41.160.113.203

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Liquid Telecommunications South Africa (Pty) Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Honeypot attack, port: 445, PTR: mail.majuba.edu.za.	2020-03-08 13:33:30
attack	Unauthorized connection attempt from IP address 41.160.113.203 on Port 445(SMB)	2020-03-03 06:47:21
attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 09:41:36,575 INFO [amun_request_handler] PortScan Detected on Port: 445 (41.160.113.203)	2019-07-18 19:43:44
attackspam	Unauthorized connection attempt from IP address 41.160.113.203 on Port 445(SMB)	2019-07-10 10:17:51

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.160.113.203
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20373
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.160.113.203.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 10:17:46 CST 2019
;; MSG SIZE  rcvd: 118

Host info

203.113.160.41.in-addr.arpa domain name pointer mail.majuba.edu.za.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
203.113.160.41.in-addr.arpa	name = mail.majuba.edu.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.232.191.77	attackspambots	Invalid user cui from 116.232.191.77 port 60804	2019-08-14 10:40:24
177.10.249.230	attackbotsspam	proto=tcp . spt=51678 . dpt=25 . (listed on Blocklist de Aug 13) (698)	2019-08-14 10:43:50
188.166.159.148	attackbots	Aug 13 21:00:08 Ubuntu-1404-trusty-64-minimal sshd\[15744\]: Invalid user teste from 188.166.159.148 Aug 13 21:00:08 Ubuntu-1404-trusty-64-minimal sshd\[15744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.159.148 Aug 13 21:00:09 Ubuntu-1404-trusty-64-minimal sshd\[15744\]: Failed password for invalid user teste from 188.166.159.148 port 42863 ssh2 Aug 13 21:08:30 Ubuntu-1404-trusty-64-minimal sshd\[19048\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.159.148 user=root Aug 13 21:08:32 Ubuntu-1404-trusty-64-minimal sshd\[19048\]: Failed password for root from 188.166.159.148 port 52377 ssh2	2019-08-14 10:38:47
37.139.16.227	attackbots	Aug 14 01:56:59 XXX sshd[24509]: Invalid user laravel from 37.139.16.227 port 35274	2019-08-14 10:35:47
182.117.136.215	attackspam	Unauthorised access (Aug 14) SRC=182.117.136.215 LEN=40 TTL=49 ID=37600 TCP DPT=8080 WINDOW=10415 SYN	2019-08-14 11:12:22
46.229.168.141	attackspambots	Brute force attack stopped by firewall	2019-08-14 10:45:41
121.157.82.222	attackspambots	" "	2019-08-14 10:45:07
195.158.250.249	attackspam	proto=tcp . spt=53351 . dpt=25 . (listed on Blocklist de Aug 13) (695)	2019-08-14 10:51:36
58.238.186.85	attackspam	08/13/2019-14:14:15.885391 58.238.186.85 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 53	2019-08-14 11:02:29
134.209.21.83	attack	Aug 14 04:14:20 lnxweb62 sshd[23845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.21.83	2019-08-14 10:44:49
36.92.31.106	attackspam	Unauthorized connection attempt from IP address 36.92.31.106 on Port 445(SMB)	2019-08-14 11:10:08
92.27.208.50	attackspam	Aug 14 04:55:48 eventyay sshd[29589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.27.208.50 Aug 14 04:55:50 eventyay sshd[29589]: Failed password for invalid user ts3user from 92.27.208.50 port 39348 ssh2 Aug 14 05:04:07 eventyay sshd[31562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.27.208.50 ...	2019-08-14 11:19:02
189.5.193.238	attack	Aug 14 04:57:48 vps691689 sshd[9829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.5.193.238 Aug 14 04:57:50 vps691689 sshd[9829]: Failed password for invalid user info4 from 189.5.193.238 port 60280 ssh2 ...	2019-08-14 11:10:31
81.22.45.219	attackspambots	Aug 14 04:35:23 h2177944 kernel: \[4073863.341401\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.219 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55284 PROTO=TCP SPT=58115 DPT=3461 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 14 04:51:51 h2177944 kernel: \[4074851.421814\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.219 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=26871 PROTO=TCP SPT=58115 DPT=5769 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 14 04:55:39 h2177944 kernel: \[4075079.324019\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.219 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=22854 PROTO=TCP SPT=58115 DPT=16714 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 14 05:00:58 h2177944 kernel: \[4075397.683872\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.219 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=23562 PROTO=TCP SPT=58115 DPT=5455 WINDOW=1024 RES=0x00 SYN URGP=0 Aug 14 05:04:12 h2177944 kernel: \[4075592.035374\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=81.22.45.219 DST=85.214.117.9 LEN	2019-08-14 11:14:34
187.210.47.131	attackbots	Unauthorized connection attempt from IP address 187.210.47.131 on Port 445(SMB)	2019-08-14 11:08:41

Recently Reported IPs

128.199.201.39	172.104.28.67	177.69.59.113	179.106.107.18
116.0.2.46	35.86.65.48	131.196.199.233	81.117.166.46
178.44.136.242	138.229.108.97	104.144.89.66	188.166.99.56
118.239.32.8	41.238.255.163	46.249.38.175	30.233.232.84
190.75.141.40	72.69.137.124	47.105.200.150	200.29.143.125