City: San Francisco
Region: California
Country: United States
Internet Service Provider: DigitalOcean LLC
Hostname: unknown
Organization: DigitalOcean, LLC
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackspam | [Mon Jun 15 13:36:05 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847 |
2020-07-16 20:42:02 |
| attackspam | [Mon Jun 15 13:36:07 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847 |
2020-07-13 03:08:26 |
| attack | [Mon Jun 15 13:36:10 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847 |
2020-07-08 22:44:31 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 162.243.140.31 | proxy | VPN fraud |
2023-03-06 14:00:29 |
| 162.243.140.36 | attack | [Wed Jun 10 08:33:18 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644 |
2020-07-16 21:44:24 |
| 162.243.140.36 | attackbotsspam | [Wed Jun 10 08:33:20 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644 |
2020-07-13 03:47:13 |
| 162.243.140.140 | attackspam | [Fri May 29 21:25:53 2020] - DDoS Attack From IP: 162.243.140.140 Port: 33267 |
2020-07-09 02:41:33 |
| 162.243.140.36 | attackbots | [Wed Jun 10 08:33:23 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644 |
2020-07-08 23:33:28 |
| 162.243.140.51 | attackbots | trying to access non-authorized port |
2020-06-22 18:51:24 |
| 162.243.140.90 | attack | 7474/tcp 143/tcp 9002/tcp... [2020-05-02/06-22]44pkt,39pt.(tcp),1pt.(udp) |
2020-06-22 18:48:50 |
| 162.243.140.36 | attackbots | scans once in preceeding hours on the ports (in chronological order) 6379 resulting in total of 51 scans from 162.243.0.0/16 block. |
2020-06-21 20:49:19 |
| 162.243.140.118 | attack | scans once in preceeding hours on the ports (in chronological order) 26446 resulting in total of 51 scans from 162.243.0.0/16 block. |
2020-06-21 20:48:47 |
| 162.243.140.216 | attack | Port scan: Attack repeated for 24 hours |
2020-06-21 20:48:26 |
| 162.243.140.84 | attackspam | Port scan: Attack repeated for 24 hours |
2020-06-17 03:18:37 |
| 162.243.140.87 | attack | firewall-block, port(s): 5986/tcp |
2020-06-14 21:43:47 |
| 162.243.140.118 | attackbots |
|
2020-06-12 20:04:46 |
| 162.243.140.139 | attackbotsspam | Port scan: Attack repeated for 24 hours |
2020-06-08 07:49:29 |
| 162.243.140.191 | attackspam | scans once in preceeding hours on the ports (in chronological order) 11485 resulting in total of 34 scans from 162.243.0.0/16 block. |
2020-06-07 03:09:12 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.140.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5516
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.140.74. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019040300 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 03 19:01:42 +08 2019
;; MSG SIZE rcvd: 118
74.140.243.162.in-addr.arpa domain name pointer zg-0326a-32.stretchoid.com.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
74.140.243.162.in-addr.arpa name = zg-0326a-32.stretchoid.com.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 138.68.61.182 | attackspam | Mar 2 15:46:53 xxxxxxx7446550 sshd[25134]: Invalid user ubuntu from 138.68.61.182 Mar 2 15:46:53 xxxxxxx7446550 sshd[25134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.61.182 Mar 2 15:46:55 xxxxxxx7446550 sshd[25134]: Failed password for invalid user ubuntu from 138.68.61.182 port 35992 ssh2 Mar 2 15:46:55 xxxxxxx7446550 sshd[25135]: Received disconnect from 138.68.61.182: 11: Normal Shutdown Mar 2 15:50:24 xxxxxxx7446550 sshd[26472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.61.182 user=r.r Mar 2 15:50:25 xxxxxxx7446550 sshd[26472]: Failed password for r.r from 138.68.61.182 port 61990 ssh2 Mar 2 15:50:25 xxxxxxx7446550 sshd[26473]: Received disconnect from 138.68.61.182: 11: Normal Shutdown Mar 2 15:53:50 xxxxxxx7446550 sshd[27441]: Invalid user ftpuser from 138.68.61.182 Mar 2 15:53:50 xxxxxxx7446550 sshd[27441]: pam_unix(sshd:auth): authentication fail........ ------------------------------- |
