162.243.140.140

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	[Fri May 29 21:25:53 2020] - DDoS Attack From IP: 162.243.140.140 Port: 33267	2020-07-09 02:41:33
attackspambots	scans once in preceeding hours on the ports (in chronological order) 8443 resulting in total of 58 scans from 162.243.0.0/16 block.	2020-05-07 03:20:42

类型

评论内容

时间

attackspam

[Fri May 29 21:25:53 2020] - DDoS Attack From IP: 162.243.140.140 Port: 33267

2020-07-09 02:41:33

attackspambots

scans once in preceeding hours on the ports (in chronological order) 8443 resulting in total of 58 scans from 162.243.0.0/16 block.

2020-05-07 03:20:42

相同子网IP讨论:

IP	类型	评论内容	时间
162.243.140.31	proxy	VPN fraud	2023-03-06 14:00:29
162.243.140.36	attack	[Wed Jun 10 08:33:18 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644	2020-07-16 21:44:24
162.243.140.74	attackspam	[Mon Jun 15 13:36:05 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847	2020-07-16 20:42:02
162.243.140.36	attackbotsspam	[Wed Jun 10 08:33:20 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644	2020-07-13 03:47:13
162.243.140.74	attackspam	[Mon Jun 15 13:36:07 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847	2020-07-13 03:08:26
162.243.140.36	attackbots	[Wed Jun 10 08:33:23 2020] - DDoS Attack From IP: 162.243.140.36 Port: 41644	2020-07-08 23:33:28
162.243.140.74	attack	[Mon Jun 15 13:36:10 2020] - DDoS Attack From IP: 162.243.140.74 Port: 60847	2020-07-08 22:44:31
162.243.140.51	attackbots	trying to access non-authorized port	2020-06-22 18:51:24
162.243.140.90	attack	7474/tcp 143/tcp 9002/tcp... [2020-05-02/06-22]44pkt,39pt.(tcp),1pt.(udp)	2020-06-22 18:48:50
162.243.140.36	attackbots	scans once in preceeding hours on the ports (in chronological order) 6379 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:49:19
162.243.140.118	attack	scans once in preceeding hours on the ports (in chronological order) 26446 resulting in total of 51 scans from 162.243.0.0/16 block.	2020-06-21 20:48:47
162.243.140.216	attack	Port scan: Attack repeated for 24 hours	2020-06-21 20:48:26
162.243.140.84	attackspam	Port scan: Attack repeated for 24 hours	2020-06-17 03:18:37
162.243.140.87	attack	firewall-block, port(s): 5986/tcp	2020-06-14 21:43:47
162.243.140.118	attackbots	TCP (SYN) 162.243.140.118:34394 -> port 443, len 40	2020-06-12 20:04:46

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.140.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55876
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.140.140.		IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050601 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu May 07 03:20:40 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

