196.41.122.126

Basic Info

City: Cape Town

Region: Western Cape

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
196.41.122.94	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-12 20:10:44
196.41.122.94	attack	196.41.122.94 - - [12/Sep/2020:05:12:59 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [12/Sep/2020:05:13:01 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [12/Sep/2020:05:13:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-12 12:13:59
196.41.122.94	attackspam	Automatic report - Banned IP Access	2020-09-12 04:02:30
196.41.122.94	attackbotsspam	196.41.122.94 - - [10/Sep/2020:15:41:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [10/Sep/2020:15:41:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [10/Sep/2020:15:41:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-10 23:59:31
196.41.122.94	attackbotsspam	196.41.122.94 - - [10/Sep/2020:08:17:48 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [10/Sep/2020:08:17:49 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [10/Sep/2020:08:17:50 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-10 15:23:18
196.41.122.94	attackspambots	[09/Sep/2020:21:31:10 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-10 05:59:47
196.41.122.94	attackbotsspam	196.41.122.94 - - [01/Sep/2020:07:03:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [01/Sep/2020:07:03:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [01/Sep/2020:07:03:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2400 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 14:48:17
196.41.122.94	attackspam	196.41.122.94 - - [12/Aug/2020:08:18:22 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [12/Aug/2020:08:18:25 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [12/Aug/2020:08:18:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-12 16:46:01
196.41.122.94	attackspam	php WP PHPmyadamin ABUSE blocked for 12h	2020-08-11 03:09:33
196.41.122.94	attack	196.41.122.94 - - [07/Aug/2020:22:25:46 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [07/Aug/2020:22:25:47 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [07/Aug/2020:22:25:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-08 06:44:39
196.41.122.94	attackbots	196.41.122.94 - - [26/Jul/2020:23:52:55 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [26/Jul/2020:23:52:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [26/Jul/2020:23:52:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-27 07:12:28
196.41.122.94	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-07-26 07:40:45
196.41.122.94	attack	retro-gamer.club 196.41.122.94 [10/Jul/2020:05:57:23 +0200] "POST /wp-login.php HTTP/1.1" 200 6064 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" retro-gamer.club 196.41.122.94 [10/Jul/2020:05:57:25 +0200] "POST /wp-login.php HTTP/1.1" 200 6034 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-10 12:34:26
196.41.122.94	attackbots	196.41.122.94 - - \[08/Jul/2020:05:41:52 +0200\] "POST /wp-login.php HTTP/1.0" 200 2508 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - \[08/Jul/2020:05:41:54 +0200\] "POST /wp-login.php HTTP/1.0" 200 2475 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - \[08/Jul/2020:05:41:57 +0200\] "POST /wp-login.php HTTP/1.0" 200 2473 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2020-07-08 17:44:29
196.41.122.94	attackspambots	196.41.122.94 - - [27/Jun/2020:08:54:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2083 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [27/Jun/2020:08:54:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 196.41.122.94 - - [27/Jun/2020:08:54:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2063 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-27 16:28:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.41.122.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37168
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;196.41.122.126.			IN	A

;; AUTHORITY SECTION:
.			414	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023062000 1800 900 604800 86400

;; Query time: 102 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 20 23:13:23 CST 2023
;; MSG SIZE  rcvd: 107

