102.249.167.114

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Telkom SA Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 1 04:17:17 server sshd[21771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.249.167.114 ...	2019-07-01 11:28:43
attack	Jun 28 15:29:27 penfold sshd[26383]: Invalid user ts3 from 102.249.167.114 port 3864 Jun 28 15:29:27 penfold sshd[26383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.249.167.114 Jun 28 15:29:30 penfold sshd[26383]: Failed password for invalid user ts3 from 102.249.167.114 port 3864 ssh2 Jun 28 15:29:30 penfold sshd[26383]: Received disconnect from 102.249.167.114 port 3864:11: Bye Bye [preauth] Jun 28 15:29:30 penfold sshd[26383]: Disconnected from 102.249.167.114 port 3864 [preauth] Jun 28 15:38:39 penfold sshd[26929]: Connection closed by 102.249.167.114 port 6508 [preauth] Jun 28 15:41:41 penfold sshd[27219]: Connection closed by 102.249.167.114 port 6027 [preauth] Jun 28 15:44:42 penfold sshd[27314]: Connection closed by 102.249.167.114 port 5585 [preauth] Jun 28 15:47:57 penfold sshd[27471]: Connection closed by 102.249.167.114 port 5143 [preauth] Jun 28 15:51:28 penfold sshd[27596]: Connection closed by 102.249.167......... -------------------------------	2019-06-29 09:04:49

Type

Details

Datetime

attack

Jul  1 04:17:17 server sshd[21771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.249.167.114
...

2019-07-01 11:28:43

attack

Jun 28 15:29:27 penfold sshd[26383]: Invalid user ts3 from 102.249.167.114 port 3864
Jun 28 15:29:27 penfold sshd[26383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.249.167.114 
Jun 28 15:29:30 penfold sshd[26383]: Failed password for invalid user ts3 from 102.249.167.114 port 3864 ssh2
Jun 28 15:29:30 penfold sshd[26383]: Received disconnect from 102.249.167.114 port 3864:11: Bye Bye [preauth]
Jun 28 15:29:30 penfold sshd[26383]: Disconnected from 102.249.167.114 port 3864 [preauth]
Jun 28 15:38:39 penfold sshd[26929]: Connection closed by 102.249.167.114 port 6508 [preauth]
Jun 28 15:41:41 penfold sshd[27219]: Connection closed by 102.249.167.114 port 6027 [preauth]
Jun 28 15:44:42 penfold sshd[27314]: Connection closed by 102.249.167.114 port 5585 [preauth]
Jun 28 15:47:57 penfold sshd[27471]: Connection closed by 102.249.167.114 port 5143 [preauth]
Jun 28 15:51:28 penfold sshd[27596]: Connection closed by 102.249.167.........
-------------------------------

2019-06-29 09:04:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.249.167.114
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55254
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.249.167.114.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062801 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 09:04:43 CST 2019
;; MSG SIZE  rcvd: 119

Host info

114.167.249.102.in-addr.arpa domain name pointer 8ta-249-167-114.telkomadsl.co.za.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
114.167.249.102.in-addr.arpa	name = 8ta-249-167-114.telkomadsl.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.227.163.97	attackbotsspam	2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x 2019-07-16 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=111.227.163.97	2019-07-17 05:03:51
185.153.197.10	attackbots	RDP Bruteforce	2019-07-17 04:46:43
185.220.101.25	attackbots	Jul 16 20:27:53 vpn01 sshd\[30866\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.25 user=root Jul 16 20:27:54 vpn01 sshd\[30866\]: Failed password for root from 185.220.101.25 port 34985 ssh2 Jul 16 20:28:04 vpn01 sshd\[30866\]: Failed password for root from 185.220.101.25 port 34985 ssh2	2019-07-17 04:31:19
117.119.83.84	attackbotsspam	Jul 16 11:28:19 db sshd\[8099\]: Invalid user airdamin from 117.119.83.84 Jul 16 11:28:19 db sshd\[8099\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.119.83.84 Jul 16 11:28:21 db sshd\[8099\]: Failed password for invalid user airdamin from 117.119.83.84 port 38126 ssh2 Jul 16 11:29:21 db sshd\[8107\]: Invalid user test from 117.119.83.84 Jul 16 11:29:21 db sshd\[8107\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.119.83.84 ...	2019-07-17 04:51:53
112.85.42.94	attack	fraudulent SSH attempt	2019-07-17 04:48:55
206.189.206.155	attack	Jul 16 22:35:24 meumeu sshd[13412]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.206.155 Jul 16 22:35:26 meumeu sshd[13412]: Failed password for invalid user jeremy from 206.189.206.155 port 46314 ssh2 Jul 16 22:40:50 meumeu sshd[14392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.206.155 ...	2019-07-17 04:56:12
61.147.80.222	attack	Jul 16 10:58:26 XXX sshd[33086]: Invalid user abraham from 61.147.80.222 port 49315	2019-07-17 04:53:59
112.196.54.35	attack	Jul 16 21:39:02 MainVPS sshd[20726]: Invalid user terrariaserver from 112.196.54.35 port 55700 Jul 16 21:39:02 MainVPS sshd[20726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.196.54.35 Jul 16 21:39:02 MainVPS sshd[20726]: Invalid user terrariaserver from 112.196.54.35 port 55700 Jul 16 21:39:04 MainVPS sshd[20726]: Failed password for invalid user terrariaserver from 112.196.54.35 port 55700 ssh2 Jul 16 21:44:48 MainVPS sshd[21223]: Invalid user cho from 112.196.54.35 port 49542 ...	2019-07-17 04:25:55
179.185.30.83	attackbots	Fail2Ban Ban Triggered	2019-07-17 04:25:14
64.71.32.85	attackspambots	WP_xmlrpc_attack	2019-07-17 04:29:57
62.109.18.254	attackbots	Wordpress Admin Login attack	2019-07-17 04:53:39
185.35.139.72	attackbots	2019-07-16T20:23:56.410381abusebot-6.cloudsearch.cf sshd\[4206\]: Invalid user 123456 from 185.35.139.72 port 47280	2019-07-17 04:34:25
74.141.211.210	attackbots	Jul 16 14:14:49 aat-srv002 sshd[16070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.141.211.210 Jul 16 14:14:51 aat-srv002 sshd[16070]: Failed password for invalid user mysql from 74.141.211.210 port 43102 ssh2 Jul 16 14:20:05 aat-srv002 sshd[16160]: Failed password for root from 74.141.211.210 port 41480 ssh2 Jul 16 14:25:20 aat-srv002 sshd[16236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.141.211.210 ...	2019-07-17 04:22:25
182.76.158.114	attack	Jul 16 10:46:12 XXXXXX sshd[44697]: Invalid user odoo from 182.76.158.114 port 33474	2019-07-17 04:34:45
45.227.253.100	attackbots	abuse-sasl	2019-07-17 04:21:22

Recently Reported IPs

118.27.17.121	250.249.219.152	253.1.24.164	46.250.254.152
218.87.100.86	48.162.202.239	94.191.64.101	242.228.3.66
151.197.61.205	140.151.68.238	126.28.173.82	146.55.191.32
73.107.210.128	234.60.150.72	123.139.115.200	185.27.23.100
192.120.113.21	190.80.137.22	141.42.24.151	19.173.147.126