162.243.139.158

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	(sshd) Failed SSH login from 162.243.139.158 (US/United States/zg-0428c-365.stretchoid.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 21 14:00:31 ubnt-55d23 sshd[16186]: Did not receive identification string from 162.243.139.158 port 59524 May 21 14:04:16 ubnt-55d23 sshd[17100]: Did not receive identification string from 162.243.139.158 port 54308	2020-05-21 20:08:58
attackspam	May 13 12:35:56 IngegnereFirenze sshd[3594]: Did not receive identification string from 162.243.139.158 port 50958 ...	2020-05-14 00:28:45

Type

Details

Datetime

attackspam

(sshd) Failed SSH login from 162.243.139.158 (US/United States/zg-0428c-365.stretchoid.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 21 14:00:31 ubnt-55d23 sshd[16186]: Did not receive identification string from 162.243.139.158 port 59524
May 21 14:04:16 ubnt-55d23 sshd[17100]: Did not receive identification string from 162.243.139.158 port 54308

2020-05-21 20:08:58

attackspam

May 13 12:35:56 IngegnereFirenze sshd[3594]: Did not receive identification string from 162.243.139.158 port 50958
...

2020-05-14 00:28:45

Comments on same subnet:

IP	Type	Details	Datetime
162.243.139.21	proxy	VPN fraud	2023-02-24 13:44:38
162.243.139.19	proxy	VPN	2023-01-23 14:02:03
162.243.139.98	attack	[Fri Jun 12 03:31:39 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-16 21:22:30
162.243.139.167	attack	[Sun Jun 14 03:12:01 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-16 20:56:22
162.243.139.150	attack	[Wed Jun 17 15:34:21 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-16 20:29:09
162.243.139.246	attack	[Wed Jun 17 21:52:27 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-16 20:26:41
162.243.139.98	attackspam	[Fri Jun 12 03:31:41 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-13 03:31:45
162.243.139.167	attackspambots	[Sun Jun 14 03:12:03 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-13 03:17:58
162.243.139.150	attackbotsspam	[Wed Jun 17 15:34:23 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-13 03:02:20
162.243.139.246	attackspam	[Wed Jun 17 21:52:29 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-13 03:00:05
162.243.139.196	attack	[Fri May 22 02:56:34 2020] - DDoS Attack From IP: 162.243.139.196 Port: 39583	2020-07-09 03:49:00
162.243.139.226	attackspam	[Mon May 25 12:06:40 2020] - DDoS Attack From IP: 162.243.139.226 Port: 59688	2020-07-09 03:24:42
162.243.139.40	attackspam	[Thu May 28 02:37:02 2020] - DDoS Attack From IP: 162.243.139.40 Port: 48945	2020-07-09 03:18:45
162.243.139.241	attackbotsspam	[Thu May 28 12:09:43 2020] - DDoS Attack From IP: 162.243.139.241 Port: 46028	2020-07-09 03:12:30
162.243.139.141	attackbots	[Fri May 29 12:54:48 2020] - DDoS Attack From IP: 162.243.139.141 Port: 55461	2020-07-09 02:53:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.139.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46031
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.139.158.		IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051300 1800 900 604800 86400

;; Query time: 47 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 14 00:28:40 CST 2020
;; MSG SIZE  rcvd: 119

