167.99.74.164 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Singapore

Internet Service Provider: DigitalOcean LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	24.07.2019 06:01:54 SSH access blocked by firewall	2019-07-24 14:16:18
attack	Jul 24 05:26:02 server sshd\[16333\]: Invalid user dev from 167.99.74.164 port 43670 Jul 24 05:26:02 server sshd\[16333\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164 Jul 24 05:26:04 server sshd\[16333\]: Failed password for invalid user dev from 167.99.74.164 port 43670 ssh2 Jul 24 05:31:22 server sshd\[14870\]: Invalid user raymond from 167.99.74.164 port 38842 Jul 24 05:31:22 server sshd\[14870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164	2019-07-24 10:36:25
attackspambots	Jul 23 04:11:32 yabzik sshd[11768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164 Jul 23 04:11:34 yabzik sshd[11768]: Failed password for invalid user nagios from 167.99.74.164 port 56914 ssh2 Jul 23 04:16:57 yabzik sshd[13459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164	2019-07-23 09:19:43

Type

Details

Datetime

attack

24.07.2019 06:01:54 SSH access blocked by firewall

2019-07-24 14:16:18

attack

Jul 24 05:26:02 server sshd\[16333\]: Invalid user dev from 167.99.74.164 port 43670
Jul 24 05:26:02 server sshd\[16333\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164
Jul 24 05:26:04 server sshd\[16333\]: Failed password for invalid user dev from 167.99.74.164 port 43670 ssh2
Jul 24 05:31:22 server sshd\[14870\]: Invalid user raymond from 167.99.74.164 port 38842
Jul 24 05:31:22 server sshd\[14870\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164

2019-07-24 10:36:25

attackspambots

Jul 23 04:11:32 yabzik sshd[11768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164
Jul 23 04:11:34 yabzik sshd[11768]: Failed password for invalid user nagios from 167.99.74.164 port 56914 ssh2
Jul 23 04:16:57 yabzik sshd[13459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.164

2019-07-23 09:19:43

Comments on same subnet:

