162.243.141.75

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	10409/tcp 7199/tcp 47440/tcp... [2019-05-02/06-30]64pkt,51pt.(tcp),4pt.(udp)	2019-07-01 03:24:19
attackbots	48410/tcp 1080/tcp 57738/tcp... [2019-04-22/06-22]63pkt,46pt.(tcp),4pt.(udp)	2019-06-23 00:05:14

Comments on same subnet:

IP	Type	Details	Datetime
162.243.141.19	attack	Malicious IP	2024-04-17 12:08:10
162.243.141.23	proxy	VPN	2023-01-31 13:52:10
162.243.141.131	attack	[Fri Jun 12 15:58:06 2020] - DDoS Attack From IP: 162.243.141.131 Port: 36986	2020-07-16 21:12:38
162.243.141.131	attackspam	[Fri Jun 12 15:58:08 2020] - DDoS Attack From IP: 162.243.141.131 Port: 36986	2020-07-13 03:26:33
162.243.141.36	attackbotsspam	[Sun Jun 21 23:01:54 2020] - DDoS Attack From IP: 162.243.141.36 Port: 49125	2020-07-13 02:40:21
162.243.141.131	attackbotsspam	[Fri Jun 12 15:58:11 2020] - DDoS Attack From IP: 162.243.141.131 Port: 36986	2020-07-08 23:11:43
162.243.141.36	attack	[Sun Jun 21 23:01:57 2020] - DDoS Attack From IP: 162.243.141.36 Port: 49125	2020-07-08 22:06:23
162.243.141.37	attack	Jun 21 23:55:38 Host-KEWR-E postfix/smtps/smtpd[2301]: lost connection after CONNECT from unknown[162.243.141.37] ...	2020-06-22 12:13:57
162.243.141.77	attackbots	scans once in preceeding hours on the ports (in chronological order) 1931 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:48:03
162.243.141.142	attack	scans once in preceeding hours on the ports (in chronological order) 20547 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:47:50
162.243.141.165	attackspam	9042/tcp 9200/tcp 139/tcp... [2020-04-29/06-15]45pkt,35pt.(tcp),3pt.(udp)	2020-06-15 17:57:09
162.243.141.131	attackspambots	Unauthorized connection attempt from IP address 162.243.141.131 on Port 445(SMB)	2020-06-14 15:50:12
162.243.141.37	attackspambots	SSH login attempts.	2020-06-09 19:44:20
162.243.141.47	attack	2020-06-06 20:04:04 Unauthorized connection attempt to IMAP/POP	2020-06-07 17:25:23
162.243.141.232	attack	Misuse of DNS Server sending dot requests	2020-06-07 03:08:41

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.141.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51370
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.141.75.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 18 21:03:56 +08 2019
;; MSG SIZE  rcvd: 118

Host info

75.141.243.162.in-addr.arpa domain name pointer zg-0326a-46.stretchoid.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
75.141.243.162.in-addr.arpa	name = zg-0326a-46.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.102.51.108	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-09-07 16:58:14
171.43.54.12	attackspam	Sep 7 02:34:32 jupiter sshd\[6239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.43.54.12 user=root Sep 7 02:34:34 jupiter sshd\[6239\]: Failed password for root from 171.43.54.12 port 36793 ssh2 Sep 7 02:34:50 jupiter sshd\[6239\]: error: maximum authentication attempts exceeded for root from 171.43.54.12 port 36793 ssh2 \[preauth\] ...	2019-09-07 16:51:51
193.70.0.42	attackspambots	Sep 6 22:44:02 wbs sshd\[9112\]: Invalid user 123456 from 193.70.0.42 Sep 6 22:44:02 wbs sshd\[9112\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.ip-193-70-0.eu Sep 6 22:44:04 wbs sshd\[9112\]: Failed password for invalid user 123456 from 193.70.0.42 port 49000 ssh2 Sep 6 22:48:13 wbs sshd\[9437\]: Invalid user deployer from 193.70.0.42 Sep 6 22:48:13 wbs sshd\[9437\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.ip-193-70-0.eu	2019-09-07 17:00:04
91.215.199.97	attack	[portscan] Port scan	2019-09-07 17:29:44
37.187.79.55	attack	Sep 7 10:22:31 SilenceServices sshd[28980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.79.55 Sep 7 10:22:33 SilenceServices sshd[28980]: Failed password for invalid user 1234 from 37.187.79.55 port 45213 ssh2 Sep 7 10:27:09 SilenceServices sshd[30683]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.79.55	2019-09-07 16:43:22
123.31.24.16	attackbots	Sep 6 20:49:12 plusreed sshd[9521]: Invalid user 111111 from 123.31.24.16 ...	2019-09-07 17:27:43
82.221.105.7	attackbots	Automatic report - Port Scan Attack	2019-09-07 17:11:33
54.183.182.161	attack	$f2bV_matches	2019-09-07 16:46:18
95.6.77.61	attackbotsspam	[portscan] tcp/139 [NetBIOS Session Service] *(RWIN=1024)(09071042)	2019-09-07 17:01:07
218.98.40.142	attackbots	Sep 7 10:25:06 ubuntu-2gb-nbg1-dc3-1 sshd[13167]: Failed password for root from 218.98.40.142 port 15487 ssh2 Sep 7 10:25:10 ubuntu-2gb-nbg1-dc3-1 sshd[13167]: error: maximum authentication attempts exceeded for root from 218.98.40.142 port 15487 ssh2 [preauth] ...	2019-09-07 17:17:12
36.91.24.27	attack	Sep 6 22:06:23 auw2 sshd\[2341\]: Invalid user nagios from 36.91.24.27 Sep 6 22:06:23 auw2 sshd\[2341\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.91.24.27 Sep 6 22:06:24 auw2 sshd\[2341\]: Failed password for invalid user nagios from 36.91.24.27 port 55330 ssh2 Sep 6 22:11:27 auw2 sshd\[2868\]: Invalid user admin2 from 36.91.24.27 Sep 6 22:11:27 auw2 sshd\[2868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.91.24.27	2019-09-07 16:48:40
200.10.108.22	attackbots	Brute force attempt	2019-09-07 16:45:25
187.189.119.122	attack	DVR web service hack: "GET ../../mnt/custom/ProductDefinition"	2019-09-07 16:45:47
186.0.136.202	attack	SIPVicious Scanner Detection	2019-09-07 17:07:27
125.163.119.115	attackbots	Automatic report - Port Scan Attack	2019-09-07 17:09:33

Recently Reported IPs

185.69.144.17	59.99.66.179	202.40.190.210	190.104.39.228
78.40.189.84	197.149.125.50	180.108.76.126	34.229.91.96
14.52.95.114	106.12.202.85	51.252.54.115	61.173.39.108
195.211.142.87	84.201.152.63	37.139.104.195	36.90.68.102
193.0.151.133	112.135.2.98	103.81.139.48	82.165.162.65