162.243.4.134 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 2 10:28:14 server sshd\[173755\]: Invalid user jun from 162.243.4.134 Jul 2 10:28:14 server sshd\[173755\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Jul 2 10:28:15 server sshd\[173755\]: Failed password for invalid user jun from 162.243.4.134 port 46660 ssh2 ...	2019-10-09 16:13:42
attack	fail2ban	2019-09-22 02:09:23
attack	Sep 12 13:38:34 hcbb sshd\[13723\]: Invalid user admin from 162.243.4.134 Sep 12 13:38:34 hcbb sshd\[13723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Sep 12 13:38:36 hcbb sshd\[13723\]: Failed password for invalid user admin from 162.243.4.134 port 58450 ssh2 Sep 12 13:44:48 hcbb sshd\[14347\]: Invalid user admin from 162.243.4.134 Sep 12 13:44:48 hcbb sshd\[14347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134	2019-09-13 08:10:59
attackbots	/var/log/secure-20190901:Aug 28 20:22:47 XXX sshd[39918]: Invalid user benjamin from 162.243.4.134 port 47842	2019-09-11 23:09:32
attack	Sep 2 00:17:13 vps200512 sshd\[15532\]: Invalid user life from 162.243.4.134 Sep 2 00:17:13 vps200512 sshd\[15532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Sep 2 00:17:14 vps200512 sshd\[15532\]: Failed password for invalid user life from 162.243.4.134 port 33726 ssh2 Sep 2 00:20:52 vps200512 sshd\[15668\]: Invalid user zaleski from 162.243.4.134 Sep 2 00:20:52 vps200512 sshd\[15668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134	2019-09-02 12:29:19
attack	Aug 31 02:26:01 aiointranet sshd\[12643\]: Invalid user bigman from 162.243.4.134 Aug 31 02:26:01 aiointranet sshd\[12643\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Aug 31 02:26:03 aiointranet sshd\[12643\]: Failed password for invalid user bigman from 162.243.4.134 port 54212 ssh2 Aug 31 02:30:19 aiointranet sshd\[13045\]: Invalid user wp from 162.243.4.134 Aug 31 02:30:19 aiointranet sshd\[13045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134	2019-08-31 20:40:20
attack	Aug 25 10:10:58 herz-der-gamer sshd[15426]: Invalid user kpaul from 162.243.4.134 port 41728 Aug 25 10:10:58 herz-der-gamer sshd[15426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Aug 25 10:10:58 herz-der-gamer sshd[15426]: Invalid user kpaul from 162.243.4.134 port 41728 Aug 25 10:11:00 herz-der-gamer sshd[15426]: Failed password for invalid user kpaul from 162.243.4.134 port 41728 ssh2 ...	2019-08-25 19:27:11
attack	Aug 12 06:46:30 * sshd[10038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Aug 12 06:46:33 * sshd[10038]: Failed password for invalid user publisher from 162.243.4.134 port 48780 ssh2	2019-08-12 13:27:03
attack	Jul 19 01:59:41 plusreed sshd[21778]: Invalid user steam from 162.243.4.134 ...	2019-07-19 15:37:29
attackbots	Jul 18 08:24:51 plusreed sshd[8275]: Invalid user support from 162.243.4.134 ...	2019-07-18 20:32:27
attackspam	Jul 18 00:37:59 MK-Soft-VM5 sshd\[425\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 user=root Jul 18 00:38:02 MK-Soft-VM5 sshd\[425\]: Failed password for root from 162.243.4.134 port 39460 ssh2 Jul 18 00:42:27 MK-Soft-VM5 sshd\[452\]: Invalid user ubnt from 162.243.4.134 port 36824 ...	2019-07-18 08:48:23
attackspambots	Jul 7 13:37:28 MK-Soft-VM3 sshd\[21140\]: Invalid user keng from 162.243.4.134 port 52922 Jul 7 13:37:28 MK-Soft-VM3 sshd\[21140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Jul 7 13:37:29 MK-Soft-VM3 sshd\[21140\]: Failed password for invalid user keng from 162.243.4.134 port 52922 ssh2 ...	2019-07-08 02:11:18
attackbots	Jul 2 06:17:06 localhost sshd\[16207\]: Invalid user dasusr1 from 162.243.4.134 port 53230 Jul 2 06:17:06 localhost sshd\[16207\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 ...	2019-07-02 15:42:26
attackspam	Jun 28 15:37:18 nextcloud sshd\[16600\]: Invalid user sang from 162.243.4.134 Jun 28 15:37:18 nextcloud sshd\[16600\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.4.134 Jun 28 15:37:19 nextcloud sshd\[16600\]: Failed password for invalid user sang from 162.243.4.134 port 32794 ssh2 ...	2019-06-29 05:35:43

Comments on same subnet:

IP	Type	Details	Datetime
