154.73.2.13 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Telemedia (Pty) Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 21 16:36:12 host sshd\[27892\]: Invalid user xerxes from 154.73.2.13 Aug 21 16:36:12 host sshd\[27892\]: Failed password for invalid user xerxes from 154.73.2.13 port 34128 ssh2 Aug 21 16:40:45 host sshd\[28989\]: Failed password for root from 154.73.2.13 port 43518 ssh2 ...	2020-08-22 05:18:02

Type

Details

Datetime

attack

Aug 21 16:36:12 host sshd\[27892\]: Invalid user xerxes from 154.73.2.13
Aug 21 16:36:12 host sshd\[27892\]: Failed password for invalid user xerxes from 154.73.2.13 port 34128 ssh2
Aug 21 16:40:45 host sshd\[28989\]: Failed password for root from 154.73.2.13 port 43518 ssh2
...

2020-08-22 05:18:02

Comments on same subnet:

IP	Type	Details	Datetime
154.73.214.110	attack	TCP (SYN) 154.73.214.110:33216 -> port 23, len 44	2020-10-06 06:58:35
154.73.214.110	attackbotsspam	TCP (SYN) 154.73.214.110:33216 -> port 23, len 44	2020-10-05 23:10:47
154.73.214.110	attackspambots	Automatic report - Port Scan Attack	2020-10-05 15:09:14
154.73.203.180	attackspam	Email rejected due to spam filtering	2020-08-01 21:44:51
154.73.24.26	attackbotsspam	Jan 22 05:56:24 haigwepa sshd[29970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.24.26 Jan 22 05:56:25 haigwepa sshd[29970]: Failed password for invalid user dircreate from 154.73.24.26 port 54011 ssh2 ...	2020-01-22 13:38:58
154.73.203.132	attackspambots	Brute force SMTP login attempts.	2020-01-03 15:35:23
154.73.203.189	attackspambots	email spam	2019-12-19 19:31:20
154.73.22.107	attackspambots	Oct 6 06:24:23 venus sshd\[21996\]: Invalid user Admin3@1 from 154.73.22.107 port 38958 Oct 6 06:24:23 venus sshd\[21996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Oct 6 06:24:25 venus sshd\[21996\]: Failed password for invalid user Admin3@1 from 154.73.22.107 port 38958 ssh2 ...	2019-10-06 14:43:14
154.73.22.107	attackspambots	Oct 4 02:23:27 sachi sshd\[22037\]: Invalid user Vivi@123 from 154.73.22.107 Oct 4 02:23:27 sachi sshd\[22037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Oct 4 02:23:30 sachi sshd\[22037\]: Failed password for invalid user Vivi@123 from 154.73.22.107 port 53829 ssh2 Oct 4 02:29:27 sachi sshd\[22536\]: Invalid user ZaQ1XsW2CdE3 from 154.73.22.107 Oct 4 02:29:27 sachi sshd\[22536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107	2019-10-04 20:46:10
154.73.22.107	attack	Sep 26 18:06:46 web9 sshd\[10734\]: Invalid user swk from 154.73.22.107 Sep 26 18:06:46 web9 sshd\[10734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Sep 26 18:06:48 web9 sshd\[10734\]: Failed password for invalid user swk from 154.73.22.107 port 55447 ssh2 Sep 26 18:12:00 web9 sshd\[11683\]: Invalid user l from 154.73.22.107 Sep 26 18:12:00 web9 sshd\[11683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107	2019-09-27 12:12:32
154.73.22.107	attack	Sep 26 12:12:11 web9 sshd\[5357\]: Invalid user Alphanetworks from 154.73.22.107 Sep 26 12:12:12 web9 sshd\[5357\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Sep 26 12:12:14 web9 sshd\[5357\]: Failed password for invalid user Alphanetworks from 154.73.22.107 port 33577 ssh2 Sep 26 12:17:09 web9 sshd\[6247\]: Invalid user hans_dir645 from 154.73.22.107 Sep 26 12:17:09 web9 sshd\[6247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107	2019-09-27 06:22:34
154.73.22.107	attackspam	Sep 26 18:33:08 microserver sshd[61818]: Invalid user coen from 154.73.22.107 port 54755 Sep 26 18:33:08 microserver sshd[61818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Sep 26 18:33:09 microserver sshd[61818]: Failed password for invalid user coen from 154.73.22.107 port 54755 ssh2 Sep 26 18:38:57 microserver sshd[62505]: Invalid user gitlab_ci from 154.73.22.107 port 47098 Sep 26 18:38:57 microserver sshd[62505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Sep 26 18:50:48 microserver sshd[64275]: Invalid user vt from 154.73.22.107 port 60018 Sep 26 18:50:48 microserver sshd[64275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Sep 26 18:50:50 microserver sshd[64275]: Failed password for invalid user vt from 154.73.22.107 port 60018 ssh2 Sep 26 18:56:46 microserver sshd[64970]: Invalid user janes from 154.73.22.107 port 52360 Sep 26 18	2019-09-27 01:34:41
154.73.22.107	attackbotsspam	Sep 24 01:36:00 markkoudstaal sshd[26335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Sep 24 01:36:02 markkoudstaal sshd[26335]: Failed password for invalid user ftpuser from 154.73.22.107 port 50736 ssh2 Sep 24 01:41:35 markkoudstaal sshd[26884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107	2019-09-24 08:06:16
154.73.22.107	attackspambots	Sep 8 12:33:49 itv-usvr-01 sshd[22363]: Invalid user postgres from 154.73.22.107 Sep 8 12:33:49 itv-usvr-01 sshd[22363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107 Sep 8 12:33:49 itv-usvr-01 sshd[22363]: Invalid user postgres from 154.73.22.107 Sep 8 12:33:52 itv-usvr-01 sshd[22363]: Failed password for invalid user postgres from 154.73.22.107 port 54125 ssh2 Sep 8 12:38:57 itv-usvr-01 sshd[22553]: Invalid user postgres from 154.73.22.107	2019-09-14 23:03:27
154.73.215.110	attack	Automatic report - Port Scan Attack	2019-09-14 02:59:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.73.2.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.73.2.13.			IN	A

