102.68.89.161 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.68.89.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23128
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;102.68.89.161.			IN	A

;; AUTHORITY SECTION:
.			345	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023102100 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 21 19:41:42 CST 2023
;; MSG SIZE  rcvd: 106

Host info

Host 161.89.68.102.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 161.89.68.102.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.68.106.62	attack	Dec 23 21:15:47 areeb-Workstation sshd[8242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.106.62 Dec 23 21:15:49 areeb-Workstation sshd[8242]: Failed password for invalid user colignon from 138.68.106.62 port 34090 ssh2 ...	2019-12-24 05:18:47
103.109.3.214	attackspam	103.109.3.214 - - [23/Dec/2019:09:54:26 -0500] "GET /index.cfm?page=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&manufacturerID=15&collectionID=161 HTTP/1.1" 200 19261 "https:// /index.cfm?page=..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&manufacturerID=15&collectionID=161" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-12-24 05:16:35
41.231.5.110	attack	Dec 23 16:54:33 www sshd\[2213\]: Invalid user perry from 41.231.5.110 Dec 23 16:54:33 www sshd\[2213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.231.5.110 Dec 23 16:54:35 www sshd\[2215\]: Invalid user cloud-user from 41.231.5.110 ...	2019-12-24 05:07:47
51.161.12.231	attack	Dec 23 22:31:07 debian-2gb-nbg1-2 kernel: \[789411.210439\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.161.12.231 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=10978 PROTO=TCP SPT=32767 DPT=8545 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-24 05:33:48
50.244.9.1	attackbots	2019-12-23 H=50-244-9-1-static.hfc.comcastbusiness.net \[50.244.9.1\] F=\ rejected RCPT \: Mail not accepted. 50.244.9.1 is listed at a DNSBL. 2019-12-23 H=50-244-9-1-static.hfc.comcastbusiness.net \[50.244.9.1\] F=\ rejected RCPT \: Mail not accepted. 50.244.9.1 is listed at a DNSBL. 2019-12-23 H=50-244-9-1-static.hfc.comcastbusiness.net \[50.244.9.1\] F=\ rejected RCPT \<REMOVED@REMOVED.de\>: Mail not accepted. 50.244.9.1 is listed at a DNSBL.	2019-12-24 05:21:39
49.88.112.76	attackbotsspam	Dec 23 17:52:38 firewall sshd[21317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.76 user=root Dec 23 17:52:40 firewall sshd[21317]: Failed password for root from 49.88.112.76 port 30494 ssh2 Dec 23 17:52:42 firewall sshd[21317]: Failed password for root from 49.88.112.76 port 30494 ssh2 ...	2019-12-24 05:02:26
113.190.86.38	attack	Unauthorized connection attempt detected from IP address 113.190.86.38 to port 445	2019-12-24 05:01:53
123.161.205.21	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:08:31
129.158.72.141	attackbots	Feb 17 19:53:14 dillonfme sshd\[12833\]: Invalid user tomcat from 129.158.72.141 port 28873 Feb 17 19:53:15 dillonfme sshd\[12833\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.72.141 Feb 17 19:53:17 dillonfme sshd\[12833\]: Failed password for invalid user tomcat from 129.158.72.141 port 28873 ssh2 Feb 17 20:01:14 dillonfme sshd\[13088\]: User messagebus from 129.158.72.141 not allowed because not listed in AllowUsers Feb 17 20:01:14 dillonfme sshd\[13088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.158.72.141 user=messagebus ...	2019-12-24 05:23:22
159.65.11.253	attack	Dec 23 14:39:39 REDACTED sshd\[23859\]: Invalid user web from 159.65.11.253 Dec 23 14:43:08 REDACTED sshd\[23906\]: Invalid user web from 159.65.11.253 Dec 23 14:46:50 REDACTED sshd\[23939\]: Invalid user openvpn from 159.65.11.253 Dec 23 14:50:32 REDACTED sshd\[23969\]: Invalid user openvpn from 159.65.11.253 Dec 23 14:54:07 REDACTED sshd\[23996\]: Invalid user openvpn from 159.65.11.253 ...	2019-12-24 05:40:13
43.228.65.27	attack	445/tcp 1433/tcp... [2019-12-12/23]5pkt,2pt.(tcp)	2019-12-24 05:06:19
173.226.134.224	attack	623/tcp 623/tcp 623/tcp... [2019-10-27/12-23]27pkt,1pt.(tcp)	2019-12-24 05:14:10
46.229.168.147	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54952071bd7bea6a \| WAF_Rule_ID: 1bd9f7863d3d4d8faf68c16295216fb5 \| WAF_Kind: firewall \| CF_Action: allow \| Country: US \| CF_IPClass: searchEngine \| Protocol: HTTP/1.1 \| Method: GET \| Host: www.wevg.org \| User-Agent: Mozilla/5.0 (compatible; SemrushBot/6~bl; +http://www.semrush.com/bot.html) \| CF_DC: IAD. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-24 05:13:52
123.157.144.34	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-24 05:20:01
80.174.135.176	attack	$f2bV_matches	2019-12-24 05:17:49

Recently Reported IPs

102.68.99.157	102.68.8.109	102.69.146.166	102.68.93.19
102.69.122.137	102.68.77.26	102.68.76.167	102.69.107.76
102.69.138.238	102.68.7.119	102.68.50.155	102.68.41.245
102.68.39.66	102.68.38.210	102.68.68.243	102.68.242.9
102.68.235.86	102.68.231.123	102.68.241.27	102.68.46.62