41.204.161.161

Basic Info

City: unknown

Region: unknown

Country: Kenya

Internet Service Provider: Kenet-Kenet Headquaters

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 17 18:46:34 hanapaa sshd\[6878\]: Invalid user cfg from 41.204.161.161 Oct 17 18:46:34 hanapaa sshd\[6878\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 Oct 17 18:46:36 hanapaa sshd\[6878\]: Failed password for invalid user cfg from 41.204.161.161 port 45296 ssh2 Oct 17 18:51:02 hanapaa sshd\[7223\]: Invalid user attack from 41.204.161.161 Oct 17 18:51:03 hanapaa sshd\[7223\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161	2019-10-18 13:03:24
attack	Oct 14 00:45:57 vtv3 sshd\[22376\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=root Oct 14 00:45:59 vtv3 sshd\[22376\]: Failed password for root from 41.204.161.161 port 32974 ssh2 Oct 14 00:50:45 vtv3 sshd\[24743\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=root Oct 14 00:50:47 vtv3 sshd\[24743\]: Failed password for root from 41.204.161.161 port 43624 ssh2 Oct 14 00:55:14 vtv3 sshd\[27069\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=root Oct 14 01:08:17 vtv3 sshd\[1024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=root Oct 14 01:08:20 vtv3 sshd\[1024\]: Failed password for root from 41.204.161.161 port 46884 ssh2 Oct 14 01:12:36 vtv3 sshd\[3206\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rho	2019-10-14 13:14:18
attack	Oct 10 16:14:43 meumeu sshd[7275]: Failed password for root from 41.204.161.161 port 50870 ssh2 Oct 10 16:19:15 meumeu sshd[7987]: Failed password for root from 41.204.161.161 port 58972 ssh2 ...	2019-10-10 22:46:57
attack	Oct 5 12:01:31 vps01 sshd[23908]: Failed password for root from 41.204.161.161 port 53294 ssh2	2019-10-05 18:53:13
attackbots	Oct 4 14:22:42 bouncer sshd\[25961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=root Oct 4 14:22:44 bouncer sshd\[25961\]: Failed password for root from 41.204.161.161 port 58028 ssh2 Oct 4 14:27:01 bouncer sshd\[26004\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=root ...	2019-10-04 22:52:27
attackspambots	Sep 28 22:22:11 XXX sshd[20306]: Invalid user lorene from 41.204.161.161 port 46810	2019-09-29 08:58:55
attackbotsspam	Sep 19 15:33:36 vps01 sshd[29704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 Sep 19 15:33:38 vps01 sshd[29704]: Failed password for invalid user oracle from 41.204.161.161 port 58792 ssh2	2019-09-19 21:52:14
attackbots	Sep 5 04:39:17 vps01 sshd[1001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 Sep 5 04:39:19 vps01 sshd[1001]: Failed password for invalid user sysadmin from 41.204.161.161 port 50852 ssh2	2019-09-05 11:06:29
attackbotsspam	Aug 23 02:49:34 mail sshd\[24796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 Aug 23 02:49:36 mail sshd\[24796\]: Failed password for invalid user fdl from 41.204.161.161 port 55748 ssh2 Aug 23 02:54:06 mail sshd\[25320\]: Invalid user gmodserveur from 41.204.161.161 port 40806 Aug 23 02:54:06 mail sshd\[25320\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 Aug 23 02:54:08 mail sshd\[25320\]: Failed password for invalid user gmodserveur from 41.204.161.161 port 40806 ssh2	2019-08-23 09:13:53
attackbots	Aug 10 05:34:14 debian sshd\[26407\]: Invalid user axl from 41.204.161.161 port 40776 Aug 10 05:34:14 debian sshd\[26407\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 ...	2019-08-10 12:36:30
attackspam	Aug 9 04:28:30 OPSO sshd\[9629\]: Invalid user jmail from 41.204.161.161 port 58616 Aug 9 04:28:30 OPSO sshd\[9629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 Aug 9 04:28:32 OPSO sshd\[9629\]: Failed password for invalid user jmail from 41.204.161.161 port 58616 ssh2 Aug 9 04:33:08 OPSO sshd\[10171\]: Invalid user rk from 41.204.161.161 port 47730 Aug 9 04:33:08 OPSO sshd\[10171\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161	2019-08-09 11:06:33
attackspam	Aug 6 05:27:02 server6 sshd[13074]: Address 41.204.161.161 maps to oris.nacosti.go.ke, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 6 05:27:02 server6 sshd[13074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.204.161.161 user=r.r Aug 6 05:27:04 server6 sshd[13074]: Failed password for r.r from 41.204.161.161 port 34734 ssh2 Aug 6 05:27:04 server6 sshd[13074]: Received disconnect from 41.204.161.161: 11: Bye Bye [preauth] Aug 6 06:35:47 server6 sshd[9996]: Address 41.204.161.161 maps to oris.nacosti.go.ke, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 6 06:35:48 server6 sshd[9996]: Failed password for invalid user userftp from 41.204.161.161 port 60910 ssh2 Aug 6 06:35:49 server6 sshd[9996]: Received disconnect from 41.204.161.161: 11: Bye Bye [preauth] Aug 6 06:40:46 server6 sshd[14323]: Address 41.204.161.161 maps to oris.nacosti.go.ke, but this does not ma........ -------------------------------	2019-08-08 08:52:57