;; AUTHORITY SECTION:
.			563	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082101 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 22 05:17:59 CST 2020
;; MSG SIZE  rcvd: 115

Host info

13.2.73.154.in-addr.arpa domain name pointer porcupine.inet.telemedia.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.2.73.154.in-addr.arpa	name = porcupine.inet.telemedia.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.38.33.178	attack	Aug 30 12:22:34 auw2 sshd\[4065\]: Invalid user Chicago from 51.38.33.178 Aug 30 12:22:34 auw2 sshd\[4065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-51-38-33.eu Aug 30 12:22:36 auw2 sshd\[4065\]: Failed password for invalid user Chicago from 51.38.33.178 port 52493 ssh2 Aug 30 12:26:16 auw2 sshd\[4379\]: Invalid user newsletter from 51.38.33.178 Aug 30 12:26:16 auw2 sshd\[4379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-51-38-33.eu	2019-08-31 07:36:45
80.82.77.139	attackspambots	80.82.77.139 - - [30/Aug/2019:20:20:20 +0200] "GET / HTTP/1.1" 200 103127 80.82.77.139 - - [30/Aug/2019:20:20:21 +0200] "\n" 400 981 80.82.77.139 - - [30/Aug/2019:20:20:21 +0200] "\n" 400 981 80.82.77.139 - - [30/Aug/2019:20:20:22 +0200] "\n" 400 981 80.82.77.139 - - [30/Aug/2019:20:20:22 +0200] "\n" 400 981 80.82.77.139 - - [30/Aug/2019:20:20:22 +0200] "\n" 400 981 80.82.77.139 - - [30/Aug/2019:20:20:25 +0200] "quit\n" 400 981 80.82.77.139 - - [30/Aug/2019:20:20:25 +0200] "GET /robots.txt HTTP/1.1" 404 1052 80.82.77.139 - - [30/Aug/2019:20:20:26 +0200] "GET /sitemap.xml HTTP/1.1" 404 1052 80.82.77.139 - - [30/Aug/2019:20:20:26 +0200] "GET /.well-known/security.txt HTTP/1.1" 404 1052 80.82.77.139 - - [30/Aug/2019:20:20:26 +0200] "\n" 400 981 80.82.77.139 - - [30/Aug/2019:20:20:28 +0200] "GET /favicon.ico HTTP/1.1" 404 1052	2019-08-31 07:40:48
178.62.117.106	attackspambots	Aug 30 07:22:46 eddieflores sshd\[10439\]: Invalid user administrator from 178.62.117.106 Aug 30 07:22:46 eddieflores sshd\[10439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106 Aug 30 07:22:49 eddieflores sshd\[10439\]: Failed password for invalid user administrator from 178.62.117.106 port 60165 ssh2 Aug 30 07:26:55 eddieflores sshd\[10728\]: Invalid user lihui from 178.62.117.106 Aug 30 07:26:55 eddieflores sshd\[10728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106	2019-08-31 07:04:10
128.199.52.45	attackbots	Aug 30 19:46:04 mail sshd[24467]: Invalid user adm from 128.199.52.45 Aug 30 19:46:04 mail sshd[24467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45 Aug 30 19:46:04 mail sshd[24467]: Invalid user adm from 128.199.52.45 Aug 30 19:46:06 mail sshd[24467]: Failed password for invalid user adm from 128.199.52.45 port 41602 ssh2 Aug 30 19:55:47 mail sshd[6915]: Invalid user polly from 128.199.52.45 ...	2019-08-31 07:16:42