162.243.42.225	attackbots	2020-09-25T18:49:09.3420041495-001 sshd[44787]: Invalid user frappe from 162.243.42.225 port 53566 2020-09-25T18:49:09.3450321495-001 sshd[44787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 2020-09-25T18:49:09.3420041495-001 sshd[44787]: Invalid user frappe from 162.243.42.225 port 53566 2020-09-25T18:49:11.6215341495-001 sshd[44787]: Failed password for invalid user frappe from 162.243.42.225 port 53566 ssh2 2020-09-25T18:54:31.5499451495-001 sshd[44965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 user=root 2020-09-25T18:54:32.6974861495-001 sshd[44965]: Failed password for root from 162.243.42.225 port 35548 ssh2 ...	2020-09-26 07:39:47
162.243.42.225	attackbotsspam	TCP (SYN) 162.243.42.225:50965 -> port 31302, len 44	2020-09-26 00:52:51
162.243.42.225	attackbots	Sep 25 08:42:46 jane sshd[8685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Sep 25 08:42:48 jane sshd[8685]: Failed password for invalid user git from 162.243.42.225 port 54698 ssh2 ...	2020-09-25 16:28:56
162.243.42.225	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 3684 resulting in total of 5 scans from 162.243.0.0/16 block.	2020-09-08 20:37:59
162.243.42.225	attackbotsspam	firewall-block, port(s): 3684/tcp	2020-09-08 12:31:05
162.243.42.225	attackspam	Aug 21 06:10:06 OPSO sshd\[23690\]: Invalid user tb from 162.243.42.225 port 56850 Aug 21 06:10:06 OPSO sshd\[23690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Aug 21 06:10:08 OPSO sshd\[23690\]: Failed password for invalid user tb from 162.243.42.225 port 56850 ssh2 Aug 21 06:15:28 OPSO sshd\[25370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 user=root Aug 21 06:15:29 OPSO sshd\[25370\]: Failed password for root from 162.243.42.225 port 38184 ssh2	2020-08-21 12:20:26
162.243.42.225	attackspambots	Aug 20 15:21:33 PorscheCustomer sshd[20980]: Failed password for root from 162.243.42.225 port 56044 ssh2 Aug 20 15:24:43 PorscheCustomer sshd[21070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Aug 20 15:24:44 PorscheCustomer sshd[21070]: Failed password for invalid user rdy from 162.243.42.225 port 38754 ssh2 ...	2020-08-20 21:39:12
162.243.42.225	attack	srv02 Mass scanning activity detected Target: 31056 ..	2020-08-15 23:54:53
162.243.42.225	attackspam	Aug 8 05:58:40 debian-2gb-nbg1-2 kernel: \[19117568.050875\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=162.243.42.225 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=9172 PROTO=TCP SPT=52605 DPT=2969 WINDOW=1024 RES=0x00 SYN URGP=0	2020-08-08 12:52:35
162.243.42.225	attackbotsspam	Port Scan ...	2020-07-29 23:50:48
162.243.41.77	attackbots	TCP ports : 21412 / 29757	2020-07-29 18:32:23
162.243.42.225	attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-07-27 19:37:41
162.243.42.225	attackspam	(sshd) Failed SSH login from 162.243.42.225 (US/United States/-): 5 in the last 3600 secs	2020-07-25 06:18:12
162.243.42.225	attack	Jul 24 00:09:02 inter-technics sshd[28962]: Invalid user ubuntu from 162.243.42.225 port 56316 Jul 24 00:09:02 inter-technics sshd[28962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Jul 24 00:09:02 inter-technics sshd[28962]: Invalid user ubuntu from 162.243.42.225 port 56316 Jul 24 00:09:04 inter-technics sshd[28962]: Failed password for invalid user ubuntu from 162.243.42.225 port 56316 ssh2 Jul 24 00:14:53 inter-technics sshd[29328]: Invalid user david from 162.243.42.225 port 41130 ...	2020-07-24 07:18:32
162.243.42.225	attack	odoo8 ...	2020-07-07 01:05:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.243.4.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41958
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;162.243.4.134.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061702 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 18 20:44:02 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 134.4.243.162.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 134.4.243.162.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.153.37.194	attackbotsspam	20 attempts against mh-ssh on cloud	2020-10-04 04:04:14
114.4.227.194	attackbotsspam	Oct 3 18:57:06 scw-focused-cartwright sshd[32121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.4.227.194 Oct 3 18:57:08 scw-focused-cartwright sshd[32121]: Failed password for invalid user test from 114.4.227.194 port 55182 ssh2	2020-10-04 04:01:20