Comments on same subnet:

IP	Type	Details	Datetime
41.204.161.217	attack	Sql/code injection probe	2019-12-04 00:55:12
41.204.161.217	attackbotsspam	SQL Injection Attempts	2019-11-13 19:10:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.204.161.161
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55492
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.204.161.161.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080702 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 08:52:52 CST 2019
;; MSG SIZE  rcvd: 118

Host info

161.161.204.41.in-addr.arpa domain name pointer oris.nacosti.go.ke.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
161.161.204.41.in-addr.arpa	name = oris.nacosti.go.ke.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
40.68.244.22	attackspambots	Lines containing failures of 40.68.244.22 Sep 30 22:31:03 shared02 sshd[3004]: Invalid user ghostname from 40.68.244.22 port 46908 Sep 30 22:31:03 shared02 sshd[3004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.68.244.22 Sep 30 22:31:05 shared02 sshd[3004]: Failed password for invalid user ghostname from 40.68.244.22 port 46908 ssh2 Sep 30 22:31:05 shared02 sshd[3004]: Received disconnect from 40.68.244.22 port 46908:11: Bye Bye [preauth] Sep 30 22:31:05 shared02 sshd[3004]: Disconnected from invalid user ghostname 40.68.244.22 port 46908 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=40.68.244.22	2020-10-01 21:06:05
112.255.98.171	attackspam	8082/udp [2020-09-30]1pkt	2020-10-01 20:26:34
115.97.80.9	attack	Portscan detected	2020-10-01 21:01:40
42.225.236.221	attackbotsspam	IP 42.225.236.221 attacked honeypot on port: 23 at 9/30/2020 1:40:56 PM	2020-10-01 20:41:14
221.15.224.86	attack	1433/tcp [2020-09-30]1pkt	2020-10-01 20:31:15
159.203.184.19	attackbots	Oct 1 13:26:59 host2 sshd[435965]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.184.19 user=root Oct 1 13:27:01 host2 sshd[435965]: Failed password for root from 159.203.184.19 port 48876 ssh2 Oct 1 13:31:10 host2 sshd[436580]: Invalid user xl from 159.203.184.19 port 57766 Oct 1 13:31:10 host2 sshd[436580]: Invalid user xl from 159.203.184.19 port 57766 ...	2020-10-01 20:52:50
223.130.31.148	attack	Telnet Server BruteForce Attack	2020-10-01 20:34:52
182.53.55.190	attack	Oct 1 13:20:09 localhost sshd\[21864\]: Invalid user minecraft from 182.53.55.190 Oct 1 13:20:09 localhost sshd\[21864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.53.55.190 Oct 1 13:20:11 localhost sshd\[21864\]: Failed password for invalid user minecraft from 182.53.55.190 port 58174 ssh2 Oct 1 13:29:47 localhost sshd\[22395\]: Invalid user carlos from 182.53.55.190 Oct 1 13:29:47 localhost sshd\[22395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.53.55.190 ...	2020-10-01 20:27:42
95.9.158.113	attackspambots	445/tcp [2020-09-30]1pkt	2020-10-01 20:49:24
177.161.251.74	attack	22/tcp 22/tcp 22/tcp... [2020-09-30]4pkt,1pt.(tcp)	2020-10-01 20:28:11
94.102.49.137	attackbotsspam	port scan	2020-10-01 20:43:55
114.101.247.45	attackspambots	Sep 30 20:41:09 marvibiene sshd[19214]: Invalid user admin1 from 114.101.247.45 port 58318 Sep 30 20:41:09 marvibiene sshd[19214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.101.247.45 Sep 30 20:41:09 marvibiene sshd[19214]: Invalid user admin1 from 114.101.247.45 port 58318 Sep 30 20:41:11 marvibiene sshd[19214]: Failed password for invalid user admin1 from 114.101.247.45 port 58318 ssh2	2020-10-01 21:04:07
51.13.64.82	attackbotsspam	TCP ports : 2375 / 2377 / 4243	2020-10-01 20:55:25
128.199.52.45	attackbotsspam	SSH login attempts.	2020-10-01 20:50:49
106.13.82.231	attack	2020-10-01T15:03:51.299541afi-git.jinr.ru sshd[8008]: Failed password for admin from 106.13.82.231 port 45114 ssh2 2020-10-01T15:06:02.078118afi-git.jinr.ru sshd[8746]: Invalid user julio from 106.13.82.231 port 46298 2020-10-01T15:06:02.081445afi-git.jinr.ru sshd[8746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.231 2020-10-01T15:06:02.078118afi-git.jinr.ru sshd[8746]: Invalid user julio from 106.13.82.231 port 46298 2020-10-01T15:06:03.993036afi-git.jinr.ru sshd[8746]: Failed password for invalid user julio from 106.13.82.231 port 46298 ssh2 ...	2020-10-01 20:38:53

Recently Reported IPs

115.194.191.62	37.9.47.151	35.190.141.79	57.182.19.72
212.83.143.57	47.229.245.120	245.57.166.221	103.238.117.178
210.147.201.125	142.237.121.153	165.165.159.131	144.7.39.145
177.10.144.94	89.168.58.174	105.78.213.99	210.47.243.5
121.210.2.218	185.134.205.28	81.21.234.254	119.132.46.251