162.243.128.20

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 162.243.128.20 to port 4911 [T]	2020-08-13 23:38:59
attackspambots	Unauthorized connection attempt detected from IP address 162.243.128.20 to port 5986	2020-04-10 05:46:27
attackbots	Port probing on unauthorized port 2095	2020-03-24 08:11:12

类型

评论内容

时间

attack

Unauthorized connection attempt detected from IP address 162.243.128.20 to port 4911 [T]

2020-08-13 23:38:59

attackspambots

Unauthorized connection attempt detected from IP address 162.243.128.20 to port 5986

2020-04-10 05:46:27

attackbots

Port probing on unauthorized port 2095

2020-03-24 08:11:12

相同子网IP讨论:

IP	类型	评论内容	时间
162.243.128.132	attackbotsspam	SP-Scan 43646:9042 detected 2020.10.13 21:22:22 blocked until 2020.12.02 13:25:09	2020-10-14 07:02:01
162.243.128.189	attack	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-10-13 02:32:26
162.243.128.189	attackspambots	Port scanning [3 denied]	2020-10-12 17:58:27
162.243.128.12	attackbotsspam	TCP port : 631	2020-10-12 03:55:08
162.243.128.133	attackspambots	7210/tcp 1521/tcp 8090/tcp... [2020-08-21/10-10]28pkt,26pt.(tcp),1pt.(udp)	2020-10-12 02:41:08
162.243.128.71	attackspam	50000/tcp 1527/tcp 4567/tcp... [2020-08-21/10-11]23pkt,21pt.(tcp),1pt.(udp)	2020-10-12 01:26:02
162.243.128.12	attack	TCP port : 631	2020-10-11 19:51:16
162.243.128.133	attack	HTTP_USER_AGENT Mozilla/5.0 zgrab/0.x	2020-10-11 18:32:12
162.243.128.71	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-11 17:16:50
162.243.128.127	attackbots	scans once in preceeding hours on the ports (in chronological order) 1434 resulting in total of 6 scans from 162.243.0.0/16 block.	2020-10-10 22:07:07
162.243.128.127	attack	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-10 13:59:54
162.243.128.94	attack	TCP port : 631	2020-10-09 06:31:46
162.243.128.176	attack	firewall-block, port(s): 26/tcp	2020-10-09 05:24:23
162.243.128.251	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-09 03:19:05
162.243.128.94	attackspam	TCP port : 631	2020-10-08 22:52:56

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.128.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42247
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.128.20.			IN	A

;; AUTHORITY SECTION:
.			423	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032301 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 24 08:11:08 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

