162.243.139.70

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 2455 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:53:41
attack	firewall-block, port(s): 5094/tcp	2020-05-16 23:17:27
attack	Brute force attack stopped by firewall	2020-05-09 13:07:13

类型

评论内容

时间

attackbotsspam

scans once in preceeding hours on the ports (in chronological order) 2455 resulting in total of 51 scans from 162.243.0.0/16 block.

2020-06-21 20:53:41

attack

firewall-block, port(s): 5094/tcp

2020-05-16 23:17:27

attack

Brute force attack stopped by firewall

2020-05-09 13:07:13

相同子网IP讨论:

IP	类型	评论内容	时间
162.243.139.21	proxy	VPN fraud	2023-02-24 13:44:38
162.243.139.19	proxy	VPN	2023-01-23 14:02:03
162.243.139.98	attack	[Fri Jun 12 03:31:39 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-16 21:22:30
162.243.139.167	attack	[Sun Jun 14 03:12:01 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-16 20:56:22
162.243.139.150	attack	[Wed Jun 17 15:34:21 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-16 20:29:09
162.243.139.246	attack	[Wed Jun 17 21:52:27 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-16 20:26:41
162.243.139.98	attackspam	[Fri Jun 12 03:31:41 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-13 03:31:45
162.243.139.167	attackspambots	[Sun Jun 14 03:12:03 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-13 03:17:58
162.243.139.150	attackbotsspam	[Wed Jun 17 15:34:23 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-13 03:02:20
162.243.139.246	attackspam	[Wed Jun 17 21:52:29 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-13 03:00:05
162.243.139.196	attack	[Fri May 22 02:56:34 2020] - DDoS Attack From IP: 162.243.139.196 Port: 39583	2020-07-09 03:49:00
162.243.139.226	attackspam	[Mon May 25 12:06:40 2020] - DDoS Attack From IP: 162.243.139.226 Port: 59688	2020-07-09 03:24:42
162.243.139.40	attackspam	[Thu May 28 02:37:02 2020] - DDoS Attack From IP: 162.243.139.40 Port: 48945	2020-07-09 03:18:45
162.243.139.241	attackbotsspam	[Thu May 28 12:09:43 2020] - DDoS Attack From IP: 162.243.139.241 Port: 46028	2020-07-09 03:12:30
162.243.139.141	attackbots	[Fri May 29 12:54:48 2020] - DDoS Attack From IP: 162.243.139.141 Port: 55461	2020-07-09 02:53:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.139.70
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23704
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.139.70.			IN	A

;; AUTHORITY SECTION:
.			338	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050801 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 09 13:07:08 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

