154.0.161.112 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
154.0.161.99	attackbots	2020-08-23T05:06:53.968067shield sshd\[23479\]: Invalid user sonar from 154.0.161.99 port 40176 2020-08-23T05:06:53.974794shield sshd\[23479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za 2020-08-23T05:06:56.320714shield sshd\[23479\]: Failed password for invalid user sonar from 154.0.161.99 port 40176 ssh2 2020-08-23T05:12:21.981373shield sshd\[24869\]: Invalid user ralf from 154.0.161.99 port 49512 2020-08-23T05:12:22.020383shield sshd\[24869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za	2020-08-23 14:19:19
154.0.161.99	attackspam	Aug 19 17:32:07 db sshd[14408]: Invalid user sales from 154.0.161.99 port 37440 ...	2020-08-20 02:04:49
154.0.161.99	attackbots	2020-08-16T12:35:46.067859shield sshd\[20770\]: Invalid user money from 154.0.161.99 port 41120 2020-08-16T12:35:46.077812shield sshd\[20770\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za 2020-08-16T12:35:47.683797shield sshd\[20770\]: Failed password for invalid user money from 154.0.161.99 port 41120 ssh2 2020-08-16T12:40:46.916053shield sshd\[21630\]: Invalid user ed from 154.0.161.99 port 50550 2020-08-16T12:40:46.924820shield sshd\[21630\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=baymonitoring.dedicated.co.za	2020-08-16 21:13:21
154.0.161.99	attackbots	fail2ban	2020-08-13 22:56:58
154.0.161.99	attackbots	Aug 8 22:54:41 pkdns2 sshd\[17934\]: Failed password for root from 154.0.161.99 port 60670 ssh2Aug 8 22:56:53 pkdns2 sshd\[18051\]: Address 154.0.161.99 maps to peardev.dedicated.co.za, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 8 22:56:55 pkdns2 sshd\[18051\]: Failed password for root from 154.0.161.99 port 32926 ssh2Aug 8 22:59:09 pkdns2 sshd\[18139\]: Address 154.0.161.99 maps to peardev.dedicated.co.za, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 8 22:59:12 pkdns2 sshd\[18139\]: Failed password for root from 154.0.161.99 port 33414 ssh2Aug 8 23:01:31 pkdns2 sshd\[18255\]: Failed password for root from 154.0.161.99 port 33902 ssh2 ...	2020-08-09 04:23:52
154.0.161.99	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-07-19 20:48:00
154.0.161.131	attackspambots	Wordpress_xmlrpc_attack	2020-05-25 22:26:10
154.0.161.239	attackbots	xmlrpc	2020-04-02 07:28:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.0.161.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11057
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;154.0.161.112.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 18:42:18 CST 2022
;; MSG SIZE  rcvd: 106

Host info

112.161.0.154.in-addr.arpa domain name pointer striga.aserv.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
112.161.0.154.in-addr.arpa	name = striga.aserv.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.176.27.6	attackspam	Dec 28 11:53:44 mc1 kernel: \[1689215.877678\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=41069 PROTO=TCP SPT=55996 DPT=3743 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:55:29 mc1 kernel: \[1689321.071368\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=6483 PROTO=TCP SPT=55996 DPT=7238 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 28 11:57:51 mc1 kernel: \[1689463.146493\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.6 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=1892 PROTO=TCP SPT=55996 DPT=8666 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-28 19:04:42
92.247.115.2	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-12-28 19:12:56
95.163.208.235	attack	1577522042 - 12/28/2019 09:34:02 Host: 95.163.208.235/95.163.208.235 Port: 445 TCP Blocked	2019-12-28 19:20:17
85.192.138.149	attack	Dec 28 08:22:50 zeus sshd[16166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.138.149 Dec 28 08:22:53 zeus sshd[16166]: Failed password for invalid user rwright from 85.192.138.149 port 37064 ssh2 Dec 28 08:25:44 zeus sshd[16265]: Failed password for root from 85.192.138.149 port 36012 ssh2	2019-12-28 18:53:44
85.113.169.204	attackbotsspam	Honeypot attack, port: 23, PTR: alta3-204.docsis.trollnet.no.	2019-12-28 18:58:45
50.60.205.128	attack	1577514221 - 12/28/2019 07:23:41 Host: 50.60.205.128/50.60.205.128 Port: 445 TCP Blocked	2019-12-28 19:13:15
211.177.178.232	attackspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-28 19:17:37
185.176.27.118	attackspam	12/28/2019-06:17:14.520634 185.176.27.118 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-28 19:23:30
51.75.67.69	attackspam	Dec 28 08:55:53 ks10 sshd[8865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.67.69 Dec 28 08:55:55 ks10 sshd[8865]: Failed password for invalid user pos from 51.75.67.69 port 58966 ssh2 ...	2019-12-28 19:29:53
76.233.226.105	attack	Dec 28 09:33:01 v22018076622670303 sshd\[28783\]: Invalid user daejeon from 76.233.226.105 port 47000 Dec 28 09:33:01 v22018076622670303 sshd\[28783\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=76.233.226.105 Dec 28 09:33:02 v22018076622670303 sshd\[28783\]: Failed password for invalid user daejeon from 76.233.226.105 port 47000 ssh2 ...	2019-12-28 19:02:06
89.248.168.112	attackspam	[portscan] tcp/21 [FTP] *(RWIN=65535)(12281307)	2019-12-28 18:59:19
77.222.187.70	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-28 19:24:26
45.119.82.251	attackbotsspam	Dec 28 10:10:09 mout sshd[20472]: Invalid user villoria from 45.119.82.251 port 51656	2019-12-28 19:15:18
177.126.165.170	attackbots	Dec 28 05:13:57 ldap01vmsma01 sshd[86775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.126.165.170 Dec 28 05:14:00 ldap01vmsma01 sshd[86775]: Failed password for invalid user alric from 177.126.165.170 port 40672 ssh2 ...	2019-12-28 19:12:18
180.161.168.17	attack	Unauthorized connection attempt detected from IP address 180.161.168.17 to port 5555	2019-12-28 19:03:12

Recently Reported IPs

154.0.121.62	154.0.160.166	154.0.161.191	154.0.160.60
154.0.161.71	154.0.161.224	154.0.163.69	154.0.164.114
154.0.164.145	154.0.164.152	154.0.164.169	154.0.165.25
154.0.165.94	154.0.166.107	154.0.164.178	154.0.168.177
154.0.168.120	154.0.166.169	154.0.166.171	154.0.167.225