197.245.95.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Vox Telecom Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 197.245.95.2 on Port 445(SMB)	2020-09-25 00:11:41
attackspambots	Unauthorized connection attempt from IP address 197.245.95.2 on Port 445(SMB)	2020-09-24 15:53:58
attackbotsspam	Unauthorized connection attempt from IP address 197.245.95.2 on Port 445(SMB)	2020-09-24 07:19:50

Type

Details

Datetime

attackbotsspam

Unauthorized connection attempt from IP address 197.245.95.2 on Port 445(SMB)

2020-09-25 00:11:41

attackspambots

Unauthorized connection attempt from IP address 197.245.95.2 on Port 445(SMB)

2020-09-24 15:53:58

attackbotsspam

Unauthorized connection attempt from IP address 197.245.95.2 on Port 445(SMB)

2020-09-24 07:19:50

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.245.95.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32606
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.245.95.2.			IN	A

;; AUTHORITY SECTION:
.			338	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092302 1800 900 604800 86400

;; Query time: 80 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 24 07:19:47 CST 2020
;; MSG SIZE  rcvd: 116

Host info

2.95.245.197.in-addr.arpa domain name pointer dsl-197-245-95-2.voxdsl.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.95.245.197.in-addr.arpa	name = dsl-197-245-95-2.voxdsl.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
1.1.196.43	attackspambots	Dec 1 10:10:13 odroid64 sshd\[20220\]: User root from 1.1.196.43 not allowed because not listed in AllowUsers Dec 1 10:10:14 odroid64 sshd\[20220\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.1.196.43 user=root ...	2019-12-01 21:18:14
113.243.164.193	attackspam	UTC: 2019-11-30 pkts: 2 port: 23/tcp	2019-12-01 20:49:40
172.81.237.242	attackbots	Dec 1 11:19:25 *** sshd[15476]: Invalid user burnet from 172.81.237.242	2019-12-01 21:01:21
202.131.231.210	attack	SSH Brute Force, server-1 sshd[26326]: Failed password for invalid user Winter from 202.131.231.210 port 39486 ssh2	2019-12-01 21:19:16
5.97.209.39	attackbotsspam	2019-12-01 12:04:04,844 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 5.97.209.39 2019-12-01 12:35:05,074 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 5.97.209.39 2019-12-01 13:10:12,337 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 5.97.209.39 2019-12-01 13:43:35,273 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 5.97.209.39 2019-12-01 14:14:15,942 fail2ban.actions \[14488\]: NOTICE \[sshd\] Ban 5.97.209.39 ...	2019-12-01 21:16:19
123.112.71.27	attack	Port 1433 Scan	2019-12-01 20:50:07
114.236.113.155	attackspam	Port 1433 Scan	2019-12-01 21:06:57
49.234.43.173	attackspam	Dec 1 06:14:46 ip-172-31-62-245 sshd\[24713\]: Invalid user geometry from 49.234.43.173\ Dec 1 06:14:48 ip-172-31-62-245 sshd\[24713\]: Failed password for invalid user geometry from 49.234.43.173 port 47478 ssh2\ Dec 1 06:17:56 ip-172-31-62-245 sshd\[24742\]: Invalid user helpdesk from 49.234.43.173\ Dec 1 06:17:58 ip-172-31-62-245 sshd\[24742\]: Failed password for invalid user helpdesk from 49.234.43.173 port 51304 ssh2\ Dec 1 06:21:46 ip-172-31-62-245 sshd\[24760\]: Invalid user hlouthan from 49.234.43.173\	2019-12-01 21:13:47
91.122.55.162	attack	'IP reached maximum auth failures for a one day block'	2019-12-01 21:11:48
189.27.78.168	attackspambots	Dec 1 09:42:54 web8 sshd\[27471\]: Invalid user mylinux from 189.27.78.168 Dec 1 09:42:54 web8 sshd\[27471\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.27.78.168 Dec 1 09:42:57 web8 sshd\[27471\]: Failed password for invalid user mylinux from 189.27.78.168 port 36888 ssh2 Dec 1 09:47:07 web8 sshd\[29384\]: Invalid user itcenter from 189.27.78.168 Dec 1 09:47:07 web8 sshd\[29384\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.27.78.168	2019-12-01 21:09:14
118.24.81.234	attackspambots	SSH brutforce	2019-12-01 21:25:51
202.162.194.44	attackspam	UTC: 2019-11-30 port: 23/tcp	2019-12-01 21:24:59
110.36.184.48	attackbots	$f2bV_matches	2019-12-01 20:50:46
211.55.143.206	attackbots	Dec 1 08:44:19 venus sshd\[23823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.55.143.206 user=root Dec 1 08:44:21 venus sshd\[23823\]: Failed password for root from 211.55.143.206 port 35583 ssh2 Dec 1 08:44:23 venus sshd\[23823\]: Failed password for root from 211.55.143.206 port 35583 ssh2 ...	2019-12-01 21:00:56
63.81.87.168	attackspam	Dec 1 07:21:42 exim[25912]: [1\55] 1ibIby-0006jw-P7 H=camp.jcnovel.com (camp.hislult.com) [63.81.87.168] F= rejected after DATA: This message scored 103.2 spam points.	2019-12-01 21:03:04

Recently Reported IPs

144.217.217.174	83.253.24.152	62.233.75.102	51.116.112.29
112.240.197.71	114.104.135.60	52.142.10.22	180.165.134.156
94.102.57.177	178.249.238.120	118.71.153.198	94.136.74.222
123.240.0.61	104.248.235.174	81.141.177.78	182.155.117.238
176.159.128.148	75.129.228.125	79.231.19.83	41.46.68.196