41.139.17.126 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Ghana

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
41.139.17.120	attack	Sep 23 20:54:35 mail.srvfarm.net postfix/smtpd[241499]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed: Sep 23 20:54:35 mail.srvfarm.net postfix/smtpd[241499]: lost connection after AUTH from unknown[41.139.17.120] Sep 23 20:57:56 mail.srvfarm.net postfix/smtps/smtpd[241517]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed: Sep 23 20:57:56 mail.srvfarm.net postfix/smtps/smtpd[241517]: lost connection after AUTH from unknown[41.139.17.120] Sep 23 20:58:28 mail.srvfarm.net postfix/smtps/smtpd[243899]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed:	2020-09-24 20:45:32
41.139.17.120	attack	Sep 23 20:54:35 mail.srvfarm.net postfix/smtpd[241499]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed: Sep 23 20:54:35 mail.srvfarm.net postfix/smtpd[241499]: lost connection after AUTH from unknown[41.139.17.120] Sep 23 20:57:56 mail.srvfarm.net postfix/smtps/smtpd[241517]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed: Sep 23 20:57:56 mail.srvfarm.net postfix/smtps/smtpd[241517]: lost connection after AUTH from unknown[41.139.17.120] Sep 23 20:58:28 mail.srvfarm.net postfix/smtps/smtpd[243899]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed:	2020-09-24 12:41:55
41.139.17.120	attackspambots	Sep 23 20:54:35 mail.srvfarm.net postfix/smtpd[241499]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed: Sep 23 20:54:35 mail.srvfarm.net postfix/smtpd[241499]: lost connection after AUTH from unknown[41.139.17.120] Sep 23 20:57:56 mail.srvfarm.net postfix/smtps/smtpd[241517]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed: Sep 23 20:57:56 mail.srvfarm.net postfix/smtps/smtpd[241517]: lost connection after AUTH from unknown[41.139.17.120] Sep 23 20:58:28 mail.srvfarm.net postfix/smtps/smtpd[243899]: warning: unknown[41.139.17.120]: SASL PLAIN authentication failed:	2020-09-24 04:11:34
41.139.176.250	attack	Icarus honeypot on github	2020-06-29 21:15:57
41.139.173.55	attackspam	failed_logins	2020-06-03 18:42:15
41.139.171.117	attackbots	(imapd) Failed IMAP login from 41.139.171.117 (KE/Kenya/41-139-171-117.safaricombusiness.co.ke): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 29 08:22:25 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=41.139.171.117, lip=5.63.12.44, session=	2020-04-29 19:05:13
41.139.171.137	attackbots	(imapd) Failed IMAP login from 41.139.171.137 (KE/Kenya/41-139-171-137.safaricombusiness.co.ke): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 26 16:30:00 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 4 secs): user=, method=PLAIN, rip=41.139.171.137, lip=5.63.12.44, TLS, session=<1O1HVjCk784pi6uJ>	2020-04-27 01:56:53
41.139.172.117	attackspambots	Dovecot Invalid User Login Attempt.	2020-04-17 01:07:20
41.139.171.35	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-29 04:43:17
41.139.171.139	attack	Brute force attempt	2020-02-05 05:06:59
41.139.170.203	attackbotsspam	Unauthorized connection attempt from IP address 41.139.170.203 on Port 445(SMB)	2020-01-16 04:46:28
41.139.174.30	attackspambots	Sun, 21 Jul 2019 18:28:08 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 05:55:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.139.17.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54303
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;41.139.17.126.			IN	A

;; AUTHORITY SECTION:
