Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Telemedia (Pty) Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attack
Aug 21 16:36:12 host sshd\[27892\]: Invalid user xerxes from 154.73.2.13
Aug 21 16:36:12 host sshd\[27892\]: Failed password for invalid user xerxes from 154.73.2.13 port 34128 ssh2
Aug 21 16:40:45 host sshd\[28989\]: Failed password for root from 154.73.2.13 port 43518 ssh2
...
2020-08-22 05:18:02
Comments on same subnet:
IP Type Details Datetime
154.73.214.110 attack
 TCP (SYN) 154.73.214.110:33216 -> port 23, len 44
2020-10-06 06:58:35
154.73.214.110 attackbotsspam
 TCP (SYN) 154.73.214.110:33216 -> port 23, len 44
2020-10-05 23:10:47
154.73.214.110 attackspambots
Automatic report - Port Scan Attack
2020-10-05 15:09:14
154.73.203.180 attackspam
Email rejected due to spam filtering
2020-08-01 21:44:51
154.73.24.26 attackbotsspam
Jan 22 05:56:24 haigwepa sshd[29970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.24.26 
Jan 22 05:56:25 haigwepa sshd[29970]: Failed password for invalid user dircreate from 154.73.24.26 port 54011 ssh2
...
2020-01-22 13:38:58
154.73.203.132 attackspambots
Brute force SMTP login attempts.
2020-01-03 15:35:23
154.73.203.189 attackspambots
email spam
2019-12-19 19:31:20
154.73.22.107 attackspambots
Oct  6 06:24:23 venus sshd\[21996\]: Invalid user Admin3@1 from 154.73.22.107 port 38958
Oct  6 06:24:23 venus sshd\[21996\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Oct  6 06:24:25 venus sshd\[21996\]: Failed password for invalid user Admin3@1 from 154.73.22.107 port 38958 ssh2
...
2019-10-06 14:43:14
154.73.22.107 attackspambots
Oct  4 02:23:27 sachi sshd\[22037\]: Invalid user Vivi@123 from 154.73.22.107
Oct  4 02:23:27 sachi sshd\[22037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Oct  4 02:23:30 sachi sshd\[22037\]: Failed password for invalid user Vivi@123 from 154.73.22.107 port 53829 ssh2
Oct  4 02:29:27 sachi sshd\[22536\]: Invalid user ZaQ1XsW2CdE3 from 154.73.22.107
Oct  4 02:29:27 sachi sshd\[22536\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
2019-10-04 20:46:10
154.73.22.107 attack
Sep 26 18:06:46 web9 sshd\[10734\]: Invalid user swk from 154.73.22.107
Sep 26 18:06:46 web9 sshd\[10734\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Sep 26 18:06:48 web9 sshd\[10734\]: Failed password for invalid user swk from 154.73.22.107 port 55447 ssh2
Sep 26 18:12:00 web9 sshd\[11683\]: Invalid user l from 154.73.22.107
Sep 26 18:12:00 web9 sshd\[11683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
2019-09-27 12:12:32
154.73.22.107 attack
Sep 26 12:12:11 web9 sshd\[5357\]: Invalid user Alphanetworks from 154.73.22.107
Sep 26 12:12:12 web9 sshd\[5357\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Sep 26 12:12:14 web9 sshd\[5357\]: Failed password for invalid user Alphanetworks from 154.73.22.107 port 33577 ssh2
Sep 26 12:17:09 web9 sshd\[6247\]: Invalid user hans_dir645 from 154.73.22.107
Sep 26 12:17:09 web9 sshd\[6247\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
2019-09-27 06:22:34
154.73.22.107 attackspam
Sep 26 18:33:08 microserver sshd[61818]: Invalid user coen from 154.73.22.107 port 54755
Sep 26 18:33:08 microserver sshd[61818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Sep 26 18:33:09 microserver sshd[61818]: Failed password for invalid user coen from 154.73.22.107 port 54755 ssh2
Sep 26 18:38:57 microserver sshd[62505]: Invalid user gitlab_ci from 154.73.22.107 port 47098
Sep 26 18:38:57 microserver sshd[62505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Sep 26 18:50:48 microserver sshd[64275]: Invalid user vt from 154.73.22.107 port 60018
Sep 26 18:50:48 microserver sshd[64275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Sep 26 18:50:50 microserver sshd[64275]: Failed password for invalid user vt from 154.73.22.107 port 60018 ssh2
Sep 26 18:56:46 microserver sshd[64970]: Invalid user janes from 154.73.22.107 port 52360
Sep 26 18
2019-09-27 01:34:41
154.73.22.107 attackbotsspam
Sep 24 01:36:00 markkoudstaal sshd[26335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Sep 24 01:36:02 markkoudstaal sshd[26335]: Failed password for invalid user ftpuser from 154.73.22.107 port 50736 ssh2
Sep 24 01:41:35 markkoudstaal sshd[26884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
2019-09-24 08:06:16
154.73.22.107 attackspambots
Sep  8 12:33:49 itv-usvr-01 sshd[22363]: Invalid user postgres from 154.73.22.107
Sep  8 12:33:49 itv-usvr-01 sshd[22363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.73.22.107
Sep  8 12:33:49 itv-usvr-01 sshd[22363]: Invalid user postgres from 154.73.22.107
Sep  8 12:33:52 itv-usvr-01 sshd[22363]: Failed password for invalid user postgres from 154.73.22.107 port 54125 ssh2
Sep  8 12:38:57 itv-usvr-01 sshd[22553]: Invalid user postgres from 154.73.22.107
2019-09-14 23:03:27
154.73.215.110 attack
Automatic report - Port Scan Attack
2019-09-14 02:59:15
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 154.73.2.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;154.73.2.13.			IN	A

