162.243.138.18

基本信息:

城市(city): San Francisco

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	9200/tcp 1337/tcp 8118/tcp... [2020-05-02/06-21]44pkt,32pt.(tcp),5pt.(udp)	2020-06-21 20:56:33
attackspambots	TCP (SYN) 162.243.138.18:40903 -> port 1433, len 40	2020-06-05 17:51:19
attackbots	firewall-block, port(s): 5269/tcp	2020-05-07 03:27:48
attack	Port scan(s) denied	2020-05-05 03:48:28
attackbots	Apr 30 19:08:30 : SSH login attempts with invalid user	2020-05-01 07:03:13

相同子网IP讨论:

IP	类型	评论内容	时间
162.243.138.127	attackspambots	[Sun Jun 14 20:12:07 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439	2020-07-16 20:51:56
162.243.138.112	attackbotsspam	Jun 15 02:19:24 mail postfix/postscreen[14056]: DNSBL rank 4 for [162.243.138.112]:51696 ...	2020-07-14 13:10:42
162.243.138.127	attack	[Sun Jun 14 20:12:09 2020] - DDoS Attack From IP: 162.243.138.127 Port: 47439	2020-07-13 03:14:52
162.243.138.96	attackbots	[Sat May 23 01:11:21 2020] - DDoS Attack From IP: 162.243.138.96 Port: 38759	2020-07-09 03:41:31
162.243.138.122	attackbots	[Sun May 24 09:17:21 2020] - DDoS Attack From IP: 162.243.138.122 Port: 43561	2020-07-09 03:34:09
162.243.138.189	attackspambots	Unauthorized connection attempt detected from IP address 162.243.138.189 to port 465	2020-06-22 07:28:19
162.243.138.177	attack	ZGrab Application Layer Scanner Detection	2020-06-21 22:07:50
162.243.138.15	attackspambots	scans once in preceeding hours on the ports (in chronological order) 8083 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:57:05
162.243.138.54	attackspam	scans once in preceeding hours on the ports (in chronological order) 3011 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:56:01
162.243.138.56	attack	33930/tcp 9300/tcp 28015/tcp... [2020-05-03/06-21]41pkt,34pt.(tcp)	2020-06-21 20:55:09
162.243.138.70	attackbots	scans once in preceeding hours on the ports (in chronological order) 3391 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:54:43
162.243.138.108	attackbots	scans once in preceeding hours on the ports (in chronological order) 8080 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:54:24
162.243.138.182	attackbotsspam	Port scan: Attack repeated for 24 hours	2020-06-21 20:54:11
162.243.138.34	attackspambots	firewall-block, port(s): 2379/tcp	2020-06-21 02:45:54
162.243.138.163	attackspambots	Port scan: Attack repeated for 24 hours	2020-06-21 02:43:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.138.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1508
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.138.18.			IN	A

;; AUTHORITY SECTION:
.			421	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020043001 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri May 01 07:03:10 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