IP	Type	Details	Datetime
167.99.74.187	attackbotsspam	Jul 5 03:49:27 ny01 sshd[26113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 Jul 5 03:49:29 ny01 sshd[26113]: Failed password for invalid user admin from 167.99.74.187 port 34966 ssh2 Jul 5 03:53:35 ny01 sshd[26602]: Failed password for root from 167.99.74.187 port 60432 ssh2	2020-07-05 17:23:22
167.99.74.187	attackspam	srv02 Mass scanning activity detected Target: 5748 ..	2020-07-02 06:49:38
167.99.74.187	attackbots	Jun 30 12:15:44 santamaria sshd\[10025\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root Jun 30 12:15:46 santamaria sshd\[10025\]: Failed password for root from 167.99.74.187 port 58112 ssh2 Jun 30 12:19:41 santamaria sshd\[10115\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root ...	2020-06-30 18:49:37
167.99.74.187	attackspam	2020-06-02T10:31:25.9691081240 sshd\[18281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root 2020-06-02T10:31:28.7220541240 sshd\[18281\]: Failed password for root from 167.99.74.187 port 57266 ssh2 2020-06-02T10:35:18.7576571240 sshd\[18496\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root ...	2020-06-02 18:25:47
167.99.74.187	attack	Cluster member 67.227.229.95 (US/United States/saathoff.geek) said, DENY 167.99.74.187, Reason:[(sshd) Failed SSH login from 167.99.74.187 (SG/Singapore/-): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:	2020-05-31 17:59:03
167.99.74.187	attackspambots	SSH brute-force attempt	2020-05-27 14:45:05
167.99.74.187	attack	May 25 22:53:35 php1 sshd\[2095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root May 25 22:53:37 php1 sshd\[2095\]: Failed password for root from 167.99.74.187 port 40806 ssh2 May 25 22:57:47 php1 sshd\[2340\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root May 25 22:57:49 php1 sshd\[2340\]: Failed password for root from 167.99.74.187 port 45906 ssh2 May 25 23:01:54 php1 sshd\[2599\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root	2020-05-26 19:40:11
167.99.74.187	attack	Invalid user wbj from 167.99.74.187 port 60614	2020-05-25 06:34:01
167.99.74.187	attackspambots	$f2bV_matches	2020-05-12 18:49:52
167.99.74.0	attack	Trying ports that it shouldn't be.	2020-05-10 08:16:55
167.99.74.187	attackspam	2020-05-03T13:16:25.970625shield sshd\[15874\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root 2020-05-03T13:16:27.463472shield sshd\[15874\]: Failed password for root from 167.99.74.187 port 46770 ssh2 2020-05-03T13:20:38.114899shield sshd\[16822\]: Invalid user jupyter from 167.99.74.187 port 48118 2020-05-03T13:20:38.119106shield sshd\[16822\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 2020-05-03T13:20:40.344538shield sshd\[16822\]: Failed password for invalid user jupyter from 167.99.74.187 port 48118 ssh2	2020-05-03 21:26:16
167.99.74.187	attack	May 1 17:17:19 gw1 sshd[5372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 May 1 17:17:22 gw1 sshd[5372]: Failed password for invalid user soft from 167.99.74.187 port 34220 ssh2 ...	2020-05-01 20:40:41
167.99.74.187	attack	Apr 23 09:00:02 Enigma sshd[30737]: Invalid user lg from 167.99.74.187 port 55700 Apr 23 09:00:02 Enigma sshd[30737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 Apr 23 09:00:02 Enigma sshd[30737]: Invalid user lg from 167.99.74.187 port 55700 Apr 23 09:00:04 Enigma sshd[30737]: Failed password for invalid user lg from 167.99.74.187 port 55700 ssh2 Apr 23 09:04:31 Enigma sshd[31312]: Invalid user test3 from 167.99.74.187 port 39208	2020-04-23 15:13:12
167.99.74.187	attackbotsspam	Apr 14 23:52:02 srv01 sshd[30456]: Invalid user firefart from 167.99.74.187 port 33100 Apr 14 23:52:02 srv01 sshd[30456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 Apr 14 23:52:02 srv01 sshd[30456]: Invalid user firefart from 167.99.74.187 port 33100 Apr 14 23:52:04 srv01 sshd[30456]: Failed password for invalid user firefart from 167.99.74.187 port 33100 ssh2 Apr 14 23:55:56 srv01 sshd[30701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 user=root Apr 14 23:55:58 srv01 sshd[30701]: Failed password for root from 167.99.74.187 port 41794 ssh2 ...	2020-04-15 05:56:30
167.99.74.187	attackspam	Apr 14 03:51:11 sshgateway sshd\[16604\]: Invalid user monitor from 167.99.74.187 Apr 14 03:51:11 sshgateway sshd\[16604\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.74.187 Apr 14 03:51:13 sshgateway sshd\[16604\]: Failed password for invalid user monitor from 167.99.74.187 port 52506 ssh2	2020-04-14 15:29:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 167.99.74.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42550
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;167.99.74.164.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072201 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 23 09:19:38 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 164.74.99.167.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 164.74.99.167.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
212.34.243.234	attackbotsspam	Unauthorized connection attempt from IP address 212.34.243.234 on Port 445(SMB)	2020-09-07 19:13:40
122.233.135.130	attackbots	reported through recidive - multiple failed attempts(SSH)	2020-09-07 18:49:29
14.231.239.215	attackspambots	Cluster member 67.227.229.95 (US/United States/host.cjthedj97.me) said, DENY 14.231.239.215, Reason:[(sshd) Failed SSH login from 14.231.239.215 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER	2020-09-07 18:43:10
75.140.174.122	attackspambots	prod8 ...	2020-09-07 18:42:31
123.206.23.158	attack	fail2ban/Sep 7 09:41:22 h1962932 sshd[21631]: Invalid user matthew from 123.206.23.158 port 55650 Sep 7 09:41:22 h1962932 sshd[21631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.23.158 Sep 7 09:41:22 h1962932 sshd[21631]: Invalid user matthew from 123.206.23.158 port 55650 Sep 7 09:41:24 h1962932 sshd[21631]: Failed password for invalid user matthew from 123.206.23.158 port 55650 ssh2 Sep 7 09:44:32 h1962932 sshd[21693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.23.158 user=root Sep 7 09:44:35 h1962932 sshd[21693]: Failed password for root from 123.206.23.158 port 56994 ssh2	2020-09-07 19:09:43
104.206.128.22	attackspambots	TCP (SYN) 104.206.128.22:61067 -> port 3389, len 44	2020-09-07 18:49:45
113.184.255.20	attackbots	Attempted connection to port 445.	2020-09-07 19:16:23
212.72.214.149	attackbotsspam	Automatic report - Banned IP Access	2020-09-07 18:41:23
175.24.100.238	attack	Sep 7 08:41:10 vps34202 sshd[26553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.100.238 user=r.r Sep 7 08:41:12 vps34202 sshd[26553]: Failed password for r.r from 175.24.100.238 port 48926 ssh2 Sep 7 08:41:12 vps34202 sshd[26553]: Received disconnect from 175.24.100.238: 11: Bye Bye [preauth] Sep 7 08:48:29 vps34202 sshd[26827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.100.238 user=r.r Sep 7 08:48:31 vps34202 sshd[26827]: Failed password for r.r from 175.24.100.238 port 59082 ssh2 Sep 7 08:48:32 vps34202 sshd[26827]: Received disconnect from 175.24.100.238: 11: Bye Bye [preauth] Sep 7 08:52:50 vps34202 sshd[27005]: Connection closed by 175.24.100.238 [preauth] Sep 7 08:57:09 vps34202 sshd[27144]: Invalid user support from 175.24.100.238 Sep 7 08:57:09 vps34202 sshd[27144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= r........ -------------------------------	2020-09-07 19:04:06
43.227.157.152	attack	1433/tcp 445/tcp 445/tcp [2020-08-20/09-07]3pkt	2020-09-07 19:12:10
66.249.66.219	attackspam	Automatic report - Banned IP Access	2020-09-07 18:37:09
80.82.77.245	attack	UDP 80.82.77.245:53907 -> port 450, len 57	2020-09-07 18:53:58
171.236.155.243	attackspambots	1599410774 - 09/06/2020 18:46:14 Host: 171.236.155.243/171.236.155.243 Port: 445 TCP Blocked	2020-09-07 19:08:10
58.56.56.174	attack	Unauthorized connection attempt from IP address 58.56.56.174 on Port 445(SMB)	2020-09-07 19:11:43
218.191.223.71	attack	2020-09-07T17:31:01.776316luisaranguren sshd[783979]: Failed password for root from 218.191.223.71 port 38317 ssh2 2020-09-07T17:31:03.100659luisaranguren sshd[783979]: Connection closed by authenticating user root 218.191.223.71 port 38317 [preauth] ...	2020-09-07 18:48:23

Recently Reported IPs

2001:41d0:8:5cc3::	94.41.198.237	223.235.0.112	54.36.148.121
51.15.57.40	62.75.159.60	177.86.159.92	78.187.233.158
177.54.239.233	40.76.63.49	181.105.8.109	149.200.183.54
77.247.108.160	190.88.145.235	37.112.207.68	180.76.134.167
201.93.8.20	185.53.88.22	180.125.254.200	47.99.242.107