197.87.145.49 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Dimension Data (Pty) Ltd - Optinet

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Automatic report - Port Scan Attack	2020-04-27 02:29:24

Comments on same subnet:

IP	Type	Details	Datetime
197.87.145.103	attackspam	Automatic report - Port Scan Attack	2020-02-14 04:58:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.87.145.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61279
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.87.145.49.			IN	A

;; AUTHORITY SECTION:
.			468	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042601 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 02:29:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

49.145.87.197.in-addr.arpa domain name pointer 197-87-145-49.cpt.mweb.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
49.145.87.197.in-addr.arpa	name = 197-87-145-49.cpt.mweb.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.71.76.122	attack	2020-05-01T12:01:08.706888shield sshd\[674\]: Invalid user wellington from 167.71.76.122 port 39054 2020-05-01T12:01:08.711575shield sshd\[674\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.76.122 2020-05-01T12:01:10.336366shield sshd\[674\]: Failed password for invalid user wellington from 167.71.76.122 port 39054 ssh2 2020-05-01T12:05:00.746466shield sshd\[1222\]: Invalid user bip from 167.71.76.122 port 50484 2020-05-01T12:05:00.750703shield sshd\[1222\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.76.122	2020-05-01 21:16:28
185.173.35.53	attackbotsspam	8088/tcp 47808/udp 593/tcp... [2020-03-02/05-01]76pkt,53pt.(tcp),4pt.(udp)	2020-05-01 21:15:50
206.189.146.48	attackbots	May 1 14:51:20 sip sshd[65180]: Failed password for invalid user gaming from 206.189.146.48 port 42588 ssh2 May 1 14:54:31 sip sshd[65202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.146.48 user=root May 1 14:54:33 sip sshd[65202]: Failed password for root from 206.189.146.48 port 33576 ssh2 ...	2020-05-01 21:40:58
212.102.44.87	attack	IP Address: 212.102.44.77 was executing brute force exchange server attack	2020-05-01 21:28:01
192.241.175.48	attackbots	May 1 20:04:26 webhost01 sshd[28939]: Failed password for root from 192.241.175.48 port 44086 ssh2 May 1 20:09:40 webhost01 sshd[29134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.175.48 ...	2020-05-01 21:43:58
116.193.217.139	attackbots	RDP	2020-05-01 21:45:11
185.143.74.108	attackbots	May 1 14:32:40 mail postfix/smtpd\[6961\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 1 14:33:46 mail postfix/smtpd\[7464\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 1 14:35:11 mail postfix/smtpd\[7464\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ May 1 15:06:13 mail postfix/smtpd\[8243\]: warning: unknown\[185.143.74.108\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-05-01 21:10:26
157.35.229.200	attack	SMB Server BruteForce Attack	2020-05-01 21:16:51
196.246.216.25	attack	2020-05-01T13:49:59.989777+02:00 lumpi kernel: [13623536.631155] INPUT:DROP:SPAMHAUS_DROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=196.246.216.25 DST=78.46.199.189 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=13497 DF PROTO=TCP SPT=55720 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 ...	2020-05-01 21:36:31
196.52.43.100	attackspam	5907/tcp 27017/tcp 2083/tcp... [2020-03-04/04-30]54pkt,44pt.(tcp),3pt.(udp)	2020-05-01 21:12:19
178.44.75.198	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-01 21:37:35
198.108.66.231	attack	Port scan(s) denied	2020-05-01 21:50:43
195.54.167.13	attack	May 1 14:57:31 debian-2gb-nbg1-2 kernel: \[10596764.161074\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.13 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=45683 PROTO=TCP SPT=51484 DPT=9662 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-01 21:21:06
194.152.206.12	attackbotsspam	Apr 29 17:34:34 mail sshd[4488]: Failed password for root from 194.152.206.12 port 41090 ssh2 ...	2020-05-01 21:25:14
59.90.47.72	attack	2020-05-01T06:42:21.323388linuxbox-skyline sshd[94652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.90.47.72 user=root 2020-05-01T06:42:22.782148linuxbox-skyline sshd[94652]: Failed password for root from 59.90.47.72 port 45888 ssh2 ...	2020-05-01 21:33:32

Recently Reported IPs

141.54.159.5	123.207.240.133	140.246.229.200	51.158.30.15
79.164.30.150	190.0.141.165	23.83.87.221	106.75.188.198
202.134.81.252	168.228.197.45	138.97.64.140	123.16.18.54
117.5.81.209	113.173.123.98	103.134.0.195	64.227.10.241
45.179.245.10	14.227.200.139	14.162.33.75	222.252.112.148