Host info

158.139.243.162.in-addr.arpa domain name pointer zg-0428c-365.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
158.139.243.162.in-addr.arpa	name = zg-0428c-365.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.197.180.16	attackbotsspam	Aug 29 23:36:13 MK-Soft-VM5 sshd\[32477\]: Invalid user test from 138.197.180.16 port 58950 Aug 29 23:36:13 MK-Soft-VM5 sshd\[32477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.16 Aug 29 23:36:15 MK-Soft-VM5 sshd\[32477\]: Failed password for invalid user test from 138.197.180.16 port 58950 ssh2 ...	2019-08-30 07:55:28
40.76.85.130	attackbots	Aug 29 22:19:07 mx-in-01 sshd[17428]: Did not receive identification string from 40.76.85.130 port 47322 Aug 29 22:21:07 mx-in-01 sshd[17475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.76.85.130 user=r.r Aug 29 22:21:09 mx-in-01 sshd[17475]: Failed password for r.r from 40.76.85.130 port 51946 ssh2 Aug 29 22:21:09 mx-in-01 sshd[17475]: Received disconnect from 40.76.85.130 port 51946:11: Normal Shutdown, Thank you for playing [preauth] Aug 29 22:21:09 mx-in-01 sshd[17475]: Disconnected from 40.76.85.130 port 51946 [preauth] Aug 29 22:23:23 mx-in-01 sshd[17518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.76.85.130 user=r.r Aug 29 22:23:25 mx-in-01 sshd[17518]: Failed password for r.r from 40.76.85.130 port 56270 ssh2 Aug 29 22:23:25 mx-in-01 sshd[17518]: Received disconnect from 40.76.85.130 port 56270:11: Normal Shutdown, Thank you for playing [preauth] Aug 29 22:23:25 mx-........ -------------------------------	2019-08-30 07:52:16
23.129.64.170	attackspam	Automated report - ssh fail2ban: Aug 30 01:15:56 wrong password, user=root, port=35256, ssh2 Aug 30 01:16:00 wrong password, user=root, port=35256, ssh2 Aug 30 01:16:04 wrong password, user=root, port=35256, ssh2 Aug 30 01:16:07 wrong password, user=root, port=35256, ssh2	2019-08-30 07:34:03
159.65.171.113	attackbots	Aug 29 18:09:03 aat-srv002 sshd[30226]: Failed password for invalid user icinga from 159.65.171.113 port 52912 ssh2 Aug 29 18:24:58 aat-srv002 sshd[30835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.171.113 Aug 29 18:25:00 aat-srv002 sshd[30835]: Failed password for invalid user pankaj from 159.65.171.113 port 36482 ssh2 Aug 29 18:29:00 aat-srv002 sshd[31005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.171.113 ...	2019-08-30 07:51:30
158.69.110.31	attackspam	ssh failed login	2019-08-30 07:50:40
45.40.198.41	attack	Aug 29 16:39:08 vps200512 sshd\[931\]: Invalid user hall from 45.40.198.41 Aug 29 16:39:08 vps200512 sshd\[931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.198.41 Aug 29 16:39:10 vps200512 sshd\[931\]: Failed password for invalid user hall from 45.40.198.41 port 50110 ssh2 Aug 29 16:43:52 vps200512 sshd\[1072\]: Invalid user plcmspip from 45.40.198.41 Aug 29 16:43:52 vps200512 sshd\[1072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.40.198.41	2019-08-30 08:09:30
149.56.20.183	attackbotsspam	Invalid user xing from 149.56.20.183 port 53568	2019-08-30 08:10:49
188.131.205.85	attack	...	2019-08-30 08:01:20
52.82.72.132	attackbots	B: f2b 404 5x	2019-08-30 07:55:08
202.131.152.2	attack	Aug 30 00:15:21 debian sshd\[26857\]: Invalid user gpadmin from 202.131.152.2 port 39600 Aug 30 00:15:21 debian sshd\[26857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.152.2 ...	2019-08-30 07:32:24
223.223.148.214	attack	Aug 29 22:25:12 * sshd[6152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.223.148.214 Aug 29 22:25:13 * sshd[6152]: Failed password for invalid user user1 from 223.223.148.214 port 13441 ssh2	2019-08-30 08:04:25
34.73.39.215	attack	Aug 29 13:40:50 eddieflores sshd\[11853\]: Invalid user uu from 34.73.39.215 Aug 29 13:40:50 eddieflores sshd\[11853\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.39.73.34.bc.googleusercontent.com Aug 29 13:40:52 eddieflores sshd\[11853\]: Failed password for invalid user uu from 34.73.39.215 port 41408 ssh2 Aug 29 13:44:49 eddieflores sshd\[12175\]: Invalid user test from 34.73.39.215 Aug 29 13:44:49 eddieflores sshd\[12175\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.39.73.34.bc.googleusercontent.com	2019-08-30 07:53:45
51.38.49.140	attack	Aug 30 01:26:22 SilenceServices sshd[7987]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.49.140 Aug 30 01:26:24 SilenceServices sshd[7987]: Failed password for invalid user schuler from 51.38.49.140 port 40364 ssh2 Aug 30 01:30:16 SilenceServices sshd[9523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.49.140	2019-08-30 07:33:06
51.75.32.141	attackspam	Aug 29 19:27:12 ny01 sshd[10235]: Failed password for root from 51.75.32.141 port 38788 ssh2 Aug 29 19:31:30 ny01 sshd[11061]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.32.141 Aug 29 19:31:32 ny01 sshd[11061]: Failed password for invalid user db2fenc1 from 51.75.32.141 port 56208 ssh2	2019-08-30 07:31:52
143.137.5.21	attackbots	failed_logins	2019-08-30 07:39:51

Recently Reported IPs

187.115.154.65	210.219.86.86	67.26.115.254	2603:300a:21bc:2800::d909
186.3.131.100	185.130.206.137	50.67.20.192	175.140.87.85
153.127.45.33	95.31.245.93	149.129.225.229	103.217.156.168
103.207.36.177	101.142.17.227	113.173.254.64	115.58.199.230
113.163.179.3	27.72.101.134	116.55.117.204	222.252.50.237