70.139.243.162.in-addr.arpa domain name pointer zg-0428c-333.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
70.139.243.162.in-addr.arpa	name = zg-0428c-333.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
185.107.70.202	attackspam	185.107.70.202 - - \[14/Mar/2020:04:53:31 +0100\] "GET /index.php\?id=ausland HTTP/1.1" 200 7733 "http://www.firma-lsf.eu:80/index.php" "Googlebot \(compatible Googlebot/2.1 http://www.google.com/bot.html\)" ...	2020-03-14 14:03:41
87.103.131.124	attackspambots	Mar 14 06:17:13 mail.srvfarm.net postfix/smtpd[2957893]: NOQUEUE: reject: RCPT from unknown[87.103.131.124]: 554 5.7.1 Service unavailable; Client host [87.103.131.124] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?87.103.131.124; from= to= proto=ESMTP helo=<124.131.103.87.dial.irtel.ru> Mar 14 06:17:14 mail.srvfarm.net postfix/smtpd[2957893]: NOQUEUE: reject: RCPT from unknown[87.103.131.124]: 554 5.7.1 Service unavailable; Client host [87.103.131.124] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?87.103.131.124; from= to= proto=ESMTP helo=<124.131.103.87.dial.irtel.ru> Mar 14 06:17:14 mail.srvfarm.net postfix/smtpd[2957893]: NOQUEUE: reject: RCPT from unknown[87.103.131.124]: 554 5.7.1 Service unavailable; Client host [87.103.131.124] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?87.103.131.124; from=	2020-03-14 14:09:42
112.85.42.182	attackspam	Mar 14 13:59:29 bacztwo sshd[23721]: error: PAM: Authentication failure for root from 112.85.42.182 Mar 14 13:59:33 bacztwo sshd[23721]: error: PAM: Authentication failure for root from 112.85.42.182 Mar 14 13:59:36 bacztwo sshd[23721]: error: PAM: Authentication failure for root from 112.85.42.182 Mar 14 13:59:36 bacztwo sshd[23721]: Failed keyboard-interactive/pam for root from 112.85.42.182 port 3661 ssh2 Mar 14 13:59:26 bacztwo sshd[23721]: error: PAM: Authentication failure for root from 112.85.42.182 Mar 14 13:59:29 bacztwo sshd[23721]: error: PAM: Authentication failure for root from 112.85.42.182 Mar 14 13:59:33 bacztwo sshd[23721]: error: PAM: Authentication failure for root from 112.85.42.182 Mar 14 13:59:36 bacztwo sshd[23721]: error: PAM: Authentication failure for root from 112.85.42.182 Mar 14 13:59:36 bacztwo sshd[23721]: Failed keyboard-interactive/pam for root from 112.85.42.182 port 3661 ssh2 Mar 14 13:59:38 bacztwo sshd[23721]: error: PAM: Authentication failure for ...	2020-03-14 14:11:31
91.121.110.97	attack	Mar 14 06:05:08 [host] sshd[22897]: pam_unix(sshd: Mar 14 06:05:10 [host] sshd[22897]: Failed passwor Mar 14 06:09:26 [host] sshd[23233]: pam_unix(sshd:	2020-03-14 13:32:28
46.101.11.213	attack	Invalid user test from 46.101.11.213 port 55640	2020-03-14 14:02:10
148.227.224.50	attackbotsspam	Mar 14 04:40:19 ns382633 sshd\[3481\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.224.50 user=root Mar 14 04:40:21 ns382633 sshd\[3481\]: Failed password for root from 148.227.224.50 port 46380 ssh2 Mar 14 04:50:25 ns382633 sshd\[5168\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.224.50 user=root Mar 14 04:50:27 ns382633 sshd\[5168\]: Failed password for root from 148.227.224.50 port 58812 ssh2 Mar 14 04:54:36 ns382633 sshd\[5661\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.227.224.50 user=root	2020-03-14 13:31:56
142.93.174.86	attackbotsspam	CMS (WordPress or Joomla) login attempt.	2020-03-14 14:08:37
185.156.73.38	attackbots	03/14/2020-00:58:16.929718 185.156.73.38 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-14 13:43:32
76.113.104.218	attack	Honeypot attack, port: 81, PTR: c-76-113-104-218.hsd1.nm.comcast.net.	2020-03-16 17:05:18
157.230.123.253	attackspambots	Mar 16 05:06:47 debian sshd[14372]: Unable to negotiate with 157.230.123.253 port 37804: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] Mar 16 05:07:01 debian sshd[14374]: Unable to negotiate with 157.230.123.253 port 43658: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] ...	2020-03-16 17:07:19
115.112.66.204	attackspam	Mar 16 08:49:37 marvibiene sshd[42547]: Invalid user mother from 115.112.66.204 port 53461 Mar 16 08:49:37 marvibiene sshd[42547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.112.66.204 Mar 16 08:49:37 marvibiene sshd[42547]: Invalid user mother from 115.112.66.204 port 53461 Mar 16 08:49:40 marvibiene sshd[42547]: Failed password for invalid user mother from 115.112.66.204 port 53461 ssh2 ...	2020-03-16 17:06:55
51.83.72.243	attack	Mar 14 06:11:07 vps691689 sshd[16915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.72.243 Mar 14 06:11:09 vps691689 sshd[16915]: Failed password for invalid user sammy from 51.83.72.243 port 40944 ssh2 ...	2020-03-14 13:37:01
222.186.173.215	attack	Mar 16 09:57:55 minden010 sshd[14614]: Failed password for root from 222.186.173.215 port 47880 ssh2 Mar 16 09:58:05 minden010 sshd[14614]: Failed password for root from 222.186.173.215 port 47880 ssh2 Mar 16 09:58:09 minden010 sshd[14614]: Failed password for root from 222.186.173.215 port 47880 ssh2 Mar 16 09:58:09 minden010 sshd[14614]: error: maximum authentication attempts exceeded for root from 222.186.173.215 port 47880 ssh2 [preauth] ...	2020-03-16 17:03:15
14.232.160.213	attack	ssh brute force	2020-03-14 13:40:10
222.186.175.167	attack	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.167 user=root Failed password for root from 222.186.175.167 port 63068 ssh2 Failed password for root from 222.186.175.167 port 63068 ssh2 Failed password for root from 222.186.175.167 port 63068 ssh2 Failed password for root from 222.186.175.167 port 63068 ssh2	2020-03-14 14:00:18

最近上报的IP列表

123.121.101.226	113.160.225.116	35.162.61.254	27.71.154.131
95.85.57.84	89.221.54.114	176.202.131.209	200.116.230.84
178.93.33.31	84.56.170.104	113.54.199.95	173.252.95.16
110.42.10.38	68.160.66.214	49.232.106.63	220.71.122.84
112.118.0.91	51.15.17.120	20.120.4.44	103.145.13.17