162.243.140.138

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	TCP (SYN) 162.243.140.138:48941 -> port 25, len 40	2020-05-25 07:02:15

Comments on same subnet:

IP	Type	Details	Datetime
162.243.140.31	proxy	VPN fraud	2023-03-06 14:00:29
162.243.140.36	attack	[Wed Jun 10 08:33:18 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644	2020-07-16 21:44:24
162.243.140.74	attackspam	[Mon Jun 15 13:36:05 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847	2020-07-16 20:42:02
162.243.140.36	attackbotsspam	[Wed Jun 10 08:33:20 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644	2020-07-13 03:47:13
162.243.140.74	attackspam	[Mon Jun 15 13:36:07 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847	2020-07-13 03:08:26
162.243.140.140	attackspam	[Fri May 29 21:25:53 2020] - DDoS Attack From IP: 162.243.140.140 Port: 33267	2020-07-09 02:41:33
162.243.140.36	attackbots	[Wed Jun 10 08:33:23 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644	2020-07-08 23:33:28
162.243.140.74	attack	[Mon Jun 15 13:36:10 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847	2020-07-08 22:44:31
162.243.140.51	attackbots	trying to access non-authorized port	2020-06-22 18:51:24
162.243.140.90	attack	7474/tcp 143/tcp 9002/tcp... [2020-05-02/06-22]44pkt,39pt.(tcp),1pt.(udp)	2020-06-22 18:48:50
162.243.140.36	attackbots	scans once in preceeding hours on the ports (in chronological order) 6379 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:49:19
162.243.140.118	attack	scans once in preceeding hours on the ports (in chronological order) 26446 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:48:47
162.243.140.216	attack	Port scan: Attack repeated for 24 hours	2020-06-21 20:48:26
162.243.140.84	attackspam	Port scan: Attack repeated for 24 hours	2020-06-17 03:18:37
162.243.140.87	attack	firewall-block, port(s): 5986/tcp	2020-06-14 21:43:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.140.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4897
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.140.138.		IN	A

;; AUTHORITY SECTION:
.			522	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052401 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 25 07:02:11 CST 2020
;; MSG SIZE  rcvd: 119

Host info

138.140.243.162.in-addr.arpa domain name pointer zg-0428c-428.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
138.140.243.162.in-addr.arpa	name = zg-0428c-428.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
95.178.156.196	attack	Telnetd brute force attack detected by fail2ban	2019-08-07 12:50:56
51.77.150.235	attackspambots	Aug 6 21:37:26 *** sshd[26395]: Invalid user tg from 51.77.150.235	2019-08-07 12:39:23
81.22.45.212	attack	Aug 7 06:12:55 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.212 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=49323 PROTO=TCP SPT=51888 DPT=10114 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-07 12:47:14
37.202.76.89	attack	23/tcp [2019-08-06]1pkt	2019-08-07 11:42:19
124.74.248.218	attackbotsspam	Automatic report - Banned IP Access	2019-08-07 12:44:23
105.73.80.194	attack	Aug 6 23:37:24 plex sshd[23754]: Invalid user magic from 105.73.80.194 port 15177	2019-08-07 12:42:06
90.173.252.82	attack	Aug 7 08:04:39 areeb-Workstation sshd\[20862\]: Invalid user jean from 90.173.252.82 Aug 7 08:04:39 areeb-Workstation sshd\[20862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=90.173.252.82 Aug 7 08:04:42 areeb-Workstation sshd\[20862\]: Failed password for invalid user jean from 90.173.252.82 port 43566 ssh2 ...	2019-08-07 12:49:44
110.247.74.77	attack	23/tcp [2019-08-06]1pkt	2019-08-07 11:43:52
81.22.45.100	attackspam	08/06/2019-21:27:13.191089 81.22.45.100 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-07 12:19:34
202.131.253.98	attackspambots	WordPress wp-login brute force :: 202.131.253.98 0.172 BYPASS [07/Aug/2019:14:43:46 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-07 12:45:42
68.173.45.11	attack	445/tcp 445/tcp 445/tcp [2019-08-06]3pkt	2019-08-07 11:56:13
58.87.122.184	attackspam	20 attempts against mh_ha-misbehave-ban on tree.magehost.pro	2019-08-07 12:41:01
189.90.27.163	attack	Aug 6 17:37:43 web1 postfix/smtpd[4731]: warning: ip-asfortal-27.163.fortalnet.com.br[189.90.27.163]: SASL PLAIN authentication failed: authentication failure ...	2019-08-07 12:32:15
106.255.222.195	attack	Sending SPAM email	2019-08-07 11:44:19
185.220.101.25	attack	Aug 7 02:31:10 MK-Soft-VM5 sshd\[13700\]: Invalid user administrator from 185.220.101.25 port 43593 Aug 7 02:31:10 MK-Soft-VM5 sshd\[13700\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.25 Aug 7 02:31:12 MK-Soft-VM5 sshd\[13700\]: Failed password for invalid user administrator from 185.220.101.25 port 43593 ssh2 ...	2019-08-07 11:42:49

Recently Reported IPs

166.122.54.66	223.53.117.213	155.7.209.252	37.238.136.74
188.27.211.240	72.141.154.2	81.195.1.195	220.3.134.111
194.127.178.52	201.1.161.98	101.149.127.197	63.80.131.228
191.138.233.143	77.247.108.42	73.161.157.96	87.67.149.215
213.142.156.21	109.85.217.106	193.23.3.19	89.66.70.35