41.45.16.212 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Egypt

Internet Service Provider: TE Data

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 41.45.16.212:35637, to: 192.168.4.99:80, protocol: TCP	2020-09-12 21:42:24
attackspambots	Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 41.45.16.212:35637, to: 192.168.4.99:80, protocol: TCP	2020-09-12 13:43:55
attackspambots	Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 41.45.16.212:35637, to: 192.168.4.99:80, protocol: TCP	2020-09-12 05:32:08

Type

Details

Datetime

attack

Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 41.45.16.212:35637, to: 192.168.4.99:80, protocol: TCP

2020-09-12 21:42:24

attackspambots

Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 41.45.16.212:35637, to: 192.168.4.99:80, protocol: TCP

2020-09-12 13:43:55

attackspambots

Threat Management Alert 1: Attempted Administrator Privilege Gain. Signature ET EXPLOIT MVPower DVR Shell UCE. From: 41.45.16.212:35637, to: 192.168.4.99:80, protocol: TCP

2020-09-12 05:32:08

Comments on same subnet:

IP	Type	Details	Datetime
41.45.16.155	attackspambots	Telnet Server BruteForce Attack	2020-09-07 22:02:32
41.45.16.155	attack	Telnet Server BruteForce Attack	2020-09-07 13:47:33
41.45.16.155	attackbots	Telnet Server BruteForce Attack	2020-09-07 06:21:54
41.45.160.180	attack	Automatic report - SSH Brute-Force Attack	2019-07-05 09:06:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.45.16.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2456
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.45.16.212.			IN	A

;; AUTHORITY SECTION:
.			420	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091101 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Sep 12 05:32:05 CST 2020
;; MSG SIZE  rcvd: 116

Host info

212.16.45.41.in-addr.arpa domain name pointer host-41.45.16.212.tedata.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
212.16.45.41.in-addr.arpa	name = host-41.45.16.212.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
109.252.240.202	attackbotsspam	Jul 14 13:06:42 vlre-nyc-1 sshd\[23685\]: Invalid user spec from 109.252.240.202 Jul 14 13:06:42 vlre-nyc-1 sshd\[23685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.252.240.202 Jul 14 13:06:44 vlre-nyc-1 sshd\[23685\]: Failed password for invalid user spec from 109.252.240.202 port 27960 ssh2 Jul 14 13:12:29 vlre-nyc-1 sshd\[23821\]: Invalid user ba from 109.252.240.202 Jul 14 13:12:29 vlre-nyc-1 sshd\[23821\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.252.240.202 Jul 14 13:12:31 vlre-nyc-1 sshd\[23821\]: Failed password for invalid user ba from 109.252.240.202 port 27806 ssh2 ...	2020-07-15 01:49:16
23.97.201.53	attackbotsspam	2020-07-14T19:27:33.5476511240 sshd\[32133\]: Invalid user administrator from 23.97.201.53 port 24699 2020-07-14T19:27:33.5517101240 sshd\[32133\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.97.201.53 2020-07-14T19:27:35.7806561240 sshd\[32133\]: Failed password for invalid user administrator from 23.97.201.53 port 24699 ssh2 ...	2020-07-15 01:43:47
223.223.194.101	attackspam	(sshd) Failed SSH login from 223.223.194.101 (CN/China/-): 5 in the last 3600 secs	2020-07-15 01:24:37
211.253.27.146	attackbots	Repeated brute force against a port	2020-07-15 01:44:09
192.99.4.63	attack	Attempt to hack Wordpress Login, XMLRPC or other login	2020-07-15 01:26:35
222.186.30.112	attack	2020-07-14T17:31:18.864136abusebot.cloudsearch.cf sshd[25058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root 2020-07-14T17:31:20.982577abusebot.cloudsearch.cf sshd[25058]: Failed password for root from 222.186.30.112 port 37840 ssh2 2020-07-14T17:31:23.018198abusebot.cloudsearch.cf sshd[25058]: Failed password for root from 222.186.30.112 port 37840 ssh2 2020-07-14T17:31:18.864136abusebot.cloudsearch.cf sshd[25058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.112 user=root 2020-07-14T17:31:20.982577abusebot.cloudsearch.cf sshd[25058]: Failed password for root from 222.186.30.112 port 37840 ssh2 2020-07-14T17:31:23.018198abusebot.cloudsearch.cf sshd[25058]: Failed password for root from 222.186.30.112 port 37840 ssh2 2020-07-14T17:31:18.864136abusebot.cloudsearch.cf sshd[25058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost ...	2020-07-15 01:33:28
50.192.115.66	attackbotsspam	Honeypot attack, port: 81, PTR: 50-192-115-66-static.hfc.comcastbusiness.net.	2020-07-15 01:40:18
20.50.126.86	attack	Jul 14 15:53:15 prod4 sshd\[13983\]: Invalid user 2019.fontainepicard.com from 20.50.126.86 Jul 14 15:53:15 prod4 sshd\[13981\]: Invalid user 2019 from 20.50.126.86 Jul 14 15:53:15 prod4 sshd\[13982\]: Invalid user fontainepicard from 20.50.126.86 ...	2020-07-15 01:41:29
35.202.122.61	attack	spam (f2b h2)	2020-07-15 01:37:17
222.186.30.76	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-07-15 01:37:59
177.135.103.94	attackspam	Jul 14 18:13:59 ns3042688 courier-imapd: LOGIN FAILED, method=PLAIN, ip=\[::ffff:177.135.103.94\] ...	2020-07-15 01:48:45
51.145.44.149	attackbotsspam	SSH auth scanning - multiple failed logins	2020-07-15 01:59:54
168.62.175.16	attackbotsspam	Brute force SMTP login attempted. ...	2020-07-15 01:52:38
129.226.68.181	attackspam	Jul 14 09:26:07 ny01 sshd[6908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.68.181 Jul 14 09:26:08 ny01 sshd[6908]: Failed password for invalid user pfy from 129.226.68.181 port 38142 ssh2 Jul 14 09:29:28 ny01 sshd[7482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.68.181	2020-07-15 01:46:46
164.132.44.218	attackspambots	Jul 14 19:16:42 santamaria sshd\[671\]: Invalid user test2 from 164.132.44.218 Jul 14 19:16:42 santamaria sshd\[671\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.44.218 Jul 14 19:16:44 santamaria sshd\[671\]: Failed password for invalid user test2 from 164.132.44.218 port 49609 ssh2 ...	2020-07-15 01:44:39

Recently Reported IPs

5.62.49.108	122.51.239.90	39.116.62.120	42.159.36.153
116.73.95.94	23.98.142.109	125.220.215.200	62.189.96.69
27.54.54.130	40.7.65.88	191.241.242.21	45.141.84.123
114.39.199.34	91.203.194.70	46.48.158.155	91.210.225.11
107.172.188.107	192.43.49.13	49.50.77.206	202.49.68.70