102.132.162.53

Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: Cool Ideas Service Provider (Pty) Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH bruteforce (Triggered fail2ban)	2020-04-22 21:18:16
attackbotsspam	(sshd) Failed SSH login from 102.132.162.53 (ZA/South Africa/n6r9-cust.coolideas.co.za): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 19 20:10:57 andromeda sshd[4840]: Invalid user yx from 102.132.162.53 port 34414 Apr 19 20:10:59 andromeda sshd[4840]: Failed password for invalid user yx from 102.132.162.53 port 34414 ssh2 Apr 19 20:15:14 andromeda sshd[5031]: Invalid user ai from 102.132.162.53 port 42272	2020-04-20 05:24:18

Type

Details

Datetime

attack

SSH bruteforce (Triggered fail2ban)

2020-04-22 21:18:16

attackbotsspam

(sshd) Failed SSH login from 102.132.162.53 (ZA/South Africa/n6r9-cust.coolideas.co.za): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 19 20:10:57 andromeda sshd[4840]: Invalid user yx from 102.132.162.53 port 34414
Apr 19 20:10:59 andromeda sshd[4840]: Failed password for invalid user yx from 102.132.162.53 port 34414 ssh2
Apr 19 20:15:14 andromeda sshd[5031]: Invalid user ai from 102.132.162.53 port 42272

2020-04-20 05:24:18

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.132.162.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39766
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.132.162.53.			IN	A

;; AUTHORITY SECTION:
.			479	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041901 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 20 05:24:15 CST 2020
;; MSG SIZE  rcvd: 118

