102.218.215.133 Threat Intelligence and Host Information

Nov 05, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 102.218.215.133 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 42/100

Host and Network Information

  • Mitre ATT&CK IDs: T1003.008 - /etc/passwd and /etc/shadow, T1027 - Obfuscated Files or Information, T1041 - Exfiltration Over C2 Channel, T1055 - Process Injection, T1056 - Input Capture, T1057 - Process Discovery, T1060 - Registry Run Keys / Startup Folder, T1068 - Exploitation for Privilege Escalation, T1071 - Application Layer Protocol, T1105 - Ingress Tool Transfer, T1113 - Screen Capture, T1119 - Automated Collection, T1155 - AppleScript, T1210 - Exploitation of Remote Services, T1449 - Exploit SS7 to Redirect Phone Calls/SMS, T1480 - Execution Guardrails, T1553 - Subvert Trust Controls, T1562 - Impair Defenses, T1566 - Phishing, TA0011 - Command and Control

  • Tags: address range, adversaries, aids, allocation type, apnic, apple, ascii text, asn as49505, asn as714, assigned pi, australia, avast avg, backdoor, cidr, ck id, ck matrix, click, command, content length, creation date, date, dead host, defense evasion, delete c, destination, displayname, dns resolutions, domain secure, domains top, dynamicloader, dzan, emails, encrypt, entity ipripe, entries, error, external, federation flag, files, files domain, files location, files related, flag, flag united, found, general, gmt content, grum, handle, high, hostile, hostname, http, hybrid, informative, ios, ipad, ip address, iphone, ipv4, ipv4 add, judi, learn, less whois, level, local, location united, look, malware, medium, miny, misa, mitre att, moved, mtb oct, name servers, name tactics, network name, next, none google, null, ogoogle trust, orc5, passive dns, path, pattern match, port, powershell, pulse pulses, pulses none, push, refresh, registrar, related nids, related tags, restart, rhur3d, safe browsing, search, show process, show technique, site ca0x1ex17r, span, spawns, status, stream, strings, sumo, suspicious, t1480 execution, title, tofsee, tools, trojan, trojandropper, type, ubuntu, unique tlds, united, unknown, unknown ns, url add, urls, verify, whois server, win64, windows, windows nt, write, zerossl ecc

