102.65.93.35 - IPInfo

Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: Webafrica FTTH

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	102.65.93.35 - - [18/Oct/2019:07:33:58 -0400] "GET /?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16658 "https://exitdevice.com/?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ...	2019-10-19 02:34:26

Type

Details

Datetime

attackspam

102.65.93.35 - - [18/Oct/2019:07:33:58 -0400] "GET /?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0 HTTP/1.1" 200 16658 "https://exitdevice.com/?page=..%2f..%2fetc%2fpasswd%00&action=view&manufacturerID=143&productID=9300&linkID=7489&duplicate=0" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0"
...

2019-10-19 02:34:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 102.65.93.35
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17010
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;102.65.93.35.			IN	A

;; AUTHORITY SECTION:
.			545	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101800 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 19 02:34:21 CST 2019
;; MSG SIZE  rcvd: 116

Host info

35.93.65.102.in-addr.arpa domain name pointer 102-65-93-35.ftth.web.africa.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
35.93.65.102.in-addr.arpa	name = 102-65-93-35.ftth.web.africa.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.52.152.17	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-10-06 22:36:14
200.160.111.44	attackbots	Oct 6 15:38:21 pornomens sshd\[7663\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.160.111.44 user=root Oct 6 15:38:24 pornomens sshd\[7663\]: Failed password for root from 200.160.111.44 port 43510 ssh2 Oct 6 15:43:51 pornomens sshd\[7689\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.160.111.44 user=root ...	2019-10-06 22:45:32
109.252.99.74	attack	Web App Attack	2019-10-06 22:28:26
82.114.64.234	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 06-10-2019 12:45:23.	2019-10-06 23:01:16
91.226.152.116	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 06-10-2019 12:45:23.	2019-10-06 23:00:54
37.187.123.70	attackspam	Automatic report - XMLRPC Attack	2019-10-06 22:54:50
69.39.59.48	attack	Automated reporting of SSH Vulnerability scanning	2019-10-06 22:49:09
54.39.138.246	attackbots	2019-10-06T11:46:07.716802abusebot.cloudsearch.cf sshd\[23861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip246.ip-54-39-138.net user=root	2019-10-06 22:31:40
204.48.19.178	attack	Oct 6 04:18:53 web9 sshd\[11474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.19.178 user=root Oct 6 04:18:56 web9 sshd\[11474\]: Failed password for root from 204.48.19.178 port 55012 ssh2 Oct 6 04:23:04 web9 sshd\[12032\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.19.178 user=root Oct 6 04:23:06 web9 sshd\[12032\]: Failed password for root from 204.48.19.178 port 39626 ssh2 Oct 6 04:27:12 web9 sshd\[12587\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.19.178 user=root	2019-10-06 22:38:36
46.105.124.52	attack	2019-10-06T14:01:02.499576abusebot-6.cloudsearch.cf sshd\[23509\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.124.52 user=root	2019-10-06 22:23:33
181.39.37.101	attack	Oct 6 04:26:01 php1 sshd\[18922\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.39.37.101 user=root Oct 6 04:26:03 php1 sshd\[18922\]: Failed password for root from 181.39.37.101 port 54138 ssh2 Oct 6 04:30:40 php1 sshd\[19335\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.39.37.101 user=root Oct 6 04:30:42 php1 sshd\[19335\]: Failed password for root from 181.39.37.101 port 37746 ssh2 Oct 6 04:35:13 php1 sshd\[19751\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.39.37.101 user=root	2019-10-06 22:48:48
51.219.59.94	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 06-10-2019 12:45:22.	2019-10-06 23:01:47
118.25.214.4	attackbots	Oct 6 16:42:27 SilenceServices sshd[3351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.214.4 Oct 6 16:42:29 SilenceServices sshd[3351]: Failed password for invalid user 123@Centos from 118.25.214.4 port 51826 ssh2 Oct 6 16:46:48 SilenceServices sshd[4621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.214.4	2019-10-06 22:53:33
165.227.53.241	attackbotsspam	Oct 6 10:25:17 xtremcommunity sshd\[247173\]: Invalid user 123Memory from 165.227.53.241 port 37837 Oct 6 10:25:17 xtremcommunity sshd\[247173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.53.241 Oct 6 10:25:19 xtremcommunity sshd\[247173\]: Failed password for invalid user 123Memory from 165.227.53.241 port 37837 ssh2 Oct 6 10:29:17 xtremcommunity sshd\[247397\]: Invalid user Renauld-123 from 165.227.53.241 port 57341 Oct 6 10:29:17 xtremcommunity sshd\[247397\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.53.241 ...	2019-10-06 22:41:06
159.65.112.93	attackspam	Oct 6 10:12:32 xtremcommunity sshd\[246605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93 user=root Oct 6 10:12:34 xtremcommunity sshd\[246605\]: Failed password for root from 159.65.112.93 port 53402 ssh2 Oct 6 10:16:14 xtremcommunity sshd\[246794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93 user=root Oct 6 10:16:16 xtremcommunity sshd\[246794\]: Failed password for root from 159.65.112.93 port 34870 ssh2 Oct 6 10:19:55 xtremcommunity sshd\[246926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.112.93 user=root ...	2019-10-06 22:37:18

Recently Reported IPs

89.166.145.142	156.175.106.5	123.233.208.58	188.91.12.109
1.4.208.142	129.177.247.47	123.88.93.139	62.132.150.141
210.61.211.103	153.36.183.255	132.232.110.139	193.255.111.169
64.173.110.154	75.24.120.51	73.43.70.228	41.224.166.67
46.235.42.170	223.167.204.194	35.198.117.118	109.64.76.139