41.85.1.105 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
41.85.161.147	attack	Automatic report - Banned IP Access	2020-10-06 08:15:59
41.85.161.147	attack	Automatic report - Banned IP Access	2020-10-06 00:41:34
41.85.161.147	attackspam	Automatic report - Banned IP Access	2020-10-05 16:40:46
41.85.185.28	attackspambots	Unauthorized connection attempt detected from IP address 41.85.185.28 to port 445	2020-05-12 03:22:29
41.85.184.174	attackspam	Sep 27 08:42:00 meumeu sshd[9643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.85.184.174 Sep 27 08:42:01 meumeu sshd[9643]: Failed password for invalid user jed from 41.85.184.174 port 18607 ssh2 Sep 27 08:47:06 meumeu sshd[10390]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.85.184.174 ...	2019-09-27 14:54:09
41.85.189.66	attackspambots	www.geburtshaus-fulda.de 41.85.189.66 \[10/Sep/2019:03:16:08 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4092 "-" "Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/59.0.3071.109 Safari/537.36" www.geburtshaus-fulda.de 41.85.189.66 \[10/Sep/2019:03:16:12 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4092 "-" "Mozilla/5.0 \(Windows NT 6.1\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/59.0.3071.109 Safari/537.36"	2019-09-10 16:34:56
41.85.169.212	attack	Automatic report - Port Scan Attack	2019-08-11 19:41:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.85.1.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9785
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;41.85.1.105.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025031002 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 11 10:59:21 CST 2025
;; MSG SIZE  rcvd: 104

Host info

105.1.85.41.in-addr.arpa domain name pointer jhb-ter-cor-r2-ae1-3911.frogfoot.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
105.1.85.41.in-addr.arpa	name = jhb-ter-cor-r2-ae1-3911.frogfoot.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.80.19.9	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 21:36:46
85.239.35.161	attackspambots	May 26 16:47:19 server2 sshd\[4560\]: Invalid user admin from 85.239.35.161 May 26 16:47:19 server2 sshd\[4559\]: Invalid user admin from 85.239.35.161 May 26 16:47:21 server2 sshd\[4564\]: Invalid user user from 85.239.35.161 May 26 16:47:21 server2 sshd\[4561\]: Invalid user admin from 85.239.35.161 May 26 16:47:21 server2 sshd\[4563\]: Invalid user user from 85.239.35.161 May 26 16:47:21 server2 sshd\[4562\]: Invalid user user from 85.239.35.161	2020-05-26 21:50:56
106.12.193.97	attackbots	IP blocked	2020-05-26 21:39:36
188.131.179.87	attackspambots	May 26 10:18:47 plex sshd[14637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.179.87 user=root May 26 10:18:49 plex sshd[14637]: Failed password for root from 188.131.179.87 port 43380 ssh2	2020-05-26 21:59:47
37.187.0.109	attackspambots	May 26 13:05:22 root sshd[12911]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3111232.ip-37-187-0.eu user=root May 26 13:05:24 root sshd[12911]: Failed password for root from 37.187.0.109 port 50026 ssh2 ...	2020-05-26 21:25:57
106.13.167.238	attack	May 26 08:45:55 XXX sshd[37530]: Invalid user supporttest from 106.13.167.238 port 60254	2020-05-26 21:56:33
223.241.228.168	attack	Brute-Force	2020-05-26 21:47:06
187.188.206.106	attackspam	(sshd) Failed SSH login from 187.188.206.106 (MX/Mexico/fixed-187-188-206-106.totalplay.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: May 26 13:46:11 amsweb01 sshd[3077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.206.106 user=root May 26 13:46:13 amsweb01 sshd[3077]: Failed password for root from 187.188.206.106 port 7139 ssh2 May 26 13:55:26 amsweb01 sshd[3847]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.188.206.106 user=root May 26 13:55:28 amsweb01 sshd[3847]: Failed password for root from 187.188.206.106 port 4737 ssh2 May 26 13:59:13 amsweb01 sshd[4097]: Invalid user user02 from 187.188.206.106 port 43127	2020-05-26 21:49:58
112.30.125.25	attackbotsspam	May 26 11:43:15 buvik sshd[27716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.30.125.25 user=root May 26 11:43:17 buvik sshd[27716]: Failed password for root from 112.30.125.25 port 51872 ssh2 May 26 11:46:19 buvik sshd[28150]: Invalid user test from 112.30.125.25 ...	2020-05-26 21:56:03
222.186.42.13	attackspam	port	2020-05-26 21:26:16
46.101.73.64	attackbots	sshd: Failed password for invalid user .... from 46.101.73.64 port 48108 ssh2 (9 attempts)	2020-05-26 21:46:04
51.83.171.10	attackbots	May 26 15:05:56 debian-2gb-nbg1-2 kernel: \[12757155.427751\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=51.83.171.10 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=239 ID=61629 PROTO=TCP SPT=47428 DPT=1996 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-26 21:52:39
220.134.251.246	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 21:54:27
104.40.220.72	attack	104.40.220.72 - - [26/May/2020:15:01:29 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.40.220.72 - - [26/May/2020:15:01:30 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 104.40.220.72 - - [26/May/2020:15:01:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-26 21:40:05
95.243.136.198	attackbots	DATE:2020-05-26 14:44:27, IP:95.243.136.198, PORT:ssh SSH brute force auth (docker-dc)	2020-05-26 21:35:51

Recently Reported IPs

86.99.45.148	fe80::1179:802f:3ad5:f1b9	75.0.175.58	93.121.140.246
92.194.210.143	25.230.141.209	5.91.23.114	124.147.3.222
228.0.94.89	241.211.157.192	7.214.105.247	101.231.19.107
28.144.228.221	3.87.64.52	152.67.0.1	2.142.32.54
206.89.50.129	248.238.235.132	55.103.249.218	169.85.2.61