162.243.139.74

基本信息:

城市(city): San Francisco

省份(region): California

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	scans once in preceeding hours on the ports (in chronological order) 9030 resulting in total of 58 scans from 162.243.0.0/16 block.	2020-05-07 03:22:47

相同子网IP讨论:

IP	类型	评论内容	时间
162.243.139.21	proxy	VPN fraud	2023-02-24 13:44:38
162.243.139.19	proxy	VPN	2023-01-23 14:02:03
162.243.139.98	attack	[Fri Jun 12 03:31:39 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-16 21:22:30
162.243.139.167	attack	[Sun Jun 14 03:12:01 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-16 20:56:22
162.243.139.150	attack	[Wed Jun 17 15:34:21 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-16 20:29:09
162.243.139.246	attack	[Wed Jun 17 21:52:27 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-16 20:26:41
162.243.139.98	attackspam	[Fri Jun 12 03:31:41 2020] - DDoS Attack From IP: 162.243.139.98 Port: 51724	2020-07-13 03:31:45
162.243.139.167	attackspambots	[Sun Jun 14 03:12:03 2020] - DDoS Attack From IP: 162.243.139.167 Port: 58412	2020-07-13 03:17:58
162.243.139.150	attackbotsspam	[Wed Jun 17 15:34:23 2020] - DDoS Attack From IP: 162.243.139.150 Port: 57028	2020-07-13 03:02:20
162.243.139.246	attackspam	[Wed Jun 17 21:52:29 2020] - DDoS Attack From IP: 162.243.139.246 Port: 58139	2020-07-13 03:00:05
162.243.139.196	attack	[Fri May 22 02:56:34 2020] - DDoS Attack From IP: 162.243.139.196 Port: 39583	2020-07-09 03:49:00
162.243.139.226	attackspam	[Mon May 25 12:06:40 2020] - DDoS Attack From IP: 162.243.139.226 Port: 59688	2020-07-09 03:24:42
162.243.139.40	attackspam	[Thu May 28 02:37:02 2020] - DDoS Attack From IP: 162.243.139.40 Port: 48945	2020-07-09 03:18:45
162.243.139.241	attackbotsspam	[Thu May 28 12:09:43 2020] - DDoS Attack From IP: 162.243.139.241 Port: 46028	2020-07-09 03:12:30
162.243.139.141	attackbots	[Fri May 29 12:54:48 2020] - DDoS Attack From IP: 162.243.139.141 Port: 55461	2020-07-09 02:53:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.139.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.139.74.			IN	A

;; AUTHORITY SECTION:
.			380	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050502 1800 900 604800 86400

;; Query time: 149 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 07:34:37 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

74.139.243.162.in-addr.arpa domain name pointer zg-0428c-334.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
74.139.243.162.in-addr.arpa	name = zg-0428c-334.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
197.3.199.253	attackspam	Telnet/23 MH Probe, BF, Hack -	2020-01-10 04:13:29
27.124.205.8	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2020-01-10 04:06:44
182.73.31.10	attackbotsspam	Unauthorized connection attempt from IP address 182.73.31.10 on Port 445(SMB)	2020-01-10 04:20:51
203.192.206.237	attackbots	[ThuJan0914:01:46.3358292020][:error][pid16607:tid47483094365952][client203.192.206.237:50764][client203.192.206.237]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(DisableifyouwanttoallowMSIE6\)"][severity"WARNING"][hostname"ponzellini.ch"][uri"/wp-po.php"][unique_id"XhckOs@eW8kD26s1WI0ytwAAAAQ"][ThuJan0914:01:50.1939122020][:error][pid9661:tid47483098568448][client203.192.206.237:50769][client203.192.206.237]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof"rx\(MSWebServicesClientProtocol\\|WormlyBot\\|webauth@cmcm\\\\\\\\.com\)"against"REQUEST_HEADERS:User-Agent"required.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"402"][id"397989"][rev"1"][msg"Atomicorp.comWAFRules:MSIE6.0detected\(Disableif	2020-01-10 04:26:51
223.97.19.100	attackbotsspam	Telnet/23 MH Probe, BF, Hack -	2020-01-10 04:32:01
42.120.74.36	attackspam	Unauthorized connection attempt detected from IP address 42.120.74.36 to port 445 [T]	2020-01-10 04:25:50
191.180.106.110	attack	Jan 9 19:49:17 mail sshd[1174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.180.106.110 user=root Jan 9 19:49:19 mail sshd[1174]: Failed password for root from 191.180.106.110 port 41392 ssh2 Jan 9 19:59:59 mail sshd[18131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.180.106.110 user=root Jan 9 20:00:01 mail sshd[18131]: Failed password for root from 191.180.106.110 port 48970 ssh2 Jan 9 20:23:07 mail sshd[21637]: Invalid user uftp from 191.180.106.110 ...	2020-01-10 04:07:05
222.186.175.155	attackbots	sshd jail - ssh hack attempt	2020-01-10 04:27:33
113.137.36.187	attackbots	Jan 9 18:06:24 nextcloud sshd\[28691\]: Invalid user feq from 113.137.36.187 Jan 9 18:06:24 nextcloud sshd\[28691\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.137.36.187 Jan 9 18:06:27 nextcloud sshd\[28691\]: Failed password for invalid user feq from 113.137.36.187 port 51852 ssh2 ...	2020-01-10 04:34:03
177.94.250.5	attack	firewall-block, port(s): 445/tcp	2020-01-10 04:23:17
85.185.1.10	attackbotsspam	Unauthorized connection attempt from IP address 85.185.1.10 on Port 445(SMB)	2020-01-10 04:17:03
104.248.58.71	attackbots	Jan 9 19:51:12 163-172-32-151 sshd[23361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.58.71 user=root Jan 9 19:51:15 163-172-32-151 sshd[23361]: Failed password for root from 104.248.58.71 port 56626 ssh2 ...	2020-01-10 04:19:36
149.202.235.105	attack	Autoban 149.202.235.105 AUTH/CONNECT	2020-01-10 04:14:01
45.64.221.77	attackbots	Honeypot hit.	2020-01-10 04:42:18
42.116.140.138	attack	Telnet/23 MH Probe, BF, Hack -	2020-01-10 04:42:39

最近上报的IP列表

198.223.67.201	208.39.3.47	120.11.211.190	128.65.143.40
119.165.50.11	59.22.71.146	6.103.102.127	178.137.184.109
119.123.178.100	184.194.148.47	124.105.73.37	100.134.217.13
58.166.74.59	126.22.122.194	183.105.37.102	117.92.120.223
143.248.182.231	82.132.68.49	117.63.31.154	68.216.54.117