  • View other sources: Spamhaus VirusTotal

  • Country: South Africa
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: SSH
  • Countries Attacked: United States of America
  • Passive DNS Results: smtp.nelomed.co.za pop.nelomed.co.za nelomed.co.za digiafya.com www.tancipublishers.co.za tancipublishers.co.za www.phenomsafaris.com smtp.phenomsafaris.com phenomsafaris.com ftp.phenomsafaris.com new.phenomsafaris.com pop.phenomsafaris.com sam-fid.com.ng www.nrvfreceipt.com ftp.medioda.co.ke smtp.medioda.co.ke www.medioda.co.ke pop.medioda.co.ke medioda.co.ke aetsl.ng pop.matchbox-za.co.za ftp.matchbox-za.co.za smtp.matchbox-za.co.za ubalozikenya.com stvc.ac.ke smtp.proptrack.co.za pop.proptrack.co.za ftp.proptrack.co.za www.proptrack.co.za www.lunarcs.shop www.lucidoinsuranceagents.co.ke smtp.lucidoinsuranceagents.co.ke lucidoinsuranceagents.co.ke ftp.lucidoinsuranceagents.co.ke pop.lucidoinsuranceagents.co.ke api.salvtec.co.za www.api.salvtec.co.za smtp.garfieldschool.co.za pop.garfieldschool.co.za ftp.garfieldschool.co.za smtp.lunarmarc.co.ke www.lunarmarc.co.ke lunarmarc.co.ke pop.lunarmarc.co.ke ftp.lunarmarc.co.ke coltancloud.com www.coltancloud.com pop.coltancloud.com ftp.coltancloud.com smtp.coltancloud.com www.imaginecommunications.co.ke imaginecommunications.co.ke smtp.imaginecommunications.co.ke ftp.imaginecommunications.co.ke pop.imaginecommunications.co.ke nineyardssolutions.com coinsolace.com quarylane.org sdnlimited.co.ke pop.kkinnovations.co.za www.kkinnovations.co.za kkinnovations.co.za ftp.kkinnovations.co.za kwenu.capital pop.elua-enkulelimited.co.ke www.elua-enkulelimited.co.ke smtp.elua-enkulelimited.co.ke htadvocates.com van.vantagesolutions.co.ke www.van.vantagesolutions.co.ke zonaventures.co.ke pop.eadpine.com eadpine.com smtp.eadpine.com ftp.eadpine.com www.eadpine.com ftp.regionalbusinessconnection.com www.regionalbusinessconnection.com greenlightglobal.org.ng jostywagenautoshop.co.za ringcentral.co.ke pop.ringcentral.co.ke ftp.ringcentral.co.ke www.ringcentral.co.ke smtp.ringcentral.co.ke skietgat.co.za www.branddeckcreative.co.ke ftp.branddeckcreative.co.ke branddeckcreative.co.ke pop.branddeckcreative.co.ke smtp.branddeckcreative.co.ke pop.firstlingltd.com firstlingltd.com smtp.firstlingltd.com ftp.firstlingltd.com ftp.wilmanenterprises.com pop.wilmanenterprises.com wilmanenterprises.com smtp.wilmanenterprises.com www.wilmanenterprises.com grvcreceipt.com cretinnderhamhall.org smtp.zalikafarm.com www.zalikafarm.com ftp.zalikafarm.com pop.zalikafarm.com mauzo.tuvune.africa www.mauzo.tuvune.africa techwyzeup.co.za www.techwyzeup.co.za ihskenya.co.ke www.serineperfumes.co.ke www.luxeconfetti.com luxeconfetti.com serineperfumes.co.ke bridgetreetech.co.ke finemercuryeastafrica.com antechgh.com tislarproperties.com unioncommunitygesellschaft.org sinlafat.com openground.agency sulfaltd.com seraphcyber.com ntintigroup.com www.freekenya.co.ke tecsacco.co.ke rdenterprises.co.ke marickoilandgas.com emvendor-registrationportal.com pairandplace.com fortificctv.com smtp.tandvassetm.co.za pop.tandvassetm.co.za zalikafarm.com pichebookstore.com smtp.introdec.co.ke www.introdec.co.ke ftp.introdec.co.ke introdec.co.ke pop.introdec.co.ke ftp.richtechsolutions.co.ke smtp.richtechsolutions.co.ke www.richtechsolutions.co.ke pop.richtechsolutions.co.ke richtechsolutions.co.ke epaynetsz.com smtp.rapidroutelogisticsltd.co.ke rapidroutelogisticsltd.co.ke ftp.rapidroutelogisticsltd.co.ke pop.rapidroutelogisticsltd.co.ke www.rapidroutelogisticsltd.co.ke thetechdeskhost.co.za smtp.elge.co.za pop.elge.co.za www.elge.co.za elge.co.za ftp.elge.co.za africatradeexpo2025.com smis.riragiatvc.ac.ke www.smis.riragiatvc.ac.ke smtp.mthc.im.gov.ng pop.mthc.im.gov.ng ftp.mthc.im.gov.ng www.mthc.im.gov.ng mthc.im.gov.ng leahdistributors.co.ke