Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: CyberSmart

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:
Make a comment on this IP
Type Details Datetime
attack 
196.41.122.97 - - [09/Oct/2019:21:41:49 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.97 - - [09/Oct/2019:21:41:50 +0200] "POST /wp-login.php HTTP/1.1" 200 1503 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.97 - - [09/Oct/2019:21:41:50 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.97 - - [09/Oct/2019:21:41:51 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.97 - - [09/Oct/2019:21:41:51 +0200] "GET /wp-login.php HTTP/1.1" 200 1122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.97 - - [09/Oct/2019:21:41:52 +0200] "POST /wp-login.php HTTP/1.1" 200 1486 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
 2019-10-10 07:08:14
Comments on same subnet:
IP Type Details Datetime
196.41.122.94 attack 
"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:
 2020-09-12 20:10:44
196.41.122.94 attack 
196.41.122.94 - - [12/Sep/2020:05:12:59 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [12/Sep/2020:05:13:01 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [12/Sep/2020:05:13:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
 2020-09-12 12:13:59
196.41.122.94 attackspam 
Automatic report - Banned IP Access
 2020-09-12 04:02:30
196.41.122.94 attackbotsspam 
196.41.122.94 - - [10/Sep/2020:15:41:27 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [10/Sep/2020:15:41:28 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [10/Sep/2020:15:41:29 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
 2020-09-10 23:59:31
196.41.122.94 attackbotsspam 
196.41.122.94 - - [10/Sep/2020:08:17:48 +0100] "POST /wp-login.php HTTP/1.1" 200 1874 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [10/Sep/2020:08:17:49 +0100] "POST /wp-login.php HTTP/1.1" 200 1858 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [10/Sep/2020:08:17:50 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
 2020-09-10 15:23:18
196.41.122.94 attackspambots 
[09/Sep/2020:21:31:10 +0200] Web-Request: "GET /wp-login.php", User-Agent: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
 2020-09-10 05:59:47
196.41.122.94 attackbotsspam 
196.41.122.94 - - [01/Sep/2020:07:03:50 +0100] "POST /wp-login.php HTTP/1.1" 200 2435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [01/Sep/2020:07:03:52 +0100] "POST /wp-login.php HTTP/1.1" 200 2415 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [01/Sep/2020:07:03:53 +0100] "POST /wp-login.php HTTP/1.1" 200 2400 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
 2020-09-01 14:48:17
196.41.122.94 attackspam 
196.41.122.94 - - [12/Aug/2020:08:18:22 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [12/Aug/2020:08:18:25 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [12/Aug/2020:08:18:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
 2020-08-12 16:46:01
196.41.122.94 attackspam 
php WP PHPmyadamin ABUSE blocked for 12h
 2020-08-11 03:09:33
196.41.122.94 attack 
196.41.122.94 - - [07/Aug/2020:22:25:46 +0200] "GET /wp-login.php HTTP/1.1" 200 6060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [07/Aug/2020:22:25:47 +0200] "POST /wp-login.php HTTP/1.1" 200 6311 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [07/Aug/2020:22:25:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
 2020-08-08 06:44:39
196.41.122.94 attackbots 
196.41.122.94 - - [26/Jul/2020:23:52:55 +0200] "GET /wp-login.php HTTP/1.1" 200 6310 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [26/Jul/2020:23:52:57 +0200] "POST /wp-login.php HTTP/1.1" 200 6561 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [26/Jul/2020:23:52:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
 2020-07-27 07:12:28
196.41.122.94 attackbots 
"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:
 2020-07-26 07:40:45
196.41.122.94 attack 
retro-gamer.club 196.41.122.94 [10/Jul/2020:05:57:23 +0200] "POST /wp-login.php HTTP/1.1" 200 6064 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
retro-gamer.club 196.41.122.94 [10/Jul/2020:05:57:25 +0200] "POST /wp-login.php HTTP/1.1" 200 6034 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
 2020-07-10 12:34:26
196.41.122.94 attackbots 
196.41.122.94 - - \[08/Jul/2020:05:41:52 +0200\] "POST /wp-login.php HTTP/1.0" 200 2508 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - \[08/Jul/2020:05:41:54 +0200\] "POST /wp-login.php HTTP/1.0" 200 2475 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - \[08/Jul/2020:05:41:57 +0200\] "POST /wp-login.php HTTP/1.0" 200 2473 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
 2020-07-08 17:44:29
196.41.122.94 attackspambots 
196.41.122.94 - - [27/Jun/2020:08:54:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2083 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [27/Jun/2020:08:54:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2060 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
196.41.122.94 - - [27/Jun/2020:08:54:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2063 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...
 2020-06-27 16:28:37
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.41.122.97
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25589
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.41.122.97.			IN	A

;; AUTHORITY SECTION:
.			524	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100901 1800 900 604800 86400

;; Query time: 92 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Oct 10 07:08:11 CST 2019
;; MSG SIZE  rcvd: 117
Host info
97.122.41.196.in-addr.arpa domain name pointer cpanel9.mywebserver.co.za.
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
97.122.41.196.in-addr.arpa	name = cpanel9.mywebserver.co.za.

