162.243.142.178

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP port 2323 (Telnet) attempt blocked by firewall. [2019-07-01 01:50:04]	2019-07-01 11:32:47

Comments on same subnet:

IP	Type	Details	Datetime
162.243.142.176	attackspam	[Mon Jun 08 14:17:27 2020] - DDoS Attack From IP: 162.243.142.176 Port: 57285	2020-07-13 04:03:26
162.243.142.146	attackspambots	[Tue Jun 09 15:57:57 2020] - DDoS Attack From IP: 162.243.142.146 Port: 54460	2020-07-13 03:56:26
162.243.142.61	attack	firewall-block, port(s): 81/tcp	2020-06-22 18:47:27
162.243.142.200	attack	ZGrab Application Layer Scanner Detection	2020-06-21 22:16:22
162.243.142.207	attackspambots	TCP (SYN) 162.243.142.207:60667 -> port 81, len 40	2020-06-21 22:07:30
162.243.142.10	attackbots	scans once in preceeding hours on the ports (in chronological order) 63814 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:47:31
162.243.142.124	attackbots	scans once in preceeding hours on the ports (in chronological order) 5631 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:47:07
162.243.142.155	attackspambots	scans once in preceeding hours on the ports (in chronological order) 5632 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:46:53
162.243.142.225	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-06-19 22:47:00
162.243.142.16	attack	Port scan denied	2020-06-17 14:11:54
162.243.142.219	attack	nginx/IPasHostname/a4a6f	2020-06-17 13:19:25
162.243.142.6	attackspam	Unauthorized connection attempt IP: 162.243.142.6 Ports affected IMAP over TLS protocol (993) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS14061 DIGITALOCEAN-ASN United States (US) CIDR 162.243.0.0/16 Log Date: 15/06/2020 2:07:10 PM UTC	2020-06-15 22:30:26
162.243.142.200	attackspam	162.243.142.200 - - - [11/Jun/2020:07:01:57 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-06-11 18:02:00
162.243.142.143	attack	" "	2020-06-11 16:00:27
162.243.142.64	attackspambots	TCP (SYN) 162.243.142.64:45035 -> port 1527, len 44	2020-06-10 17:18:17

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.142.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57388
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.142.178.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041000 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 15:55:50 +08 2019
;; MSG SIZE  rcvd: 119

Host info

178.142.243.162.in-addr.arpa domain name pointer zg-0326a-24.stretchoid.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
178.142.243.162.in-addr.arpa	name = zg-0326a-24.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
108.58.41.139	attack	Sep 10 01:33:33 jane sshd\[16828\]: Invalid user admin from 108.58.41.139 port 38865 Sep 10 01:33:33 jane sshd\[16828\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=108.58.41.139 Sep 10 01:33:35 jane sshd\[16828\]: Failed password for invalid user admin from 108.58.41.139 port 38865 ssh2 ...	2019-09-10 07:41:44
79.122.224.2	attackspam	[portscan] Port scan	2019-09-10 08:20:05
43.231.113.125	attack	Sep 9 18:54:17 hb sshd\[32443\]: Invalid user jenkins from 43.231.113.125 Sep 9 18:54:17 hb sshd\[32443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.231.113.125 Sep 9 18:54:19 hb sshd\[32443\]: Failed password for invalid user jenkins from 43.231.113.125 port 50142 ssh2 Sep 9 19:00:59 hb sshd\[626\]: Invalid user cssserver from 43.231.113.125 Sep 9 19:00:59 hb sshd\[626\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.231.113.125	2019-09-10 07:59:33
158.69.112.95	attackspambots	Sep 9 19:49:17 plusreed sshd[12252]: Invalid user tsts from 158.69.112.95 ...	2019-09-10 08:04:14
52.172.44.97	attack	$f2bV_matches	2019-09-10 07:45:56
85.207.44.10	attackbots	xmlrpc attack	2019-09-10 07:38:59
178.34.190.39	attackbotsspam	Sep 9 18:58:12 eventyay sshd[5468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.34.190.39 Sep 9 18:58:14 eventyay sshd[5468]: Failed password for invalid user test from 178.34.190.39 port 43696 ssh2 Sep 9 19:04:20 eventyay sshd[5629]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.34.190.39 ...	2019-09-10 08:18:58
106.12.24.234	attack	2019-09-09T15:31:06.847074abusebot-8.cloudsearch.cf sshd\[17215\]: Invalid user vncuser from 106.12.24.234 port 60544	2019-09-10 07:40:19
67.218.96.156	attackbotsspam	Sep 9 13:50:43 hpm sshd\[12336\]: Invalid user db2admin from 67.218.96.156 Sep 9 13:50:43 hpm sshd\[12336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.218.96.156 Sep 9 13:50:44 hpm sshd\[12336\]: Failed password for invalid user db2admin from 67.218.96.156 port 42006 ssh2 Sep 9 13:56:55 hpm sshd\[13048\]: Invalid user qwerty from 67.218.96.156 Sep 9 13:56:55 hpm sshd\[13048\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.218.96.156	2019-09-10 08:22:17
75.80.193.222	attack	Sep 9 19:23:58 saschabauer sshd[2226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.80.193.222 Sep 9 19:24:00 saschabauer sshd[2226]: Failed password for invalid user team from 75.80.193.222 port 32771 ssh2	2019-09-10 07:37:44
80.211.88.70	attackbots	Automatic report - Banned IP Access	2019-09-10 07:42:53
41.164.76.22	attackbotsspam	[ER hit] Tried to deliver spam. Already well known.	2019-09-10 07:34:09
191.205.14.14	attackbots	DATE:2019-09-09 16:55:34, IP:191.205.14.14, PORT:ssh brute force auth on SSH service (patata)	2019-09-10 07:48:18
222.186.52.124	attackbots	Sep 9 13:49:43 php1 sshd\[12522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.124 user=root Sep 9 13:49:45 php1 sshd\[12522\]: Failed password for root from 222.186.52.124 port 46012 ssh2 Sep 9 13:49:51 php1 sshd\[12532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.52.124 user=root Sep 9 13:49:53 php1 sshd\[12532\]: Failed password for root from 222.186.52.124 port 47940 ssh2 Sep 9 13:49:54 php1 sshd\[12532\]: Failed password for root from 222.186.52.124 port 47940 ssh2	2019-09-10 07:54:26
98.143.148.45	attackspam	Sep 9 10:22:02 eddieflores sshd\[20871\]: Invalid user dspace from 98.143.148.45 Sep 9 10:22:02 eddieflores sshd\[20871\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.143.148.45 Sep 9 10:22:04 eddieflores sshd\[20871\]: Failed password for invalid user dspace from 98.143.148.45 port 56936 ssh2 Sep 9 10:28:09 eddieflores sshd\[21395\]: Invalid user admin from 98.143.148.45 Sep 9 10:28:09 eddieflores sshd\[21395\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.143.148.45	2019-09-10 07:43:15

Recently Reported IPs

154.115.26.18	159.89.175.205	207.180.211.248	184.82.236.99
182.30.24.20	178.128.47.153	121.15.133.11	162.243.142.0
197.89.215.205	157.119.71.174	38.140.192.165	199.250.210.144
192.99.66.39	223.205.228.18	188.136.243.142	188.27.233.84
79.134.155.29	125.64.94.0	125.253.119.226	187.185.28.143