Host info

53.162.132.102.in-addr.arpa domain name pointer n6r9-cust.coolideas.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.162.132.102.in-addr.arpa	name = n6r9-cust.coolideas.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.235.21.147	attackbotsspam	Dec 21 23:09:34 game-panel sshd[17900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.235.21.147 Dec 21 23:09:36 game-panel sshd[17900]: Failed password for invalid user vagina from 77.235.21.147 port 57438 ssh2 Dec 21 23:15:26 game-panel sshd[18154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.235.21.147	2019-12-22 07:42:10
87.201.165.227	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2019-12-22 07:29:25
46.38.144.146	attack	Dec 21 22:53:42 blackbee postfix/smtpd\[26037\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Dec 21 22:54:52 blackbee postfix/smtpd\[26037\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Dec 21 22:56:02 blackbee postfix/smtpd\[26037\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Dec 21 22:57:10 blackbee postfix/smtpd\[26071\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure Dec 21 22:58:18 blackbee postfix/smtpd\[26071\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: authentication failure ...	2019-12-22 07:21:53
123.8.40.244	attack	Honeypot attack, port: 23, PTR: hn.kd.ny.adsl.	2019-12-22 07:30:38
103.57.210.12	attackbots	Dec 21 15:23:48 server sshd\[26255\]: Failed password for invalid user zabbix from 103.57.210.12 port 58320 ssh2 Dec 22 00:18:57 server sshd\[7318\]: Invalid user zabbix from 103.57.210.12 Dec 22 00:18:57 server sshd\[7318\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.57.210.12 Dec 22 00:18:59 server sshd\[7318\]: Failed password for invalid user zabbix from 103.57.210.12 port 43680 ssh2 Dec 22 02:25:00 server sshd\[10415\]: Invalid user zabbix from 103.57.210.12 Dec 22 02:25:00 server sshd\[10415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.57.210.12 ...	2019-12-22 07:36:30
192.3.25.92	attack	Dec 21 18:27:47 TORMINT sshd\[13218\]: Invalid user dottin from 192.3.25.92 Dec 21 18:27:47 TORMINT sshd\[13218\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.3.25.92 Dec 21 18:27:49 TORMINT sshd\[13218\]: Failed password for invalid user dottin from 192.3.25.92 port 51343 ssh2 ...	2019-12-22 07:41:24
113.199.40.202	attackbots	Dec 22 00:07:51 vpn01 sshd[10186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.199.40.202 Dec 22 00:07:53 vpn01 sshd[10186]: Failed password for invalid user apache from 113.199.40.202 port 44977 ssh2 ...	2019-12-22 07:35:23
35.236.69.199	attackspam	Invalid user test from 35.236.69.199 port 44684	2019-12-22 07:22:23
171.244.18.14	attack	Dec 21 13:28:41 php1 sshd\[29920\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.18.14 user=mysql Dec 21 13:28:44 php1 sshd\[29920\]: Failed password for mysql from 171.244.18.14 port 54090 ssh2 Dec 21 13:34:49 php1 sshd\[30463\]: Invalid user tieu from 171.244.18.14 Dec 21 13:34:49 php1 sshd\[30463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.244.18.14 Dec 21 13:34:50 php1 sshd\[30463\]: Failed password for invalid user tieu from 171.244.18.14 port 58874 ssh2	2019-12-22 07:43:29
120.132.6.27	attackspam	Oct 20 00:29:16 microserver sshd[23167]: Invalid user canna from 120.132.6.27 port 43163 Oct 20 00:29:16 microserver sshd[23167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.6.27 Oct 20 00:29:18 microserver sshd[23167]: Failed password for invalid user canna from 120.132.6.27 port 43163 ssh2 Oct 20 00:33:32 microserver sshd[23828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.6.27 user=root Oct 20 00:33:34 microserver sshd[23828]: Failed password for root from 120.132.6.27 port 34133 ssh2 Oct 20 00:46:09 microserver sshd[28500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.6.27 user=root Oct 20 00:46:10 microserver sshd[28500]: Failed password for root from 120.132.6.27 port 35230 ssh2 Oct 20 00:50:26 microserver sshd[29135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.6.27 user=root Oct 20 00:50:28 micr	2019-12-22 07:38:01
139.59.61.134	attackbots	Dec 21 13:28:49 wbs sshd\[18932\]: Invalid user willcocks from 139.59.61.134 Dec 21 13:28:49 wbs sshd\[18932\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.134 Dec 21 13:28:51 wbs sshd\[18932\]: Failed password for invalid user willcocks from 139.59.61.134 port 50765 ssh2 Dec 21 13:35:08 wbs sshd\[19496\]: Invalid user zuzu8022 from 139.59.61.134 Dec 21 13:35:08 wbs sshd\[19496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.61.134	2019-12-22 07:44:37
196.2.12.232	attackbots	Honeypot attack, port: 23, PTR: PTR record not found	2019-12-22 07:35:07
147.83.192.152	attack	2019-12-21T22:53:14.929359hub.schaetter.us sshd\[12010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vm147-83-192-152.cloud-privat.upc.edu user=root 2019-12-21T22:53:17.246738hub.schaetter.us sshd\[12010\]: Failed password for root from 147.83.192.152 port 46112 ssh2 2019-12-21T22:58:20.494072hub.schaetter.us sshd\[12040\]: Invalid user guest from 147.83.192.152 port 50960 2019-12-21T22:58:20.502898hub.schaetter.us sshd\[12040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vm147-83-192-152.cloud-privat.upc.edu 2019-12-21T22:58:22.413661hub.schaetter.us sshd\[12040\]: Failed password for invalid user guest from 147.83.192.152 port 50960 ssh2 ...	2019-12-22 07:19:05
45.95.33.197	attack	Autoban 45.95.33.197 AUTH/CONNECT	2019-12-22 07:49:31
94.177.250.221	attack	Dec 21 13:30:15 php1 sshd\[18147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.250.221 user=root Dec 21 13:30:17 php1 sshd\[18147\]: Failed password for root from 94.177.250.221 port 41020 ssh2 Dec 21 13:35:43 php1 sshd\[18827\]: Invalid user jangseok from 94.177.250.221 Dec 21 13:35:43 php1 sshd\[18827\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.177.250.221 Dec 21 13:35:45 php1 sshd\[18827\]: Failed password for invalid user jangseok from 94.177.250.221 port 46200 ssh2	2019-12-22 07:51:37

Recently Reported IPs

47.220.251.124	14.132.229.78	14.175.25.41	182.232.214.191
54.247.100.49	95.9.226.147	189.59.71.90	151.38.101.196
143.159.137.238	168.8.216.197	90.14.43.228	87.226.116.151
161.49.34.187	191.240.28.26	62.140.157.245	63.106.119.13
121.169.214.123	177.43.30.63	86.91.245.70	36.81.95.120