102.134.2.42 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Nuwcom Wireless

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 102.134.2.42 on Port 445(SMB)	2019-09-05 21:32:18

Comments on same subnet:

IP	Type	Details	Datetime
102.134.2.110	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 18:28:46,239 INFO [amun_request_handler] PortScan Detected on Port: 445 (102.134.2.110)	2019-09-17 06:53:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.134.2.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15533
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.134.2.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090500 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Sep 05 21:32:10 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 42.2.134.102.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.2.134.102.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.251.89.99	attackbotsspam	SSH_attack	2020-09-14 21:20:55
125.16.205.18	attackbots	2020-09-14T19:09:20.622592hostname sshd[7001]: Failed password for invalid user student01 from 125.16.205.18 port 47370 ssh2 2020-09-14T19:14:48.979203hostname sshd[9006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.16.205.18 user=root 2020-09-14T19:14:50.780594hostname sshd[9006]: Failed password for root from 125.16.205.18 port 39859 ssh2 ...	2020-09-14 21:31:57
79.0.147.19	attackbots	Automatic report - Banned IP Access	2020-09-14 21:04:40
20.194.36.46	attackspambots	Sep 14 20:05:21 webhost01 sshd[2379]: Failed password for root from 20.194.36.46 port 51594 ssh2 Sep 14 20:05:31 webhost01 sshd[2379]: Failed password for root from 20.194.36.46 port 51594 ssh2 ...	2020-09-14 21:29:27
182.61.3.119	attackspambots	5x Failed Password	2020-09-14 21:33:32
1.11.201.18	attackbots	Sep 14 10:23:34 vserver sshd\[2881\]: Invalid user oracle from 1.11.201.18Sep 14 10:23:36 vserver sshd\[2881\]: Failed password for invalid user oracle from 1.11.201.18 port 51172 ssh2Sep 14 10:28:03 vserver sshd\[2914\]: Failed password for root from 1.11.201.18 port 35974 ssh2Sep 14 10:32:28 vserver sshd\[2948\]: Failed password for root from 1.11.201.18 port 48980 ssh2 ...	2020-09-14 21:31:10
95.29.184.193	attackbots	Unauthorised access (Sep 13) SRC=95.29.184.193 LEN=52 TTL=115 ID=7611 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-14 21:07:09
129.204.129.170	attack	TCP (SYN) 129.204.129.170:34856 -> port 80, len 60	2020-09-14 21:33:44
193.142.59.78	attackspam	Sep 14 13:44:57 jane sshd[6641]: Failed password for root from 193.142.59.78 port 44160 ssh2 ...	2020-09-14 21:03:58
218.92.0.212	attackspam	2020-09-14T16:14:31.733742afi-git.jinr.ru sshd[13074]: Failed password for root from 218.92.0.212 port 24179 ssh2 2020-09-14T16:14:34.650752afi-git.jinr.ru sshd[13074]: Failed password for root from 218.92.0.212 port 24179 ssh2 2020-09-14T16:14:37.843008afi-git.jinr.ru sshd[13074]: Failed password for root from 218.92.0.212 port 24179 ssh2 2020-09-14T16:14:37.843155afi-git.jinr.ru sshd[13074]: error: maximum authentication attempts exceeded for root from 218.92.0.212 port 24179 ssh2 [preauth] 2020-09-14T16:14:37.843170afi-git.jinr.ru sshd[13074]: Disconnecting: Too many authentication failures [preauth] ...	2020-09-14 21:17:13
159.65.89.214	attackbots	2020-09-14T19:45:31.662693hostname sshd[19688]: Failed password for root from 159.65.89.214 port 36022 ssh2 2020-09-14T19:50:23.686188hostname sshd[21373]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.89.214 user=root 2020-09-14T19:50:26.261240hostname sshd[21373]: Failed password for root from 159.65.89.214 port 49978 ssh2 ...	2020-09-14 21:02:22
51.81.75.162	attackspambots	[-]:80 51.81.75.162 - - [14/Sep/2020:09:12:34 +0200] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 0 "-" "-"	2020-09-14 21:29:03
188.214.104.146	attackspam	Sep 14 04:31:23 scw-tender-jepsen sshd[19529]: Failed password for root from 188.214.104.146 port 60897 ssh2 Sep 14 04:31:25 scw-tender-jepsen sshd[19529]: Failed password for root from 188.214.104.146 port 60897 ssh2	2020-09-14 21:04:28
193.169.252.217	attack	Icarus honeypot on github	2020-09-14 21:24:35
190.215.112.122	attackspambots	190.215.112.122 (CL/Chile/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 14 08:21:49 server sshd[1792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.215.112.122 user=root Sep 14 08:12:54 server sshd[1041]: Failed password for root from 189.42.210.84 port 35558 ssh2 Sep 14 08:12:10 server sshd[873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.201.2.133 user=root Sep 14 08:12:12 server sshd[873]: Failed password for root from 120.201.2.133 port 17963 ssh2 Sep 14 08:16:07 server sshd[1303]: Failed password for root from 50.4.86.76 port 48260 ssh2 Sep 14 08:12:52 server sshd[1041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.42.210.84 user=root IP Addresses Blocked:	2020-09-14 21:15:41

Recently Reported IPs

30.56.98.160	231.188.236.62	117.208.175.115	165.190.181.239
32.240.127.19	15.23.137.180	220.128.114.80	178.234.207.196
208.82.183.220	140.215.123.94	91.196.132.127	24.174.176.151
85.95.148.220	85.173.93.45	52.101.128.22	40.92.72.74
209.85.222.51	185.206.236.46	208.21.243.13	177.155.94.32