102.39.2.252 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Vox Telecom Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	port scan and connect, tcp 80 (http)	2020-05-03 22:24:12

Comments on same subnet:

IP	Type	Details	Datetime
102.39.226.238	attackspam	Unauthorised access (Aug 2) SRC=102.39.226.238 LEN=52 TOS=0x08 PREC=0x20 TTL=113 ID=25823 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-02 21:50:59
102.39.226.220	attack	Automatic report - XMLRPC Attack	2020-08-01 02:13:04
102.39.22.74	attackspam	unauthorized connection attempt	2020-01-24 04:24:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.39.2.252
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21704
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.39.2.252.			IN	A

;; AUTHORITY SECTION:
.			279	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050300 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun May 03 22:24:07 CST 2020
;; MSG SIZE  rcvd: 116

Host info

252.2.39.102.in-addr.arpa domain name pointer 102-39-2-252.vox.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
252.2.39.102.in-addr.arpa	name = 102-39-2-252.vox.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
209.205.200.34	attackbotsspam	Automatic report - Banned IP Access	2019-10-16 20:42:56
162.62.19.220	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 20:26:01
5.116.148.76	attackspambots	[portscan] Port scan	2019-10-16 20:40:34
49.88.112.115	attackspam	Oct 16 02:20:57 php1 sshd\[1616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root Oct 16 02:20:59 php1 sshd\[1616\]: Failed password for root from 49.88.112.115 port 59890 ssh2 Oct 16 02:21:44 php1 sshd\[1741\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root Oct 16 02:21:47 php1 sshd\[1741\]: Failed password for root from 49.88.112.115 port 12172 ssh2 Oct 16 02:26:02 php1 sshd\[2104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.115 user=root	2019-10-16 20:35:18
117.50.5.83	attack	Oct 16 14:23:27 server sshd\[15760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.83 Oct 16 14:23:29 server sshd\[15760\]: Failed password for invalid user noc from 117.50.5.83 port 34312 ssh2 Oct 16 15:27:28 server sshd\[2802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.83 user=root Oct 16 15:27:30 server sshd\[2802\]: Failed password for root from 117.50.5.83 port 35322 ssh2 Oct 16 15:32:53 server sshd\[4434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.83 user=root ...	2019-10-16 21:01:50
113.125.43.40	attackbots	Oct 16 14:40:33 MK-Soft-Root1 sshd[5747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.125.43.40 Oct 16 14:40:34 MK-Soft-Root1 sshd[5747]: Failed password for invalid user oe from 113.125.43.40 port 54780 ssh2 ...	2019-10-16 20:46:34
219.239.47.66	attackbots	Oct 16 14:25:17 MK-Soft-VM6 sshd[17339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.239.47.66 Oct 16 14:25:19 MK-Soft-VM6 sshd[17339]: Failed password for invalid user ghislain from 219.239.47.66 port 58114 ssh2 ...	2019-10-16 20:29:10
111.231.71.157	attack	Oct 16 08:45:02 plusreed sshd[18794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 user=root Oct 16 08:45:04 plusreed sshd[18794]: Failed password for root from 111.231.71.157 port 38370 ssh2 Oct 16 08:48:38 plusreed sshd[19527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.71.157 user=root Oct 16 08:48:40 plusreed sshd[19527]: Failed password for root from 111.231.71.157 port 38286 ssh2 ...	2019-10-16 21:01:29
171.229.250.11	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-16 20:48:01
59.153.74.43	attackbotsspam	Oct 16 08:01:01 plusreed sshd[9183]: Invalid user student from 59.153.74.43 ...	2019-10-16 20:44:54
167.99.247.235	attackbots	WordPress wp-login brute force :: 167.99.247.235 0.124 BYPASS [16/Oct/2019:22:23:54 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-16 20:39:06
222.186.175.161	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.161 user=root Failed password for root from 222.186.175.161 port 50662 ssh2 Failed password for root from 222.186.175.161 port 50662 ssh2 Failed password for root from 222.186.175.161 port 50662 ssh2 Failed password for root from 222.186.175.161 port 50662 ssh2	2019-10-16 20:58:57
60.211.190.130	attackspambots	Oct 16 13:23:30 mc1 kernel: \[2511381.651704\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=60.211.190.130 DST=159.69.205.51 LEN=52 TOS=0x08 PREC=0x00 TTL=101 ID=12782 DF PROTO=TCP SPT=49518 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 Oct 16 13:23:33 mc1 kernel: \[2511384.695401\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=60.211.190.130 DST=159.69.205.51 LEN=52 TOS=0x08 PREC=0x00 TTL=101 ID=13799 DF PROTO=TCP SPT=49518 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 Oct 16 13:23:39 mc1 kernel: \[2511390.794607\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=60.211.190.130 DST=159.69.205.51 LEN=48 TOS=0x08 PREC=0x00 TTL=101 ID=14917 DF PROTO=TCP SPT=49518 DPT=3389 WINDOW=8192 RES=0x00 SYN URGP=0 ...	2019-10-16 20:52:49
145.239.224.138	attackbotsspam	Brute force attempt	2019-10-16 20:36:46
139.189.250.31	attack	Unauthorised access (Oct 16) SRC=139.189.250.31 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=51016 TCP DPT=8080 WINDOW=48037 SYN Unauthorised access (Oct 16) SRC=139.189.250.31 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=4946 TCP DPT=8080 WINDOW=5909 SYN Unauthorised access (Oct 15) SRC=139.189.250.31 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=45899 TCP DPT=8080 WINDOW=48037 SYN Unauthorised access (Oct 15) SRC=139.189.250.31 LEN=40 TOS=0x10 PREC=0x40 TTL=50 ID=12847 TCP DPT=8080 WINDOW=5909 SYN	2019-10-16 20:39:43

Recently Reported IPs

128.199.88.36	114.254.35.114	10.116.179.31	109.183.28.171
196.132.149.105	152.136.213.58	93.24.192.242	15.99.192.145
1.62.113.111	228.165.7.131	102.220.77.61	217.182.169.228
140.170.105.57	239.181.93.130	80.251.215.34	13.146.184.9
25.85.230.100	19.148.32.237	228.87.115.74	45.47.212.184