162.243.149.130

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port scan: Attack repeated for 24 hours	2019-08-11 09:37:32
attackspambots	[portscan] tcp/115 [sftp] *(RWIN=65535)(08041230)	2019-08-04 23:28:17
attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-29 15:13:39
attackbots	27357/tcp 59911/tcp 41498/tcp... [2019-04-22/06-23]64pkt,50pt.(tcp),3pt.(udp)	2019-06-24 00:09:31

Comments on same subnet:

IP	Type	Details	Datetime
162.243.149.151	attackbotsspam	Thu 29 05:46:44 52239/tcp	2019-08-30 03:07:14
162.243.149.151	attackspambots	1565900481 - 08/15/2019 22:21:21 Host: zg-0403-57.stretchoid.com/162.243.149.151 Port: 5093 UDP Blocked	2019-08-16 04:39:31
162.243.149.252	attackbots	20/tcp 25877/tcp 5351/udp... [2019-06-12/08-11]79pkt,63pt.(tcp),3pt.(udp)	2019-08-13 02:44:28
162.243.149.151	attackbotsspam	scan z	2019-08-12 05:38:20
162.243.149.6	attackbots	firewall-block, port(s): 40331/tcp	2019-08-04 23:28:50
162.243.149.6	attackspam	Port Scan detected from 162.243.149.6 (US/United States/zg-0403-19.stretchoid.com). 4 hits in the last 245 seconds	2019-07-30 13:24:01
162.243.149.252	attack	Port scan: Attack repeated for 24 hours	2019-07-09 15:40:14
162.243.149.170	attack	scan z	2019-07-07 04:15:29
162.243.149.232	attack	02.07.2019 23:15:59 Connection to port 3128 blocked by firewall	2019-07-03 09:28:56
162.243.149.170	attackspambots	Port scan: Attack repeated for 24 hours	2019-06-27 08:54:00
162.243.149.170	attackspam	" "	2019-06-25 02:08:53

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.149.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20523
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.149.130.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 00:47:16 +08 2019
;; MSG SIZE  rcvd: 119

Host info

130.149.243.162.in-addr.arpa domain name pointer zg-0403-53.stretchoid.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
130.149.243.162.in-addr.arpa	name = zg-0403-53.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
41.93.50.8	attack	Feb 23 01:35:22 ns382633 sshd\[15326\]: Invalid user handsdata from 41.93.50.8 port 33502 Feb 23 01:35:22 ns382633 sshd\[15326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.93.50.8 Feb 23 01:35:24 ns382633 sshd\[15326\]: Failed password for invalid user handsdata from 41.93.50.8 port 33502 ssh2 Feb 23 01:49:12 ns382633 sshd\[17331\]: Invalid user bananapi from 41.93.50.8 port 51372 Feb 23 01:49:12 ns382633 sshd\[17331\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.93.50.8	2020-02-23 08:54:57
181.120.246.83	attackbotsspam	Feb 23 00:51:33 lnxded63 sshd[8315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.120.246.83 Feb 23 00:51:35 lnxded63 sshd[8315]: Failed password for invalid user testftp from 181.120.246.83 port 47494 ssh2 Feb 23 00:58:22 lnxded63 sshd[8788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.120.246.83	2020-02-23 08:21:22
185.143.223.76	attack	ET SCAN MS Terminal Server Traffic on Non-standard Port - port: 10000 proto: TCP cat: Attempted Information Leak	2020-02-23 08:43:38
154.83.29.6	attack	Feb 22 17:03:38 ws19vmsma01 sshd[233563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.83.29.6 Feb 22 17:03:40 ws19vmsma01 sshd[233563]: Failed password for invalid user test from 154.83.29.6 port 55362 ssh2 ...	2020-02-23 08:22:01
198.71.239.17	attackbots	Automatic report - XMLRPC Attack	2020-02-23 08:17:52
190.255.39.38	attackbots	Unauthorised access (Feb 22) SRC=190.255.39.38 LEN=40 TTL=242 ID=11112 TCP DPT=1433 WINDOW=1024 SYN	2020-02-23 08:40:43
159.65.111.89	attackspambots	SSH Brute Force	2020-02-23 08:25:45
88.198.106.145	attack	Feb 22 01:40:26 emma postfix/smtpd[28934]: connect from static.88-198-106-145.clients.your-server.de[88.198.106.145] Feb x@x Feb 22 01:40:27 emma postfix/smtpd[28934]: disconnect from static.88-198-106-145.clients.your-server.de[88.198.106.145] Feb 22 01:45:29 emma postfix/smtpd[29721]: connect from static.88-198-106-145.clients.your-server.de[88.198.106.145] Feb x@x Feb 22 01:45:29 emma postfix/smtpd[29721]: disconnect from static.88-198-106-145.clients.your-server.de[88.198.106.145] Feb 22 01:48:49 emma postfix/anvil[29722]: statistics: max connection rate 1/60s for (smtp:88.198.106.145) at Feb 22 01:45:29 Feb 22 01:48:49 emma postfix/anvil[29722]: statistics: max connection count 1 for (smtp:88.198.106.145) at Feb 22 01:45:29 Feb 22 13:30:52 emma postfix/smtpd[15031]: connect from static.88-198-106-145.clients.your-server.de[88.198.106.145] Feb x@x Feb 22 13:30:52 emma postfix/smtpd[15031]: disconnect from static.88-198-106-145.clients.your-server.de[88.198.106.145] ........ -------------------------------	2020-02-23 08:19:10
180.76.242.171	attackspambots	2020-02-22T18:27:07.186139abusebot.cloudsearch.cf sshd[14708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.242.171 user=root 2020-02-22T18:27:08.620840abusebot.cloudsearch.cf sshd[14708]: Failed password for root from 180.76.242.171 port 39384 ssh2 2020-02-22T18:29:40.640175abusebot.cloudsearch.cf sshd[14925]: Invalid user uucp from 180.76.242.171 port 56570 2020-02-22T18:29:40.645073abusebot.cloudsearch.cf sshd[14925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.242.171 2020-02-22T18:29:40.640175abusebot.cloudsearch.cf sshd[14925]: Invalid user uucp from 180.76.242.171 port 56570 2020-02-22T18:29:42.753140abusebot.cloudsearch.cf sshd[14925]: Failed password for invalid user uucp from 180.76.242.171 port 56570 ssh2 2020-02-22T18:32:04.921854abusebot.cloudsearch.cf sshd[15157]: Invalid user jinhaoxuan from 180.76.242.171 port 45524 ...	2020-02-23 08:23:49
77.50.186.38	attackbotsspam	firewall-block, port(s): 445/tcp	2020-02-23 08:19:44
50.63.196.26	attackspam	Automatic report - XMLRPC Attack	2020-02-23 08:20:08
118.212.213.119	attackspambots	Automatic report - Port Scan	2020-02-23 08:18:13
46.101.43.224	attackbotsspam	Invalid user sinusbot from 46.101.43.224 port 60098	2020-02-23 08:37:49
198.108.67.52	attack	firewall-block, port(s): 3555/tcp	2020-02-23 08:39:36
51.91.156.199	attackspambots	" "	2020-02-23 08:36:35

Recently Reported IPs

140.143.238.12	122.242.224.56	106.132.148.179	50.76.255.241
94.49.145.95	200.147.41.211	54.71.39.113	185.36.81.182
40.231.136.203	121.54.174.211	193.197.17.161	71.8.186.75
91.100.176.255	103.47.218.76	84.217.83.135	212.99.96.196
77.42.73.158	173.113.40.118	42.236.10.107	23.19.209.179