www.leahdistributors.co.ke home.zonaventures.co.ke www.home.zonaventures.co.ke crm.furnitton.co.ke www.crm.furnitton.co.ke ftp.berkleyerp.co.ke pop.berkleyerp.co.ke smtp.berkleyerp.co.ke berkleyerp.co.ke www.berkleyerp.co.ke digimagesystem.com maraandmahogany.com kedasa.org.za ftp.tahageneraltraders.co.za tahageneraltraders.co.za smtp.tahageneraltraders.co.za www.tahageneraltraders.co.za pop.tahageneraltraders.co.za smtp.snipertacticalgear.co.za www.snipertacticalgear.co.za pop.snipertacticalgear.co.za ftp.snipertacticalgear.co.za snipertacticalgear.co.za acaungcrown.com collaboratorsafrica.co.za pop.collaboratorsafrica.co.za www.collaboratorsafrica.co.za smtp.collaboratorsafrica.co.za ftp.collaboratorsafrica.co.za www.mentalhealth.tuvune.africa mentalhealth.tuvune.africa pop.randrfurnitures.co.za smtp.randrfurnitures.co.za www.randrfurnitures.co.za ftp.randrfurnitures.co.za randrfurnitures.co.za ftp.daviscourt.co.ke www.daviscourt.co.ke www.davisco.daviscourt.co.ke daviscourt.co.ke davisco.daviscourt.co.ke smtp.daviscourt.co.ke pop.daviscourt.co.ke www.anubistours.co.ke anubistours.co.ke pop.bluemountgroup.co.ke smtp.bluemountgroup.co.ke www.bluemountgroup.co.ke bluemountgroup.co.ke blakehschool.org juwinservices.co.ke smtp.fredaxart.com www.fredaxart.com ftp.fredaxart.com pop.fredaxart.com www.site.sdnlimited.com site.sdnlimited.com smtp.moetimnac.co.za www.moetimnac.co.za pop.moetimnac.co.za moetimnac.co.za michaelzulufullserviceschool.co.za mightylife.co.za www.skystarholdings.co.ke skystarholdings.co.ke pop.temborock.co.ke ftp.temborock.co.ke temborock.co.ke smtp.temborock.co.ke www.temborock.co.ke complianceae.com shop.eltayibenergy.com www.shop.eltayibenergy.com www.wolgan.co.ke ftp.wolgan.co.ke smtp.wolgan.co.ke wolgan.co.ke pop.wolgan.co.ke www.stlukesorthopaedics.com runwayafrika.com www.pos.dssporthouse.co.ke pos.dssporthouse.co.ke nutedu.com.ng hfbplatinum.com ftp.thabangmoeng.co.za www.thabangmoeng.co.za thabangmoeng.co.za smtp.thabangmoeng.co.za dreammall.co.za fahariduka.co.ke theoakriddgeschool.org makerssupply.co.za rifacompany.com.ng www.rifacompany.com.ng pop.turkanaurbanwater.co.ke www.turkanaurbanwater.co.ke smtp.turkanaurbanwater.co.ke ftp.turkanaurbanwater.co.ke turkanaurbanwater.co.ke smtp.marceemega.com www.marceemega.com pop.manna.or.ke manna.or.ke smtp.manna.or.ke ftp.manna.or.ke www.manna.or.ke www.mssti.ke smtp.mssti.ke ftp.mssti.ke pop.mssti.ke mssti.ke smtp.solaire-kenya.com www.solaire-kenya.com ftp.solaire-kenya.com pop.solaire-kenya.com a2abiz.co.za billflow.co.ke theolivechampagne.com www.talentsrevivalchurchesinternational.com ftp.premierindltd.co.ke premierindltd.co.ke pop.premierindltd.co.ke smtp.premierindltd.co.ke www.premierindltd.co.ke amberconstruction.co.ke colevalleycristian.org ptisa.co.za ftp.amirsautotronics.com pop.amirsautotronics.com www.amirsautotronics.com smtp.amirsautotronics.com surreyridge.co.ke 3-strands.org eclipse.salvsystems.com www.eclipse.salvsystems.com da9.host-ww.net icyber.co.ke kamituga.com kundalilagroup.com ftp.coffeebean.co.ke www.coffeebean.co.ke smtp.coffeebean.co.ke coffeebean.co.ke boom-africa.co.ke ftp.boom-africa.co.ke pop.boom-africa.co.ke www.boom-africa.co.ke smtp.boom-africa.co.ke wpc.ac.sz www.arsarealestates.co.ke arsarealestates.co.ke ftp.arsarealestates.co.ke pop.arsarealestates.co.ke smtp.arsarealestates.co.ke www.seniorsdrivingschool.co.ke seniorsdrivingschool.co.ke olmaxengineering.co.ke elique.co.ke bolemaskinfarm.co.za tsdandassociates.co.sz www.joharischool.co.ke joharischool.co.ke propertyconciergehq.com.ng araokofoods.com www.system.pceakiukendaparish.org szienergy.com.ng xlshield.com fahari.store mwashcyber.shop emea.africa nwfsadaka.com mbombelafarmersmarket.co.za www.metasavanna.com bit-prft.live sistn.org.ng afriquestexpeditions.com royalmoneynigeria.com