41.196.0.189	attackbots	Automated report - ssh fail2ban: Aug 30 23:14:26 authentication failure Aug 30 23:14:28 wrong password, user=web1, port=42374, ssh2 Aug 30 23:23:50 authentication failure	2019-08-31 07:09:09
51.158.113.104	attackbots	Aug 30 17:53:41 plusreed sshd[18844]: Invalid user mikael from 51.158.113.104 ...	2019-08-31 07:01:03
139.59.74.183	attack	Aug 30 18:20:53 dedicated sshd[3376]: Invalid user qhsupport from 139.59.74.183 port 45682	2019-08-31 07:04:32
165.227.97.108	attack	Aug 30 13:28:30 hcbb sshd\[25859\]: Invalid user admin from 165.227.97.108 Aug 30 13:28:30 hcbb sshd\[25859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.97.108 Aug 30 13:28:32 hcbb sshd\[25859\]: Failed password for invalid user admin from 165.227.97.108 port 44974 ssh2 Aug 30 13:33:24 hcbb sshd\[26266\]: Invalid user ftp_user from 165.227.97.108 Aug 30 13:33:24 hcbb sshd\[26266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.97.108	2019-08-31 07:34:52
108.77.246.129	attackspam	DATE:2019-08-30 18:20:09, IP:108.77.246.129, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-08-31 07:27:25
84.201.165.126	attack	Aug 30 22:36:57 MK-Soft-VM6 sshd\[30479\]: Invalid user newsletter from 84.201.165.126 port 49378 Aug 30 22:36:57 MK-Soft-VM6 sshd\[30479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.201.165.126 Aug 30 22:36:59 MK-Soft-VM6 sshd\[30479\]: Failed password for invalid user newsletter from 84.201.165.126 port 49378 ssh2 ...	2019-08-31 07:05:33
1.190.120.127	attack	Unauthorised access (Aug 30) SRC=1.190.120.127 LEN=40 TTL=49 ID=63081 TCP DPT=8080 WINDOW=49582 SYN Unauthorised access (Aug 30) SRC=1.190.120.127 LEN=40 TTL=49 ID=36951 TCP DPT=8080 WINDOW=23328 SYN Unauthorised access (Aug 30) SRC=1.190.120.127 LEN=40 TTL=49 ID=7974 TCP DPT=8080 WINDOW=53151 SYN	2019-08-31 07:25:12
180.166.45.146	attackbotsspam	Aug 30 21:35:50 m3 sshd[8442]: Invalid user alex from 180.166.45.146 Aug 30 21:35:53 m3 sshd[8442]: Failed password for invalid user alex from 180.166.45.146 port 40066 ssh2 Aug 30 21:41:51 m3 sshd[9130]: Invalid user adventure from 180.166.45.146 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=180.166.45.146	2019-08-31 07:38:39
45.125.223.28	attackspambots	MYH,DEF GET /downloader/	2019-08-31 07:01:33
159.65.175.37	attackspambots	2019-08-30T23:19:48.897885abusebot-4.cloudsearch.cf sshd\[28509\]: Invalid user admin from 159.65.175.37 port 32904	2019-08-31 07:41:18
191.53.254.101	attackspam	Brute force attempt	2019-08-31 07:07:24

Recently Reported IPs

221.226.39.202	34.223.112.205	200.150.122.43	1.212.161.197
170.130.213.35	200.80.164.49	217.160.255.183	34.223.112.212
34.223.112.226	34.223.22.177	34.218.119.86	157.76.202.144
34.223.112.227	34.218.119.82	129.204.254.71	34.216.226.226
34.223.45.135	34.223.22.182	119.28.68.135	170.134.121.193