Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Nuwcom Wireless

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:
Type Details Datetime
attackspam
Unauthorized connection attempt from IP address 102.134.2.42 on Port 445(SMB)
2019-09-05 21:32:18
Comments on same subnet:
IP Type Details Datetime
102.134.2.110 attack
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 18:28:46,239 INFO [amun_request_handler] PortScan Detected on Port: 445 (102.134.2.110)
2019-09-17 06:53:17
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.134.2.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15533
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.134.2.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 21:32:10 CST 2019
;; MSG SIZE  rcvd: 116
Host info
Host 42.2.134.102.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.2.134.102.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
198.251.89.99 attackbotsspam
SSH_attack
2020-09-14 21:20:55
125.16.205.18 attackbots
2020-09-14T19:09:20.622592hostname sshd[7001]: Failed password for invalid user student01 from 125.16.205.18 port 47370 ssh2
2020-09-14T19:14:48.979203hostname sshd[9006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.16.205.18  user=root
2020-09-14T19:14:50.780594hostname sshd[9006]: Failed password for root from 125.16.205.18 port 39859 ssh2
...
2020-09-14 21:31:57
79.0.147.19 attackbots
Automatic report - Banned IP Access
2020-09-14 21:04:40
20.194.36.46 attackspambots
Sep 14 20:05:21 webhost01 sshd[2379]: Failed password for root from 20.194.36.46 port 51594 ssh2
Sep 14 20:05:31 webhost01 sshd[2379]: Failed password for root from 20.194.36.46 port 51594 ssh2
...
2020-09-14 21:29:27
182.61.3.119 attackspambots
5x Failed Password
2020-09-14 21:33:32
1.11.201.18 attackbots
Sep 14 10:23:34 vserver sshd\[2881\]: Invalid user oracle from 1.11.201.18Sep 14 10:23:36 vserver sshd\[2881\]: Failed password for invalid user oracle from 1.11.201.18 port 51172 ssh2Sep 14 10:28:03 vserver sshd\[2914\]: Failed password for root from 1.11.201.18 port 35974 ssh2Sep 14 10:32:28 vserver sshd\[2948\]: Failed password for root from 1.11.201.18 port 48980 ssh2
...
2020-09-14 21:31:10
95.29.184.193 attackbots
Unauthorised access (Sep 13) SRC=95.29.184.193 LEN=52 TTL=115 ID=7611 DF TCP DPT=445 WINDOW=8192 SYN
2020-09-14 21:07:09
129.204.129.170 attack
 TCP (SYN) 129.204.129.170:34856 -> port 80, len 60
2020-09-14 21:33:44
193.142.59.78 attackspam
Sep 14 13:44:57 jane sshd[6641]: Failed password for root from 193.142.59.78 port 44160 ssh2
...
2020-09-14 21:03:58
218.92.0.212 attackspam
2020-09-14T16:14:31.733742afi-git.jinr.ru sshd[13074]: Failed password for root from 218.92.0.212 port 24179 ssh2
2020-09-14T16:14:34.650752afi-git.jinr.ru sshd[13074]: Failed password for root from 218.92.0.212 port 24179 ssh2
2020-09-14T16:14:37.843008afi-git.jinr.ru sshd[13074]: Failed password for root from 218.92.0.212 port 24179 ssh2
2020-09-14T16:14:37.843155afi-git.jinr.ru sshd[13074]: error: maximum authentication attempts exceeded for root from 218.92.0.212 port 24179 ssh2 [preauth]
2020-09-14T16:14:37.843170afi-git.jinr.ru sshd[13074]: Disconnecting: Too many authentication failures [preauth]
...
2020-09-14 21:17:13
159.65.89.214 attackbots
2020-09-14T19:45:31.662693hostname sshd[19688]: Failed password for root from 159.65.89.214 port 36022 ssh2
2020-09-14T19:50:23.686188hostname sshd[21373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.89.214  user=root
2020-09-14T19:50:26.261240hostname sshd[21373]: Failed password for root from 159.65.89.214 port 49978 ssh2
...
2020-09-14 21:02:22
51.81.75.162 attackspambots
[-]:80 51.81.75.162 - - [14/Sep/2020:09:12:34 +0200] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 0 "-" "-"
2020-09-14 21:29:03
188.214.104.146 attackspam
Sep 14 04:31:23 scw-tender-jepsen sshd[19529]: Failed password for root from 188.214.104.146 port 60897 ssh2
Sep 14 04:31:25 scw-tender-jepsen sshd[19529]: Failed password for root from 188.214.104.146 port 60897 ssh2
2020-09-14 21:04:28
193.169.252.217 attack
Icarus honeypot on github
2020-09-14 21:24:35
190.215.112.122 attackspambots
190.215.112.122 (CL/Chile/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 08:21:49 server sshd[1792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.215.112.122  user=root
Sep 14 08:12:54 server sshd[1041]: Failed password for root from 189.42.210.84 port 35558 ssh2
Sep 14 08:12:10 server sshd[873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.201.2.133  user=root
Sep 14 08:12:12 server sshd[873]: Failed password for root from 120.201.2.133 port 17963 ssh2
Sep 14 08:16:07 server sshd[1303]: Failed password for root from 50.4.86.76 port 48260 ssh2
Sep 14 08:12:52 server sshd[1041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.42.210.84  user=root

IP Addresses Blocked:
2020-09-14 21:15:41

Recently Reported IPs

30.56.98.160 231.188.236.62 117.208.175.115 165.190.181.239
32.240.127.19 15.23.137.180 220.128.114.80 178.234.207.196
208.82.183.220 140.215.123.94 91.196.132.127 24.174.176.151
85.95.148.220 85.173.93.45 52.101.128.22 40.92.72.74
209.85.222.51 185.206.236.46 208.21.243.13 177.155.94.32