154.0.172.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
154.0.172.19	attack	Jul 18 07:10:08 vlre-nyc-1 sshd\[12312\]: Invalid user postgres from 154.0.172.19 Jul 18 07:10:08 vlre-nyc-1 sshd\[12312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 Jul 18 07:10:11 vlre-nyc-1 sshd\[12312\]: Failed password for invalid user postgres from 154.0.172.19 port 33070 ssh2 Jul 18 07:15:49 vlre-nyc-1 sshd\[12439\]: Invalid user shadwell from 154.0.172.19 Jul 18 07:15:49 vlre-nyc-1 sshd\[12439\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 ...	2020-07-18 17:27:17
154.0.172.19	attackbots	Jul 10 12:03:35 server sshd[13036]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 Jul 10 12:03:38 server sshd[13036]: Failed password for invalid user south from 154.0.172.19 port 55532 ssh2 Jul 10 12:08:13 server sshd[13354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.0.172.19 ...	2020-07-10 18:44:02
154.0.172.154	attack	[login]	2020-04-10 21:05:37
154.0.172.231	attackspam	154.0.172.231 - - \[16/Nov/2019:06:29:43 +0000\] "POST /wp/wp-login.php HTTP/1.1" 200 4205 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 154.0.172.231 - - \[16/Nov/2019:06:29:44 +0000\] "POST /wp/xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2019-11-16 14:55:01
154.0.172.9	attack	154.0.172.9 - - [26/Aug/2019:15:36:03 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-08-27 01:03:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.0.172.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59349
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;154.0.172.2.			IN	A

;; AUTHORITY SECTION:
.			447	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 18:42:34 CST 2022
;; MSG SIZE  rcvd: 104

Host info

2.172.0.154.in-addr.arpa domain name pointer plant.aserv.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.172.0.154.in-addr.arpa	name = plant.aserv.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.73.215.171	attack	Port scan: Attack repeated for 24 hours	2019-11-24 23:59:13
104.168.145.77	attackbotsspam	2019-11-24T09:48:24.897224ns547587 sshd\[5481\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 user=root 2019-11-24T09:48:27.406742ns547587 sshd\[5481\]: Failed password for root from 104.168.145.77 port 43978 ssh2 2019-11-24T09:55:28.449605ns547587 sshd\[8231\]: Invalid user rosiah from 104.168.145.77 port 52378 2019-11-24T09:55:28.455391ns547587 sshd\[8231\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.168.145.77 ...	2019-11-25 00:04:45
117.156.119.39	attack	Nov 24 15:06:00 microserver sshd[27874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.156.119.39 user=root Nov 24 15:06:02 microserver sshd[27874]: Failed password for root from 117.156.119.39 port 60016 ssh2 Nov 24 15:13:32 microserver sshd[28674]: Invalid user jasmine from 117.156.119.39 port 33320 Nov 24 15:13:32 microserver sshd[28674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.156.119.39 Nov 24 15:13:34 microserver sshd[28674]: Failed password for invalid user jasmine from 117.156.119.39 port 33320 ssh2 Nov 24 15:28:55 microserver sshd[30675]: Invalid user server from 117.156.119.39 port 36414 Nov 24 15:28:55 microserver sshd[30675]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.156.119.39 Nov 24 15:28:57 microserver sshd[30675]: Failed password for invalid user server from 117.156.119.39 port 36414 ssh2 Nov 24 15:36:24 microserver sshd[31871]: Invalid user surya	2019-11-24 23:39:46
188.226.226.82	attackbots	Nov 24 15:48:02 game-panel sshd[6903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.226.226.82 Nov 24 15:48:03 game-panel sshd[6903]: Failed password for invalid user keiji from 188.226.226.82 port 57201 ssh2 Nov 24 15:54:12 game-panel sshd[7062]: Failed password for root from 188.226.226.82 port 46958 ssh2	2019-11-24 23:55:54
103.74.123.6	attack	WordPress login Brute force / Web App Attack on client site.	2019-11-25 00:08:28
118.32.181.96	attackbotsspam	Nov 24 15:55:33 arianus sshd\[9315\]: Unable to negotiate with 118.32.181.96 port 52608: no matching key exchange method found. Their offer: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 \[preauth\] ...	2019-11-25 00:01:50
81.163.47.143	attackspam	3,88-02/01 [bc01/m68] PostRequest-Spammer scoring: Lusaka02	2019-11-25 00:13:41
118.41.11.46	attackbots	2019-11-24T14:55:51.897195abusebot-5.cloudsearch.cf sshd\[17611\]: Invalid user robert from 118.41.11.46 port 50658	2019-11-24 23:49:13
61.133.232.251	attack	$f2bV_matches	2019-11-24 23:55:25
159.203.201.29	attackbotsspam	firewall-block, port(s): 56511/tcp	2019-11-25 00:11:56
106.51.230.190	attack	Nov 24 19:55:51 gw1 sshd[17626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.51.230.190 Nov 24 19:55:54 gw1 sshd[17626]: Failed password for invalid user http from 106.51.230.190 port 33754 ssh2 ...	2019-11-24 23:47:10
196.218.130.221	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-11-24 23:53:43
59.126.153.69	attackbotsspam	Fail2Ban Ban Triggered	2019-11-25 00:20:57
107.181.174.74	attackbots	2019-11-24T09:52:19.596802ns547587 sshd\[7033\]: Invalid user flavell from 107.181.174.74 port 48748 2019-11-24T09:52:19.600613ns547587 sshd\[7033\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.181.174.74 2019-11-24T09:52:21.372249ns547587 sshd\[7033\]: Failed password for invalid user flavell from 107.181.174.74 port 48748 ssh2 2019-11-24T09:58:39.064726ns547587 sshd\[9461\]: Invalid user server from 107.181.174.74 port 56508 ...	2019-11-24 23:40:52
31.145.1.90	attackbots	Nov 24 15:46:51 web8 sshd\[28780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.145.1.90 user=mysql Nov 24 15:46:52 web8 sshd\[28780\]: Failed password for mysql from 31.145.1.90 port 37168 ssh2 Nov 24 15:51:09 web8 sshd\[30853\]: Invalid user vishalj from 31.145.1.90 Nov 24 15:51:09 web8 sshd\[30853\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.145.1.90 Nov 24 15:51:12 web8 sshd\[30853\]: Failed password for invalid user vishalj from 31.145.1.90 port 19479 ssh2	2019-11-25 00:18:04

Recently Reported IPs

154.0.171.205	154.0.171.155	154.0.171.140	154.0.171.151
154.121.14.148	154.121.51.72	154.121.46.48	154.120.77.139
154.120.78.36	154.120.79.251	154.121.48.134	154.121.19.19
154.121.43.45	154.121.70.235	154.122.145.206	154.122.32.80
154.122.232.0	154.121.26.196	154.122.149.179	154.123.159.107