102.65.93.35 - IPInfo

Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: Webafrica FTTH

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	102.65.93.35 - - [18/Oct/2019:07:33:58 -0400] "GET /?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16658 "https://exitdevice.com/?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-19 02:34:26

Type

Details

Datetime

attackspam

102.65.93.35 - - [18/Oct/2019:07:33:58 -0400] "GET /?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16658 "https://exitdevice.com/?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0"
...

2019-10-19 02:34:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.65.93.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17010
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.65.93.35.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101800 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 02:34:21 CST 2019
;; MSG SIZE  rcvd: 116

Host info

35.93.65.102.in-addr.arpa domain name pointer 102-65-93-35.ftth.web.africa.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
35.93.65.102.in-addr.arpa	name = 102-65-93-35.ftth.web.africa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.224.162.238	attackbots	Aug 27 19:58:28 web1 sshd\[19606\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.224.162.238 user=mysql Aug 27 19:58:30 web1 sshd\[19606\]: Failed password for mysql from 104.224.162.238 port 33470 ssh2 Aug 27 20:03:24 web1 sshd\[20071\]: Invalid user oracle from 104.224.162.238 Aug 27 20:03:24 web1 sshd\[20071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.224.162.238 Aug 27 20:03:26 web1 sshd\[20071\]: Failed password for invalid user oracle from 104.224.162.238 port 50606 ssh2	2019-08-28 14:08:29
43.239.176.113	attackspambots	Aug 27 20:12:19 php2 sshd\[5656\]: Invalid user lh from 43.239.176.113 Aug 27 20:12:19 php2 sshd\[5656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.239.176.113 Aug 27 20:12:21 php2 sshd\[5656\]: Failed password for invalid user lh from 43.239.176.113 port 57924 ssh2 Aug 27 20:17:01 php2 sshd\[6104\]: Invalid user garey from 43.239.176.113 Aug 27 20:17:01 php2 sshd\[6104\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.239.176.113	2019-08-28 14:19:38
106.12.59.2	attack	Aug 27 20:00:36 lcprod sshd\[31204\]: Invalid user kg from 106.12.59.2 Aug 27 20:00:36 lcprod sshd\[31204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.59.2 Aug 27 20:00:37 lcprod sshd\[31204\]: Failed password for invalid user kg from 106.12.59.2 port 57336 ssh2 Aug 27 20:03:56 lcprod sshd\[31503\]: Invalid user git from 106.12.59.2 Aug 27 20:03:56 lcprod sshd\[31503\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.59.2	2019-08-28 14:17:15
49.83.5.244	attackspambots	Unauthorised access (Aug 28) SRC=49.83.5.244 LEN=40 TTL=49 ID=37808 TCP DPT=8080 WINDOW=30779 SYN	2019-08-28 13:53:17
122.135.183.33	attackspam	Aug 27 19:18:32 lcprod sshd\[27081\]: Invalid user fax from 122.135.183.33 Aug 27 19:18:32 lcprod sshd\[27081\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fl1-122-135-183-33.tky.mesh.ad.jp Aug 27 19:18:34 lcprod sshd\[27081\]: Failed password for invalid user fax from 122.135.183.33 port 33073 ssh2 Aug 27 19:23:09 lcprod sshd\[27557\]: Invalid user forscher from 122.135.183.33 Aug 27 19:23:09 lcprod sshd\[27557\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fl1-122-135-183-33.tky.mesh.ad.jp	2019-08-28 13:28:32
61.147.42.181	attackbotsspam	Aug 27 15:56:56 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 61.147.42.181 port 27312 ssh2 (target: 158.69.100.142:22, password: Zte521) Aug 27 15:56:58 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 61.147.42.181 port 27312 ssh2 (target: 158.69.100.142:22, password: 111111) Aug 27 15:57:00 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 61.147.42.181 port 27312 ssh2 (target: 158.69.100.142:22, password: admintrup) Aug 27 15:57:02 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 61.147.42.181 port 27312 ssh2 (target: 158.69.100.142:22, password: uClinux) Aug 27 15:57:04 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 61.147.42.181 port 27312 ssh2 (target: 158.69.100.142:22, password: seiko2005) Aug 27 15:57:06 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 61.147.42.181 port 27312 ssh2 (target: 158.69.100.142:22, password: uClinux) Aug 27 15:57:08 wildwolf ssh-honeypotd[26164]: Failed password fo........ ------------------------------	2019-08-28 13:39:59
