159.65.103.135

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
159.65.103.219	attack	Unauthorized SSH login attempts	2020-04-19 04:01:55
159.65.103.149	attack	Jul 22 23:24:24 artelis kernel: [177393.109085] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=57737 PROTO=TCP SPT=38725 DPT=21 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 22 23:24:24 artelis kernel: [177393.109254] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=1877 PROTO=TCP SPT=38725 DPT=1723 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 22 23:24:24 artelis kernel: [177393.112308] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=37 ID=62683 PROTO=TCP SPT=38725 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 Jul 22 23:24:24 artelis kernel: [177393.112333] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=46373 PROTO=TCP SPT=38725 DPT=1 ...	2019-07-23 10:31:56

Type

Details

Datetime

159.65.103.219

attack

Unauthorized SSH login attempts

2020-04-19 04:01:55

159.65.103.149

attack

Jul 22 23:24:24 artelis kernel: [177393.109085] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=57737 PROTO=TCP SPT=38725 DPT=21 WINDOW=1024 RES=0x00 SYN URGP=0 
Jul 22 23:24:24 artelis kernel: [177393.109254] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=1877 PROTO=TCP SPT=38725 DPT=1723 WINDOW=1024 RES=0x00 SYN URGP=0 
Jul 22 23:24:24 artelis kernel: [177393.112308] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=37 ID=62683 PROTO=TCP SPT=38725 DPT=3306 WINDOW=1024 RES=0x00 SYN URGP=0 
Jul 22 23:24:24 artelis kernel: [177393.112333] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:70:30:08:00 SRC=159.65.103.149 DST=167.99.196.43 LEN=44 TOS=0x00 PREC=0x00 TTL=38 ID=46373 PROTO=TCP SPT=38725 DPT=1
...

2019-07-23 10:31:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.65.103.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60965
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;159.65.103.135.			IN	A

;; AUTHORITY SECTION:
.			472	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 23 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 19:27:35 CST 2022
;; MSG SIZE  rcvd: 107

Host info

135.103.65.159.in-addr.arpa domain name pointer ticket.genex.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
135.103.65.159.in-addr.arpa	name = ticket.genex.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.153.1.146	attackbots	Mar 18 19:28:20 db01 sshd[26531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.153.1.146 user=r.r Mar 18 19:28:23 db01 sshd[26531]: Failed password for r.r from 123.153.1.146 port 45594 ssh2 Mar 18 19:28:23 db01 sshd[26531]: Received disconnect from 123.153.1.146: 11: Bye Bye [preauth] Mar 18 19:32:20 db01 sshd[26859]: Connection closed by 123.153.1.146 [preauth] Mar 18 19:33:26 db01 sshd[26924]: Connection closed by 123.153.1.146 [preauth] Mar 18 19:34:42 db01 sshd[27029]: Connection closed by 123.153.1.146 [preauth] Mar 18 19:35:37 db01 sshd[27181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.153.1.146 user=r.r Mar 18 19:35:39 db01 sshd[27181]: Failed password for r.r from 123.153.1.146 port 36712 ssh2 Mar 18 19:35:40 db01 sshd[27181]: Received disconnect from 123.153.1.146: 11: Bye Bye [preauth] Mar 18 19:36:58 db01 sshd[27249]: Connection closed by 123.153.1.146 [preauth........ -------------------------------	2020-03-20 10:30:07
51.77.212.179	attackspam	Invalid user sam from 51.77.212.179 port 55672	2020-03-20 10:22:21
198.71.230.37	attack	Automatic report - Banned IP Access	2020-03-20 12:17:06
211.252.87.97	attack	Mar 20 06:55:51 server sshd\[19503\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.87.97 user=root Mar 20 06:55:54 server sshd\[19503\]: Failed password for root from 211.252.87.97 port 57414 ssh2 Mar 20 06:58:15 server sshd\[19775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.87.97 user=root Mar 20 06:58:18 server sshd\[19775\]: Failed password for root from 211.252.87.97 port 48926 ssh2 Mar 20 07:00:12 server sshd\[20498\]: Invalid user pvkiiserver from 211.252.87.97 Mar 20 07:00:12 server sshd\[20498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.252.87.97 ...	2020-03-20 12:16:52
139.162.75.112	attackspam	...	2020-03-20 10:21:07
171.225.197.89	attackspambots	trying to access non-authorized port	2020-03-20 10:24:51
61.216.2.79	attackspambots	Unauthorized SSH login attempts	2020-03-20 12:29:59
51.255.101.8	attack	WordPress login Brute force / Web App Attack on client site.	2020-03-20 12:01:19
182.61.26.121	attack	Mar 20 05:21:56 vserver sshd\[27269\]: Invalid user zhucm from 182.61.26.121Mar 20 05:21:57 vserver sshd\[27269\]: Failed password for invalid user zhucm from 182.61.26.121 port 56620 ssh2Mar 20 05:25:23 vserver sshd\[27319\]: Failed password for root from 182.61.26.121 port 59460 ssh2Mar 20 05:28:47 vserver sshd\[27370\]: Failed password for root from 182.61.26.121 port 34074 ssh2 ...	2020-03-20 12:31:28
222.186.173.215	attack	Mar 20 05:20:04 minden010 sshd[28513]: Failed password for root from 222.186.173.215 port 2028 ssh2 Mar 20 05:20:08 minden010 sshd[28513]: Failed password for root from 222.186.173.215 port 2028 ssh2 Mar 20 05:20:11 minden010 sshd[28513]: Failed password for root from 222.186.173.215 port 2028 ssh2 Mar 20 05:20:15 minden010 sshd[28513]: Failed password for root from 222.186.173.215 port 2028 ssh2 ...	2020-03-20 12:26:49
196.250.196.243	attackbotsspam	postfix	2020-03-20 12:31:10
106.12.193.217	attackspambots	Mar 20 04:55:16 sd-53420 sshd\[27202\]: User root from 106.12.193.217 not allowed because none of user's groups are listed in AllowGroups Mar 20 04:55:16 sd-53420 sshd\[27202\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.193.217 user=root Mar 20 04:55:18 sd-53420 sshd\[27202\]: Failed password for invalid user root from 106.12.193.217 port 59816 ssh2 Mar 20 05:00:11 sd-53420 sshd\[28730\]: User root from 106.12.193.217 not allowed because none of user's groups are listed in AllowGroups Mar 20 05:00:11 sd-53420 sshd\[28730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.193.217 user=root ...	2020-03-20 12:18:24
78.186.198.122	attackspam	Port probing on unauthorized port 23	2020-03-20 12:00:45
62.28.253.197	attack	Mar 20 01:47:06 Invalid user teamspeak from 62.28.253.197 port 38505	2020-03-20 10:19:47
189.210.113.85	attackbots	Automatic report - Port Scan Attack	2020-03-20 10:25:41

Recently Reported IPs

159.65.102.126	159.65.108.166	159.65.11.151	159.65.106.226
159.65.110.168	89.34.183.100	159.65.153.127	159.65.154.129
159.65.153.80	159.65.156.206	159.65.153.174	159.65.156.110
159.65.153.207	159.65.153.240	159.65.154.132	159.65.159.139
159.65.159.145	159.65.155.104	159.65.154.236	159.65.163.14