;; AUTHORITY SECTION:
.			563	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020082101 1800 900 604800 86400

;; Query time: 27 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Aug 22 05:17:59 CST 2020
;; MSG SIZE  rcvd: 115
Host info
13.2.73.154.in-addr.arpa domain name pointer porcupine.inet.telemedia.co.za.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.2.73.154.in-addr.arpa	name = porcupine.inet.telemedia.co.za.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
51.38.33.178 attack
Aug 30 12:22:34 auw2 sshd\[4065\]: Invalid user Chicago from 51.38.33.178
Aug 30 12:22:34 auw2 sshd\[4065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-51-38-33.eu
Aug 30 12:22:36 auw2 sshd\[4065\]: Failed password for invalid user Chicago from 51.38.33.178 port 52493 ssh2
Aug 30 12:26:16 auw2 sshd\[4379\]: Invalid user newsletter from 51.38.33.178
Aug 30 12:26:16 auw2 sshd\[4379\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.ip-51-38-33.eu
2019-08-31 07:36:45
80.82.77.139 attackspambots
80.82.77.139 - - [30/Aug/2019:20:20:20 +0200] "GET / HTTP/1.1" 200 103127
80.82.77.139 - - [30/Aug/2019:20:20:21 +0200] "\n" 400 981
80.82.77.139 - - [30/Aug/2019:20:20:21 +0200] "\n" 400 981
80.82.77.139 - - [30/Aug/2019:20:20:22 +0200] "\n" 400 981
80.82.77.139 - - [30/Aug/2019:20:20:22 +0200] "\n" 400 981
80.82.77.139 - - [30/Aug/2019:20:20:22 +0200] "\n" 400 981
80.82.77.139 - - [30/Aug/2019:20:20:25 +0200] "quit\n" 400 981
80.82.77.139 - - [30/Aug/2019:20:20:25 +0200] "GET /robots.txt HTTP/1.1" 404 1052
80.82.77.139 - - [30/Aug/2019:20:20:26 +0200] "GET /sitemap.xml HTTP/1.1" 404 1052
80.82.77.139 - - [30/Aug/2019:20:20:26 +0200] "GET /.well-known/security.txt HTTP/1.1" 404 1052
80.82.77.139 - - [30/Aug/2019:20:20:26 +0200] "\n" 400 981
80.82.77.139 - - [30/Aug/2019:20:20:28 +0200] "GET /favicon.ico HTTP/1.1" 404 1052
2019-08-31 07:40:48
178.62.117.106 attackspambots
Aug 30 07:22:46 eddieflores sshd\[10439\]: Invalid user administrator from 178.62.117.106
Aug 30 07:22:46 eddieflores sshd\[10439\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106
Aug 30 07:22:49 eddieflores sshd\[10439\]: Failed password for invalid user administrator from 178.62.117.106 port 60165 ssh2
Aug 30 07:26:55 eddieflores sshd\[10728\]: Invalid user lihui from 178.62.117.106
Aug 30 07:26:55 eddieflores sshd\[10728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.117.106
2019-08-31 07:04:10
128.199.52.45 attackbots
Aug 30 19:46:04 mail sshd[24467]: Invalid user adm from 128.199.52.45
Aug 30 19:46:04 mail sshd[24467]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.52.45
Aug 30 19:46:04 mail sshd[24467]: Invalid user adm from 128.199.52.45
Aug 30 19:46:06 mail sshd[24467]: Failed password for invalid user adm from 128.199.52.45 port 41602 ssh2
Aug 30 19:55:47 mail sshd[6915]: Invalid user polly from 128.199.52.45
