102.65.150.144

Basic Info

City: Bellville

Region: Western Cape

Country: South Africa

Internet Service Provider: Webafrica ADSL

Hostname: unknown

Organization: Web-Africa-Networks-AS

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Jul 27 07:13:58 localhost sshd\[36402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.65.150.144 user=root Jul 27 07:14:00 localhost sshd\[36402\]: Failed password for root from 102.65.150.144 port 39484 ssh2 ...	2019-07-27 15:07:57
attack	Jul 26 23:12:48 localhost sshd\[50778\]: Invalid user l3tm31ng from 102.65.150.144 port 46806 Jul 26 23:12:48 localhost sshd\[50778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.65.150.144 ...	2019-07-27 06:14:57

Type

Details

Datetime

attackspambots

Jul 27 07:13:58 localhost sshd\[36402\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.65.150.144  user=root
Jul 27 07:14:00 localhost sshd\[36402\]: Failed password for root from 102.65.150.144 port 39484 ssh2
...

2019-07-27 15:07:57

attack

Jul 26 23:12:48 localhost sshd\[50778\]: Invalid user l3tm31ng from 102.65.150.144 port 46806
Jul 26 23:12:48 localhost sshd\[50778\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=102.65.150.144
...

2019-07-27 06:14:57

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.65.150.144
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10651
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.65.150.144.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019072602 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 27 06:14:52 CST 2019
;; MSG SIZE  rcvd: 118

Host info

144.150.65.102.in-addr.arpa domain name pointer 102-65-150-144.dsl.web.africa.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
144.150.65.102.in-addr.arpa	name = 102-65-150-144.dsl.web.africa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.22.211.73	attack	Dec 27 15:11:56 odroid64 sshd\[22839\]: User mysql from 165.22.211.73 not allowed because not listed in AllowUsers Dec 27 15:11:56 odroid64 sshd\[22839\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.211.73 user=mysql ...	2020-03-06 01:41:22
221.122.73.130	attackbots	Mar 5 07:15:21 web1 sshd\[20001\]: Invalid user wftuser from 221.122.73.130 Mar 5 07:15:21 web1 sshd\[20001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.73.130 Mar 5 07:15:23 web1 sshd\[20001\]: Failed password for invalid user wftuser from 221.122.73.130 port 39799 ssh2 Mar 5 07:20:29 web1 sshd\[20495\]: Invalid user yangzuokun from 221.122.73.130 Mar 5 07:20:29 web1 sshd\[20495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.122.73.130	2020-03-06 01:35:42
197.53.103.110	attackspam	suspicious action Thu, 05 Mar 2020 10:33:50 -0300	2020-03-06 01:19:03
163.172.157.162	attack	(sshd) Failed SSH login from 163.172.157.162 (FR/France/162-157-172-163.rev.cloud.scaleway.com): 5 in the last 3600 secs	2020-03-06 01:23:56
165.22.215.185	attackbots	(sshd) Failed SSH login from 165.22.215.185 (IN/India/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 5 18:17:05 ubnt-55d23 sshd[13075]: Invalid user admin from 165.22.215.185 port 38714 Mar 5 18:17:06 ubnt-55d23 sshd[13075]: Failed password for invalid user admin from 165.22.215.185 port 38714 ssh2	2020-03-06 01:38:23
112.85.42.188	attackspam	03/05/2020-12:22:46.902129 112.85.42.188 Protocol: 6 ET SCAN Potential SSH Scan	2020-03-06 01:24:41
49.233.189.218	attack	Feb 27 20:28:25 odroid64 sshd\[14191\]: User root from 49.233.189.218 not allowed because not listed in AllowUsers Feb 27 20:28:25 odroid64 sshd\[14191\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.189.218 user=root ...	2020-03-06 01:26:10
125.93.93.4	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-03-06 01:09:37
123.21.99.106	attackspambots	1583415239 - 03/05/2020 14:33:59 Host: 123.21.99.106/123.21.99.106 Port: 445 TCP Blocked	2020-03-06 01:04:03
63.81.87.156	attackbots	Mar 5 14:24:56 mail.srvfarm.net postfix/smtpd[1441770]: NOQUEUE: reject: RCPT from unknown[63.81.87.156]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 5 14:25:37 mail.srvfarm.net postfix/smtpd[1443770]: NOQUEUE: reject: RCPT from unknown[63.81.87.156]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 5 14:26:21 mail.srvfarm.net postfix/smtpd[1443770]: NOQUEUE: reject: RCPT from unknown[63.81.87.156]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Mar 5 14:31:56 mail.srvfarm.net postfix/smtpd[1445151]: NOQUEUE: reject: RCPT from unknown[63.81.87.156]: 450 4.1.8	2020-03-06 01:22:27
165.22.29.79	attackspambots	Jan 22 01:04:29 odroid64 sshd\[4940\]: Invalid user ass from 165.22.29.79 Jan 22 01:04:29 odroid64 sshd\[4940\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.29.79 ...	2020-03-06 01:25:38
112.85.42.182	attackspambots	Mar 5 17:42:52 v22018076622670303 sshd\[23366\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.182 user=root Mar 5 17:42:54 v22018076622670303 sshd\[23366\]: Failed password for root from 112.85.42.182 port 57643 ssh2 Mar 5 17:42:57 v22018076622670303 sshd\[23366\]: Failed password for root from 112.85.42.182 port 57643 ssh2 ...	2020-03-06 01:16:57
43.241.144.222	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-06 01:38:11
165.22.32.88	attackbotsspam	Feb 17 12:47:25 odroid64 sshd\[1607\]: Invalid user budget from 165.22.32.88 Feb 17 12:47:25 odroid64 sshd\[1607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.32.88 ...	2020-03-06 01:21:21
36.81.28.252	attackspam	445/tcp [2020-03-05]1pkt	2020-03-06 00:59:50

Recently Reported IPs

181.49.117.166	213.133.97.10	49.73.14.55	93.43.90.68
46.201.240.212	218.61.39.143	42.113.205.104	34.253.249.169
219.2.113.93	101.21.144.77	37.199.164.197	112.177.103.206
50.230.30.162	128.163.56.44	54.193.118.234	187.2.142.17
40.112.163.92	206.110.225.95	73.119.205.56	197.201.181.167