41.0.202.246 - IPInfo

Basic Info

City: Cape Town

Region: Western Cape

Country: South Africa

Internet Service Provider: Vodacom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Apr 30 03:10:17 gw1 sshd[30946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.0.202.246 Apr 30 03:10:18 gw1 sshd[30946]: Failed password for invalid user lgardner from 41.0.202.246 port 42464 ssh2 ...	2020-04-30 06:15:05
attack	Apr 20 21:44:00 server sshd[20286]: Failed password for root from 41.0.202.246 port 34390 ssh2 Apr 20 21:50:31 server sshd[21788]: Failed password for root from 41.0.202.246 port 42170 ssh2 Apr 20 21:57:01 server sshd[23369]: Failed password for root from 41.0.202.246 port 49966 ssh2	2020-04-21 04:55:41
attackspambots	(sshd) Failed SSH login from 41.0.202.246 (ZA/South Africa/mail.kga.co.za): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 13 20:05:48 ubnt-55d23 sshd[5445]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.0.202.246 user=root Apr 13 20:05:51 ubnt-55d23 sshd[5445]: Failed password for root from 41.0.202.246 port 46312 ssh2	2020-04-14 05:59:57
attackspam	2020-04-10T08:16:44.185602centos sshd[5653]: Invalid user mongodb from 41.0.202.246 port 44616 2020-04-10T08:16:46.490012centos sshd[5653]: Failed password for invalid user mongodb from 41.0.202.246 port 44616 ssh2 2020-04-10T08:23:36.333238centos sshd[6103]: Invalid user user from 41.0.202.246 port 55252 ...	2020-04-10 16:39:13
attackbots	Apr 9 10:23:31 cloud sshd[3296]: Failed password for admin from 41.0.202.246 port 33586 ssh2 Apr 9 10:36:31 cloud sshd[3459]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.0.202.246	2020-04-09 18:49:32

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.0.202.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25255
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.0.202.246.			IN	A

;; AUTHORITY SECTION:
.			369	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040402 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 05 05:18:12 CST 2020
;; MSG SIZE  rcvd: 116

Host info

246.202.0.41.in-addr.arpa domain name pointer mail.kga.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
246.202.0.41.in-addr.arpa	name = mail.kga.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.141.208	attackspam	Sep 1 23:17:18 markkoudstaal sshd[22096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.141.208 Sep 1 23:17:20 markkoudstaal sshd[22096]: Failed password for invalid user orca from 159.203.141.208 port 47050 ssh2 Sep 1 23:21:10 markkoudstaal sshd[22453]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.141.208	2019-09-02 05:57:46
106.12.24.170	attack	$f2bV_matches	2019-09-02 05:28:02
182.72.31.173	attack	Unauthorized connection attempt from IP address 182.72.31.173 on Port 445(SMB)	2019-09-02 05:44:50
77.247.110.147	attackbotsspam	09/01/2019-13:32:09.130040 77.247.110.147 Protocol: 17 ET SCAN Sipvicious Scan	2019-09-02 05:43:48
185.175.93.14	attackspam	09/01/2019-15:56:04.002972 185.175.93.14 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-02 05:38:01
54.38.33.186	attackbots	"Fail2Ban detected SSH brute force attempt"	2019-09-02 05:28:18
77.224.207.206	attack	Automatic report - Port Scan Attack	2019-09-02 05:12:07
62.94.206.57	attackspam	Sep 1 21:11:35 hb sshd\[26042\]: Invalid user acacia from 62.94.206.57 Sep 1 21:11:35 hb sshd\[26042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-206-57.sn1.clouditalia.com Sep 1 21:11:36 hb sshd\[26042\]: Failed password for invalid user acacia from 62.94.206.57 port 40506 ssh2 Sep 1 21:16:20 hb sshd\[26393\]: Invalid user nexus from 62.94.206.57 Sep 1 21:16:20 hb sshd\[26393\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-206-57.sn1.clouditalia.com	2019-09-02 05:32:35
114.85.3.57	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-09-02 05:58:11
152.231.29.79	attackspam	Caught in portsentry honeypot	2019-09-02 05:53:10
138.68.94.173	attack	2019-09-01T19:27:06.454199 sshd[24641]: Invalid user akee from 138.68.94.173 port 48562 2019-09-01T19:27:06.469367 sshd[24641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.94.173 2019-09-01T19:27:06.454199 sshd[24641]: Invalid user akee from 138.68.94.173 port 48562 2019-09-01T19:27:08.106099 sshd[24641]: Failed password for invalid user akee from 138.68.94.173 port 48562 ssh2 2019-09-01T19:32:29.041252 sshd[24718]: Invalid user cody from 138.68.94.173 port 37338 ...	2019-09-02 05:51:14
186.237.53.198	attackspam	Brute forcing RDP port 3389	2019-09-02 05:15:20
121.7.127.92	attackspam	Sep 1 07:58:02 wbs sshd\[1866\]: Invalid user netadmin from 121.7.127.92 Sep 1 07:58:02 wbs sshd\[1866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bb121-7-127-92.singnet.com.sg Sep 1 07:58:05 wbs sshd\[1866\]: Failed password for invalid user netadmin from 121.7.127.92 port 44376 ssh2 Sep 1 08:03:01 wbs sshd\[2315\]: Invalid user 12345 from 121.7.127.92 Sep 1 08:03:01 wbs sshd\[2315\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=bb121-7-127-92.singnet.com.sg	2019-09-02 05:18:44
106.75.216.98	attack	Sep 1 23:59:39 server sshd\[3794\]: Invalid user joe from 106.75.216.98 port 44350 Sep 1 23:59:39 server sshd\[3794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.216.98 Sep 1 23:59:41 server sshd\[3794\]: Failed password for invalid user joe from 106.75.216.98 port 44350 ssh2 Sep 2 00:04:20 server sshd\[6513\]: Invalid user prueba from 106.75.216.98 port 59010 Sep 2 00:04:20 server sshd\[6513\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.216.98	2019-09-02 05:16:35
117.214.232.45	attack	Unauthorized connection attempt from IP address 117.214.232.45 on Port 445(SMB)	2019-09-02 05:11:33

Recently Reported IPs

80.102.231.43	165.160.89.226	141.135.140.30	224.222.26.136
175.6.62.8	47.241.231.25	214.171.10.10	242.33.59.164
51.248.108.199	184.69.125.17	185.4.127.176	185.68.149.195
47.246.229.77	46.101.0.20	76.109.229.190	55.68.184.46
95.200.33.190	235.12.50.115	165.190.207.164	231.240.105.124