20.128.243.162.in-addr.arpa domain name pointer zg-0312b-250.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.128.243.162.in-addr.arpa	name = zg-0312b-250.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
188.166.150.79	attackbots	Sep 22 11:55:26 web1 sshd\[23449\]: Invalid user ansible from 188.166.150.79 Sep 22 11:55:26 web1 sshd\[23449\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.79 Sep 22 11:55:27 web1 sshd\[23449\]: Failed password for invalid user ansible from 188.166.150.79 port 46126 ssh2 Sep 22 11:58:49 web1 sshd\[23757\]: Invalid user ml from 188.166.150.79 Sep 22 11:58:49 web1 sshd\[23757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.150.79	2019-09-23 06:10:33
47.52.221.4	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/47.52.221.4/ GB - 1H : (57) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : GB NAME ASN : ASN45102 IP : 47.52.221.4 CIDR : 47.52.128.0/17 PREFIX COUNT : 293 UNIQUE IP COUNT : 1368320 WYKRYTE ATAKI Z ASN45102 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-23 06:07:48
159.203.201.79	attackspam	5093/udp 53457/tcp 50000/tcp... [2019-09-13/22]4pkt,3pt.(tcp),1pt.(udp)	2019-09-23 05:54:38
194.181.184.2	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/194.181.184.2/ PL - 1H : (54) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PL NAME ASN : ASN8308 IP : 194.181.184.2 CIDR : 194.181.184.0/21 PREFIX COUNT : 106 UNIQUE IP COUNT : 282880 WYKRYTE ATAKI Z ASN8308 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-23 06:21:06
134.209.158.77	attackbotsspam	Microsoft-Windows-Security-Auditing	2019-09-23 06:25:07
180.126.50.52	attackbotsspam	Sep 22 21:04:10 ip-172-31-1-72 sshd\[32164\]: Invalid user admin from 180.126.50.52 Sep 22 21:04:10 ip-172-31-1-72 sshd\[32164\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.126.50.52 Sep 22 21:04:12 ip-172-31-1-72 sshd\[32164\]: Failed password for invalid user admin from 180.126.50.52 port 52214 ssh2 Sep 22 21:04:16 ip-172-31-1-72 sshd\[32164\]: Failed password for invalid user admin from 180.126.50.52 port 52214 ssh2 Sep 22 21:04:21 ip-172-31-1-72 sshd\[32164\]: Failed password for invalid user admin from 180.126.50.52 port 52214 ssh2	2019-09-23 05:56:58
193.19.133.1	attackbotsspam	Automatic report - Port Scan Attack	2019-09-23 06:00:14
73.59.165.164	attack	Sep 22 12:05:11 friendsofhawaii sshd\[15868\]: Invalid user snoopy from 73.59.165.164 Sep 22 12:05:11 friendsofhawaii sshd\[15868\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-73-59-165-164.hsd1.tn.comcast.net Sep 22 12:05:14 friendsofhawaii sshd\[15868\]: Failed password for invalid user snoopy from 73.59.165.164 port 37674 ssh2 Sep 22 12:09:25 friendsofhawaii sshd\[16382\]: Invalid user shell from 73.59.165.164 Sep 22 12:09:25 friendsofhawaii sshd\[16382\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-73-59-165-164.hsd1.tn.comcast.net	2019-09-23 06:20:02
125.62.213.94	attackspambots	Spam to target mail address hacked/leaked/bought from Kachingle	2019-09-23 06:11:30
185.169.43.141	attackspam	Automated report - ssh fail2ban: Sep 22 23:04:01 authentication failure Sep 22 23:04:03 wrong password, user=admin, port=57216, ssh2 Sep 22 23:04:07 wrong password, user=admin, port=57216, ssh2 Sep 22 23:04:10 wrong password, user=admin, port=57216, ssh2	2019-09-23 06:17:20
159.65.30.66	attackbotsspam	Sep 22 11:46:53 hanapaa sshd\[28138\]: Invalid user ta from 159.65.30.66 Sep 22 11:46:53 hanapaa sshd\[28138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.30.66 Sep 22 11:46:55 hanapaa sshd\[28138\]: Failed password for invalid user ta from 159.65.30.66 port 57964 ssh2 Sep 22 11:50:52 hanapaa sshd\[28445\]: Invalid user ubnt from 159.65.30.66 Sep 22 11:50:52 hanapaa sshd\[28445\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.30.66	2019-09-23 06:17:33
106.75.174.233	attackbotsspam	Sep 22 12:26:35 web1 sshd\[26556\]: Invalid user jdoe from 106.75.174.233 Sep 22 12:26:35 web1 sshd\[26556\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.174.233 Sep 22 12:26:38 web1 sshd\[26556\]: Failed password for invalid user jdoe from 106.75.174.233 port 55900 ssh2 Sep 22 12:29:35 web1 sshd\[26855\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.174.233 user=root Sep 22 12:29:37 web1 sshd\[26855\]: Failed password for root from 106.75.174.233 port 52202 ssh2	2019-09-23 06:31:42
106.12.134.58	attackspam	Sep 22 22:01:37 yesfletchmain sshd\[4840\]: Invalid user nrlourenco from 106.12.134.58 port 34690 Sep 22 22:01:37 yesfletchmain sshd\[4840\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.134.58 Sep 22 22:01:39 yesfletchmain sshd\[4840\]: Failed password for invalid user nrlourenco from 106.12.134.58 port 34690 ssh2 Sep 22 22:04:11 yesfletchmain sshd\[4926\]: Invalid user windows from 106.12.134.58 port 55680 Sep 22 22:04:11 yesfletchmain sshd\[4926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.134.58 ...	2019-09-23 06:17:54
190.98.228.54	attack	Sep 22 22:15:56 hcbbdb sshd\[20956\]: Invalid user sesh from 190.98.228.54 Sep 22 22:15:56 hcbbdb sshd\[20956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.98.228.54 Sep 22 22:15:58 hcbbdb sshd\[20956\]: Failed password for invalid user sesh from 190.98.228.54 port 36320 ssh2 Sep 22 22:20:50 hcbbdb sshd\[21517\]: Invalid user behrman from 190.98.228.54 Sep 22 22:20:50 hcbbdb sshd\[21517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.98.228.54	2019-09-23 06:32:10
137.74.171.160	attackbotsspam	Sep 23 00:09:55 rpi sshd[1003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.171.160 Sep 23 00:09:57 rpi sshd[1003]: Failed password for invalid user werner from 137.74.171.160 port 58088 ssh2	2019-09-23 06:23:35

最近上报的IP列表

40.66.42.98	125.162.247.77	49.233.143.98	219.146.92.74
175.24.72.167	123.139.43.101	122.191.127.39	121.141.216.231
87.126.21.88	132.232.115.47	51.254.246.40	13.91.46.118
191.250.60.118	45.83.65.156	182.50.132.89	218.16.121.2
162.248.88.152	69.94.141.68	111.229.54.82	48.63.94.174