marceemega.com asst-capt.live paneltag.co.za fredaxart.com eastsoftcapital.com alvilleroyal.com coolcatinvite.com nudgethospital.com nekcharlesschools.com getaiprediction.com rukudzoinvest.co.za www.rukudzoinvest.co.za africakenyasafari.com www.tianezoglobalconnect.com theambrosehschool.org grandiosegrindltd.co.ke sequoyahhschool.org www.theambrosehschool.org www.grandiosegrindltd.co.ke www.sequoyahhschool.org www.global-bridge.org assstech.co.za www.melaweb.black aceeventsafrica.com yaqqi.co.ke vivs-inhouz-spa.co.ke www.phenom.africa medyna.guru bettersaylimited.com lapenzi.com www.newstudios.co.za findingmecommunity.org newstudios.co.za tuvune.africa mgc-rstmining.africa periciaglobal.com beginlifesafely.org cavalobrancoinvest.com elikogroup.com hadebe.org pocketmon.org adventuresmotors.com maxxy4.top coinnect.top securepoint.africa maasports.africa techkedatriz.com tianezoglobalconnect.com debix-meinapp.com citiwaves.com metasavanna.com youzeafrika.com genfocusmedia.com maxxy3.top wokfoundation.org springses.africa feelingnice.africa mzansitrips.com molomowatau.com judeharvest.com munasi-consulting.co.za icayaholdings.co.za waverlyschool.org easternmenonite.org smtp.xolt.co.za www.xolt.co.za xolt.co.za ftp.xolt.co.za pop.xolt.co.za www.pims.bimadline.africa bimadline.africa www.bimadline.africa batsirano.co.za sunspotretreat.com creatiflex.co.za pacificwestlogistics.org careconnectalliance.org besttechnologies.africa heirloom.africa ndlovunetics.co.za bitcoinfxsignal.us smtp.bitcoinfxsignal.us pop.bitcoinfxsignal.us udhiyainternational.com raphraj.com richtechict.co.ke atlanticskyvilla.co.za global-bridge.org anfaniphones.africa wkcsadaka.com ad-nocom.com terravillasmanagement.com brandpappy.com smtp.ventrix.co.ke pop.ventrix.co.ke ftp.ventrix.co.ke www.ventrix.co.ke mphomathohofarms.co.za smtp.mphomathohofarms.co.za pop.mphomathohofarms.co.za www.mphomathohofarms.co.za motad.com.ng neuroconnect.africa cathos-congo.africa fefeacademy.africa hotafricaholdings.com momentumspheresolutions.com goldendiligent.com koornamme.com risqyltd.com makworksconstructionltd.co.ke smtp.makworksconstructionltd.co.ke pop.makworksconstructionltd.co.ke www.makworksconstructionltd.co.ke ftp.makworksconstructionltd.co.ke sdnlimited.com www.zarnashgym.com zarnashgym.com healthyminds.africa melaweb.black nyxtutoring.com riverbarncafe.com smtp.gracehospitalnigeria.com.ng gracehospitalnigeria.com.ng www.gracehospitalnigeria.com.ng thespidernews.com.ng www.shiningstargroup.co.za smtp.shiningstargroup.co.za ftp.shiningstargroup.co.za shiningstargroup.co.za pop.shiningstargroup.co.za metropoliscapitalbank.com shining.systems oakandgold.africa clockmeup.com smtp.inkonpaper.co.za inkonpaper.co.za pop.inkonpaper.co.za ftp.inkonpaper.co.za www.inkonpaper.co.za www.dtcloud.co.za smtp.dtcloud.co.za topperheads.shop cartesiprotocols.org techelitessolutions.com defineitsolution.com tallyswift.com haleriservices.com indextradeexcel.com bookforall.co.ke valvespecc.co.za ftp.valvespecc.co.za smtp.valvespecc.co.za pop.valvespecc.co.za pasos-som.org campins.africa

Open Ports Detected

10050

Whois Information

  • inetnum: 102.218.215.0 - 102.218.215.255
  • netname: HA-VPS-NET
  • descr: VPS Hostafrica
  • country: ZA
  • admin-c: MO39-AFRINIC
  • tech-c: MO39-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: Cloud-to-Machine-MNT
  • parent: 102.218.212.0 - 102.218.215.255
  • person: Michael Osterloh
  • nic-hdl: MO39-AFRINIC
  • address: 12 Helena Avenue
  • address: Somerset West, Cape Town
  • address: South Africa
  • phone: tel:+27-21-554-3096
  • fax-no: tel:+27-21-554-3096
  • mnt-by: GENERATED-R5ARXRH714SOBJKNEIOWUVM3XMVLBZYK-MNT
  • route: 102.218.215.0/24
  • descr: Hostafrica route object
  • origin: AS329184
  • mnt-by: Cloud-to-Machine-MNT
Share on: