105.242.49.97 - IPInfo

Basic Info

City: Pretoria

Region: Gauteng

Country: South Africa

Internet Service Provider: Vodacom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 105.242.49.97 on Port 445(SMB)	2019-10-31 03:00:06

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 105.242.49.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55639
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;105.242.49.97.			IN	A

;; AUTHORITY SECTION:
.			576	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103001 1800 900 604800 86400

;; Query time: 151 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 31 03:00:02 CST 2019
;; MSG SIZE  rcvd: 117

Host info

97.49.242.105.in-addr.arpa domain name pointer vc-gp-n-105-242-49-97.umts.vodacom.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
97.49.242.105.in-addr.arpa	name = vc-gp-n-105-242-49-97.umts.vodacom.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.65.86.239	attackspam	Apr 20 19:01:36 srv206 sshd[17553]: Invalid user lj from 159.65.86.239 Apr 20 19:01:36 srv206 sshd[17553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.86.239 Apr 20 19:01:36 srv206 sshd[17553]: Invalid user lj from 159.65.86.239 Apr 20 19:01:38 srv206 sshd[17553]: Failed password for invalid user lj from 159.65.86.239 port 34106 ssh2 ...	2020-04-21 01:35:03
190.202.32.2	attackbotsspam	2020-04-20T17:25:53.529536amanda2.illicoweb.com sshd\[4739\]: Invalid user qo from 190.202.32.2 port 43253 2020-04-20T17:25:53.532108amanda2.illicoweb.com sshd\[4739\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.202.32.2 2020-04-20T17:25:55.306815amanda2.illicoweb.com sshd\[4739\]: Failed password for invalid user qo from 190.202.32.2 port 43253 ssh2 2020-04-20T17:34:03.606283amanda2.illicoweb.com sshd\[5198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.202.32.2 user=root 2020-04-20T17:34:06.314577amanda2.illicoweb.com sshd\[5198\]: Failed password for root from 190.202.32.2 port 32845 ssh2 ...	2020-04-21 01:17:59
1.6.103.18	attack	2020-04-20T14:28:21.355014Z ed68325938da New connection: 1.6.103.18:39255 (172.17.0.5:2222) [session: ed68325938da] 2020-04-20T14:36:47.245642Z 683e788a7b57 New connection: 1.6.103.18:9432 (172.17.0.5:2222) [session: 683e788a7b57]	2020-04-21 01:07:52
178.33.229.120	attack	SSH login attempts.	2020-04-21 01:27:47
130.61.37.130	attack	Invalid user cloudstack from 130.61.37.130 port 27400	2020-04-21 01:43:26
156.214.214.112	attack	Invalid user admin from 156.214.214.112 port 32768	2020-04-21 01:36:22
36.49.159.222	attack	Invalid user ge from 36.49.159.222 port 6603	2020-04-21 01:04:05
216.68.91.104	attack	Apr 20 18:17:26 dev0-dcde-rnet sshd[19305]: Failed password for root from 216.68.91.104 port 40824 ssh2 Apr 20 18:31:53 dev0-dcde-rnet sshd[19378]: Failed password for root from 216.68.91.104 port 45536 ssh2	2020-04-21 01:09:49
180.76.114.218	attackbotsspam	$f2bV_matches	2020-04-21 01:25:27
167.172.131.96	attack	Invalid user user from 167.172.131.96 port 50104	2020-04-21 01:30:22
210.56.23.100	attackspam	Apr 20 18:51:20 odroid64 sshd\[24586\]: User root from 210.56.23.100 not allowed because not listed in AllowUsers Apr 20 18:51:20 odroid64 sshd\[24586\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.56.23.100 user=root ...	2020-04-21 01:10:11
27.154.242.142	attackbotsspam	Unauthorized SSH login attempts	2020-04-21 01:06:05
167.71.224.129	attackspambots	Invalid user ubuntu from 167.71.224.129 port 44138	2020-04-21 01:31:06
195.24.207.199	attackspam	SSH login attempts.	2020-04-21 01:15:25
207.180.198.112	attack	Apr 20 16:44:24 Enigma sshd[27833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi198464.contaboserver.net user=root Apr 20 16:44:26 Enigma sshd[27833]: Failed password for root from 207.180.198.112 port 49060 ssh2 Apr 20 16:44:27 Enigma sshd[27835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=vmi198464.contaboserver.net user=admin Apr 20 16:44:29 Enigma sshd[27835]: Failed password for admin from 207.180.198.112 port 54862 ssh2 Apr 20 16:44:31 Enigma sshd[27837]: Invalid user user from 207.180.198.112 port 57966	2020-04-21 01:11:04

Recently Reported IPs

141.240.73.99	54.17.84.97	111.179.201.239	107.175.85.65
185.12.178.127	221.183.199.228	30.149.91.169	72.179.28.154
195.28.222.152	197.102.143.14	7.82.223.253	93.59.127.240
172.86.189.2	245.254.200.254	136.31.7.226	156.178.45.42
177.137.236.202	141.35.213.43	137.190.249.37	30.77.121.190