162.243.142.97

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 162.243.142.97 to port 1337 [T]	2020-05-06 08:08:58

Comments on same subnet:

IP	Type	Details	Datetime
162.243.142.176	attackspam	[Mon Jun 08 14:17:27 2020] - DDoS Attack From IP: 162.243.142.176 Port: 57285	2020-07-13 04:03:26
162.243.142.146	attackspambots	[Tue Jun 09 15:57:57 2020] - DDoS Attack From IP: 162.243.142.146 Port: 54460	2020-07-13 03:56:26
162.243.142.61	attack	firewall-block, port(s): 81/tcp	2020-06-22 18:47:27
162.243.142.200	attack	ZGrab Application Layer Scanner Detection	2020-06-21 22:16:22
162.243.142.207	attackspambots	TCP (SYN) 162.243.142.207:60667 -> port 81, len 40	2020-06-21 22:07:30
162.243.142.10	attackbots	scans once in preceeding hours on the ports (in chronological order) 63814 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:47:31
162.243.142.124	attackbots	scans once in preceeding hours on the ports (in chronological order) 5631 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:47:07
162.243.142.155	attackspambots	scans once in preceeding hours on the ports (in chronological order) 5632 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:46:53
162.243.142.225	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-06-19 22:47:00
162.243.142.16	attack	Port scan denied	2020-06-17 14:11:54
162.243.142.219	attack	nginx/IPasHostname/a4a6f	2020-06-17 13:19:25
162.243.142.6	attackspam	Unauthorized connection attempt IP: 162.243.142.6 Ports affected IMAP over TLS protocol (993) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS14061 DIGITALOCEAN-ASN United States (US) CIDR 162.243.0.0/16 Log Date: 15/06/2020 2:07:10 PM UTC	2020-06-15 22:30:26
162.243.142.200	attackspam	162.243.142.200 - - - [11/Jun/2020:07:01:57 +0200] "GET /portal/redlion HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-06-11 18:02:00
162.243.142.143	attack	" "	2020-06-11 16:00:27
162.243.142.64	attackspambots	TCP (SYN) 162.243.142.64:45035 -> port 1527, len 44	2020-06-10 17:18:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.142.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14598
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.142.97.			IN	A

;; AUTHORITY SECTION:
.			267	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050502 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 08:08:54 CST 2020
;; MSG SIZE  rcvd: 118