94.176.5.253	attack	(Aug 28) LEN=44 TTL=244 ID=54579 DF TCP DPT=23 WINDOW=14600 SYN (Aug 28) LEN=44 TTL=244 ID=45531 DF TCP DPT=23 WINDOW=14600 SYN (Aug 28) LEN=44 TTL=244 ID=17942 DF TCP DPT=23 WINDOW=14600 SYN (Aug 28) LEN=44 TTL=244 ID=13535 DF TCP DPT=23 WINDOW=14600 SYN (Aug 28) LEN=44 TTL=244 ID=6748 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=37986 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=53030 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=34415 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=60881 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=62188 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=61565 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=24872 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=36510 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=46496 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=44 TTL=244 ID=25037 DF TCP DPT=23 WINDOW=14600 S...	2019-08-28 13:29:31
149.129.242.80	attackspam	Aug 27 19:38:35 web9 sshd\[9839\]: Invalid user bret from 149.129.242.80 Aug 27 19:38:35 web9 sshd\[9839\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80 Aug 27 19:38:37 web9 sshd\[9839\]: Failed password for invalid user bret from 149.129.242.80 port 53888 ssh2 Aug 27 19:43:23 web9 sshd\[10677\]: Invalid user cn from 149.129.242.80 Aug 27 19:43:23 web9 sshd\[10677\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.129.242.80	2019-08-28 13:53:45
106.12.24.1	attack	Aug 28 06:05:40 [snip] sshd[5221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.1 user=root Aug 28 06:05:43 [snip] sshd[5221]: Failed password for root from 106.12.24.1 port 34780 ssh2 Aug 28 06:29:01 [snip] sshd[29442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.1 user=www-data[...]	2019-08-28 13:26:50
60.191.66.212	attackbots	Aug 27 19:13:49 lcdev sshd\[17603\]: Invalid user app from 60.191.66.212 Aug 27 19:13:49 lcdev sshd\[17603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.66.212 Aug 27 19:13:50 lcdev sshd\[17603\]: Failed password for invalid user app from 60.191.66.212 port 55592 ssh2 Aug 27 19:20:16 lcdev sshd\[18321\]: Invalid user pwc from 60.191.66.212 Aug 27 19:20:16 lcdev sshd\[18321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.191.66.212	2019-08-28 14:03:55
81.22.45.165	attackspam	Aug 28 07:52:35 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.165 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=39697 PROTO=TCP SPT=43449 DPT=3559 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-08-28 14:10:22
68.183.50.0	attackspam	Aug 28 06:20:33 debian sshd\[8800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.50.0 user=root Aug 28 06:20:35 debian sshd\[8800\]: Failed password for root from 68.183.50.0 port 35424 ssh2 ...	2019-08-28 13:27:46
182.254.192.51	attack	Automatic report - Banned IP Access	2019-08-28 14:09:06
173.239.37.139	attack	Aug 28 06:27:59 nextcloud sshd\[17208\]: Invalid user avis from 173.239.37.139 Aug 28 06:27:59 nextcloud sshd\[17208\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.239.37.139 Aug 28 06:28:01 nextcloud sshd\[17208\]: Failed password for invalid user avis from 173.239.37.139 port 43204 ssh2 ...	2019-08-28 14:13:07
5.135.179.178	attackspambots	Aug 28 06:13:53 hb sshd\[14698\]: Invalid user praveen from 5.135.179.178 Aug 28 06:13:53 hb sshd\[14698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3287787.ip-5-135-179.eu Aug 28 06:13:55 hb sshd\[14698\]: Failed password for invalid user praveen from 5.135.179.178 port 53149 ssh2 Aug 28 06:17:51 hb sshd\[15131\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3287787.ip-5-135-179.eu user=root Aug 28 06:17:53 hb sshd\[15131\]: Failed password for root from 5.135.179.178 port 14044 ssh2	2019-08-28 14:23:47

Recently Reported IPs

89.166.145.142	156.175.106.5	123.233.208.58	188.91.12.109
1.4.208.142	129.177.247.47	123.88.93.139	62.132.150.141
210.61.211.103	153.36.183.255	132.232.110.139	193.255.111.169
64.173.110.154	75.24.120.51	73.43.70.228	41.224.166.67
46.235.42.170	223.167.204.194	35.198.117.118	109.64.76.139