197.229.4.102 - IPInfo

Basic Info

City: East London

Region: Eastern Cape

Country: South Africa

Internet Service Provider: Telkom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.229.4.163	attackbotsspam	GET /wp-login.php	2020-02-19 05:39:33
197.229.4.150	attack	Sep 20 20:09:12 mxgate1 postfix/postscreen[11682]: CONNECT from [197.229.4.150]:59707 to [176.31.12.44]:25 Sep 20 20:09:12 mxgate1 postfix/dnsblog[11687]: addr 197.229.4.150 listed by domain cbl.abuseat.org as 127.0.0.2 Sep 20 20:09:12 mxgate1 postfix/dnsblog[11684]: addr 197.229.4.150 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Sep 20 20:09:12 mxgate1 postfix/dnsblog[11683]: addr 197.229.4.150 listed by domain b.barracudacentral.org as 127.0.0.2 Sep 20 20:09:12 mxgate1 postfix/dnsblog[11685]: addr 197.229.4.150 listed by domain zen.spamhaus.org as 127.0.0.4 Sep 20 20:09:12 mxgate1 postfix/dnsblog[11685]: addr 197.229.4.150 listed by domain zen.spamhaus.org as 127.0.0.10 Sep 20 20:09:18 mxgate1 postfix/postscreen[11682]: DNSBL rank 5 for [197.229.4.150]:59707 Sep x@x Sep 20 20:09:19 mxgate1 postfix/postscreen[11682]: HANGUP after 0.96 from [197.229.4.150]:59707 in tests after SMTP handshake Sep 20 20:09:19 mxgate1 postfix/postscreen[11682]: DISCONNECT [197.229.4.1........ -------------------------------	2019-09-21 03:16:24

Type

Details

Datetime

197.229.4.163

attackbotsspam

GET /wp-login.php

2020-02-19 05:39:33

197.229.4.150

attack

Sep 20 20:09:12 mxgate1 postfix/postscreen[11682]: CONNECT from [197.229.4.150]:59707 to [176.31.12.44]:25
Sep 20 20:09:12 mxgate1 postfix/dnsblog[11687]: addr 197.229.4.150 listed by domain cbl.abuseat.org as 127.0.0.2
Sep 20 20:09:12 mxgate1 postfix/dnsblog[11684]: addr 197.229.4.150 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2
Sep 20 20:09:12 mxgate1 postfix/dnsblog[11683]: addr 197.229.4.150 listed by domain b.barracudacentral.org as 127.0.0.2
Sep 20 20:09:12 mxgate1 postfix/dnsblog[11685]: addr 197.229.4.150 listed by domain zen.spamhaus.org as 127.0.0.4
Sep 20 20:09:12 mxgate1 postfix/dnsblog[11685]: addr 197.229.4.150 listed by domain zen.spamhaus.org as 127.0.0.10
Sep 20 20:09:18 mxgate1 postfix/postscreen[11682]: DNSBL rank 5 for [197.229.4.150]:59707
Sep x@x
Sep 20 20:09:19 mxgate1 postfix/postscreen[11682]: HANGUP after 0.96 from [197.229.4.150]:59707 in tests after SMTP handshake
Sep 20 20:09:19 mxgate1 postfix/postscreen[11682]: DISCONNECT [197.229.4.1........
-------------------------------

2019-09-21 03:16:24

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.229.4.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30370
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;197.229.4.102.			IN	A

;; AUTHORITY SECTION:
.			257	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022011402 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 15 09:29:45 CST 2022
;; MSG SIZE  rcvd: 106

