.70.129.112 port 26116	2020-07-15 21:01:47
123.176.34.115	attackspam	Brute forcing RDP port 3389	2020-07-15 20:28:25
183.83.145.48	attackspam	1594808582 - 07/15/2020 12:23:02 Host: 183.83.145.48/183.83.145.48 Port: 445 TCP Blocked	2020-07-15 20:53:01
94.230.208.147	attack	(mod_security) mod_security (id:218420) triggered by 94.230.208.147 (CH/Switzerland/tor3e1.digitale-gesellschaft.ch): 5 in the last 3600 secs	2020-07-15 20:24:05
185.143.73.203	attack	Jul 15 13:21:17 blackbee postfix/smtpd[9986]: warning: unknown[185.143.73.203]: SASL LOGIN authentication failed: authentication failure Jul 15 13:21:41 blackbee postfix/smtpd[9986]: warning: unknown[185.143.73.203]: SASL LOGIN authentication failed: authentication failure Jul 15 13:22:03 blackbee postfix/smtpd[10205]: warning: unknown[185.143.73.203]: SASL LOGIN authentication failed: authentication failure Jul 15 13:22:27 blackbee postfix/smtpd[10226]: warning: unknown[185.143.73.203]: SASL LOGIN authentication failed: authentication failure Jul 15 13:22:49 blackbee postfix/smtpd[10226]: warning: unknown[185.143.73.203]: SASL LOGIN authentication failed: authentication failure ...	2020-07-15 20:43:07
212.70.149.82	attack	Jul 15 14:28:36 heicom postfix/smtpd\[20678\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: authentication failure Jul 15 14:29:04 heicom postfix/smtpd\[20927\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: authentication failure Jul 15 14:29:32 heicom postfix/smtpd\[20962\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: authentication failure Jul 15 14:29:59 heicom postfix/smtpd\[20678\]: warning: unknown\[212.70.149.82\]: SASL LOGIN authentication failed: authentication failure ...	2020-07-15 20:34:05
128.1.91.204	attackspambots	Unwanted checking 80 or 443 port ...	2020-07-15 20:58:14
37.187.0.20	attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-07-15 20:57:17
14.137.221.49	attackbotsspam	Honeypot attack, port: 81, PTR: 14-137-221-49.sta.dodo.net.au.	2020-07-15 21:02:31
118.71.190.9	attackbotsspam	Unauthorized connection attempt from IP address 118.71.190.9 on Port 445(SMB)	2020-07-15 20:27:35
212.253.93.120	attackbotsspam	Unauthorized connection attempt from IP address 212.253.93.120 on Port 445(SMB)	2020-07-15 21:01:11

Recently Reported IPs

250.150.127.80	78.210.158.175	44.199.108.111	160.91.247.162
98.18.86.3	109.251.173.1	114.27.205.144	163.172.7.97
5.248.87.160	101.177.221.223	23.108.197.40	84.55.99.183
18.234.169.53	189.23.47.242	134.48.140.181	82.50.26.177
83.28.153.53	91.164.206.48	197.121.106.144	196.231.190.83