162.243.139.74

基本信息:

城市(city): San Francisco

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	scans once in preceeding hours on the ports (in chronological order) 9030 resulting in total of 58 scans from 162.243.0.0/16 block.	2020-05-07 03:22:47

相同子网IP讨论:

IP	类型	评论内容	时间
162.243.139.21	proxy	VPN fraud	2023-02-24 13:44:38
162.243.139.19	proxy	VPN	2023-01-23 14:02:03
162.243.139.98	attack	[Fri Jun 12 03:31:39 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-16 21:22:30
162.243.139.167	attack	[Sun Jun 14 03:12:01 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-16 20:56:22
162.243.139.150	attack	[Wed Jun 17 15:34:21 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-16 20:29:09
162.243.139.246	attack	[Wed Jun 17 21:52:27 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-16 20:26:41
162.243.139.98	attackspam	[Fri Jun 12 03:31:41 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-13 03:31:45
162.243.139.167	attackspambots	[Sun Jun 14 03:12:03 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-13 03:17:58
162.243.139.150	attackbotsspam	[Wed Jun 17 15:34:23 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-13 03:02:20
162.243.139.246	attackspam	[Wed Jun 17 21:52:29 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-13 03:00:05
162.243.139.196	attack	[Fri May 22 02:56:34 2020] - DDoS Attack From IP: 162.243.139.196 Port: 39583	2020-07-09 03:49:00
162.243.139.226	attackspam	[Mon May 25 12:06:40 2020] - DDoS Attack From IP: 162.243.139.226 Port: 59688	2020-07-09 03:24:42
162.243.139.40	attackspam	[Thu May 28 02:37:02 2020] - DDoS Attack From IP: 162.243.139.40 Port: 48945	2020-07-09 03:18:45
162.243.139.241	attackbotsspam	[Thu May 28 12:09:43 2020] - DDoS Attack From IP: 162.243.139.241 Port: 46028	2020-07-09 03:12:30
162.243.139.141	attackbots	[Fri May 29 12:54:48 2020] - DDoS Attack From IP: 162.243.139.141 Port: 55461	2020-07-09 02:53:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.139.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.139.74.			IN	A

;; AUTHORITY SECTION:
.			380	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050502 1800 900 604800 86400

;; Query time: 149 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 07:34:37 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

