162.243.142.131

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	ZGrab Application Layer Scanner Detection	2020-05-07 02:48:32

Comments on same subnet:

IP	Type	Details	Datetime
162.243.142.176	attackspam	[Mon Jun 08 14:17:27 2020] - DDoS Attack From IP: 162.243.142.176 Port: 57285	2020-07-13 04:03:26
162.243.142.146	attackspambots	[Tue Jun 09 15:57:57 2020] - DDoS Attack From IP: 162.243.142.146 Port: 54460	2020-07-13 03:56:26
162.243.142.61	attack	firewall-block, port(s): 81/tcp	2020-06-22 18:47:27
162.243.142.200	attack	ZGrab Application Layer Scanner Detection	2020-06-21 22:16:22
162.243.142.207	attackspambots	TCP (SYN) 162.243.142.207:60667 -> port 81, len 40	2020-06-21 22:07:30
162.243.142.10	attackbots	scans once in preceeding hours on the ports (in chronological order) 63814 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:47:31
162.243.142.124	attackbots	scans once in preceeding hours on the ports (in chronological order) 5631 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:47:07
162.243.142.155	attackspambots	scans once in preceeding hours on the ports (in chronological order) 5632 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:46:53
162.243.142.225	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-06-19 22:47:00
162.243.142.16	attack	Port scan denied	2020-06-17 14:11:54
162.243.142.219	attack	nginx/IPasHostname/a4a6f	2020-06-17 13:19:25
162.243.142.6	attackspam	Unauthorized connection attempt IP: 162.243.142.6 Ports affected IMAP over TLS protocol (993) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS14061 DIGITALOCEAN-ASN United States (US) CIDR 162.243.0.0/16 Log Date: 15/06/2020 2:07:10 PM UTC	2020-06-15 22:30:26
162.243.142.200	attackspam	162.243.142.200 - - - [11/Jun/2020:07:01:57 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-06-11 18:02:00
162.243.142.143	attack	" "	2020-06-11 16:00:27
162.243.142.64	attackspambots	TCP (SYN) 162.243.142.64:45035 -> port 1527, len 44	2020-06-10 17:18:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.142.131
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6121
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.142.131.		IN	A

;; AUTHORITY SECTION:
.			380	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050601 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 02:48:27 CST 2020
;; MSG SIZE  rcvd: 119

Host info

131.142.243.162.in-addr.arpa domain name pointer zg-0428c-513.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
131.142.243.162.in-addr.arpa	name = zg-0428c-513.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.23.45.156	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 02-10-2019 13:35:35.	2019-10-02 21:20:33
185.117.118.187	attackbots	\[2019-10-02 13:45:33\] NOTICE\[14660\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '185.117.118.187:57908' \(callid: 1178156610-2003191812-766498810\) - Failed to authenticate \[2019-10-02 13:45:33\] SECURITY\[1715\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-10-02T13:45:33.192+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1178156610-2003191812-766498810",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/185.117.118.187/57908",Challenge="1570016733/06939daa075f0975ad9ce6fc01208541",Response="230ae2f6cd7148fbca204c94cf472151",ExpectedResponse="" \[2019-10-02 13:45:33\] NOTICE\[3817\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '185.117.118.187:57908' \(callid: 1178156610-2003191812-766498810\) - Failed to authenticate \[2019-10-02 13:45:33\] SECURITY\[1715\] res_security_log.c: SecurityEvent="Challenge	2019-10-02 20:27:32
111.231.133.173	attackspam	Invalid user user from 111.231.133.173 port 53960	2019-10-02 20:33:51
217.61.14.223	attackspambots	Oct 2 02:22:49 hpm sshd\[22075\]: Invalid user add from 217.61.14.223 Oct 2 02:22:49 hpm sshd\[22075\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.14.223 Oct 2 02:22:51 hpm sshd\[22075\]: Failed password for invalid user add from 217.61.14.223 port 42894 ssh2 Oct 2 02:26:54 hpm sshd\[22375\]: Invalid user xnm from 217.61.14.223 Oct 2 02:26:54 hpm sshd\[22375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.14.223	2019-10-02 20:30:51
95.85.70.181	attackspambots	B: zzZZzz blocked content access	2019-10-02 20:28:35
125.26.169.145	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-10-2019 13:35:43.	2019-10-02 21:09:16
125.164.230.76	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-10-2019 13:35:43.	2019-10-02 21:08:51
51.255.168.30	attackbotsspam	Oct 2 02:27:24 php1 sshd\[19303\]: Invalid user yuanwd from 51.255.168.30 Oct 2 02:27:24 php1 sshd\[19303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=30.ip-51-255-168.eu Oct 2 02:27:26 php1 sshd\[19303\]: Failed password for invalid user yuanwd from 51.255.168.30 port 56528 ssh2 Oct 2 02:31:26 php1 sshd\[19736\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=30.ip-51-255-168.eu user=root Oct 2 02:31:28 php1 sshd\[19736\]: Failed password for root from 51.255.168.30 port 40656 ssh2	2019-10-02 20:34:22
178.45.125.14	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 02-10-2019 13:35:53.	2019-10-02 20:48:56
51.15.182.231	attackbotsspam	k+ssh-bruteforce	2019-10-02 20:35:22
185.209.0.91	attack	Port scan on 6 port(s): 3861 3871 3872 3876 3882 3898	2019-10-02 20:56:42
116.106.61.196	attackbots	" "	2019-10-02 20:29:52
193.35.153.145	attackbots	Postfix RBL failed	2019-10-02 20:50:11
222.186.42.163	attackspambots	Oct 2 12:35:57 marvibiene sshd[41959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.163 user=root Oct 2 12:35:59 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 Oct 2 12:36:02 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 Oct 2 12:35:57 marvibiene sshd[41959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.163 user=root Oct 2 12:35:59 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 Oct 2 12:36:02 marvibiene sshd[41959]: Failed password for root from 222.186.42.163 port 48154 ssh2 ...	2019-10-02 20:38:55
172.105.89.161	attackbotsspam	10/02/2019-08:35:59.645449 172.105.89.161 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-02 20:43:12

Recently Reported IPs

162.243.142.60	162.243.142.15	193.152.129.142	162.243.141.189
162.243.141.93	106.54.117.228	106.52.135.166	133.162.204.84
68.183.92.118	68.183.78.87	64.227.56.27	64.227.24.112
64.227.12.136	64.227.6.231	162.243.140.140	162.243.140.51
162.243.139.224	162.243.139.141	162.243.139.83	162.243.139.40