Host info

97.142.243.162.in-addr.arpa domain name pointer zg-0428c-508.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
97.142.243.162.in-addr.arpa	name = zg-0428c-508.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
163.172.220.92	attack	Port Scan detected from 163.172.220.92 (NL/Netherlands/North Holland/Amsterdam/163-172-220-92.rev.poneytelecom.eu). 4 hits in the last 5 seconds	2020-08-18 05:04:33
49.7.20.86	attackbotsspam	Dangerous	2020-08-18 05:09:48
104.236.63.99	attackspambots	2020-08-18T00:19:40.557353lavrinenko.info sshd[22895]: Invalid user faisal from 104.236.63.99 port 43948 2020-08-18T00:19:40.565183lavrinenko.info sshd[22895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.63.99 2020-08-18T00:19:40.557353lavrinenko.info sshd[22895]: Invalid user faisal from 104.236.63.99 port 43948 2020-08-18T00:19:42.713206lavrinenko.info sshd[22895]: Failed password for invalid user faisal from 104.236.63.99 port 43948 ssh2 2020-08-18T00:22:47.720114lavrinenko.info sshd[22957]: Invalid user transfer from 104.236.63.99 port 49282 ...	2020-08-18 05:25:02
149.72.193.137	attack	Received: from wrqvckvw.outbound-mail.sendgrid.net (wrqvckvw.outbound-mail.sendgrid.net [149.72.193.137])	2020-08-18 05:37:21
201.40.244.147	attackbotsspam	Aug 17 14:17:54 mockhub sshd[19556]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.40.244.147 Aug 17 14:17:56 mockhub sshd[19556]: Failed password for invalid user data from 201.40.244.147 port 50260 ssh2 ...	2020-08-18 05:24:17
94.102.59.107	attack	2020-08-17 23:11:45 auth_plain authenticator failed for (USER) [94.102.59.107]: 535 Incorrect authentication data (set_id=admin@lavrinenko.info) 2020-08-17 23:56:53 auth_plain authenticator failed for (USER) [94.102.59.107]: 535 Incorrect authentication data (set_id=admin@it-svc.com.ua) ...	2020-08-18 05:16:30
189.187.49.182	attackspam	Aug 17 23:03:06 electroncash sshd[48285]: Invalid user ftpuser from 189.187.49.182 port 13864 Aug 17 23:03:06 electroncash sshd[48285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.187.49.182 Aug 17 23:03:06 electroncash sshd[48285]: Invalid user ftpuser from 189.187.49.182 port 13864 Aug 17 23:03:08 electroncash sshd[48285]: Failed password for invalid user ftpuser from 189.187.49.182 port 13864 ssh2 Aug 17 23:05:58 electroncash sshd[48999]: Invalid user edge from 189.187.49.182 port 16775 ...	2020-08-18 05:26:27
112.85.42.227	attack	Aug 17 16:49:42 NPSTNNYC01T sshd[30417]: Failed password for root from 112.85.42.227 port 48698 ssh2 Aug 17 16:49:44 NPSTNNYC01T sshd[30417]: Failed password for root from 112.85.42.227 port 48698 ssh2 Aug 17 16:49:46 NPSTNNYC01T sshd[30417]: Failed password for root from 112.85.42.227 port 48698 ssh2 ...	2020-08-18 05:02:19
65.31.127.80	attackbotsspam	Aug 17 22:36:21 haigwepa sshd[22046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.31.127.80 Aug 17 22:36:23 haigwepa sshd[22046]: Failed password for invalid user mauro from 65.31.127.80 port 47534 ssh2 ...	2020-08-18 05:20:33
24.220.51.123	attackbots	Brute forcing email accounts	2020-08-18 05:12:00
221.139.207.238	attackbots	Aug 17 21:40:52 vm7 sshd[6437]: Bad protocol version identification '' from 221.139.207.238 port 32888 Aug 17 21:40:53 vm7 sshd[6438]: Invalid user NetLinx from 221.139.207.238 port 32931 Aug 17 21:40:54 vm7 sshd[6438]: Connection closed by 221.139.207.238 port 32931 [preauth] Aug 17 21:40:55 vm7 sshd[6440]: Connection closed by 221.139.207.238 port 33008 [preauth] Aug 17 21:40:57 vm7 sshd[6442]: Connection closed by 221.139.207.238 port 33115 [preauth] Aug 17 21:40:58 vm7 sshd[6444]: Connection closed by 221.139.207.238 port 33222 [preauth] Aug 17 21:41:00 vm7 sshd[6446]: Connection closed by 221.139.207.238 port 33308 [preauth] Aug 17 21:41:01 vm7 sshd[6448]: Connection closed by 221.139.207.238 port 33403 [preauth] Aug 17 21:41:03 vm7 sshd[6450]: Connection closed by 221.139.207.238 port 33494 [preauth] Aug 17 21:41:04 vm7 sshd[6457]: Connection closed by 221.139.207.238 port 33585 [preauth] Aug 17 21:41:06 vm7 sshd[6459]: Connection closed by 221.139.207.238 port 33........ -------------------------------	2020-08-18 05:22:00
106.53.254.96	attack	Aug 17 22:28:04 vpn01 sshd[17040]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.254.96 Aug 17 22:28:05 vpn01 sshd[17040]: Failed password for invalid user vss from 106.53.254.96 port 47956 ssh2 ...	2020-08-18 05:10:58
211.38.132.36	attack	Aug 18 02:25:51 gw1 sshd[1112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.38.132.36 Aug 18 02:25:53 gw1 sshd[1112]: Failed password for invalid user user2 from 211.38.132.36 port 53992 ssh2 ...	2020-08-18 05:41:09
106.55.170.47	attackspam	2020-08-17T20:56:32.277804shield sshd\[7121\]: Invalid user zhengang from 106.55.170.47 port 52840 2020-08-17T20:56:32.284608shield sshd\[7121\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.170.47 2020-08-17T20:56:33.881440shield sshd\[7121\]: Failed password for invalid user zhengang from 106.55.170.47 port 52840 ssh2 2020-08-17T20:59:42.459973shield sshd\[7761\]: Invalid user gfw from 106.55.170.47 port 33964 2020-08-17T20:59:42.468300shield sshd\[7761\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.55.170.47	2020-08-18 05:13:42
212.64.77.173	attackspam	Aug 17 22:16:29 rocket sshd[7363]: Failed password for root from 212.64.77.173 port 51054 ssh2 Aug 17 22:20:28 rocket sshd[7974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.64.77.173 ...	2020-08-18 05:35:22

Recently Reported IPs

149.240.185.127	124.91.186.73	123.235.233.74	76.31.61.101
123.10.41.88	171.242.64.210	1.157.184.236	105.2.110.119
122.240.195.11	198.122.204.40	120.12.73.181	138.24.50.161
73.202.193.137	120.11.111.138	128.4.145.220	181.249.56.163
122.138.173.188	119.250.92.19	124.67.235.177	39.171.141.134