105.228.136.148

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Telkom SA Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Nov 4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=24614 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=19497 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-04 16:40:40

Type

Details

Datetime

attack

Unauthorised access (Nov  4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=24614 DF TCP DPT=445 WINDOW=8192 SYN 
Unauthorised access (Nov  4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=19497 DF TCP DPT=445 WINDOW=8192 SYN

2019-11-04 16:40:40

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 105.228.136.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27061
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;105.228.136.148.		IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110400 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 04 16:40:36 CST 2019
;; MSG SIZE  rcvd: 119

Host info

148.136.228.105.in-addr.arpa domain name pointer 105-228-136-148.south.dsl.telkomsa.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.136.228.105.in-addr.arpa	name = 105-228-136-148.south.dsl.telkomsa.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.241.244.92	attack	Jun 9 06:15:06 game-panel sshd[546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92 Jun 9 06:15:08 game-panel sshd[546]: Failed password for invalid user 123456 from 121.241.244.92 port 49306 ssh2 Jun 9 06:19:08 game-panel sshd[744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92	2020-06-09 14:25:42
77.45.85.101	attackbots	Distributed brute force attack	2020-06-09 14:23:09
97.84.225.94	attack	Port Scan detected from 97.84.225.94 (US/United States/Michigan/Coldwater/097-084-225-094.res.spectrum.com). 4 hits in the last 70 seconds	2020-06-09 14:15:59
65.182.2.241	attackbots	Jun 9 07:45:55 plex sshd[11211]: Invalid user usuario from 65.182.2.241 port 35108	2020-06-09 15:01:54
75.80.190.52	attackspam	Jun 9 08:33:57 jane sshd[15997]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.80.190.52 Jun 9 08:33:58 jane sshd[15997]: Failed password for invalid user rkv from 75.80.190.52 port 35594 ssh2 ...	2020-06-09 14:47:46
213.55.89.95	attackbotsspam	DATE:2020-06-09 05:54:59, IP:213.55.89.95, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-06-09 14:17:13
177.74.182.225	attackbotsspam	Distributed brute force attack	2020-06-09 14:26:59
180.71.47.198	attack	Jun 8 19:32:31 eddieflores sshd\[6866\]: Invalid user admin from 180.71.47.198 Jun 8 19:32:31 eddieflores sshd\[6866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.71.47.198 Jun 8 19:32:33 eddieflores sshd\[6866\]: Failed password for invalid user admin from 180.71.47.198 port 53286 ssh2 Jun 8 19:36:16 eddieflores sshd\[7173\]: Invalid user git from 180.71.47.198 Jun 8 19:36:16 eddieflores sshd\[7173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.71.47.198	2020-06-09 14:59:56
82.131.209.179	attackbotsspam	Jun 9 02:46:04 NPSTNNYC01T sshd[2913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.131.209.179 Jun 9 02:46:05 NPSTNNYC01T sshd[2913]: Failed password for invalid user od from 82.131.209.179 port 38430 ssh2 Jun 9 02:47:13 NPSTNNYC01T sshd[3020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.131.209.179 ...	2020-06-09 14:51:15
187.95.124.103	attackspambots	Jun 9 08:36:32 minden010 sshd[11875]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.95.124.103 Jun 9 08:36:34 minden010 sshd[11875]: Failed password for invalid user uuu from 187.95.124.103 port 53252 ssh2 Jun 9 08:38:24 minden010 sshd[12521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.95.124.103 ...	2020-06-09 14:51:36
222.186.175.154	attackbotsspam	2020-06-09T08:48:30.342503vps751288.ovh.net sshd\[11513\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root 2020-06-09T08:48:31.878481vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2 2020-06-09T08:48:36.318422vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2 2020-06-09T08:48:40.402306vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2 2020-06-09T08:48:44.189747vps751288.ovh.net sshd\[11513\]: Failed password for root from 222.186.175.154 port 18626 ssh2	2020-06-09 14:54:03
138.219.129.150	attackspam	DATE:2020-06-09 08:00:47, IP:138.219.129.150, PORT:ssh SSH brute force auth (docker-dc)	2020-06-09 14:28:43
114.67.77.159	attackbots	Jun 9 11:13:41 dhoomketu sshd[592251]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.77.159 user=root Jun 9 11:13:44 dhoomketu sshd[592251]: Failed password for root from 114.67.77.159 port 60304 ssh2 Jun 9 11:14:42 dhoomketu sshd[592263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.77.159 user=root Jun 9 11:14:44 dhoomketu sshd[592263]: Failed password for root from 114.67.77.159 port 45736 ssh2 Jun 9 11:15:42 dhoomketu sshd[592287]: Invalid user guoliang from 114.67.77.159 port 59404 ...	2020-06-09 14:45:22
37.49.226.157	attackbotsspam	TCP (SYN) 37.49.226.157:54520 -> port 22, len 48	2020-06-09 14:39:39
142.93.1.100	attackbotsspam	SSH Brute Force	2020-06-09 14:35:41

Recently Reported IPs

189.212.229.192	14.252.145.217	117.3.149.141	178.176.174.200
171.224.35.15	23.254.203.243	157.245.246.255	117.207.220.45
139.59.129.206	1.20.237.152	54.36.150.89	123.142.108.122
1.20.149.201	40.78.42.16	190.115.254.15	112.166.131.114
181.93.184.148	123.21.117.201	115.79.74.44	121.123.21.164