18.138.243.162.in-addr.arpa domain name pointer zg-0428c-216.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
18.138.243.162.in-addr.arpa	name = zg-0428c-216.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
106.12.176.188	attackbotsspam	Mar 10 08:55:44 gw1 sshd[13794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.176.188 Mar 10 08:55:46 gw1 sshd[13794]: Failed password for invalid user admin2 from 106.12.176.188 port 44580 ssh2 ...	2020-03-10 12:37:54
151.248.116.116	attack	Mar 9 17:52:12 wbs sshd\[28307\]: Invalid user test from 151.248.116.116 Mar 9 17:52:12 wbs sshd\[28307\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151-248-116-116.ovz.vps.regruhosting.ru Mar 9 17:52:14 wbs sshd\[28307\]: Failed password for invalid user test from 151.248.116.116 port 35388 ssh2 Mar 9 17:55:47 wbs sshd\[28645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151-248-116-116.ovz.vps.regruhosting.ru user=sheraton Mar 9 17:55:49 wbs sshd\[28645\]: Failed password for sheraton from 151.248.116.116 port 41768 ssh2	2020-03-10 12:35:11
139.59.31.205	attack	Mar 9 18:07:54 kapalua sshd\[8352\]: Invalid user ftpuser from 139.59.31.205 Mar 9 18:07:54 kapalua sshd\[8352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.31.205 Mar 9 18:07:56 kapalua sshd\[8352\]: Failed password for invalid user ftpuser from 139.59.31.205 port 33584 ssh2 Mar 9 18:11:46 kapalua sshd\[8622\]: Invalid user haliimaile from 139.59.31.205 Mar 9 18:11:46 kapalua sshd\[8622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.31.205	2020-03-10 12:33:49
96.8.2.65	attackspambots	20/3/9@23:55:08: FAIL: Alarm-Network address from=96.8.2.65 ...	2020-03-10 13:06:20
104.248.237.238	attack	Mar 10 05:15:33 silence02 sshd[32186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.237.238 Mar 10 05:15:35 silence02 sshd[32186]: Failed password for invalid user user from 104.248.237.238 port 38028 ssh2 Mar 10 05:23:17 silence02 sshd[32694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.237.238	2020-03-10 12:58:56
88.132.237.187	attack	Mar 10 00:26:17 plusreed sshd[7529]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.132.237.187 user=root Mar 10 00:26:19 plusreed sshd[7529]: Failed password for root from 88.132.237.187 port 47054 ssh2 ...	2020-03-10 12:47:30
178.62.248.61	attack	detected by Fail2Ban	2020-03-10 12:42:07
122.154.241.147	attack	Mar 10 05:16:58 localhost sshd\[25216\]: Invalid user 123456 from 122.154.241.147 port 47126 Mar 10 05:16:58 localhost sshd\[25216\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.154.241.147 Mar 10 05:17:00 localhost sshd\[25216\]: Failed password for invalid user 123456 from 122.154.241.147 port 47126 ssh2	2020-03-10 12:25:16
148.251.69.139	attackbotsspam	20 attempts against mh-misbehave-ban on flame	2020-03-10 12:55:37
69.229.6.48	attackspambots	$f2bV_matches	2020-03-10 12:39:29
197.149.121.115	attackspambots	firewall-block, port(s): 445/tcp	2020-03-10 12:26:13
222.186.173.142	attackbotsspam	Mar 10 04:39:53 server sshd[2760000]: Failed password for root from 222.186.173.142 port 62412 ssh2 Mar 10 05:49:13 server sshd[2914662]: Failed none for root from 222.186.173.142 port 26502 ssh2 Mar 10 05:49:29 server sshd[2915418]: Failed password for root from 222.186.173.142 port 32222 ssh2	2020-03-10 12:51:58
164.132.42.32	attackbotsspam	Mar 10 03:00:50 XXX sshd[39232]: Invalid user svnuser from 164.132.42.32 port 50068	2020-03-10 12:30:03
5.135.165.131	attackspambots	Mar 10 04:37:51 hcbbdb sshd\[336\]: Invalid user des from 5.135.165.131 Mar 10 04:37:51 hcbbdb sshd\[336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3091480.ip-5-135-165.eu Mar 10 04:37:53 hcbbdb sshd\[336\]: Failed password for invalid user des from 5.135.165.131 port 48344 ssh2 Mar 10 04:41:43 hcbbdb sshd\[815\]: Invalid user rian from 5.135.165.131 Mar 10 04:41:43 hcbbdb sshd\[815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3091480.ip-5-135-165.eu	2020-03-10 12:44:56
112.85.42.178	attackbotsspam	Mar 9 18:22:40 web9 sshd\[31246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root Mar 9 18:22:42 web9 sshd\[31246\]: Failed password for root from 112.85.42.178 port 23407 ssh2 Mar 9 18:22:59 web9 sshd\[31282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root Mar 9 18:23:02 web9 sshd\[31282\]: Failed password for root from 112.85.42.178 port 52455 ssh2 Mar 9 18:23:22 web9 sshd\[31348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root	2020-03-10 12:25:46

最近上报的IP列表

203.146.102.2	2.84.87.173	82.67.59.55	85.56.30.113
121.177.143.131	97.116.7.91	181.77.208.108	39.71.161.151
118.97.217.203	195.210.118.111	41.30.136.41	73.199.114.103
36.201.167.173	171.215.58.24	217.138.205.196	196.99.201.161
222.187.45.234	208.251.170.116	107.211.159.231	151.236.55.253