140.140.243.162.in-addr.arpa domain name pointer zg-0428c-430.stretchoid.com.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
140.140.243.162.in-addr.arpa	name = zg-0428c-430.stretchoid.com.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
24.42.215.106	attack	20/8/2@16:48:00: FAIL: Alarm-Network address from=24.42.215.106 20/8/2@16:48:00: FAIL: Alarm-Network address from=24.42.215.106 ...	2020-08-03 07:20:19
111.229.4.247	attackbots	2020-08-02T06:08:49.949318correo.[domain] sshd[48295]: Failed password for root from 111.229.4.247 port 31350 ssh2 2020-08-02T06:12:50.487872correo.[domain] sshd[49085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.4.247 user=root 2020-08-02T06:12:52.763229correo.[domain] sshd[49085]: Failed password for root from 111.229.4.247 port 24733 ssh2 ...	2020-08-03 07:11:39
195.176.3.20	attack	Brute forcing RDP port 3389	2020-08-03 07:07:21
80.90.136.137	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 80.90.136.137 (CZ/Czechia/80-90-136-137.static.oxid.cz): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-08-03 00:52:53 plain authenticator failed for 80-90-136-137.static.oxid.cz [80.90.136.137]: 535 Incorrect authentication data (set_id=info@partsafhe.com)	2020-08-03 07:07:56
91.139.196.141	attackbots	Aug 2 22:10:47 jumpserver sshd[361784]: Failed password for root from 91.139.196.141 port 52493 ssh2 Aug 2 22:14:43 jumpserver sshd[361869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.139.196.141 user=root Aug 2 22:14:46 jumpserver sshd[361869]: Failed password for root from 91.139.196.141 port 59164 ssh2 ...	2020-08-03 07:23:15
194.180.224.118	attackspam	TCP (SYN) 194.180.224.118:54120 -> port 22, len 44	2020-08-03 07:39:55
123.25.133.211	attackbots	1596399755 - 08/02/2020 22:22:35 Host: 123.25.133.211/123.25.133.211 Port: 445 TCP Blocked	2020-08-03 07:22:08
118.126.98.159	attackspam	Aug 3 01:20:01 sshd\[5573\]: User root from 118.126.98.159 not allowed because not listed in AllowUsersAug 3 01:20:03 sshd\[5573\]: Failed password for invalid user root from 118.126.98.159 port 40534 ssh2 ...	2020-08-03 07:33:14
23.82.56.164	attackbotsspam	rakily.com // Outgoing link - http://go.microsoft.com/fwlink/?linkid=66138&clcid=0x409 https://www.virustotal.com/graph/embed/gf502982506044cb8b4f56bcbfb43ca8452d8e6a8efb746b293cf5db837dd917b	2020-08-03 07:46:16
213.87.133.183	attack	Aug 3 04:51:34 our-server-hostname sshd[6224]: Address 213.87.133.183 maps to 183.gprs.mts.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 3 04:51:34 our-server-hostname sshd[6224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.87.133.183 user=r.r Aug 3 04:51:37 our-server-hostname sshd[6224]: Failed password for r.r from 213.87.133.183 port 9503 ssh2 Aug 3 05:27:01 our-server-hostname sshd[13403]: Address 213.87.133.183 maps to 183.gprs.mts.ru, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 3 05:27:01 our-server-hostname sshd[13403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.87.133.183 user=r.r Aug 3 05:27:03 our-server-hostname sshd[13403]: Failed password for r.r from 213.87.133.183 port 56878 ssh2 Aug 3 05:32:55 our-server-hostname sshd[14536]: Address 213.87.133.183 maps to 183.gprs.mts.ru, but this does........ -------------------------------	2020-08-03 07:15:32
27.221.97.3	attackspam	Brute force attempt	2020-08-03 07:14:47
200.118.57.190	attackbots	$f2bV_matches	2020-08-03 07:32:27
37.187.132.132	attackspambots	37.187.132.132 - - [02/Aug/2020:21:22:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.187.132.132 - - [02/Aug/2020:21:22:29 +0100] "POST /wp-login.php HTTP/1.1" 200 1845 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 37.187.132.132 - - [02/Aug/2020:21:22:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-03 07:26:20
175.24.48.113	attackspam	Aug 2 22:43:41 amit sshd\[32394\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.48.113 user=root Aug 2 22:43:43 amit sshd\[32394\]: Failed password for root from 175.24.48.113 port 55046 ssh2 Aug 2 22:47:36 amit sshd\[16208\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.48.113 user=root ...	2020-08-03 07:47:09
218.92.0.171	attack	2020-08-02T23:41:35.558205dmca.cloudsearch.cf sshd[7649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2020-08-02T23:41:38.104805dmca.cloudsearch.cf sshd[7649]: Failed password for root from 218.92.0.171 port 61815 ssh2 2020-08-02T23:41:41.147781dmca.cloudsearch.cf sshd[7649]: Failed password for root from 218.92.0.171 port 61815 ssh2 2020-08-02T23:41:35.558205dmca.cloudsearch.cf sshd[7649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2020-08-02T23:41:38.104805dmca.cloudsearch.cf sshd[7649]: Failed password for root from 218.92.0.171 port 61815 ssh2 2020-08-02T23:41:41.147781dmca.cloudsearch.cf sshd[7649]: Failed password for root from 218.92.0.171 port 61815 ssh2 2020-08-02T23:41:35.558205dmca.cloudsearch.cf sshd[7649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2020-08-02T23:41:38.10 ...	2020-08-03 07:43:59

最近上报的IP列表

174.235.10.28	116.6.18.115	85.208.96.67	186.159.3.41
217.182.147.102	176.49.5.185	77.170.243.216	1.31.13.34
46.98.29.88	157.32.239.104	187.16.37.121	69.195.213.12
59.35.169.188	123.103.51.49	108.84.180.195	95.214.9.57
103.99.209.175	210.7.21.172	162.243.137.113	121.30.208.197