Authoritative answers can be found from:
Related IP info:
196.41.122.26
196.41.122.180
196.41.122.242
196.41.122.209
196.41.122.116
196.41.122.215
196.41.122.217
196.41.122.25
196.41.122.69
196.41.122.173
196.41.122.60
196.41.122.200
196.41.122.227
196.41.122.125
196.41.122.58
196.41.122.94
196.41.122.167
196.41.122.16
196.41.122.75
196.41.122.74
196.41.122.66
196.41.122.37
196.41.122.20
196.41.122.130
196.41.122.238
196.41.122.56
196.41.122.191
196.41.122.131
196.41.122.108
196.41.122.193
196.41.122.104
196.41.122.249
196.41.122.24
196.41.122.123
196.41.122.105
196.41.122.203
196.41.122.149
196.41.122.244
196.41.122.61
196.41.122.250
196.41.122.154
196.41.122.79
196.41.122.4
196.41.122.141
196.41.122.22
196.41.122.155
196.41.122.100
196.41.122.15
196.41.122.236
196.41.122.71
196.41.122.30
196.41.122.31
196.41.122.46
196.41.122.196
196.41.122.54
196.41.122.179
196.41.122.36
196.41.122.78
196.41.122.52
196.41.122.136
196.41.122.199
196.41.122.161
196.41.122.174
196.41.122.233
196.41.122.226
196.41.122.89
196.41.122.128
196.41.122.188
196.41.122.176
196.41.122.165
196.41.122.207
196.41.122.239
196.41.122.83
196.41.122.184
196.41.122.178
196.41.122.97
196.41.122.124
196.41.122.175
196.41.122.115
196.41.122.87
196.41.122.163
196.41.122.122
196.41.122.247
196.41.122.248
196.41.122.140
196.41.122.229
196.41.122.187
196.41.122.134
196.41.122.194
196.41.122.107
196.41.122.253
196.41.122.40
196.41.122.147
196.41.122.110
196.41.122.189
196.41.122.32
196.41.122.86
196.41.122.220
196.41.122.93
196.41.122.211
196.41.122.50
196.41.122.185
196.41.122.232
196.41.122.204
196.41.122.18
196.41.122.182
196.41.122.202
196.41.122.27
196.41.122.10
196.41.122.80
196.41.122.62
196.41.122.43
196.41.122.7
196.41.122.55
196.41.122.139
196.41.122.186
196.41.122.160
196.41.122.190
196.41.122.224
196.41.122.225
196.41.122.221
196.41.122.168
196.41.122.6
196.41.122.210
196.41.122.90
196.41.122.51
196.41.122.77
196.41.122.230
196.41.122.114
196.41.122.9
196.41.122.127
196.41.122.109
196.41.122.156
196.41.122.223
196.41.122.81
196.41.122.33
196.41.122.101
196.41.122.34
196.41.122.29
196.41.122.231
196.41.122.132
196.41.122.205
196.41.122.254
196.41.122.234
196.41.122.151
196.41.122.41
196.41.122.145
196.41.122.146
196.41.122.14
196.41.122.120
196.41.122.99
196.41.122.68
196.41.122.177
196.41.122.11
196.41.122.1
196.41.122.64
196.41.122.39
196.41.122.19
196.41.122.73
196.41.122.181
196.41.122.45
196.41.122.162
196.41.122.142
196.41.122.49
196.41.122.48
196.41.122.251
196.41.122.67
196.41.122.47
196.41.122.137
196.41.122.84
196.41.122.53
196.41.122.133
196.41.122.82
196.41.122.126
196.41.122.170
196.41.122.143
196.41.122.28
196.41.122.157
196.41.122.169
196.41.122.148
196.41.122.216
196.41.122.208
196.41.122.21
196.41.122.2
196.41.122.237
196.41.122.152
196.41.122.166
196.41.122.235
196.41.122.38
196.41.122.218
196.41.122.103
196.41.122.138
196.41.122.144
196.41.122.197
196.41.122.3
196.41.122.118
196.41.122.5
196.41.122.135
196.41.122.23
196.41.122.212
196.41.122.70
196.41.122.192
196.41.122.214
196.41.122.246
196.41.122.201
196.41.122.17
196.41.122.57
196.41.122.158
196.41.122.172
196.41.122.243
196.41.122.102
196.41.122.12
196.41.122.195
196.41.122.111
196.41.122.129
196.41.122.59
196.41.122.228
196.41.122.213
196.41.122.121
196.41.122.164
196.41.122.241
196.41.122.88
196.41.122.119
196.41.122.13
196.41.122.98
196.41.122.35
196.41.122.96
196.41.122.91
196.41.122.112
196.41.122.44
196.41.122.42
196.41.122.65
196.41.122.8