2020-03-07 20:41:23 |
| 51.77.223.62 | attack | WordPress login Brute force / Web App Attack on client site. |
2020-03-07 20:37:05 |
| 80.82.65.74 | attackspam | firewall-block, port(s): 3113/tcp, 10200/tcp, 20002/tcp |
2020-03-07 20:25:20 |
| 134.73.51.102 | attackbots | RBL listed IP. Trying to send Spam. IP autobanned |
2020-03-07 20:33:25 |
| 115.85.73.53 | attack | Mar 7 14:14:57 server sshd\[11559\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.85.73.53 user=root Mar 7 14:14:59 server sshd\[11559\]: Failed password for root from 115.85.73.53 port 33636 ssh2 Mar 7 14:21:15 server sshd\[13071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.85.73.53 user=root Mar 7 14:21:17 server sshd\[13071\]: Failed password for root from 115.85.73.53 port 57588 ssh2 Mar 7 14:26:13 server sshd\[14008\]: Invalid user xiaoyun from 115.85.73.53 ... |
2020-03-07 20:19:50 |
| 222.186.42.75 | attackbotsspam | Mar 7 13:54:11 amit sshd\[3405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.75 user=root Mar 7 13:54:13 amit sshd\[3405\]: Failed password for root from 222.186.42.75 port 37415 ssh2 Mar 7 13:54:15 amit sshd\[3405\]: Failed password for root from 222.186.42.75 port 37415 ssh2 ... |
2020-03-07 20:59:24 |
| 5.239.244.252 | attack | Invalid user cloud from 5.239.244.252 port 36972 |
2020-03-07 20:37:51 |
| 78.128.92.116 | attack | 20/3/6@23:49:25: FAIL: Alarm-Intrusion address from=78.128.92.116 ... |
2020-03-07 20:50:15 |
| 159.89.126.252 | attack | CMS (WordPress or Joomla) login attempt. |
2020-03-07 20:47:09 |
| 171.217.92.33 | attackspam | Mar 7 03:41:03 plusreed sshd[16525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.217.92.33 user=www-data Mar 7 03:41:05 plusreed sshd[16525]: Failed password for www-data from 171.217.92.33 port 2639 ssh2 ... |
2020-03-07 20:42:19 |
| 83.222.67.213 | attackbotsspam | Brute force attempt |
2020-03-07 20:47:50 |
| 45.95.168.65 | attackbotsspam | [portscan] tcp/22 [SSH] [scan/connect: 2 time(s)] in blocklist.de:'listed [ssh]' *(RWIN=65535)(03071130) |
2020-03-07 20:37:24 |
| 41.178.22.2 | attackspambots | Honeypot attack, port: 445, PTR: host-41-178-22-2.static.link.com.eg. |
2020-03-07 20:30:53 |
| 65.158.79.109 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-07 20:32:21 |
| 51.75.133.250 | attack | 2020-03-07T07:24:59.861284abusebot-3.cloudsearch.cf sshd[1839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=250.ip-51-75-133.eu user=root 2020-03-07T07:25:02.018071abusebot-3.cloudsearch.cf sshd[1839]: Failed password for root from 51.75.133.250 port 47344 ssh2 2020-03-07T07:29:07.031727abusebot-3.cloudsearch.cf sshd[2055]: Invalid user debian from 51.75.133.250 port 41546 2020-03-07T07:29:07.039871abusebot-3.cloudsearch.cf sshd[2055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=250.ip-51-75-133.eu 2020-03-07T07:29:07.031727abusebot-3.cloudsearch.cf sshd[2055]: Invalid user debian from 51.75.133.250 port 41546 2020-03-07T07:29:08.911033abusebot-3.cloudsearch.cf sshd[2055]: Failed password for invalid user debian from 51.75.133.250 port 41546 ssh2 2020-03-07T07:33:15.662561abusebot-3.cloudsearch.cf sshd[2267]: Invalid user odoo from 51.75.133.250 port 36102 ... |
2020-03-07 20:33:48 |