165.165.147.154

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Telkom SA Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan detected from 165.165.147.154 (ZA/South Africa/Gauteng/Pretoria/-). 4 hits in the last 280 seconds	2020-08-05 07:01:50
attackspam	SMB Server BruteForce Attack	2020-03-28 09:35:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 165.165.147.154
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50697
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;165.165.147.154.		IN	A

;; AUTHORITY SECTION:
.			529	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032800 1800 900 604800 86400

;; Query time: 96 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 09:35:05 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 154.147.165.165.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 154.147.165.165.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.69.77.64	attack	SMB Server BruteForce Attack	2020-08-20 17:26:44
157.245.5.133	attackbots	157.245.5.133 - - [20/Aug/2020:10:37:59 +0200] "POST /wp-login.php HTTP/1.1" 200 5181 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.5.133 - - [20/Aug/2020:10:38:02 +0200] "POST /wp-login.php HTTP/1.1" 200 5165 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.5.133 - - [20/Aug/2020:10:38:04 +0200] "POST /wp-login.php HTTP/1.1" 200 5163 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.5.133 - - [20/Aug/2020:10:38:07 +0200] "POST /wp-login.php HTTP/1.1" 200 5158 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.5.133 - - [20/Aug/2020:10:46:34 +0200] "POST /wp-login.php HTTP/1.1" 200 5521 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-20 17:24:27
106.12.33.174	attackspambots	Aug 20 07:41:09 home sshd[2038809]: Failed password for invalid user peter from 106.12.33.174 port 38262 ssh2 Aug 20 07:45:22 home sshd[2040170]: Invalid user ftpuser from 106.12.33.174 port 58466 Aug 20 07:45:22 home sshd[2040170]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.33.174 Aug 20 07:45:22 home sshd[2040170]: Invalid user ftpuser from 106.12.33.174 port 58466 Aug 20 07:45:24 home sshd[2040170]: Failed password for invalid user ftpuser from 106.12.33.174 port 58466 ssh2 ...	2020-08-20 17:21:11
111.231.220.177	attack	Aug 20 07:22:48 ns382633 sshd\[24595\]: Invalid user data01 from 111.231.220.177 port 44310 Aug 20 07:22:48 ns382633 sshd\[24595\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.220.177 Aug 20 07:22:50 ns382633 sshd\[24595\]: Failed password for invalid user data01 from 111.231.220.177 port 44310 ssh2 Aug 20 07:27:25 ns382633 sshd\[25471\]: Invalid user se from 111.231.220.177 port 58986 Aug 20 07:27:25 ns382633 sshd\[25471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.220.177	2020-08-20 16:58:12
112.85.42.187	attackspam	Aug 20 10:49:11 piServer sshd[898]: Failed password for root from 112.85.42.187 port 32255 ssh2 Aug 20 10:49:14 piServer sshd[898]: Failed password for root from 112.85.42.187 port 32255 ssh2 Aug 20 10:49:18 piServer sshd[898]: Failed password for root from 112.85.42.187 port 32255 ssh2 ...	2020-08-20 16:55:02
18.224.171.204	attackspambots	Lines containing failures of 18.224.171.204 Aug 18 09:58:40 online-web-2 sshd[4112055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.224.171.204 user=r.r Aug 18 09:58:42 online-web-2 sshd[4112055]: Failed password for r.r from 18.224.171.204 port 50564 ssh2 Aug 18 09:58:43 online-web-2 sshd[4112055]: Received disconnect from 18.224.171.204 port 50564:11: Bye Bye [preauth] Aug 18 09:58:43 online-web-2 sshd[4112055]: Disconnected from authenticating user r.r 18.224.171.204 port 50564 [preauth] Aug 18 10:05:22 online-web-2 sshd[4114822]: Invalid user teamspeak2 from 18.224.171.204 port 34042 Aug 18 10:05:22 online-web-2 sshd[4114822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.224.171.204 Aug 18 10:05:24 online-web-2 sshd[4114822]: Failed password for invalid user teamspeak2 from 18.224.171.204 port 34042 ssh2 Aug 18 10:05:24 online-web-2 sshd[4114822]: Received disconnect from 1........ ------------------------------	2020-08-20 17:16:59
180.76.109.16	attack	SSH Brute Force	2020-08-20 17:09:44
176.123.7.208	attackspam	Invalid user ubuntu from 176.123.7.208 port 44793	2020-08-20 17:27:32
51.210.181.54	attack	SSH auth scanning - multiple failed logins	2020-08-20 17:24:59
37.173.133.70	attackspam	1597895423 - 08/20/2020 05:50:23 Host: 37.173.133.70/37.173.133.70 Port: 445 TCP Blocked	2020-08-20 16:50:05
106.12.183.209	attack	Aug 20 09:08:10 hidden sshd[32182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.183.209 Aug 20 09:08:13 hidden sshd[32182]: Failed password for invalid user user from 106.12.183.209 port 38866 ssh2 Aug 20 09:14:08 hidden sshd[32992]: Invalid user ubuntu from 106.12.183.209 port 45442	2020-08-20 17:04:14
195.54.160.180	attackbots	Aug 20 10:44:58 cosmoit sshd[29009]: Failed password for uucp from 195.54.160.180 port 32679 ssh2	2020-08-20 16:48:56
68.183.22.85	attack	Invalid user cent from 68.183.22.85 port 37914	2020-08-20 17:27:04
184.105.247.195	attackbotsspam	TCP (SYN) 184.105.247.195:39817 -> port 80, len 44	2020-08-20 16:56:32
188.166.54.199	attackspambots	Aug 19 21:53:55 pixelmemory sshd[3132600]: Invalid user nico from 188.166.54.199 port 50261 Aug 19 21:53:55 pixelmemory sshd[3132600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.54.199 Aug 19 21:53:55 pixelmemory sshd[3132600]: Invalid user nico from 188.166.54.199 port 50261 Aug 19 21:53:57 pixelmemory sshd[3132600]: Failed password for invalid user nico from 188.166.54.199 port 50261 ssh2 Aug 19 21:59:42 pixelmemory sshd[3134430]: Invalid user denis from 188.166.54.199 port 54739 ...	2020-08-20 17:23:00

Recently Reported IPs

189.173.26.133	187.58.244.97	77.27.22.172	42.116.168.103
18.206.180.29	190.96.153.2	180.183.225.208	110.139.254.47
14.239.35.171	110.138.149.241	91.213.77.203	89.248.171.185
118.172.201.89	174.114.11.112	96.92.113.85	83.14.36.50
49.233.90.108	45.121.199.167	119.53.122.74	216.228.69.202