162.243.149.130

Basic Info

City: San Francisco

Region: California

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: DigitalOcean, LLC

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port scan: Attack repeated for 24 hours	2019-08-11 09:37:32
attackspambots	[portscan] tcp/115 [sftp] *(RWIN=65535)(08041230)	2019-08-04 23:28:17
attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-29 15:13:39
attackbots	27357/tcp 59911/tcp 41498/tcp... [2019-04-22/06-23]64pkt,50pt.(tcp),3pt.(udp)	2019-06-24 00:09:31

Comments on same subnet:

IP	Type	Details	Datetime
162.243.149.151	attackbotsspam	Thu 29 05:46:44 52239/tcp	2019-08-30 03:07:14
162.243.149.151	attackspambots	1565900481 - 08/15/2019 22:21:21 Host: zg-0403-57.stretchoid.com/162.243.149.151 Port: 5093 UDP Blocked	2019-08-16 04:39:31
162.243.149.252	attackbots	20/tcp 25877/tcp 5351/udp... [2019-06-12/08-11]79pkt,63pt.(tcp),3pt.(udp)	2019-08-13 02:44:28
162.243.149.151	attackbotsspam	scan z	2019-08-12 05:38:20
162.243.149.6	attackbots	firewall-block, port(s): 40331/tcp	2019-08-04 23:28:50
162.243.149.6	attackspam	Port Scan detected from 162.243.149.6 (US/United States/zg-0403-19.stretchoid.com). 4 hits in the last 245 seconds	2019-07-30 13:24:01
162.243.149.252	attack	Port scan: Attack repeated for 24 hours	2019-07-09 15:40:14
162.243.149.170	attack	scan z	2019-07-07 04:15:29
162.243.149.232	attack	02.07.2019 23:15:59 Connection to port 3128 blocked by firewall	2019-07-03 09:28:56
162.243.149.170	attackspambots	Port scan: Attack repeated for 24 hours	2019-06-27 08:54:00
162.243.149.170	attackspam	" "	2019-06-25 02:08:53

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.149.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20523
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.149.130.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 29 00:47:16 +08 2019
;; MSG SIZE  rcvd: 119

