102.250.6.148 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Telkom SA Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	PHI,WP GET /wp-login.php	2019-10-30 23:37:05

Comments on same subnet:

IP	Type	Details	Datetime
102.250.6.186	attack	Attempts against non-existent wp-login	2020-09-03 23:01:30
102.250.6.201	attack	Attempts against non-existent wp-login	2020-09-03 21:58:53
102.250.6.186	attackbotsspam	Attempts against non-existent wp-login	2020-09-03 14:37:33
102.250.6.201	attackbots	Attempts against non-existent wp-login	2020-09-03 13:40:48
102.250.6.186	attackspambots	Attempts against non-existent wp-login	2020-09-03 06:50:25
102.250.6.201	attack	Attempts against non-existent wp-login	2020-09-03 05:53:50
102.250.6.104	attackspambots	Email rejected due to spam filtering	2020-07-18 01:45:08
102.250.6.12	attack	Brute force attempt	2019-10-04 06:33:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.250.6.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39908
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.250.6.148.			IN	A

;; AUTHORITY SECTION:
.			188	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019103000 1800 900 604800 86400

;; Query time: 110 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 23:37:00 CST 2019
;; MSG SIZE  rcvd: 117

Host info

148.6.250.102.in-addr.arpa domain name pointer 8ta-250-6-148.telkomadsl.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
148.6.250.102.in-addr.arpa	name = 8ta-250-6-148.telkomadsl.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.22.61.82	attackspam	Nov 14 01:34:20 odroid64 sshd\[16141\]: User root from 165.22.61.82 not allowed because not listed in AllowUsers Nov 14 01:34:20 odroid64 sshd\[16141\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.61.82 user=root Dec 24 05:10:20 odroid64 sshd\[4898\]: User root from 165.22.61.82 not allowed because not listed in AllowUsers Dec 24 05:10:20 odroid64 sshd\[4898\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.61.82 user=root ...	2020-03-06 01:12:19
177.125.165.75	attackbots	suspicious action Thu, 05 Mar 2020 10:33:33 -0300	2020-03-06 01:44:22
165.22.144.206	attackbots	Jan 31 01:26:36 odroid64 sshd\[25224\]: Invalid user ramprasad from 165.22.144.206 Jan 31 01:26:36 odroid64 sshd\[25224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.144.206 Feb 5 17:36:40 odroid64 sshd\[28469\]: Invalid user a from 165.22.144.206 Feb 5 17:36:40 odroid64 sshd\[28469\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.144.206 ...	2020-03-06 01:48:08
182.61.26.187	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-06 01:43:51
142.93.149.226	attackspambots	Unauthorised access (Mar 5) SRC=142.93.149.226 LEN=40 TTL=48 ID=9153 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 4) SRC=142.93.149.226 LEN=40 TTL=48 ID=10114 TCP DPT=8080 WINDOW=17229 SYN Unauthorised access (Mar 3) SRC=142.93.149.226 LEN=40 TTL=48 ID=15698 TCP DPT=8080 WINDOW=4314 SYN	2020-03-06 01:41:55
178.128.127.167	attackbots	xmlrpc attack	2020-03-06 01:47:47
93.2.134.147	attackbotsspam	Jan 10 00:18:26 odroid64 sshd\[26074\]: User root from 93.2.134.147 not allowed because not listed in AllowUsers Jan 10 00:18:26 odroid64 sshd\[26074\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.2.134.147 user=root Feb 8 22:52:56 odroid64 sshd\[6032\]: Invalid user iyk from 93.2.134.147 Feb 8 22:52:56 odroid64 sshd\[6032\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.2.134.147 ...	2020-03-06 01:36:16
27.72.126.39	attackbotsspam	1433/tcp [2020-03-05]1pkt	2020-03-06 01:26:55
187.172.17.216	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-06 01:19:27
222.186.173.183	attackbots	$f2bV_matches	2020-03-06 01:25:14
107.189.10.44	attackspam	SSH_scan	2020-03-06 01:28:00
222.186.175.23	attackspam	Mar 5 18:21:51 vpn01 sshd[15047]: Failed password for root from 222.186.175.23 port 54074 ssh2 ...	2020-03-06 01:37:04
201.43.37.6	attackbotsspam	Automatic report - Port Scan Attack	2020-03-06 01:23:21
111.231.231.252	attackspambots	20 attempts against mh-misbehave-ban on ice	2020-03-06 01:38:44
221.122.73.130	attackbots	Mar 5 07:15:21 web1 sshd\[20001\]: Invalid user wftuser from 221.122.73.130 Mar 5 07:15:21 web1 sshd\[20001\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.73.130 Mar 5 07:15:23 web1 sshd\[20001\]: Failed password for invalid user wftuser from 221.122.73.130 port 39799 ssh2 Mar 5 07:20:29 web1 sshd\[20495\]: Invalid user yangzuokun from 221.122.73.130 Mar 5 07:20:29 web1 sshd\[20495\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.73.130	2020-03-06 01:35:42

Recently Reported IPs

60.252.206.6	142.182.163.56	191.27.130.168	246.0.48.245
39.240.212.247	180.209.137.78	87.74.216.23	151.124.119.12
2.110.40.175	80.126.194.13	16.181.213.128	89.238.154.243
130.54.72.84	5.200.224.92	14.68.32.3	146.49.160.210
82.63.177.47	136.62.173.88	65.136.80.107	166.78.12.31