...
2019-08-31 07:16:42
41.196.0.189 attackbots
Automated report - ssh fail2ban:
Aug 30 23:14:26 authentication failure 
Aug 30 23:14:28 wrong password, user=web1, port=42374, ssh2
Aug 30 23:23:50 authentication failure
2019-08-31 07:09:09
51.158.113.104 attackbots
Aug 30 17:53:41 plusreed sshd[18844]: Invalid user mikael from 51.158.113.104
...
2019-08-31 07:01:03
139.59.74.183 attack
Aug 30 18:20:53 dedicated sshd[3376]: Invalid user qhsupport from 139.59.74.183 port 45682
2019-08-31 07:04:32
165.227.97.108 attack
Aug 30 13:28:30 hcbb sshd\[25859\]: Invalid user admin from 165.227.97.108
Aug 30 13:28:30 hcbb sshd\[25859\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.97.108
Aug 30 13:28:32 hcbb sshd\[25859\]: Failed password for invalid user admin from 165.227.97.108 port 44974 ssh2
Aug 30 13:33:24 hcbb sshd\[26266\]: Invalid user ftp_user from 165.227.97.108
Aug 30 13:33:24 hcbb sshd\[26266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.97.108
2019-08-31 07:34:52
108.77.246.129 attackspam
DATE:2019-08-30 18:20:09, IP:108.77.246.129, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)
2019-08-31 07:27:25
84.201.165.126 attack
Aug 30 22:36:57 MK-Soft-VM6 sshd\[30479\]: Invalid user newsletter from 84.201.165.126 port 49378
Aug 30 22:36:57 MK-Soft-VM6 sshd\[30479\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.201.165.126
Aug 30 22:36:59 MK-Soft-VM6 sshd\[30479\]: Failed password for invalid user newsletter from 84.201.165.126 port 49378 ssh2
...
2019-08-31 07:05:33
1.190.120.127 attack
Unauthorised access (Aug 30) SRC=1.190.120.127 LEN=40 TTL=49 ID=63081 TCP DPT=8080 WINDOW=49582 SYN 
Unauthorised access (Aug 30) SRC=1.190.120.127 LEN=40 TTL=49 ID=36951 TCP DPT=8080 WINDOW=23328 SYN 
Unauthorised access (Aug 30) SRC=1.190.120.127 LEN=40 TTL=49 ID=7974 TCP DPT=8080 WINDOW=53151 SYN
2019-08-31 07:25:12
180.166.45.146 attackbotsspam
Aug 30 21:35:50 m3 sshd[8442]: Invalid user alex from 180.166.45.146
Aug 30 21:35:53 m3 sshd[8442]: Failed password for invalid user alex from 180.166.45.146 port 40066 ssh2
Aug 30 21:41:51 m3 sshd[9130]: Invalid user adventure from 180.166.45.146


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=180.166.45.146
2019-08-31 07:38:39
45.125.223.28 attackspambots
MYH,DEF GET /downloader/
2019-08-31 07:01:33
159.65.175.37 attackspambots
2019-08-30T23:19:48.897885abusebot-4.cloudsearch.cf sshd\[28509\]: Invalid user admin from 159.65.175.37 port 32904
2019-08-31 07:41:18
191.53.254.101 attackspam
Brute force attempt
2019-08-31 07:07:24

Recently Reported IPs

221.226.39.202 34.223.112.205 200.150.122.43 1.212.161.197
170.130.213.35 200.80.164.49 217.160.255.183 34.223.112.212
34.223.112.226 34.223.22.177 34.218.119.86 157.76.202.144
34.223.112.227 34.218.119.82 129.204.254.71 34.216.226.226
34.223.45.135 34.223.22.182 119.28.68.135 170.134.121.193