Host info

130.149.243.162.in-addr.arpa domain name pointer zg-0403-53.stretchoid.com.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
130.149.243.162.in-addr.arpa	name = zg-0403-53.stretchoid.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
207.154.225.170	attackbotsspam	2019-09-09T07:50:34.203352abusebot-2.cloudsearch.cf sshd\[9302\]: Invalid user jenkins from 207.154.225.170 port 49580	2019-09-09 16:43:36
150.95.212.72	attackbotsspam	Sep 9 09:45:40 ArkNodeAT sshd\[27956\]: Invalid user testing from 150.95.212.72 Sep 9 09:45:40 ArkNodeAT sshd\[27956\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.95.212.72 Sep 9 09:45:43 ArkNodeAT sshd\[27956\]: Failed password for invalid user testing from 150.95.212.72 port 47216 ssh2	2019-09-09 16:17:44
50.209.176.166	attackbots	Sep 9 09:55:36 mout sshd[17010]: Invalid user steam from 50.209.176.166 port 58640	2019-09-09 16:02:46
103.137.87.86	attack	Sep 9 04:22:16 TORMINT sshd\[23416\]: Invalid user sysadmin from 103.137.87.86 Sep 9 04:22:16 TORMINT sshd\[23416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.137.87.86 Sep 9 04:22:18 TORMINT sshd\[23416\]: Failed password for invalid user sysadmin from 103.137.87.86 port 50020 ssh2 ...	2019-09-09 16:28:36
104.42.27.187	attackspam	Sep 8 22:39:32 kapalua sshd\[21278\]: Invalid user admin from 104.42.27.187 Sep 8 22:39:32 kapalua sshd\[21278\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187 Sep 8 22:39:34 kapalua sshd\[21278\]: Failed password for invalid user admin from 104.42.27.187 port 1408 ssh2 Sep 8 22:46:39 kapalua sshd\[21960\]: Invalid user server from 104.42.27.187 Sep 8 22:46:39 kapalua sshd\[21960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.42.27.187	2019-09-09 16:47:04
139.59.41.6	attackbotsspam	Sep 8 21:49:35 php2 sshd\[11329\]: Invalid user zabbix from 139.59.41.6 Sep 8 21:49:35 php2 sshd\[11329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.6 Sep 8 21:49:37 php2 sshd\[11329\]: Failed password for invalid user zabbix from 139.59.41.6 port 35148 ssh2 Sep 8 21:57:01 php2 sshd\[12318\]: Invalid user guest1 from 139.59.41.6 Sep 8 21:57:01 php2 sshd\[12318\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.41.6	2019-09-09 16:17:59
162.144.82.231	attack	WordPress wp-login brute force :: 162.144.82.231 0.048 BYPASS [09/Sep/2019:14:37:35 1000] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-09-09 16:16:36
112.160.43.64	attackbotsspam	Sep 9 03:54:01 xtremcommunity sshd\[126560\]: Invalid user ubuntu from 112.160.43.64 port 54728 Sep 9 03:54:01 xtremcommunity sshd\[126560\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.160.43.64 Sep 9 03:54:02 xtremcommunity sshd\[126560\]: Failed password for invalid user ubuntu from 112.160.43.64 port 54728 ssh2 Sep 9 04:01:28 xtremcommunity sshd\[126866\]: Invalid user odoo from 112.160.43.64 port 60556 Sep 9 04:01:28 xtremcommunity sshd\[126866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.160.43.64 ...	2019-09-09 16:14:52
77.37.179.243	attack	[portscan] Port scan	2019-09-09 16:00:17
62.216.233.132	attackbotsspam	Triggered by Fail2Ban at Ares web server	2019-09-09 16:35:27
164.160.34.111	attackspambots	Sep 9 04:01:14 plusreed sshd[16402]: Invalid user 83 from 164.160.34.111 ...	2019-09-09 16:10:18
218.56.110.203	attackbots	2019-09-09T07:28:02.960580abusebot-6.cloudsearch.cf sshd\[4408\]: Invalid user ubuntu from 218.56.110.203 port 58784	2019-09-09 16:41:36
61.54.197.133	attackbotsspam	Sep 9 01:37:11 ws19vmsma01 sshd[69831]: Failed password for root from 61.54.197.133 port 56974 ssh2 Sep 9 01:37:22 ws19vmsma01 sshd[69831]: error: maximum authentication attempts exceeded for root from 61.54.197.133 port 56974 ssh2 [preauth] ...	2019-09-09 16:23:45
13.94.57.155	attack	2019-09-09T12:59:17.258310enmeeting.mahidol.ac.th sshd\[12156\]: Invalid user ts3 from 13.94.57.155 port 54388 2019-09-09T12:59:17.271362enmeeting.mahidol.ac.th sshd\[12156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.57.155 2019-09-09T12:59:19.114756enmeeting.mahidol.ac.th sshd\[12156\]: Failed password for invalid user ts3 from 13.94.57.155 port 54388 ssh2 ...	2019-09-09 16:12:12
104.248.65.180	attackspam	Sep 9 10:17:19 s64-1 sshd[3454]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180 Sep 9 10:17:21 s64-1 sshd[3454]: Failed password for invalid user teamspeak from 104.248.65.180 port 32982 ssh2 Sep 9 10:25:33 s64-1 sshd[3725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.65.180 ...	2019-09-09 16:34:03

Recently Reported IPs

140.143.238.12	122.242.224.56	106.132.148.179	50.76.255.241
94.49.145.95	200.147.41.211	54.71.39.113	185.36.81.182
40.231.136.203	121.54.174.211	193.197.17.161	71.8.186.75
91.100.176.255	103.47.218.76	84.217.83.135	212.99.96.196
77.42.73.158	173.113.40.118	42.236.10.107	23.19.209.179