102.39.22.74 - IPInfo

Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: Vox Telecom Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	unauthorized connection attempt	2020-01-24 04:24:21

Comments on same subnet:

IP	Type	Details	Datetime
102.39.226.238	attackspam	Unauthorised access (Aug 2) SRC=102.39.226.238 LEN=52 TOS=0x08 PREC=0x20 TTL=113 ID=25823 DF TCP DPT=445 WINDOW=8192 SYN	2020-08-02 21:50:59
102.39.226.220	attack	Automatic report - XMLRPC Attack	2020-08-01 02:13:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.39.22.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21534
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.39.22.74.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012300 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 24 04:24:17 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 74.22.39.102.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 74.22.39.102.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
129.211.42.153	attackbots	2020-06-19T22:57:48.615997abusebot-5.cloudsearch.cf sshd[16680]: Invalid user user from 129.211.42.153 port 59312 2020-06-19T22:57:48.621443abusebot-5.cloudsearch.cf sshd[16680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.42.153 2020-06-19T22:57:48.615997abusebot-5.cloudsearch.cf sshd[16680]: Invalid user user from 129.211.42.153 port 59312 2020-06-19T22:57:50.726037abusebot-5.cloudsearch.cf sshd[16680]: Failed password for invalid user user from 129.211.42.153 port 59312 ssh2 2020-06-19T23:03:14.067014abusebot-5.cloudsearch.cf sshd[16748]: Invalid user testuser from 129.211.42.153 port 59192 2020-06-19T23:03:14.073653abusebot-5.cloudsearch.cf sshd[16748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.42.153 2020-06-19T23:03:14.067014abusebot-5.cloudsearch.cf sshd[16748]: Invalid user testuser from 129.211.42.153 port 59192 2020-06-19T23:03:15.596510abusebot-5.cloudsearch.cf sshd[1674 ...	2020-06-20 08:12:15
45.131.192.125	attackspambots	fail2ban - Attack against WordPress	2020-06-20 08:04:38
150.109.120.253	attack	2020-06-19T23:36:41.028926dmca.cloudsearch.cf sshd[20163]: Invalid user dreambox from 150.109.120.253 port 46044 2020-06-19T23:36:41.033914dmca.cloudsearch.cf sshd[20163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.120.253 2020-06-19T23:36:41.028926dmca.cloudsearch.cf sshd[20163]: Invalid user dreambox from 150.109.120.253 port 46044 2020-06-19T23:36:43.419150dmca.cloudsearch.cf sshd[20163]: Failed password for invalid user dreambox from 150.109.120.253 port 46044 ssh2 2020-06-19T23:42:02.271766dmca.cloudsearch.cf sshd[20500]: Invalid user git from 150.109.120.253 port 47450 2020-06-19T23:42:02.276914dmca.cloudsearch.cf sshd[20500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.120.253 2020-06-19T23:42:02.271766dmca.cloudsearch.cf sshd[20500]: Invalid user git from 150.109.120.253 port 47450 2020-06-19T23:42:04.060385dmca.cloudsearch.cf sshd[20500]: Failed password for invalid user gi ...	2020-06-20 08:08:27
106.200.207.182	attackbotsspam	Lines containing failures of 106.200.207.182 Jun 19 18:30:45 penfold sshd[11468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.200.207.182 user=r.r Jun 19 18:30:47 penfold sshd[11468]: Failed password for r.r from 106.200.207.182 port 46434 ssh2 Jun 19 18:30:48 penfold sshd[11468]: Received disconnect from 106.200.207.182 port 46434:11: Bye Bye [preauth] Jun 19 18:30:48 penfold sshd[11468]: Disconnected from authenticating user r.r 106.200.207.182 port 46434 [preauth] Jun 19 18:46:40 penfold sshd[12584]: Invalid user guoman from 106.200.207.182 port 57668 Jun 19 18:46:40 penfold sshd[12584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.200.207.182 Jun 19 18:46:42 penfold sshd[12584]: Failed password for invalid user guoman from 106.200.207.182 port 57668 ssh2 Jun 19 18:46:44 penfold sshd[12584]: Received disconnect from 106.200.207.182 port 57668:11: Bye Bye [preauth] Jun 19 1........ ------------------------------	2020-06-20 07:35:07
183.89.211.202	attackspam	Dovecot Invalid User Login Attempt.	2020-06-20 08:08:05
