154.0.172.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
154.0.172.19	attack	Jul 18 07:10:08 vlre-nyc-1 sshd\[12312\]: Invalid user postgres from 154.0.172.19 Jul 18 07:10:08 vlre-nyc-1 sshd\[12312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 Jul 18 07:10:11 vlre-nyc-1 sshd\[12312\]: Failed password for invalid user postgres from 154.0.172.19 port 33070 ssh2 Jul 18 07:15:49 vlre-nyc-1 sshd\[12439\]: Invalid user shadwell from 154.0.172.19 Jul 18 07:15:49 vlre-nyc-1 sshd\[12439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 ...	2020-07-18 17:27:17
154.0.172.19	attackbots	Jul 10 12:03:35 server sshd[13036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 Jul 10 12:03:38 server sshd[13036]: Failed password for invalid user south from 154.0.172.19 port 55532 ssh2 Jul 10 12:08:13 server sshd[13354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 ...	2020-07-10 18:44:02
154.0.172.154	attack	[login]	2020-04-10 21:05:37
154.0.172.231	attackspam	154.0.172.231 - - \[16/Nov/2019:06:29:43 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 154.0.172.231 - - \[16/Nov/2019:06:29:44 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-11-16 14:55:01
154.0.172.9	attack	154.0.172.9 - - [26/Aug/2019:15:36:03 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-08-27 01:03:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.0.172.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59349
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;154.0.172.2.			IN	A

;; AUTHORITY SECTION:
.			447	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 18:42:34 CST 2022
;; MSG SIZE  rcvd: 104

Host info

2.172.0.154.in-addr.arpa domain name pointer plant.aserv.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.172.0.154.in-addr.arpa	name = plant.aserv.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.134.168	attackspam	SSH login attempts.	2020-03-31 20:41:38
103.63.2.211	attackbotsspam	Port probing on unauthorized port 1433	2020-03-31 20:24:38
138.197.180.102	attack	Mar 31 18:30:57 itv-usvr-01 sshd[22497]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.180.102 user=root Mar 31 18:31:00 itv-usvr-01 sshd[22497]: Failed password for root from 138.197.180.102 port 38936 ssh2	2020-03-31 20:22:16
51.38.236.221	attackbotsspam	2020-03-31T11:04:03.570171rocketchat.forhosting.nl sshd[28230]: Failed password for root from 51.38.236.221 port 56618 ssh2 2020-03-31T11:11:40.856726rocketchat.forhosting.nl sshd[28410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.236.221 user=root 2020-03-31T11:11:42.922345rocketchat.forhosting.nl sshd[28410]: Failed password for root from 51.38.236.221 port 42984 ssh2 ...	2020-03-31 20:25:39
140.82.61.248	attack	SSH login attempts.	2020-03-31 20:56:32
112.64.34.165	attack	Mar 31 02:46:58 web1 sshd\[11957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.34.165 user=root Mar 31 02:46:59 web1 sshd\[11957\]: Failed password for root from 112.64.34.165 port 34235 ssh2 Mar 31 02:50:57 web1 sshd\[12386\]: Invalid user lingjian from 112.64.34.165 Mar 31 02:50:57 web1 sshd\[12386\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.34.165 Mar 31 02:50:59 web1 sshd\[12386\]: Failed password for invalid user lingjian from 112.64.34.165 port 54924 ssh2	2020-03-31 21:05:32
113.23.104.170	attackspam	445/tcp [2020-03-31]1pkt	2020-03-31 20:43:33
39.45.156.232	attackbots	445/tcp [2020-03-31]1pkt	2020-03-31 20:48:28
103.116.58.130	attack	frenzy	2020-03-31 20:53:48
180.250.247.45	attackspam	Mar 31 05:50:00 askasleikir sshd[159225]: Failed password for root from 180.250.247.45 port 43132 ssh2 Mar 31 06:05:39 askasleikir sshd[160107]: Failed password for root from 180.250.247.45 port 39488 ssh2 Mar 31 06:10:34 askasleikir sshd[160371]: Failed password for root from 180.250.247.45 port 43750 ssh2	2020-03-31 20:28:02
92.211.172.186	attackspam	(sshd) Failed SSH login from 92.211.172.186 (DE/Germany/ipservice-092-211-172-186.092.211.pools.vodafone-ip.de): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 31 15:28:51 srv sshd[16369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.211.172.186 user=root Mar 31 15:28:53 srv sshd[16369]: Failed password for root from 92.211.172.186 port 55872 ssh2 Mar 31 15:31:45 srv sshd[16476]: Invalid user mx from 92.211.172.186 port 3797 Mar 31 15:31:46 srv sshd[16476]: Failed password for invalid user mx from 92.211.172.186 port 3797 ssh2 Mar 31 15:34:53 srv sshd[16598]: Invalid user wulanzhou from 92.211.172.186 port 16212	2020-03-31 21:02:16
41.230.56.9	attackspam	Mar 31 14:34:55 sshd\[30625\]: User root from 41.230.56.9 not allowed because not listed in AllowUsersMar 31 14:34:58 sshd\[30625\]: Failed password for invalid user root from 41.230.56.9 port 58304 ssh2 ...	2020-03-31 21:00:28
179.182.135.184	attackbots	1585658092 - 03/31/2020 14:34:52 Host: 179.182.135.184/179.182.135.184 Port: 445 TCP Blocked	2020-03-31 21:07:17
2a01:e34:ecf2:2110:2064:eeb1:5289:5d12	attackspam	2a01:e34:ecf2:2110:2064:eeb1:5289:5d12 - - [31/Mar/2020:14:34:59 +0200] "GET /wp-admin/vuln.php HTTP/1.1" 404 17004 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" 2a01:e34:ecf2:2110:2064:eeb1:5289:5d12 - - [31/Mar/2020:14:34:59 +0200] "GET /wp-admin/vuln.htm HTTP/1.1" 404 16906 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" 2a01:e34:ecf2:2110:2064:eeb1:5289:5d12 - - [31/Mar/2020:14:35:00 +0200] "POST /wp-content/plugins/cherry-plugin/admin/import-export/upload.php HTTP/1.1" 403 400 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" 2a01:e34:ecf2:2110:2064:eeb1:5289:5d12 - - [31/Mar/2020:14:35:00 +0200] "GET /wp-content/plugins/cherry-plugin/admin/import-export/settings_auto.php HTTP/1.1" 404 16917 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0" 2a01:e34:ecf2: ...	2020-03-31 20:52:51
116.72.18.57	attack	SSH login attempts.	2020-03-31 20:58:39

Recently Reported IPs

154.0.171.205	154.0.171.155	154.0.171.140	154.0.171.151
154.121.14.148	154.121.51.72	154.121.46.48	154.120.77.139
154.120.78.36	154.120.79.251	154.121.48.134	154.121.19.19
154.121.43.45	154.121.70.235	154.122.145.206	154.122.32.80
154.122.232.0	154.121.26.196	154.122.149.179	154.123.159.107