196.41.122.92
196.41.122.219
196.41.122.240
196.41.122.206
196.41.122.150
196.41.122.106
196.41.122.72
196.41.122.183
196.41.122.159
196.41.122.95
196.41.122.153
196.41.122.245
196.41.122.76
196.41.122.222
196.41.122.113
196.41.122.117
196.41.122.85
196.41.122.171
196.41.122.198
196.41.122.63
196.41.122.252
Related comments:
IP Type Details Datetime
141.98.9.165 attackbotsspam 
2020-09-13T05:43:46.264645shield sshd\[22735\]: Invalid user user from 141.98.9.165 port 33721
2020-09-13T05:43:46.278896shield sshd\[22735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.165
2020-09-13T05:43:48.268881shield sshd\[22735\]: Failed password for invalid user user from 141.98.9.165 port 33721 ssh2
2020-09-13T05:44:15.219161shield sshd\[22938\]: Invalid user guest from 141.98.9.165 port 35577
2020-09-13T05:44:15.223750shield sshd\[22938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.9.165
 2020-09-13 13:55:56
46.249.32.35 attackbots 
 UDP 46.249.32.35:55392 -> port 123, len 37
 2020-09-13 13:28:20
67.216.209.77 attackspam 
2020-09-11 19:10:05 server sshd[41049]: Failed password for invalid user root from 67.216.209.77 port 45326 ssh2
 2020-09-13 13:57:57
144.139.195.70 attack 
Icarus honeypot on github
 2020-09-13 13:56:17
209.45.40.93 attack 
...
 2020-09-13 13:28:38
51.79.21.92 attack 
php WP PHPmyadamin ABUSE blocked for 12h
 2020-09-13 13:19:38
114.119.149.203 attack 
Automatic report - Banned IP Access
 2020-09-13 13:32:31
43.229.153.156 attackbotsspam 
2020-09-13T07:26:10.309077+02:00  sshd[3244]: Failed password for root from 43.229.153.156 port 33994 ssh2
 2020-09-13 13:50:21
142.4.16.20 attack 
SSH Invalid Login
 2020-09-13 13:26:01
36.82.133.6 attackbots 
Attempt to login to the wordpress admin panel
 2020-09-13 13:37:10
137.74.233.91 attack 
(sshd) Failed SSH login from 137.74.233.91 (FR/France/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 12 21:16:35 optimus sshd[13012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.233.91  user=root
Sep 12 21:16:37 optimus sshd[13012]: Failed password for root from 137.74.233.91 port 34620 ssh2
Sep 12 21:23:57 optimus sshd[14852]: Invalid user ts3 from 137.74.233.91
Sep 12 21:23:57 optimus sshd[14852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.233.91 
Sep 12 21:23:59 optimus sshd[14852]: Failed password for invalid user ts3 from 137.74.233.91 port 41972 ssh2
 2020-09-13 13:53:07
91.121.65.15 attackbotsspam 
Sep 12 19:36:32 dignus sshd[9684]: Failed password for root from 91.121.65.15 port 40670 ssh2
Sep 12 19:39:42 dignus sshd[9952]: Invalid user bbinatac from 91.121.65.15 port 40896
Sep 12 19:39:42 dignus sshd[9952]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.65.15
Sep 12 19:39:44 dignus sshd[9952]: Failed password for invalid user bbinatac from 91.121.65.15 port 40896 ssh2
Sep 12 19:42:55 dignus sshd[10230]: Invalid user iflytek from 91.121.65.15 port 41022
...
 2020-09-13 13:24:33
104.144.249.90 attackspam 
Unauthorized access detected from black listed ip!
 2020-09-13 13:57:33
124.41.252.47 attack 
Fail2Ban Ban Triggered
 2020-09-13 13:30:52
144.22.108.33 attackspam 
$f2bV_matches
 2020-09-13 13:51:15

Recently Reported IPs

123.13.157.66 161.69.99.2 46.176.91.222 121.33.145.196
37.114.144.211 49.72.203.252 1.20.140.195 177.193.156.45
117.71.58.204 223.54.185.241 172.98.67.12 178.46.136.94
139.162.223.59 112.168.11.211 172.105.94.201 45.179.241.239
95.84.102.89 47.215.64.49 159.203.10.6 250.53.182.147