119.17.221.61	attack	2020-06-19T23:28:56.863634shield sshd\[3159\]: Invalid user growth from 119.17.221.61 port 57012 2020-06-19T23:28:56.868559shield sshd\[3159\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.17.221.61 2020-06-19T23:28:59.413103shield sshd\[3159\]: Failed password for invalid user growth from 119.17.221.61 port 57012 ssh2 2020-06-19T23:32:39.761688shield sshd\[3531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.17.221.61 user=root 2020-06-19T23:32:41.921608shield sshd\[3531\]: Failed password for root from 119.17.221.61 port 57592 ssh2	2020-06-20 07:43:11
106.54.98.89	attackbots	Jun 20 01:44:30 lnxweb61 sshd[19004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.98.89	2020-06-20 07:48:15
122.228.183.194	attack	Failed password for invalid user reder from 122.228.183.194 port 39681 ssh2	2020-06-20 08:00:00
165.22.65.134	attack	2020-06-20T01:00:33.619735vps751288.ovh.net sshd\[13913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.65.134 user=root 2020-06-20T01:00:35.709602vps751288.ovh.net sshd\[13913\]: Failed password for root from 165.22.65.134 port 43840 ssh2 2020-06-20T01:03:28.911151vps751288.ovh.net sshd\[13951\]: Invalid user testuser from 165.22.65.134 port 42740 2020-06-20T01:03:28.919427vps751288.ovh.net sshd\[13951\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.65.134 2020-06-20T01:03:30.698156vps751288.ovh.net sshd\[13951\]: Failed password for invalid user testuser from 165.22.65.134 port 42740 ssh2	2020-06-20 07:57:43
177.106.216.126	attackspambots	Lines containing failures of 177.106.216.126 Jun 20 00:53:16 shared06 sshd[16012]: Invalid user admin from 177.106.216.126 port 48762 Jun 20 00:53:16 shared06 sshd[16012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.106.216.126 Jun 20 00:53:19 shared06 sshd[16012]: Failed password for invalid user admin from 177.106.216.126 port 48762 ssh2 Jun 20 00:53:20 shared06 sshd[16012]: Connection closed by invalid user admin 177.106.216.126 port 48762 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.106.216.126	2020-06-20 07:47:09
51.75.131.235	attack	Jun 19 23:29:55 onepixel sshd[3131807]: Invalid user drukarnia from 51.75.131.235 port 43224 Jun 19 23:29:55 onepixel sshd[3131807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.131.235 Jun 19 23:29:55 onepixel sshd[3131807]: Invalid user drukarnia from 51.75.131.235 port 43224 Jun 19 23:29:57 onepixel sshd[3131807]: Failed password for invalid user drukarnia from 51.75.131.235 port 43224 ssh2 Jun 19 23:31:44 onepixel sshd[3132605]: Invalid user adrian from 51.75.131.235 port 33888	2020-06-20 07:51:18
182.105.161.95	attackspambots	Lines containing failures of 182.105.161.95 Jun 19 18:54:00 neweola postfix/smtpd[21960]: connect from unknown[182.105.161.95] Jun 19 18:54:00 neweola postfix/smtpd[21960]: NOQUEUE: reject: RCPT from unknown[182.105.161.95]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from=x@x helo= Jun 19 18:54:01 neweola postfix/smtpd[21960]: disconnect from unknown[182.105.161.95] ehlo=1 mail=1 rcpt=0/1 quhostname=1 commands=3/4 Jun 19 18:54:01 neweola postfix/smtpd[21960]: connect from unknown[182.105.161.95] Jun 19 18:54:02 neweola postfix/smtpd[21960]: lost connection after AUTH from unknown[182.105.161.95] Jun 19 18:54:02 neweola postfix/smtpd[21960]: disconnect from unknown[182.105.161.95] ehlo=1 auth=0/1 commands=1/2 Jun 19 18:54:02 neweola postfix/smtpd[21960]: connect from unknown[182.105.161.95] Jun 19 18:54:03 neweola postfix/smtpd[21960]: lost connection after AUTH from unknown[182.105.161.95] Jun 19 18:54:03 neweola postfix/smtpd[21960]: ........ ------------------------------	2020-06-20 07:50:30
62.234.20.135	attackbots	Total attacks: 2	2020-06-20 07:45:33
178.89.47.100	attackbotsspam	SMB Server BruteForce Attack	2020-06-20 07:34:08
77.247.181.162	attack	GET /wp-config.php-original HTTP/1.1	2020-06-20 07:53:06

Recently Reported IPs

156.236.119.151	116.182.109.222	86.98.60.78	212.51.70.254
119.11.15.159	44.232.185.105	218.192.170.107	85.155.202.172
108.170.140.253	73.26.74.217	52.37.135.228	189.58.102.224
167.71.43.249	166.230.32.46	54.148.136.84	93.100.240.114
84.43.254.27	99.97.250.195	118.136.118.100	126.99.115.83