162.243.134.66

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	ssh brute force	2020-02-23 04:30:39

Comments on same subnet:

IP	Type	Details	Datetime
162.243.134.57	attack	Malicious IP	2024-04-30 13:38:55
162.243.134.31	attack	Apr 28 07:00:37 askasleikir sshd[20315]: Connection closed by 162.243.134.31 port 41312 [preauth]	2020-04-28 20:46:56
162.243.134.4	attackspam	scans once in preceeding hours on the ports (in chronological order) 5800 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:28:29
162.243.134.59	attackspambots	scans once in preceeding hours on the ports (in chronological order) 2049 resulting in total of 50 scans from 162.243.0.0/16 block.	2020-04-25 23:28:12
162.243.134.25	attackbots	Port scan(s) denied	2020-04-22 17:32:16
162.243.134.59	attack	20/4/18@16:43:59: FAIL: Alarm-SSH address from=162.243.134.59 ...	2020-04-19 06:11:22
162.243.134.17	attackbotsspam	Port Scan: Events[1] countPorts[1]: 7210 ..	2020-04-15 21:43:05
162.243.134.25	attackspambots	Unauthorized connection attempt detected from IP address 162.243.134.25 to port 7574	2020-04-15 01:13:56
162.243.134.31	attackbots	Unauthorized connection attempt detected from IP address 162.243.134.31 to port 22	2020-04-14 17:40:01
162.243.134.36	attackspambots	firewall-block, port(s): 1583/tcp	2020-04-09 00:39:08
162.243.134.30	attackbots	firewall-block, port(s): 65197/tcp	2020-04-06 09:26:48
162.243.134.56	attackbotsspam	9160/tcp 3001/tcp 6379/tcp... [2020-03-14/04-04]28pkt,25pt.(tcp),1pt.(udp)	2020-04-06 04:10:33
162.243.134.15	attackspam	Unauthorized connection attempt detected from IP address 162.243.134.15 to port 5007	2020-04-06 04:04:33
162.243.134.15	attackbotsspam	[SMTP/25/465/587 Probe] TLS/SSL handshake failed:[ wrong version number] *(03281322)	2020-03-28 18:32:08
162.243.134.30	attack	firewall-block, port(s): 8889/tcp	2020-03-27 16:07:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.134.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31962
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.134.66.			IN	A

;; AUTHORITY SECTION:
.			566	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022200 1800 900 604800 86400

;; Query time: 82 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 23 04:30:36 CST 2020
;; MSG SIZE  rcvd: 118

Host info

66.134.243.162.in-addr.arpa domain name pointer zg0213a-399.stretchoid.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.134.243.162.in-addr.arpa	name = zg0213a-399.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
151.80.41.64	attackbots	$f2bV_matches	2020-04-19 18:23:04
123.206.104.162	attackspambots	Apr 19 07:46:33 legacy sshd[30312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.104.162 Apr 19 07:46:34 legacy sshd[30312]: Failed password for invalid user tb from 123.206.104.162 port 35456 ssh2 Apr 19 07:52:47 legacy sshd[30402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.104.162 ...	2020-04-19 18:38:15
27.2.208.85	attackbotsspam	Unauthorised access (Apr 19) SRC=27.2.208.85 LEN=52 TTL=111 ID=5860 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-19 18:11:28
111.230.236.93	attack	Apr 19 11:12:30 Invalid user test from 111.230.236.93 port 51436	2020-04-19 18:22:13
206.189.98.225	attackspam	SSH login attempts.	2020-04-19 18:50:41
13.92.102.210	attack	Invalid user gittest from 13.92.102.210 port 47322	2020-04-19 18:14:01
42.159.228.125	attack	Apr 19 12:21:13 ncomp sshd[11086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.159.228.125 user=root Apr 19 12:21:15 ncomp sshd[11086]: Failed password for root from 42.159.228.125 port 34755 ssh2 Apr 19 12:30:24 ncomp sshd[11274]: Invalid user na from 42.159.228.125	2020-04-19 18:47:54
163.172.230.4	attackspambots	[2020-04-19 06:22:33] NOTICE[1170][C-0000210d] chan_sip.c: Call from '' (163.172.230.4:56577) to extension '96011972592277524' rejected because extension not found in context 'public'. [2020-04-19 06:22:33] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T06:22:33.340-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="96011972592277524",SessionID="0x7f6c082b17a8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/163.172.230.4/56577",ACLName="no_extension_match" [2020-04-19 06:25:08] NOTICE[1170][C-0000210f] chan_sip.c: Call from '' (163.172.230.4:54112) to extension '97011972592277524' rejected because extension not found in context 'public'. [2020-04-19 06:25:08] SECURITY[1184] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-04-19T06:25:08.378-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="97011972592277524",SessionID="0x7f6c0825cda8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="I ...	2020-04-19 18:48:20
70.65.174.69	attackspambots	(sshd) Failed SSH login from 70.65.174.69 (CA/Canada/S010674d02b6537a8.rd.shawcable.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 19 11:22:18 amsweb01 sshd[22244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.65.174.69 user=root Apr 19 11:22:20 amsweb01 sshd[22244]: Failed password for root from 70.65.174.69 port 52404 ssh2 Apr 19 11:26:59 amsweb01 sshd[22931]: Invalid user xn from 70.65.174.69 port 45958 Apr 19 11:27:01 amsweb01 sshd[22931]: Failed password for invalid user xn from 70.65.174.69 port 45958 ssh2 Apr 19 11:31:20 amsweb01 sshd[23539]: Invalid user test from 70.65.174.69 port 35624	2020-04-19 18:19:49
213.32.10.226	attackbots	Apr 19 10:48:46 ns382633 sshd\[20794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.10.226 user=root Apr 19 10:48:47 ns382633 sshd\[20794\]: Failed password for root from 213.32.10.226 port 49200 ssh2 Apr 19 11:00:26 ns382633 sshd\[23674\]: Invalid user by from 213.32.10.226 port 37678 Apr 19 11:00:26 ns382633 sshd\[23674\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.10.226 Apr 19 11:00:28 ns382633 sshd\[23674\]: Failed password for invalid user by from 213.32.10.226 port 37678 ssh2	2020-04-19 18:11:57
185.156.73.52	attackbotsspam	04/19/2020-05:44:58.974536 185.156.73.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-19 18:43:27
185.153.197.103	attackbotsspam	Apr 19 12:09:23 debian-2gb-nbg1-2 kernel: \[9549931.167291\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.153.197.103 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=47124 PROTO=TCP SPT=51692 DPT=23500 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-19 18:47:10
17.58.101.180	attack	[19/Apr/2020:05:49:09 +0200] Web-Request: "GET /apple-app-site-association", User-Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5 (Applebot/0.1; +http://www.apple.com/go/applebot)"	2020-04-19 18:29:09
94.195.234.37	attackbots	Hits on port : 8080	2020-04-19 18:34:00
60.178.120.130	attackbotsspam	(ftpd) Failed FTP login from 60.178.120.130 (CN/China/130.120.178.60.broad.nb.zj.dynamic.163data.com.cn): 10 in the last 3600 secs	2020-04-19 18:28:54

Recently Reported IPs

121.33.48.63	107.181.77.95	216.31.212.99	106.202.152.217
202.59.49.82	209.36.31.153	166.164.134.154	184.106.129.160
78.177.72.136	126.176.91.180	89.214.210.245	110.15.138.207
93.20.74.186	80.29.159.183	182.232.235.107	78.246.184.26
32.55.50.101	113.161.86.231	70.23.57.216	1.21.212.103