Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Uganda

Internet Service Provider: National Information Technology Authority Uganda

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:
Type Details Datetime
attack
Aug 23 22:31:41 ms-srv sshd[42155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.72.199.2  user=root
Aug 23 22:31:43 ms-srv sshd[42155]: Failed password for invalid user root from 154.72.199.2 port 2435 ssh2
2020-02-02 22:56:01
Comments on same subnet:
IP Type Details Datetime
154.72.199.38 attackspam
Dovecot Invalid User Login Attempt.
2020-08-15 23:17:22
154.72.199.38 attackbots
IP was detected trying to Brute-Force SSH, FTP, Web Apps, Port-Scan or Hacking.
2020-05-25 12:55:35
154.72.199.38 attack
Spam detected 2020.05.17 11:55:19
blocked until 2020.06.11 08:26:42
2020-05-22 22:22:04
154.72.199.146 attackspam
Unauthorized connection attempt from IP address 154.72.199.146 on Port 445(SMB)
2020-04-11 19:56:00
154.72.199.38 attackbots
spam
2020-01-24 15:24:11
154.72.199.38 attack
email spam
2019-12-19 21:31:15
154.72.199.38 attack
Attempted spam UTC Dec 7 06:06:36 from=
2019-12-07 17:10:51
154.72.199.38 attackspambots
SPAM Delivery Attempt
2019-10-29 20:51:14
154.72.199.38 attackbotsspam
proto=tcp  .  spt=46414  .  dpt=25  .     (listed on Blocklist de  Sep 20)     (1467)
2019-09-21 06:45:34
154.72.199.38 attackspambots
proto=tcp  .  spt=40590  .  dpt=25  .     (listed on Blocklist de  Aug 11)     (639)
2019-08-12 03:31:55
154.72.199.38 attackbotsspam
Mail sent to address hacked/leaked from Last.fm
2019-07-30 18:28:53
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.72.199.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47366
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.72.199.2.			IN	A

;; AUTHORITY SECTION:
.			286	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020200 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 22:55:52 CST 2020
;; MSG SIZE  rcvd: 116
Host info
2.199.72.154.in-addr.arpa domain name pointer h2.gou.go.ug.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.199.72.154.in-addr.arpa	name = h2.gou.go.ug.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
168.63.250.137 attackspambots
rdp brute-force attack (aggressivity: medium)
2019-11-27 06:34:45
35.247.138.99 attack
35.247.138.99 - - \[26/Nov/2019:15:35:56 +0100\] "POST /wp-login.php HTTP/1.0" 200 5731 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
35.247.138.99 - - \[26/Nov/2019:15:35:59 +0100\] "POST /wp-login.php HTTP/1.0" 200 5598 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
35.247.138.99 - - \[26/Nov/2019:15:36:03 +0100\] "POST /wp-login.php HTTP/1.0" 200 5594 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
2019-11-27 06:05:43
101.50.3.215 attackbotsspam
Nov 27 01:14:07 server sshd\[6756\]: Invalid user borsa from 101.50.3.215
Nov 27 01:14:07 server sshd\[6756\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.50.3.215 
Nov 27 01:14:08 server sshd\[6756\]: Failed password for invalid user borsa from 101.50.3.215 port 35722 ssh2
Nov 27 01:32:39 server sshd\[11260\]: Invalid user hertweck from 101.50.3.215
Nov 27 01:32:39 server sshd\[11260\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.50.3.215 
...
2019-11-27 06:35:43
185.234.216.221 attackspambots
Rude login attack (31 tries in 1d)
2019-11-27 06:40:34
159.138.152.49 attackspambots
badbot
2019-11-27 06:30:59
162.158.119.82 attack
162.158.119.82 - - [26/Nov/2019:14:35:40 +0000] "POST /wp-login.php HTTP/1.1" 200 1458 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
2019-11-27 06:16:47
85.105.245.135 attackbotsspam
Automatic report - Port Scan Attack
2019-11-27 06:23:07
159.138.159.167 attack
badbot
2019-11-27 06:27:32
159.138.156.101 attackspambots
badbot
2019-11-27 06:03:17
106.12.178.246 attackbotsspam
Nov 26 19:49:05 server sshd\[14597\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.178.246  user=root
Nov 26 19:49:07 server sshd\[14597\]: Failed password for root from 106.12.178.246 port 35610 ssh2
Nov 26 20:12:39 server sshd\[31241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.178.246  user=root
Nov 26 20:12:41 server sshd\[31241\]: Failed password for root from 106.12.178.246 port 47576 ssh2
Nov 26 20:19:26 server sshd\[312\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.178.246  user=root
...
2019-11-27 06:22:48
134.209.63.140 attack
Nov 26 04:48:21 hanapaa sshd\[17561\]: Invalid user kabashima from 134.209.63.140
Nov 26 04:48:21 hanapaa sshd\[17561\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.63.140
Nov 26 04:48:23 hanapaa sshd\[17561\]: Failed password for invalid user kabashima from 134.209.63.140 port 51678 ssh2
Nov 26 04:55:02 hanapaa sshd\[18114\]: Invalid user throgmorton from 134.209.63.140
Nov 26 04:55:02 hanapaa sshd\[18114\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.63.140
2019-11-27 06:32:38
41.39.171.24 attackbots
Nov 26 15:33:12 xeon cyrus/imap[60680]: badlogin: host-41.39.171.24.tedata.net [41.39.171.24] plain [SASL(-13): authentication failure: Password verification failed]
2019-11-27 06:07:59
66.249.155.244 attackbotsspam
$f2bV_matches
2019-11-27 06:26:37
124.161.231.150 attackbots
$f2bV_matches
2019-11-27 06:29:35
159.138.150.254 attackspam
badbot
2019-11-27 06:36:26

Recently Reported IPs

38.101.101.123 152.255.51.85 192.61.188.116 210.76.238.19
31.93.153.190 151.38.180.246 170.84.196.201 99.143.16.20
57.15.88.129 166.193.131.59 113.181.124.244 168.177.211.157
239.225.115.233 229.24.241.168 111.119.127.228 148.17.158.145
162.253.118.15 119.217.104.167 236.220.12.187 219.162.218.7