116.68.160.114	attackbotsspam	$f2bV_matches	2020-10-04 03:46:16
185.147.215.8	attackspambots	[2020-10-03 15:27:48] NOTICE[1182] chan_sip.c: Registration from '' failed for '185.147.215.8:62795' - Wrong password [2020-10-03 15:27:48] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-03T15:27:48.740-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1187",SessionID="0x7f22f8572958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/62795",Challenge="3bb27028",ReceivedChallenge="3bb27028",ReceivedHash="c1ce44241726deb187a6f815d46f2148" [2020-10-03 15:30:22] NOTICE[1182] chan_sip.c: Registration from '' failed for '185.147.215.8:58486' - Wrong password [2020-10-03 15:30:22] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-03T15:30:22.260-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1091",SessionID="0x7f22f8572958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8 ...	2020-10-04 03:50:51
222.174.213.180	attackbots	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-04 04:07:43
106.75.247.206	attackspam	Oct 3 08:50:39 php1 sshd\[30929\]: Invalid user user2 from 106.75.247.206 Oct 3 08:50:39 php1 sshd\[30929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.247.206 Oct 3 08:50:42 php1 sshd\[30929\]: Failed password for invalid user user2 from 106.75.247.206 port 35762 ssh2 Oct 3 08:53:05 php1 sshd\[31085\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.247.206 user=root Oct 3 08:53:07 php1 sshd\[31085\]: Failed password for root from 106.75.247.206 port 44178 ssh2	2020-10-04 03:56:42
185.108.106.251	attackbots	[2020-10-03 15:47:06] NOTICE[1182] chan_sip.c: Registration from '' failed for '185.108.106.251:61270' - Wrong password [2020-10-03 15:47:06] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-03T15:47:06.135-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1463",SessionID="0x7f22f8572958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108.106.251/61270",Challenge="1ea55ed6",ReceivedChallenge="1ea55ed6",ReceivedHash="87faa1082251ccfa63ed406f4b693f30" [2020-10-03 15:47:47] NOTICE[1182] chan_sip.c: Registration from '' failed for '185.108.106.251:52549' - Wrong password [2020-10-03 15:47:47] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-03T15:47:47.765-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3646",SessionID="0x7f22f83b6678",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.108 ...	2020-10-04 03:49:59
218.92.0.207	attack	2020-10-03T15:31:02.952454xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:00.772314xentho-1 sshd[1157245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-10-03T15:31:02.952454xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:05.889374xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:00.772314xentho-1 sshd[1157245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.207 user=root 2020-10-03T15:31:02.952454xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:05.889374xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:31:09.700330xentho-1 sshd[1157245]: Failed password for root from 218.92.0.207 port 50906 ssh2 2020-10-03T15:34:03.87 ...	2020-10-04 03:52:12
51.89.148.69	attack	$f2bV_matches	2020-10-04 03:41:59
115.159.214.200	attackspam	SSH Brute-Force attacks	2020-10-04 04:10:27
223.99.203.186	attackbotsspam	Automatic report - Banned IP Access	2020-10-04 04:10:47
157.230.89.133	attackspambots	Scanned 1 times in the last 24 hours on port 22	2020-10-04 03:57:48
45.227.255.204	attackbotsspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-03T19:33:40Z	2020-10-04 03:49:25
124.253.137.204	attack	Bruteforce detected by fail2ban	2020-10-04 04:06:56
162.243.128.166	attackspambots	Found on CINS badguys / proto=6 . srcport=57442 . dstport=9000 . (1826)	2020-10-04 04:08:35

Recently Reported IPs

123.57.12.19	114.233.120.6	222.234.2.134	130.61.119.68
46.101.69.51	106.75.122.81	31.44.89.132	124.159.151.58
202.137.155.100	189.125.67.102	193.112.19.164	216.83.56.179
43.229.61.215	194.204.236.164	86.127.159.135	182.176.186.217
58.151.77.38	124.158.175.50	141.105.66.252	191.53.251.141