41.145.155.3 - IPInfo

Basic Info

City: Johannesburg

Region: Gauteng

Country: South Africa

Internet Service Provider: Telkom SA Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Automatic report - Port Scan Attack	2020-03-11 06:03:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.145.155.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6556
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.145.155.3.			IN	A

;; AUTHORITY SECTION:
.			149	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031001 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 11 06:03:31 CST 2020
;; MSG SIZE  rcvd: 116

Host info

3.155.145.41.in-addr.arpa domain name pointer 8ta-145-155-03.telkomadsl.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
3.155.145.41.in-addr.arpa	name = 8ta-145-155-03.telkomadsl.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.88.112.114	attackspam	Oct 18 02:41:26 php1 sshd\[28716\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Oct 18 02:41:28 php1 sshd\[28716\]: Failed password for root from 49.88.112.114 port 60765 ssh2 Oct 18 02:42:33 php1 sshd\[28828\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root Oct 18 02:42:35 php1 sshd\[28828\]: Failed password for root from 49.88.112.114 port 49984 ssh2 Oct 18 02:43:37 php1 sshd\[28935\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root	2019-10-18 20:45:59
167.86.111.14	attackbotsspam	Automatic report - XMLRPC Attack	2019-10-18 20:59:54
80.82.70.239	attackspam	10/18/2019-07:43:50.337523 80.82.70.239 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-10-18 21:02:11
177.184.179.88	attack	Oct 18 01:44:01 web9 sshd\[30456\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.179.88 user=root Oct 18 01:44:03 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2 Oct 18 01:44:06 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2 Oct 18 01:44:08 web9 sshd\[30456\]: Failed password for root from 177.184.179.88 port 42321 ssh2 Oct 18 01:44:24 web9 sshd\[30514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.184.179.88 user=root	2019-10-18 20:32:29
95.160.157.92	attack	TCP Port: 25 _ invalid blocked dnsbl-sorbs also abuseat-org _ _ _ _ (420)	2019-10-18 20:26:29
217.61.2.97	attackbotsspam	Oct 18 14:11:00 meumeu sshd[1521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.2.97 Oct 18 14:11:02 meumeu sshd[1521]: Failed password for invalid user P@55w0rD1 from 217.61.2.97 port 38106 ssh2 Oct 18 14:14:55 meumeu sshd[2157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.2.97 ...	2019-10-18 20:27:07
112.216.129.138	attack	Oct 18 14:23:27 eventyay sshd[3112]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.216.129.138 Oct 18 14:23:29 eventyay sshd[3112]: Failed password for invalid user jessie from 112.216.129.138 port 37468 ssh2 Oct 18 14:28:29 eventyay sshd[3189]: Failed password for root from 112.216.129.138 port 48806 ssh2 ...	2019-10-18 20:33:13
184.30.210.217	attackspambots	10/18/2019-14:09:57.519694 184.30.210.217 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-18 20:36:42
187.125.106.34	attackbotsspam	Unauthorised access (Oct 18) SRC=187.125.106.34 LEN=40 TTL=46 ID=29836 TCP DPT=8080 WINDOW=61378 SYN Unauthorised access (Oct 17) SRC=187.125.106.34 LEN=40 TTL=46 ID=39010 TCP DPT=8080 WINDOW=61378 SYN Unauthorised access (Oct 16) SRC=187.125.106.34 LEN=40 TTL=46 ID=58891 TCP DPT=8080 WINDOW=61378 SYN Unauthorised access (Oct 15) SRC=187.125.106.34 LEN=40 TTL=46 ID=28720 TCP DPT=8080 WINDOW=61378 SYN Unauthorised access (Oct 14) SRC=187.125.106.34 LEN=40 TTL=46 ID=35164 TCP DPT=8080 WINDOW=61378 SYN	2019-10-18 20:47:15
177.125.58.145	attack	Oct 18 02:17:51 sachi sshd\[23664\]: Invalid user clementine from 177.125.58.145 Oct 18 02:17:51 sachi sshd\[23664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.125.58.145 Oct 18 02:17:54 sachi sshd\[23664\]: Failed password for invalid user clementine from 177.125.58.145 port 38348 ssh2 Oct 18 02:22:53 sachi sshd\[24070\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.125.58.145 user=root Oct 18 02:22:55 sachi sshd\[24070\]: Failed password for root from 177.125.58.145 port 54742 ssh2	2019-10-18 20:41:50
200.89.178.52	attackbotsspam	(From elvia.kidston@msn.com) Hello, YOU NEED QUALITY VISITORS THAT BUY FROM YOU ?? My name is Elvia Kidston, and I'm a Web Traffic Specialist. I can get for your drmerritt.net: - visitors from search engines - visitors from social media - visitors from any country you want - very low bounce rate & long visit duration CLAIM YOUR 24 HOURS FREE TEST ==> http://bit.ly/Traffic_for_Your_Website Do not forget to read Review to convince you, is already being tested by many people who have trusted it !! Kind Regards, Elvia Kidston UNSUBSCRIBE==> http://bit.ly/Unsubscribe_Traffic	2019-10-18 20:35:04
124.235.138.173	attack	Automatic report - Port Scan	2019-10-18 20:53:13
77.69.206.102	attack	DATE:2019-10-18 13:43:58, IP:77.69.206.102, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-10-18 20:54:17
140.143.53.145	attackbots	Oct 18 07:43:56 Tower sshd[9949]: Connection from 140.143.53.145 port 43100 on 192.168.10.220 port 22 Oct 18 07:43:58 Tower sshd[9949]: Failed password for root from 140.143.53.145 port 43100 ssh2 Oct 18 07:43:58 Tower sshd[9949]: Received disconnect from 140.143.53.145 port 43100:11: Bye Bye [preauth] Oct 18 07:43:58 Tower sshd[9949]: Disconnected from authenticating user root 140.143.53.145 port 43100 [preauth]	2019-10-18 20:51:43
111.68.104.130	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.68.104.130/ PK - 1H : (15) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : PK NAME ASN : ASN45773 IP : 111.68.104.130 CIDR : 111.68.104.0/24 PREFIX COUNT : 39 UNIQUE IP COUNT : 10240 WYKRYTE ATAKI Z ASN45773 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-18 13:44:22 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-18 20:33:42

Recently Reported IPs

86.38.92.110	122.92.72.5	202.208.131.247	88.121.139.70
77.11.133.52	92.187.106.155	79.149.10.74	77.11.133.76
173.23.6.217	100.40.193.177	77.11.133.139	150.207.171.140
77.11.133.67	195.96.74.22	191.234.153.214	179.162.45.12
94.194.106.178	89.158.79.45	218.139.187.93	72.250.146.70