Host info

102.4.229.197.in-addr.arpa domain name pointer 8ta-229-4-102.telkomadsl.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
102.4.229.197.in-addr.arpa	name = 8ta-229-4-102.telkomadsl.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.47.3.39	attackspambots	prod11 ...	2020-05-16 17:13:57
188.166.211.194	attack	May 16 04:48:05 buvik sshd[2287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.211.194 May 16 04:48:06 buvik sshd[2287]: Failed password for invalid user apotre from 188.166.211.194 port 53347 ssh2 May 16 04:51:47 buvik sshd[2807]: Invalid user git from 188.166.211.194 ...	2020-05-16 17:12:22
185.13.37.229	attack	SSH invalid-user multiple login try	2020-05-16 17:03:42
159.65.155.33	attack	May 15 23:20:41 ns382633 sshd\[24711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.155.33 user=root May 15 23:20:43 ns382633 sshd\[24711\]: Failed password for root from 159.65.155.33 port 44608 ssh2 May 15 23:23:00 ns382633 sshd\[24856\]: Invalid user nagios from 159.65.155.33 port 41432 May 15 23:23:00 ns382633 sshd\[24856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.155.33 May 15 23:23:02 ns382633 sshd\[24856\]: Failed password for invalid user nagios from 159.65.155.33 port 41432 ssh2	2020-05-16 17:34:05
202.98.248.123	attack	May 16 04:48:17 OPSO sshd\[3396\]: Invalid user bruno from 202.98.248.123 port 55596 May 16 04:48:17 OPSO sshd\[3396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.98.248.123 May 16 04:48:18 OPSO sshd\[3396\]: Failed password for invalid user bruno from 202.98.248.123 port 55596 ssh2 May 16 04:51:18 OPSO sshd\[4273\]: Invalid user jaimito from 202.98.248.123 port 45486 May 16 04:51:18 OPSO sshd\[4273\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.98.248.123	2020-05-16 17:26:44
27.71.122.159	attack	May 9 12:52:22 ms-srv sshd[29825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.71.122.159 May 9 12:52:25 ms-srv sshd[29825]: Failed password for invalid user sniffer from 27.71.122.159 port 17300 ssh2	2020-05-16 17:25:59
223.71.167.164	attackspambots	May 3 19:39:21 mail postfix/postscreen[20685]: DNSBL rank 3 for [223.71.167.164]:15642 ...	2020-05-16 17:42:17
136.255.144.2	attackspam	Invalid user element from 136.255.144.2 port 34366	2020-05-16 17:32:43
125.91.126.97	attackbotsspam	May 16 05:46:31 lukav-desktop sshd\[17390\]: Invalid user Larry from 125.91.126.97 May 16 05:46:31 lukav-desktop sshd\[17390\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.126.97 May 16 05:46:33 lukav-desktop sshd\[17390\]: Failed password for invalid user Larry from 125.91.126.97 port 36684 ssh2 May 16 05:49:37 lukav-desktop sshd\[17454\]: Invalid user remote from 125.91.126.97 May 16 05:49:37 lukav-desktop sshd\[17454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.126.97	2020-05-16 17:14:39
115.236.167.108	attackbotsspam	SSH Brute-Force Attack	2020-05-16 17:29:43
170.84.15.212	attackspam	port scan and connect, tcp 23 (telnet)	2020-05-16 17:24:08
111.160.46.10	attackspam	SSH-BruteForce	2020-05-16 17:09:45
139.155.70.179	attackspam	May 16 03:50:43 sip sshd[281702]: Invalid user test from 139.155.70.179 port 59600 May 16 03:50:46 sip sshd[281702]: Failed password for invalid user test from 139.155.70.179 port 59600 ssh2 May 16 03:55:45 sip sshd[281721]: Invalid user ubuntu from 139.155.70.179 port 35078 ...	2020-05-16 17:32:24
106.75.87.152	attack	May 16 04:48:59 OPSO sshd\[3441\]: Invalid user lynch from 106.75.87.152 port 32800 May 16 04:48:59 OPSO sshd\[3441\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.87.152 May 16 04:49:01 OPSO sshd\[3441\]: Failed password for invalid user lynch from 106.75.87.152 port 32800 ssh2 May 16 04:52:49 OPSO sshd\[4624\]: Invalid user oold from 106.75.87.152 port 45480 May 16 04:52:49 OPSO sshd\[4624\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.87.152	2020-05-16 17:39:57
113.183.236.103	attackbotsspam	445/tcp [2020-05-13]1pkt	2020-05-16 17:20:01

Recently Reported IPs

242.252.187.110	97.149.104.210	93.242.134.47	146.96.66.71
41.229.59.152	73.249.174.140	103.15.69.32	99.19.81.212
35.187.50.176	161.19.33.245	137.228.222.52	138.22.189.84
176.172.101.99	58.179.240.45	61.108.224.250	178.67.196.88
129.18.250.155	54.178.69.54	138.157.14.2	249.79.232.33