169.0.91.82 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Afrihost (Pty) Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 169.0.91.82 on Port 445(SMB)	2020-03-23 22:37:20

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 169.0.91.82
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23126
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;169.0.91.82.			IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032300 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 23 22:37:12 CST 2020
;; MSG SIZE  rcvd: 115

Host info

82.91.0.169.in-addr.arpa domain name pointer 169-0-91-82.ip.afrihost.co.za.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
82.91.0.169.in-addr.arpa	name = 169-0-91-82.ip.afrihost.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.68.21.125	attackspambots	2020-09-04T01:46:15.592998correo.[domain] sshd[33728]: Invalid user wangxu from 138.68.21.125 port 49354 2020-09-04T01:46:18.140171correo.[domain] sshd[33728]: Failed password for invalid user wangxu from 138.68.21.125 port 49354 ssh2 2020-09-04T01:51:05.205025correo.[domain] sshd[34199]: Invalid user fast from 138.68.21.125 port 55028 ...	2020-09-05 08:31:13
45.82.136.246	attack	Sep 1 15:53:57 uapps sshd[14104]: Connection closed by 45.82.136.246 port 40382 Sep 1 15:54:05 uapps sshd[14105]: Invalid user ansible from 45.82.136.246 port 57724 Sep 1 15:54:07 uapps sshd[14105]: Failed password for invalid user ansible from 45.82.136.246 port 57724 ssh2 Sep 1 15:54:08 uapps sshd[14105]: Received disconnect from 45.82.136.246 port 57724:11: Normal Shutdown, Thank you for playing [preauth] Sep 1 15:54:08 uapps sshd[14105]: Disconnected from invalid user ansible 45.82.136.246 port 57724 [preauth] Sep 1 15:54:19 uapps sshd[14109]: User r.r from 45.82.136.246 not allowed because not listed in AllowUsers Sep 1 15:54:19 uapps sshd[14109]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.82.136.246 user=r.r Sep 1 15:54:21 uapps sshd[14109]: Failed password for invalid user r.r from 45.82.136.246 port 39156 ssh2 Sep 1 15:54:22 uapps sshd[14109]: Received disconnect from 45.82.136.246 port 39156:11: Normal S........ -------------------------------	2020-09-05 08:30:52
190.99.179.166	attackspambots	Sep 4 18:49:54 mellenthin postfix/smtpd[29582]: NOQUEUE: reject: RCPT from dsl-emcali-190.99.179.166.emcali.net.co[190.99.179.166]: 554 5.7.1 Service unavailable; Client host [190.99.179.166] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/190.99.179.166; from= to= proto=ESMTP helo=	2020-09-05 07:58:32
170.130.63.95	attack	Registration form abuse	2020-09-05 08:17:31
162.243.130.48	attack	Brute force attack stopped by firewall	2020-09-05 08:18:44
79.141.175.115	attackspam	Spam	2020-09-05 08:39:22
175.215.138.52	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-09-05 08:05:31
103.59.113.193	attackbots	Sep 4 18:36:32 ns3164893 sshd[4163]: Failed password for root from 103.59.113.193 port 60676 ssh2 Sep 4 18:49:28 ns3164893 sshd[5058]: Invalid user test1 from 103.59.113.193 port 59876 ...	2020-09-05 08:19:04
79.141.175.114	attackbots	Spam	2020-09-05 08:39:54
45.231.255.130	attackspam	Attempts to probe for or exploit a Drupal 7.69 site on url: /phpmyadmin/index.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-09-05 07:59:17
201.149.55.53	attackbots	Port scan: Attack repeated for 24 hours	2020-09-05 08:32:00
134.209.249.204	attack	Sep 5 01:35:46 localhost sshd\[568\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.249.204 user=root Sep 5 01:35:48 localhost sshd\[568\]: Failed password for root from 134.209.249.204 port 55178 ssh2 Sep 5 01:36:05 localhost sshd\[571\]: Invalid user oracle from 134.209.249.204 Sep 5 01:36:05 localhost sshd\[571\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.249.204 Sep 5 01:36:07 localhost sshd\[571\]: Failed password for invalid user oracle from 134.209.249.204 port 48540 ssh2 ...	2020-09-05 08:12:26
159.89.236.71	attack	srv02 Mass scanning activity detected Target: 19156 ..	2020-09-05 08:34:02
5.102.20.118	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2020-09-05 08:37:17
183.87.157.202	attackbots	Sep 5 01:03:09 lnxded64 sshd[16539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.87.157.202 Sep 5 01:03:09 lnxded64 sshd[16539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.87.157.202	2020-09-05 08:09:00

Recently Reported IPs

7.144.20.221	112.211.250.247	60.196.171.42	36.70.12.85
207.180.212.98	113.187.132.64	62.30.143.34	182.253.141.25
36.72.95.177	112.242.158.94	42.113.131.196	223.29.200.222
125.24.102.106	120.194.136.195	187.190.251.122	101.255.65.118
185.153.197.103	113.53.46.32	180.183.29.37	157.46.83.68