74.139.243.162.in-addr.arpa domain name pointer zg-0428c-334.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
74.139.243.162.in-addr.arpa	name = zg-0428c-334.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
220.176.22.152	attackspambots	Unauthorised access (Sep 6) SRC=220.176.22.152 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=49448 TCP DPT=8080 WINDOW=56211 SYN Unauthorised access (Sep 6) SRC=220.176.22.152 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=49964 TCP DPT=8080 WINDOW=18979 SYN Unauthorised access (Sep 6) SRC=220.176.22.152 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=8144 TCP DPT=8080 WINDOW=56211 SYN Unauthorised access (Sep 5) SRC=220.176.22.152 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=28665 TCP DPT=8080 WINDOW=5686 SYN Unauthorised access (Sep 4) SRC=220.176.22.152 LEN=40 TOS=0x10 PREC=0x40 TTL=49 ID=20701 TCP DPT=8080 WINDOW=56211 SYN	2019-09-07 04:33:37
134.19.218.134	attackspambots	Jul 29 18:00:41 vtv3 sshd\[15277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.19.218.134 user=root Jul 29 18:00:43 vtv3 sshd\[15277\]: Failed password for root from 134.19.218.134 port 57784 ssh2 Jul 29 18:05:47 vtv3 sshd\[17717\]: Invalid user coronado from 134.19.218.134 port 53366 Jul 29 18:05:47 vtv3 sshd\[17717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.19.218.134 Jul 29 18:05:50 vtv3 sshd\[17717\]: Failed password for invalid user coronado from 134.19.218.134 port 53366 ssh2 Jul 29 18:20:30 vtv3 sshd\[25248\]: Invalid user virginie from 134.19.218.134 port 40038 Jul 29 18:20:30 vtv3 sshd\[25248\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.19.218.134 Jul 29 18:20:33 vtv3 sshd\[25248\]: Failed password for invalid user virginie from 134.19.218.134 port 40038 ssh2 Jul 29 18:25:37 vtv3 sshd\[27901\]: Invalid user usuario from 134.19.218.134 port 35	2019-09-07 03:55:40
121.182.166.81	attack	Sep 6 15:59:19 MainVPS sshd[9451]: Invalid user odoo from 121.182.166.81 port 42169 Sep 6 15:59:19 MainVPS sshd[9451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.182.166.81 Sep 6 15:59:19 MainVPS sshd[9451]: Invalid user odoo from 121.182.166.81 port 42169 Sep 6 15:59:22 MainVPS sshd[9451]: Failed password for invalid user odoo from 121.182.166.81 port 42169 ssh2 Sep 6 16:04:36 MainVPS sshd[9834]: Invalid user demo from 121.182.166.81 port 29620 ...	2019-09-07 04:27:14
61.175.121.76	attack	Sep 6 19:55:34 pkdns2 sshd\[54911\]: Invalid user 12 from 61.175.121.76Sep 6 19:55:36 pkdns2 sshd\[54911\]: Failed password for invalid user 12 from 61.175.121.76 port 8685 ssh2Sep 6 20:00:13 pkdns2 sshd\[55104\]: Invalid user pass from 61.175.121.76Sep 6 20:00:16 pkdns2 sshd\[55104\]: Failed password for invalid user pass from 61.175.121.76 port 25348 ssh2Sep 6 20:04:48 pkdns2 sshd\[55218\]: Invalid user qwerty321 from 61.175.121.76Sep 6 20:04:50 pkdns2 sshd\[55218\]: Failed password for invalid user qwerty321 from 61.175.121.76 port 42014 ssh2 ...	2019-09-07 04:15:54
218.98.26.170	attackbots	Sep 6 21:56:05 nginx sshd[73276]: Connection from 218.98.26.170 port 52156 on 10.23.102.80 port 22 Sep 6 21:56:09 nginx sshd[73276]: Received disconnect from 218.98.26.170 port 52156:11: [preauth]	2019-09-07 04:01:44
94.42.178.137	attack	Sep 6 20:07:51 yabzik sshd[7849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.42.178.137 Sep 6 20:07:53 yabzik sshd[7849]: Failed password for invalid user teamspeak from 94.42.178.137 port 50066 ssh2 Sep 6 20:13:36 yabzik sshd[9880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.42.178.137	2019-09-07 04:14:51
5.26.204.227	attackspam	2019-09-06T20:10:43Z - RDP login failed multiple times. (5.26.204.227)	2019-09-07 04:11:11
165.22.16.90	attack	Sep 7 02:56:14 webhost01 sshd[17652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.16.90 Sep 7 02:56:15 webhost01 sshd[17652]: Failed password for invalid user 1 from 165.22.16.90 port 55678 ssh2 ...	2019-09-07 04:18:02
178.216.38.152	attackbotsspam	Sep 6 16:04:25 lenivpn01 kernel: \[11481.296440\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=178.216.38.152 DST=195.201.121.15 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=23892 DF PROTO=TCP SPT=62910 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 Sep 6 16:04:28 lenivpn01 kernel: \[11484.362090\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=178.216.38.152 DST=195.201.121.15 LEN=52 TOS=0x00 PREC=0x00 TTL=114 ID=25272 DF PROTO=TCP SPT=62910 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 Sep 6 16:04:34 lenivpn01 kernel: \[11490.361205\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:2f:6c:1b:d2:74:7f:6e:37:e3:08:00 SRC=178.216.38.152 DST=195.201.121.15 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=26887 DF PROTO=TCP SPT=62910 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2019-09-07 04:27:53
124.156.168.194	attackbotsspam	Sep 6 15:57:09 xtremcommunity sshd\[27915\]: Invalid user ts from 124.156.168.194 port 54898 Sep 6 15:57:09 xtremcommunity sshd\[27915\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.168.194 Sep 6 15:57:11 xtremcommunity sshd\[27915\]: Failed password for invalid user ts from 124.156.168.194 port 54898 ssh2 Sep 6 16:02:20 xtremcommunity sshd\[28063\]: Invalid user admin from 124.156.168.194 port 42150 Sep 6 16:02:20 xtremcommunity sshd\[28063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.156.168.194 ...	2019-09-07 04:20:43
37.187.127.13	attack	Sep 6 22:11:30 SilenceServices sshd[15436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.127.13 Sep 6 22:11:33 SilenceServices sshd[15436]: Failed password for invalid user ftpuser from 37.187.127.13 port 49085 ssh2 Sep 6 22:16:01 SilenceServices sshd[17120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.127.13	2019-09-07 04:30:12
42.200.66.164	attackbotsspam	Sep 6 16:41:03 microserver sshd[49141]: Invalid user ts from 42.200.66.164 port 44912 Sep 6 16:41:03 microserver sshd[49141]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Sep 6 16:41:05 microserver sshd[49141]: Failed password for invalid user ts from 42.200.66.164 port 44912 ssh2 Sep 6 16:46:12 microserver sshd[49787]: Invalid user daniel from 42.200.66.164 port 60258 Sep 6 16:46:12 microserver sshd[49787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Sep 6 17:01:01 microserver sshd[51753]: Invalid user system from 42.200.66.164 port 49824 Sep 6 17:01:01 microserver sshd[51753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.200.66.164 Sep 6 17:01:03 microserver sshd[51753]: Failed password for invalid user system from 42.200.66.164 port 49824 ssh2 Sep 6 17:06:01 microserver sshd[52444]: Invalid user user1 from 42.200.66.164 port 36934 Sep 6 1	2019-09-07 03:42:47
109.197.194.157	attackspam	Unauthorised access (Sep 6) SRC=109.197.194.157 LEN=52 TTL=117 ID=27871 DF TCP DPT=445 WINDOW=8192 SYN	2019-09-07 03:52:04
134.209.81.60	attack	Sep 6 10:03:50 web1 sshd\[10658\]: Invalid user webmaster from 134.209.81.60 Sep 6 10:03:50 web1 sshd\[10658\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.81.60 Sep 6 10:03:52 web1 sshd\[10658\]: Failed password for invalid user webmaster from 134.209.81.60 port 42976 ssh2 Sep 6 10:08:17 web1 sshd\[11092\]: Invalid user admin from 134.209.81.60 Sep 6 10:08:17 web1 sshd\[11092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.81.60	2019-09-07 04:10:34
45.227.253.117	attackbots	Sep 6 21:12:55 relay postfix/smtpd\[28506\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 21:19:42 relay postfix/smtpd\[30654\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 21:19:49 relay postfix/smtpd\[11984\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 21:30:33 relay postfix/smtpd\[30655\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 21:30:41 relay postfix/smtpd\[16249\]: warning: unknown\[45.227.253.117\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-09-07 03:54:47

最近上报的IP列表

198.223.67.201	208.39.3.47	120.11.211.190	128.65.143.40
119.165.50.11	59.22.71.146	6.103.102.127	178.137.184.109
119.123.178.100	184.194.148.47	124.105.73.37	100.134.217.13
58.166.74.59	126.22.122.194	183.105.37.102	117.92.120.223
143.248.182.231	82.132.68.49	117.63.31.154	68.216.54.117