Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: Telkom SA Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attackbots
Automatic report - Port Scan Attack
2020-03-11 06:03:35
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.145.155.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6556
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.145.155.3.			IN	A

;; AUTHORITY SECTION:
.			149	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031001 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 11 06:03:31 CST 2020
;; MSG SIZE  rcvd: 116
Host info
3.155.145.41.in-addr.arpa domain name pointer 8ta-145-155-03.telkomadsl.co.za.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.155.145.41.in-addr.arpa	name = 8ta-145-155-03.telkomadsl.co.za.

Authoritative answers can be found from:
Related IP info:
Related comments:
IP Type Details Datetime
49.88.112.114 attackspam
Oct 18 02:41:26 php1 sshd\[28716\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114  user=root
Oct 18 02:41:28 php1 sshd\[28716\]: Failed password for root from 49.88.112.114 port 60765 ssh2
Oct 18 02:42:33 php1 sshd\[28828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114  user=root
Oct 18 02:42:35 php1 sshd\[28828\]: Failed password for root from 49.88.112.114 port 49984 ssh2
Oct 18 02:43:37 php1 sshd\[28935\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114  user=root
2019-10-18 20:45:59
167.86.111.14 attackbotsspam
Automatic report - XMLRPC Attack
2019-10-18 20:59:54
80.82.70.239 attackspam
10/18/2019-07:43:50.337523 80.82.70.239 Protocol: 6 ET SCAN NMAP -sS window 1024
2019-10-18 21:02:11
177.184.179.88 attack
Oct 18 01:44:01 web9 sshd\[30456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.179.88  user=root
Oct 18 01:44:03 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2
Oct 18 01:44:06 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2
Oct 18 01:44:08 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2
Oct 18 01:44:24 web9 sshd\[30514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.179.88  user=root
2019-10-18 20:32:29
95.160.157.92 attack
TCP Port: 25 _    invalid blocked  dnsbl-sorbs also abuseat-org _  _  _ _ (420)
2019-10-18 20:26:29
217.61.2.97 attackbotsspam
Oct 18 14:11:00 meumeu sshd[1521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.2.97 
Oct 18 14:11:02 meumeu sshd[1521]: Failed password for invalid user P@55w0rD1 from 217.61.2.97 port 38106 ssh2
Oct 18 14:14:55 meumeu sshd[2157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.2.97 
...
2019-10-18 20:27:07
112.216.129.138 attack
Oct 18 14:23:27 eventyay sshd[3112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.216.129.138
Oct 18 14:23:29 eventyay sshd[3112]: Failed password for invalid user jessie from 112.216.129.138 port 37468 ssh2
Oct 18 14:28:29 eventyay sshd[3189]: Failed password for root from 112.216.129.138 port 48806 ssh2
...
2019-10-18 20:33:13
184.30.210.217 attackspambots
10/18/2019-14:09:57.519694 184.30.210.217 Protocol: 6 SURICATA TLS invalid record/traffic
2019-10-18 20:36:42
187.125.106.34 attackbotsspam
Unauthorised access (Oct 18) SRC=187.125.106.34 LEN=40 TTL=46 ID=29836 TCP DPT=8080 WINDOW=61378 SYN 
Unauthorised access (Oct 17) SRC=187.125.106.34 LEN=40 TTL=46 ID=39010 TCP DPT=8080 WINDOW=61378 SYN 
Unauthorised access (Oct 16) SRC=187.125.106.34 LEN=40 TTL=46 ID=58891 TCP DPT=8080 WINDOW=61378 SYN 
Unauthorised access (Oct 15) SRC=187.125.106.34 LEN=40 TTL=46 ID=28720 TCP DPT=8080 WINDOW=61378 SYN 
Unauthorised access (Oct 14) SRC=187.125.106.34 LEN=40 TTL=46 ID=35164 TCP DPT=8080 WINDOW=61378 SYN
2019-10-18 20:47:15
177.125.58.145 attack
Oct 18 02:17:51 sachi sshd\[23664\]: Invalid user clementine from 177.125.58.145
Oct 18 02:17:51 sachi sshd\[23664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.125.58.145
Oct 18 02:17:54 sachi sshd\[23664\]: Failed password for invalid user clementine from 177.125.58.145 port 38348 ssh2
Oct 18 02:22:53 sachi sshd\[24070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.125.58.145  user=root
Oct 18 02:22:55 sachi sshd\[24070\]: Failed password for root from 177.125.58.145 port 54742 ssh2
2019-10-18 20:41:50
200.89.178.52 attackbotsspam
(From elvia.kidston@msn.com) Hello,
 
YOU NEED QUALITY VISITORS THAT BUY FROM YOU ??
 
My name is Elvia Kidston, and I'm a Web Traffic Specialist. I can get for your drmerritt.net:
  - visitors from search engines
  - visitors from social media
  - visitors from any country you want
  - very low bounce rate & long visit duration
 
CLAIM YOUR 24 HOURS FREE TEST ==>  http://bit.ly/Traffic_for_Your_Website
 
Do not forget to read Review to convince you, is already being tested by many people who have trusted it !!
 
Kind Regards,
Elvia Kidston
 
 
UNSUBSCRIBE==> http://bit.ly/Unsubscribe_Traffic
2019-10-18 20:35:04
124.235.138.173 attack
Automatic report - Port Scan
2019-10-18 20:53:13
77.69.206.102 attack
DATE:2019-10-18 13:43:58, IP:77.69.206.102, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)
2019-10-18 20:54:17
140.143.53.145 attackbots
Oct 18 07:43:56 Tower sshd[9949]: Connection from 140.143.53.145 port 43100 on 192.168.10.220 port 22
Oct 18 07:43:58 Tower sshd[9949]: Failed password for root from 140.143.53.145 port 43100 ssh2
Oct 18 07:43:58 Tower sshd[9949]: Received disconnect from 140.143.53.145 port 43100:11: Bye Bye [preauth]
Oct 18 07:43:58 Tower sshd[9949]: Disconnected from authenticating user root 140.143.53.145 port 43100 [preauth]
2019-10-18 20:51:43
111.68.104.130 attackspambots
IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.68.104.130/ 
 PK - 1H : (15)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : PK 
 NAME ASN : ASN45773 
 
 IP : 111.68.104.130 
 
 CIDR : 111.68.104.0/24 
 
 PREFIX COUNT : 39 
 
 UNIQUE IP COUNT : 10240 
 
 
 WYKRYTE ATAKI Z ASN45773 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 1 
 
 DateTime : 2019-10-18 13:44:22 
 
 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN  - data recovery
2019-10-18 20:33:42

Recently Reported IPs

86.38.92.110 122.92.72.5 202.208.131.247 88.121.139.70
77.11.133.52 92.187.106.155 79.149.10.74 77.11.133.76
173.23.6.217 100.40.193.177 77.11.133.139 150.207.171.140
77.11.133.67 195.96.74.22 191.234.153.214 179.162.45.12
94.194.106.178 89.158.79.45 218.139.187.93 72.250.146.70