102.252.64.96 - IPInfo

Basic Info

City: Pretoria

Region: Gauteng

Country: South Africa

Internet Service Provider: Telkom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
102.252.64.63	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-26 06:51:47
102.252.64.77	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-13 18:08:08

Whois info:

Dig info:

b'
; <<>> DiG 9.11.3-1ubuntu1.15-Ubuntu <<>> 102.252.64.96
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45666
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;102.252.64.96.			IN	A

;; Query time: 2 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Jul 07 07:05:06 CST 2021
;; MSG SIZE  rcvd: 42

'

Host info

96.64.252.102.in-addr.arpa domain name pointer 8ta-252-64-96.telkomadsl.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
96.64.252.102.in-addr.arpa	name = 8ta-252-64-96.telkomadsl.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.165.167.245	attackspambots	ModSecurity detections (a)	2020-09-22 04:34:12
103.23.155.180	attack	103.23.155.180 - - [21/Sep/2020:19:04:19 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.23.155.180 - - [21/Sep/2020:19:04:24 +0200] "POST /wp-login.php HTTP/1.1" 200 2104 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.23.155.180 - - [21/Sep/2020:19:04:26 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.23.155.180 - - [21/Sep/2020:19:04:31 +0200] "POST /wp-login.php HTTP/1.1" 200 2090 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.23.155.180 - - [21/Sep/2020:19:04:33 +0200] "GET /wp-login.php HTTP/1.1" 200 1984 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 103.23.155.180 - - [21/Sep/2020:19:04:38 +0200] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-09-22 04:32:39
58.27.240.250	attackbots	Unauthorised access (Sep 21) SRC=58.27.240.250 LEN=48 TOS=0x10 PREC=0x40 TTL=118 ID=12766 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-22 05:01:57
45.84.196.69	attackspambots	Port probing on unauthorized port 22	2020-09-22 04:30:42
217.182.242.31	attack	Sep 21 22:24:46 relay postfix/smtpd\[3181\]: warning: ip31.ip-217-182-242.eu\[217.182.242.31\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 22:24:52 relay postfix/smtpd\[3182\]: warning: ip31.ip-217-182-242.eu\[217.182.242.31\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 22:25:02 relay postfix/smtpd\[3181\]: warning: ip31.ip-217-182-242.eu\[217.182.242.31\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 22:25:24 relay postfix/smtpd\[30648\]: warning: ip31.ip-217-182-242.eu\[217.182.242.31\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 21 22:25:30 relay postfix/smtpd\[30647\]: warning: ip31.ip-217-182-242.eu\[217.182.242.31\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-22 04:27:05
49.235.74.226	attack	SSH Bruteforce Attempt on Honeypot	2020-09-22 04:46:57
193.228.91.11	attackspam	2020-09-21T23:08:41.491798lavrinenko.info sshd[29003]: Invalid user oracle from 193.228.91.11 port 56532 2020-09-21T23:08:43.823629lavrinenko.info sshd[29003]: Failed password for invalid user oracle from 193.228.91.11 port 56532 ssh2 2020-09-21T23:09:43.681968lavrinenko.info sshd[29031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.91.11 user=root 2020-09-21T23:09:45.520224lavrinenko.info sshd[29031]: Failed password for root from 193.228.91.11 port 46326 ssh2 2020-09-21T23:10:38.259732lavrinenko.info sshd[29070]: Invalid user postgres from 193.228.91.11 port 36168 ...	2020-09-22 04:33:38
49.247.21.43	attack	Sep 21 13:48:47 george sshd[14763]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.21.43 user=root Sep 21 13:48:49 george sshd[14763]: Failed password for root from 49.247.21.43 port 49856 ssh2 Sep 21 13:52:40 george sshd[14823]: Invalid user wwwadmin from 49.247.21.43 port 54046 Sep 21 13:52:40 george sshd[14823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.247.21.43 Sep 21 13:52:42 george sshd[14823]: Failed password for invalid user wwwadmin from 49.247.21.43 port 54046 ssh2 ...	2020-09-22 04:28:54
124.30.44.214	attackbotsspam	Sep 21 21:41:59 inter-technics sshd[16135]: Invalid user it from 124.30.44.214 port 36957 Sep 21 21:41:59 inter-technics sshd[16135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.30.44.214 Sep 21 21:41:59 inter-technics sshd[16135]: Invalid user it from 124.30.44.214 port 36957 Sep 21 21:42:02 inter-technics sshd[16135]: Failed password for invalid user it from 124.30.44.214 port 36957 ssh2 Sep 21 21:46:12 inter-technics sshd[16783]: Invalid user teamspeak from 124.30.44.214 port 37122 ...	2020-09-22 05:06:36
180.124.76.196	attack	Automatic report - Port Scan Attack	2020-09-22 05:03:49
144.34.193.83	attack	Sep 21 22:38:24 minden010 sshd[22716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.193.83 Sep 21 22:38:27 minden010 sshd[22716]: Failed password for invalid user one from 144.34.193.83 port 39732 ssh2 Sep 21 22:45:52 minden010 sshd[25482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.34.193.83 ...	2020-09-22 05:01:01
189.252.62.213	attack	Icarus honeypot on github	2020-09-22 04:27:20
222.186.42.155	attack	Sep 21 22:33:09 minden010 sshd[20858]: Failed password for root from 222.186.42.155 port 34683 ssh2 Sep 21 22:33:11 minden010 sshd[20858]: Failed password for root from 222.186.42.155 port 34683 ssh2 Sep 21 22:33:13 minden010 sshd[20858]: Failed password for root from 222.186.42.155 port 34683 ssh2 ...	2020-09-22 04:38:08
170.78.21.249	attack	Sep 21 19:06:25 vps639187 sshd\[26918\]: Invalid user user from 170.78.21.249 port 34783 Sep 21 19:06:25 vps639187 sshd\[26918\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.78.21.249 Sep 21 19:06:27 vps639187 sshd\[26918\]: Failed password for invalid user user from 170.78.21.249 port 34783 ssh2 ...	2020-09-22 04:42:03
152.246.174.68	attack	152.246.174.68 (BR/Brazil/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 21 13:03:48 server2 sshd[32365]: Failed password for root from 149.56.130.61 port 59294 ssh2 Sep 21 13:04:09 server2 sshd[32680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.246.174.68 user=root Sep 21 13:03:37 server2 sshd[32202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.254.62 user=root Sep 21 13:03:39 server2 sshd[32202]: Failed password for root from 134.209.254.62 port 48592 ssh2 Sep 21 13:04:04 server2 sshd[32682]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.106.203 user=root Sep 21 13:04:06 server2 sshd[32682]: Failed password for root from 104.131.106.203 port 44212 ssh2 IP Addresses Blocked: 149.56.130.61 (CA/Canada/-)	2020-09-22 05:04:12

Recently Reported IPs

116.179.32.167	13.212.6.80	111.217.132.124	116.179.32.233
81.222.184.223	116.179.32.73	128.199.223.97	185.222.57.0
52.87.223.92	127.174.195.77	127.174.195.27	209.127.109.170
71.239.117.21	205.185.123.97	116.179.32.101	116.179.32.31
164.68.111.186	76.106.247.22	176.106.247.22	133.106.156.247