Host info

126.122.41.196.in-addr.arpa domain name pointer 122.126.business-adsl.cybersmart.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
126.122.41.196.in-addr.arpa	name = 122.126.business-adsl.cybersmart.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
192.42.116.25	attackspambots	2020-09-07T15:23[Censored Hostname] sshd[20063]: Failed password for root from 192.42.116.25 port 52068 ssh2 2020-09-07T15:23[Censored Hostname] sshd[20063]: Failed password for root from 192.42.116.25 port 52068 ssh2 2020-09-07T15:23[Censored Hostname] sshd[20063]: Failed password for root from 192.42.116.25 port 52068 ssh2[...]	2020-09-07 21:58:00
222.186.175.215	attackbotsspam	Sep 7 15:29:38 mavik sshd[26669]: Failed password for root from 222.186.175.215 port 57516 ssh2 Sep 7 15:29:42 mavik sshd[26669]: Failed password for root from 222.186.175.215 port 57516 ssh2 Sep 7 15:29:46 mavik sshd[26669]: Failed password for root from 222.186.175.215 port 57516 ssh2 Sep 7 15:29:49 mavik sshd[26669]: Failed password for root from 222.186.175.215 port 57516 ssh2 Sep 7 15:29:52 mavik sshd[26669]: Failed password for root from 222.186.175.215 port 57516 ssh2 ...	2020-09-07 22:30:45
1.173.47.129	attackbots	Honeypot attack, port: 5555, PTR: 1-173-47-129.dynamic-ip.hinet.net.	2020-09-07 22:04:08
115.159.153.180	attack	Sep 7 15:44:55 santamaria sshd\[12307\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.153.180 user=root Sep 7 15:44:57 santamaria sshd\[12307\]: Failed password for root from 115.159.153.180 port 34524 ssh2 Sep 7 15:49:09 santamaria sshd\[12363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.153.180 user=root ...	2020-09-07 22:19:11
69.50.220.176	attack	Sep 6 16:48:46 plex-server sshd[2275551]: Failed password for invalid user diradmin from 69.50.220.176 port 52334 ssh2 Sep 6 16:52:33 plex-server sshd[2277127]: Invalid user configure from 69.50.220.176 port 58700 Sep 6 16:52:33 plex-server sshd[2277127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=69.50.220.176 Sep 6 16:52:33 plex-server sshd[2277127]: Invalid user configure from 69.50.220.176 port 58700 Sep 6 16:52:34 plex-server sshd[2277127]: Failed password for invalid user configure from 69.50.220.176 port 58700 ssh2 ...	2020-09-07 22:39:54
222.186.173.183	attack	Sep 7 10:01:55 ny01 sshd[19563]: Failed password for root from 222.186.173.183 port 14606 ssh2 Sep 7 10:02:04 ny01 sshd[19563]: Failed password for root from 222.186.173.183 port 14606 ssh2 Sep 7 10:02:07 ny01 sshd[19563]: Failed password for root from 222.186.173.183 port 14606 ssh2 Sep 7 10:02:07 ny01 sshd[19563]: error: maximum authentication attempts exceeded for root from 222.186.173.183 port 14606 ssh2 [preauth]	2020-09-07 22:03:39
165.227.50.84	attack	(sshd) Failed SSH login from 165.227.50.84 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 7 07:57:31 optimus sshd[22342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.50.84 user=mysql Sep 7 07:57:33 optimus sshd[22342]: Failed password for mysql from 165.227.50.84 port 44362 ssh2 Sep 7 07:58:33 optimus sshd[22671]: Invalid user mouzj from 165.227.50.84 Sep 7 07:58:33 optimus sshd[22671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.50.84 Sep 7 07:58:36 optimus sshd[22671]: Failed password for invalid user mouzj from 165.227.50.84 port 59834 ssh2	2020-09-07 22:38:26
217.145.211.33	attackspambots	20/9/6@12:53:05: FAIL: Alarm-Telnet address from=217.145.211.33 ...	2020-09-07 22:08:42
124.156.55.20	attackbotsspam	port scan and connect, tcp 143 (imap)	2020-09-07 22:25:32
129.211.18.180	attack	(sshd) Failed SSH login from 129.211.18.180 (CN/China/-): 5 in the last 3600 secs	2020-09-07 21:56:38
61.145.178.134	attackspambots	Sep 7 08:40:54 ns382633 sshd\[28316\]: Invalid user admin from 61.145.178.134 port 39968 Sep 7 08:40:54 ns382633 sshd\[28316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.145.178.134 Sep 7 08:40:56 ns382633 sshd\[28316\]: Failed password for invalid user admin from 61.145.178.134 port 39968 ssh2 Sep 7 08:59:42 ns382633 sshd\[31162\]: Invalid user teamspeak from 61.145.178.134 port 57726 Sep 7 08:59:42 ns382633 sshd\[31162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.145.178.134	2020-09-07 21:53:30
114.32.214.68	attackbots	Honeypot attack, port: 81, PTR: 114-32-214-68.HINET-IP.hinet.net.	2020-09-07 22:17:38
185.13.64.84	attack	xmlrpc attack	2020-09-07 22:16:55
46.148.96.202	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 22:23:19
209.85.217.99	attackspam	Fake Paypal email requesting account details.	2020-09-07 22:28:46

Recently Reported IPs

7.62.153.128	122.193.158.140	128.204.218.63	87.63.233.17
120.136.21.130	1.162.59.133	174.135.176.2	89.112.232.71
172.31.102.44	129.106.124.107	128.106.124.107	168.141.252.3
80.94.95.3	140.207.249.184	28.46.66.239	27.167.241.164
252.179.31.201	108.161.139.170	168.28.92.7	147.206.194.111