162.243.134.4 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States of America

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	scans once in preceeding hours on the ports (in chronological order) 5800 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:28:29
attack	22/tcp 2404/tcp 8888/tcp... [2020-03-13/26]11pkt,10pt.(tcp)	2020-03-26 16:06:13

Comments on same subnet:

IP	Type	Details	Datetime
162.243.134.57	attack	Malicious IP	2024-04-30 13:38:55
162.243.134.31	attack	Apr 28 07:00:37 askasleikir sshd[20315]: Connection closed by 162.243.134.31 port 41312 [preauth]	2020-04-28 20:46:56
162.243.134.59	attackspambots	scans once in preceeding hours on the ports (in chronological order) 2049 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:28:12
162.243.134.25	attackbots	Port scan(s) denied	2020-04-22 17:32:16
162.243.134.59	attack	20/4/18@16:43:59: FAIL: Alarm-SSH address from=162.243.134.59 ...	2020-04-19 06:11:22
162.243.134.17	attackbotsspam	Port Scan: Events[1] countPorts[1]: 7210 ..	2020-04-15 21:43:05
162.243.134.25	attackspambots	Unauthorized connection attempt detected from IP address 162.243.134.25 to port 7574	2020-04-15 01:13:56
162.243.134.31	attackbots	Unauthorized connection attempt detected from IP address 162.243.134.31 to port 22	2020-04-14 17:40:01
162.243.134.36	attackspambots	firewall-block, port(s): 1583/tcp	2020-04-09 00:39:08
162.243.134.30	attackbots	firewall-block, port(s): 65197/tcp	2020-04-06 09:26:48
162.243.134.56	attackbotsspam	9160/tcp 3001/tcp 6379/tcp... [2020-03-14/04-04]28pkt,25pt.(tcp),1pt.(udp)	2020-04-06 04:10:33
162.243.134.15	attackspam	Unauthorized connection attempt detected from IP address 162.243.134.15 to port 5007	2020-04-06 04:04:33
162.243.134.15	attackbotsspam	[SMTP/25/465/587 Probe] TLS/SSL handshake failed:[ wrong version number] *(03281322)	2020-03-28 18:32:08
162.243.134.30	attack	firewall-block, port(s): 8889/tcp	2020-03-27 16:07:35
162.243.134.59	attackspambots	25266/tcp 2083/tcp 18892/tcp... [2020-02-15/03-25]26pkt,23pt.(tcp),2pt.(udp)	2020-03-25 19:40:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.134.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59962
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.134.4.			IN	A

;; AUTHORITY SECTION:
.			136	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032001 1800 900 604800 86400

;; Query time: 99 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 21 16:04:16 CST 2020
;; MSG SIZE  rcvd: 117

Host info

4.134.243.162.in-addr.arpa domain name pointer zg-0312c-460.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
4.134.243.162.in-addr.arpa	name = zg-0312c-460.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
168.138.221.133	attackspam	(sshd) Failed SSH login from 168.138.221.133 (JP/Japan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 19 00:00:41 amsweb01 sshd[25367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.138.221.133 user=admin Aug 19 00:00:43 amsweb01 sshd[25367]: Failed password for admin from 168.138.221.133 port 33832 ssh2 Aug 19 00:04:43 amsweb01 sshd[25969]: Invalid user code from 168.138.221.133 port 42496 Aug 19 00:04:45 amsweb01 sshd[25969]: Failed password for invalid user code from 168.138.221.133 port 42496 ssh2 Aug 19 00:08:43 amsweb01 sshd[26595]: Invalid user sss from 168.138.221.133 port 51152	2020-08-19 07:33:16
81.22.189.115	attackbotsspam	HTTP DDOS	2020-08-19 07:04:39
111.229.93.104	attack	Aug 18 19:52:50 firewall sshd[9761]: Invalid user tomek from 111.229.93.104 Aug 18 19:52:52 firewall sshd[9761]: Failed password for invalid user tomek from 111.229.93.104 port 53892 ssh2 Aug 18 19:56:27 firewall sshd[9847]: Invalid user train1 from 111.229.93.104 ...	2020-08-19 07:29:17
184.105.139.77	attack	srv02 Mass scanning activity detected Target: 1900 ..	2020-08-19 07:25:32
192.99.175.123	attack	TCP (SYN) 192.99.175.123:61652 -> port 465, len 52	2020-08-19 07:20:34
36.189.255.162	attackspambots	2020-08-18T22:38:55.045621n23.at sshd[2476700]: Invalid user benson from 36.189.255.162 port 43774 2020-08-18T22:38:57.756990n23.at sshd[2476700]: Failed password for invalid user benson from 36.189.255.162 port 43774 ssh2 2020-08-18T22:45:11.124359n23.at sshd[2482339]: Invalid user adminftp from 36.189.255.162 port 37525 ...	2020-08-19 07:24:53
51.15.46.152	attack	Aug 18 23:36:55 rocket sshd[14413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.46.152 Aug 18 23:36:57 rocket sshd[14413]: Failed password for invalid user ts3 from 51.15.46.152 port 42464 ssh2 Aug 18 23:37:42 rocket sshd[14472]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.46.152 ...	2020-08-19 06:58:41
213.85.10.78	attackbots	Tried our host z.	2020-08-19 07:27:05
5.190.50.103	attackspam	Attempted Brute Force (dovecot)	2020-08-19 07:31:44
156.215.151.112	attack	Suspicious logins to o365	2020-08-19 07:32:13
152.136.98.80	attack	Fail2Ban Ban Triggered	2020-08-19 07:32:42
159.89.181.61	attackspambots	Aug 18 20:41:07 localhost sshd[6837]: Invalid user wuf from 159.89.181.61 port 47608 Aug 18 20:41:07 localhost sshd[6837]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.181.61 Aug 18 20:41:07 localhost sshd[6837]: Invalid user wuf from 159.89.181.61 port 47608 Aug 18 20:41:08 localhost sshd[6837]: Failed password for invalid user wuf from 159.89.181.61 port 47608 ssh2 Aug 18 20:50:07 localhost sshd[7795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.181.61 user=root Aug 18 20:50:09 localhost sshd[7795]: Failed password for root from 159.89.181.61 port 34976 ssh2 ...	2020-08-19 07:05:43
77.41.229.216	attackspam	Port scanning	2020-08-19 07:33:03
110.16.76.213	attackbotsspam	2020-08-19T00:45:05.002432+02:00 sshd[3820]: Failed password for invalid user mary from 110.16.76.213 port 62001 ssh2	2020-08-19 07:12:57
123.157.165.58	attack	Unauthorised access (Aug 18) SRC=123.157.165.58 LEN=48 TTL=110 ID=10011 DF TCP DPT=1433 WINDOW=65535 SYN	2020-08-19 07:03:41

Recently Reported IPs

148.113.35.225	117.89.13.55	218.176.64.167	42.238.187.212
91.233.117.43	175.5.158.189	111.229.164.224	109.125.140.138
228.9.81.216	188.173.97.144	18.230.75.1	137.197.153.60
128.161.41.5	150.125.156.148	128.18.250.17	62.156.165.129
234.145.221.232	141.152.45.222	167.217.81.123	16.212.235.77