105.213.64.172

Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: MTN

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 105.213.64.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42481
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;105.213.64.172.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030100 1800 900 604800 86400

;; Query time: 45 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 01 15:48:40 CST 2022
;; MSG SIZE  rcvd: 107

Host info

172.64.213.105.in-addr.arpa domain name pointer 105-213-64-172.access.mtnbusiness.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
172.64.213.105.in-addr.arpa	name = 105-213-64-172.access.mtnbusiness.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.92.210.194	attack	Honeypot attack, port: 445, PTR: 119.92.210.194.static.pldt.net.	2019-11-12 05:59:40
111.59.93.76	attackspambots	Nov 11 23:11:04 server sshd\[3910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.59.93.76 user=root Nov 11 23:11:06 server sshd\[3910\]: Failed password for root from 111.59.93.76 port 58436 ssh2 Nov 11 23:11:08 server sshd\[3910\]: Failed password for root from 111.59.93.76 port 58436 ssh2 Nov 11 23:11:10 server sshd\[3910\]: Failed password for root from 111.59.93.76 port 58436 ssh2 Nov 11 23:11:13 server sshd\[3910\]: Failed password for root from 111.59.93.76 port 58436 ssh2 ...	2019-11-12 05:56:44
182.61.37.144	attack	$f2bV_matches	2019-11-12 05:59:24
222.122.31.133	attackbots	SSH Brute Force	2019-11-12 06:25:02
159.203.201.126	attack	firewall-block, port(s): 9990/tcp	2019-11-12 06:09:34
38.117.65.60	attackspam	Honeypot attack, port: 445, PTR: 38-117-65-60.static-ip.ravand.ca.	2019-11-12 06:09:55
217.112.128.199	attackbots	Postfix DNSBL listed. Trying to send SPAM.	2019-11-12 06:01:59
123.243.111.52	attackbotsspam	Honeypot attack, port: 445, PTR: 123-243-111-52.static.tpgi.com.au.	2019-11-12 06:25:22
114.67.80.41	attack	Nov 11 07:47:25 web1 sshd\[16938\]: Invalid user genx from 114.67.80.41 Nov 11 07:47:25 web1 sshd\[16938\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.41 Nov 11 07:47:27 web1 sshd\[16938\]: Failed password for invalid user genx from 114.67.80.41 port 60611 ssh2 Nov 11 07:51:27 web1 sshd\[17279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.80.41 user=mysql Nov 11 07:51:29 web1 sshd\[17279\]: Failed password for mysql from 114.67.80.41 port 49818 ssh2	2019-11-12 06:19:29
182.61.22.205	attack	Nov 11 21:50:46 odroid64 sshd\[15313\]: User root from 182.61.22.205 not allowed because not listed in AllowUsers Nov 11 21:50:46 odroid64 sshd\[15313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.22.205 user=root ...	2019-11-12 06:30:30
175.176.89.134	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-12 06:24:10
112.64.170.166	attackspam	Nov 11 13:28:27 TORMINT sshd\[11374\]: Invalid user wallace from 112.64.170.166 Nov 11 13:28:27 TORMINT sshd\[11374\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.64.170.166 Nov 11 13:28:30 TORMINT sshd\[11374\]: Failed password for invalid user wallace from 112.64.170.166 port 46108 ssh2 ...	2019-11-12 05:54:51
123.207.145.214	attackbotsspam	[MonNov1115:35:06.1731082019][:error][pid16938:tid47784076011264][client123.207.145.214:24920][client123.207.145.214]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"$\?:\\\\\\\\\(chr\?\\\\\\\\\(\?[0-9]{1\,3}\?\\\\\\\\$\\|\?=\?f$\?:open\\|write$\?\\\\\\\\$\\|\\\\\\\\b\(\?:passthru\\|serialize\\|php_uname\\|phpinfo\\|shell_exec\\|preg_\\\\\\\\w \\|mysql_query\\|exec\\|eval\\|base64_decode\\|decode_base64\\|rot13\\|base64_url_decode\\|gz\(\?:inflate\\|decode\\|uncompress$\\|strrev\\|zlib_\\\\\\\\w \)\\\\\\\\b\?\(\?..."atARGS:admin.[file"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf"][line"767"][id"340095"][rev"53"][msg"Atomicorp.comWAFRules:AttackBlocked-PHPfunctioninArgument-thismaybeanattack."][data"die\(@md5\,ARGS:admin"][severity"CRITICAL"][hostname"81.17.25.251"][uri"/Adminfb191151/Login.php"][unique_id"XclxmrHKL2mPOsKTZlQ6TwAAAVc"][MonNov1115:35:17.0876482019][:error][pid16638:tid47783967315712][client123.207.145.214:27743][client123.207.145.214]ModSecurity:Accessdeniedwithcode403\(	2019-11-12 06:19:14
92.210.108.112	attack	Nov 11 09:05:02 web1 sshd\[23876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.210.108.112 user=root Nov 11 09:05:04 web1 sshd\[23876\]: Failed password for root from 92.210.108.112 port 43400 ssh2 Nov 11 09:14:20 web1 sshd\[24749\]: Invalid user com@\)\)$ from 92.210.108.112 Nov 11 09:14:20 web1 sshd\[24749\]: pam_unix\(sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.210.108.112 Nov 11 09:14:21 web1 sshd\[24749\]: Failed password for invalid user com@\)\)\( from 92.210.108.112 port 53104 ssh2	2019-11-12 06:17:30
176.31.253.204	attack	...	2019-11-12 06:19:56

Recently Reported IPs

104.22.78.176	105.213.64.178	105.213.64.166	105.213.64.19
105.213.64.190	105.213.64.110	105.213.64.186	105.213.190.190
105.213.64.181	105.213.64.212	104.22.79.176	105.213.64.205
105.213.64.219	105.213.64.242	105.213.64.228	105.213.64.198
105.213.64.237	105.213.64.5	105.213.64.34	105.213.64.6