197.245.7.2 - IPInfo

Basic Info

City: Paarl

Region: Western Cape

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.245.75.117	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/197.245.75.117/ ZA - 1H : (24) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ZA NAME ASN : ASN11845 IP : 197.245.75.117 CIDR : 197.245.0.0/16 PREFIX COUNT : 20 UNIQUE IP COUNT : 287232 ATTACKS DETECTED ASN11845 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 DateTime : 2019-10-27 13:08:25 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-27 21:08:34
197.245.72.180	attackspambots	Aug 24 13:29:47 vmd17057 sshd\[8951\]: Invalid user service from 197.245.72.180 port 43486 Aug 24 13:29:47 vmd17057 sshd\[8951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.245.72.180 Aug 24 13:29:50 vmd17057 sshd\[8951\]: Failed password for invalid user service from 197.245.72.180 port 43486 ssh2 ...	2019-08-24 20:45:47

Type

Details

Datetime

197.245.75.117

attack

IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/197.245.75.117/ 
 
 ZA - 1H : (24)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : ZA 
 NAME ASN : ASN11845 
 
 IP : 197.245.75.117 
 
 CIDR : 197.245.0.0/16 
 
 PREFIX COUNT : 20 
 
 UNIQUE IP COUNT : 287232 
 
 
 ATTACKS DETECTED ASN11845 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 2 
 
 DateTime : 2019-10-27 13:08:25 
 
 INFO :  HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN  - data recovery

2019-10-27 21:08:34

197.245.72.180

attackspambots

Aug 24 13:29:47 vmd17057 sshd\[8951\]: Invalid user service from 197.245.72.180 port 43486
Aug 24 13:29:47 vmd17057 sshd\[8951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.245.72.180
Aug 24 13:29:50 vmd17057 sshd\[8951\]: Failed password for invalid user service from 197.245.72.180 port 43486 ssh2
...

2019-08-24 20:45:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.245.7.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19141
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;197.245.7.2.			IN	A

;; AUTHORITY SECTION:
.			265	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011300 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 13 18:39:13 CST 2022
;; MSG SIZE  rcvd: 104

Host info

2.7.245.197.in-addr.arpa domain name pointer dsl-197-245-7-2.voxdsl.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.7.245.197.in-addr.arpa	name = dsl-197-245-7-2.voxdsl.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.38.42	attack	To many SASL auth failed	2020-03-10 20:13:07
130.207.0.83	attackspam	Port scan on 1 port(s): 53	2020-03-10 20:06:47
89.35.39.60	attack	Auto reported by IDS	2020-03-10 20:13:59
87.103.253.198	attackspam	Automatic report - Port Scan Attack	2020-03-10 20:25:48
23.250.7.86	attack	(sshd) Failed SSH login from 23.250.7.86 (CA/Canada/mail86.betterjobberjaws.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 10 13:28:34 amsweb01 sshd[18261]: Invalid user leisureboosters from 23.250.7.86 port 41966 Mar 10 13:28:36 amsweb01 sshd[18261]: Failed password for invalid user leisureboosters from 23.250.7.86 port 41966 ssh2 Mar 10 13:32:08 amsweb01 sshd[18565]: Invalid user leisureboosters from 23.250.7.86 port 40878 Mar 10 13:32:10 amsweb01 sshd[18565]: Failed password for invalid user leisureboosters from 23.250.7.86 port 40878 ssh2 Mar 10 13:35:42 amsweb01 sshd[18927]: Invalid user leisureboosters from 23.250.7.86 port 39700	2020-03-10 20:45:29
51.77.157.78	attackbotsspam	fail2ban	2020-03-10 20:18:16
123.13.221.191	attack	Mar 9 19:08:29 ispf02 sshd[17867]: Did not receive identification string from 123.13.221.191 port 43869 Mar 10 08:16:05 ispf02 sshd[27931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.13.221.191 user=r.r Mar 10 08:16:07 ispf02 sshd[27931]: Failed password for r.r from 123.13.221.191 port 43876 ssh2 Mar 10 08:16:07 ispf02 sshd[27931]: Received disconnect from 123.13.221.191 port 43876:11: Bye Bye [preauth] Mar 10 08:16:07 ispf02 sshd[27931]: Disconnected from 123.13.221.191 port 43876 [preauth] Mar 10 08:20:44 ispf02 sshd[28163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.13.221.191 user=r.r Mar 10 08:20:46 ispf02 sshd[28163]: Failed password for r.r from 123.13.221.191 port 43877 ssh2 Mar 10 08:20:46 ispf02 sshd[28163]: Received disconnect from 123.13.221.191 port 43877:11: Bye Bye [preauth] Mar 10 08:20:46 ispf02 sshd[28163]: Disconnected from 123.13.221.191 port 43877 [........ -------------------------------	2020-03-10 20:46:21
106.240.234.114	attackspambots	$f2bV_matches	2020-03-10 20:23:44
198.12.152.136	attackspambots	Brute forcing email accounts	2020-03-10 20:34:58
39.82.235.80	attackspambots	$f2bV_matches	2020-03-10 20:25:15
113.160.206.137	attack	Mar 10 10:24:48 hell sshd[24147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.160.206.137 Mar 10 10:24:50 hell sshd[24147]: Failed password for invalid user ubnt from 113.160.206.137 port 49842 ssh2 ...	2020-03-10 20:14:45
36.92.147.163	attackbotsspam	20/3/10@05:24:34: FAIL: Alarm-Network address from=36.92.147.163 20/3/10@05:24:35: FAIL: Alarm-Network address from=36.92.147.163 ...	2020-03-10 20:27:03
185.36.81.57	attackbotsspam	2020-03-10T06:51:42.456584linuxbox-skyline auth[82118]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=mordor rhost=185.36.81.57 ...	2020-03-10 20:53:10
36.48.159.58	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-03-10 20:37:29
202.175.46.170	attack	Mar 10 12:12:48 Ubuntu-1404-trusty-64-minimal sshd\[16668\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 user=root Mar 10 12:12:50 Ubuntu-1404-trusty-64-minimal sshd\[16668\]: Failed password for root from 202.175.46.170 port 33430 ssh2 Mar 10 12:22:38 Ubuntu-1404-trusty-64-minimal sshd\[25116\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170 user=root Mar 10 12:22:40 Ubuntu-1404-trusty-64-minimal sshd\[25116\]: Failed password for root from 202.175.46.170 port 49204 ssh2 Mar 10 12:26:47 Ubuntu-1404-trusty-64-minimal sshd\[28440\]: Invalid user postgres from 202.175.46.170 Mar 10 12:26:47 Ubuntu-1404-trusty-64-minimal sshd\[28440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.175.46.170	2020-03-10 20:33:17

Recently Reported IPs

53.119.245.42	159.147.6.229	10.85.40.63	133.94.97.212
242.133.186.71	41.228.113.174	36.210.169.114	135.143.200.217
145.93.173.63	175.114.206.221	222.104.69.12	242.125.38.36
29.151.160.37	13.75.116.243	182.99.71.226	168.52.61.76
104.188.163.169	178.225.191.88	229.33.37.188	112.134.232.102