.			448	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 17:44:12 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 126.17.139.41.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 126.17.139.41.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.65.18	attackspambots	2019-10-17T19:47:22.983526abusebot-5.cloudsearch.cf sshd\[8837\]: Invalid user francesco from 106.13.65.18 port 60608	2019-10-18 03:48:06
220.168.85.66	attack	10/17/2019-21:53:38.348004 220.168.85.66 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-18 04:16:22
103.74.122.183	attackbotsspam	2019-10-17T13:58:22Z - RDP login failed multiple times. (103.74.122.183)	2019-10-18 03:47:49
193.32.160.150	attackspambots	2019-10-17 21:54:00 H=$\[193.32.160.146\]$ \[193.32.160.150\] F=\ rejected RCPT \: Unrouteable address 2019-10-17 21:54:00 H=$\[193.32.160.146\]$ \[193.32.160.150\] F=\ rejected RCPT \: Unrouteable address 2019-10-17 21:54:00 H=$\[193.32.160.146\]$ \[193.32.160.150\] F=\ rejected RCPT \: Unrouteable address 2019-10-17 21:54:00 H=$\[193.32.160.146\]$ \[193.32.160.150\] F=\ rejected RCPT \: Unrouteable address 2019-10-17 21:54:00 H=$\[193.32.160.146\]$ \[193.32.160.150\] F=\ rejected RCPT \: Unrouteable address 2019-10-17 21:54:00 H=$\[193.32.160.146\]$ \[193.32.160.150\] F=\ rejected RCPT \: Unrouteable address 2019-10-17 21:54:00 H=$\[193.32.160.146\]$ \[193	2019-10-18 03:57:13
170.254.205.200	attack	Autoban 170.254.205.200 AUTH/CONNECT	2019-10-18 04:13:52
103.242.104.190	attackbotsspam	Oct 17 19:53:48 anodpoucpklekan sshd[81009]: Invalid user user from 103.242.104.190 port 54892 Oct 17 19:53:52 anodpoucpklekan sshd[81009]: Failed password for invalid user user from 103.242.104.190 port 54892 ssh2 ...	2019-10-18 04:04:27
113.172.111.103	attack	Lines containing failures of 113.172.111.103 Oct 17 21:44:59 srv02 sshd[16181]: Invalid user admin from 113.172.111.103 port 47089 Oct 17 21:44:59 srv02 sshd[16181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.172.111.103 Oct 17 21:45:01 srv02 sshd[16181]: Failed password for invalid user admin from 113.172.111.103 port 47089 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.172.111.103	2019-10-18 04:22:41
201.73.144.140	attackbots	Mar 15 14:43:32 odroid64 sshd\[6815\]: Invalid user vtdc from 201.73.144.140 Mar 15 14:43:32 odroid64 sshd\[6815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.73.144.140 Mar 15 14:43:35 odroid64 sshd\[6815\]: Failed password for invalid user vtdc from 201.73.144.140 port 53217 ssh2 ...	2019-10-18 03:58:32
79.2.22.244	attack	Oct 17 21:48:39 v22019058497090703 sshd[7939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.2.22.244 Oct 17 21:48:41 v22019058497090703 sshd[7939]: Failed password for invalid user babyboy from 79.2.22.244 port 57501 ssh2 Oct 17 21:53:58 v22019058497090703 sshd[8355]: Failed password for root from 79.2.22.244 port 49377 ssh2 ...	2019-10-18 03:59:59
201.71.159.132	attackspambots	Jun 5 10:24:15 odroid64 sshd\[18212\]: User root from 201.71.159.132 not allowed because not listed in AllowUsers Jun 5 10:24:15 odroid64 sshd\[18212\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.71.159.132 user=root Jun 5 10:24:18 odroid64 sshd\[18212\]: Failed password for invalid user root from 201.71.159.132 port 34903 ssh2 ...	2019-10-18 04:03:05
103.207.2.204	attackbotsspam	2019-10-17T21:48:49.726671lon01.zurich-datacenter.net sshd\[9512\]: Invalid user test4 from 103.207.2.204 port 40722 2019-10-17T21:48:49.732063lon01.zurich-datacenter.net sshd\[9512\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.2.204 2019-10-17T21:48:51.582733lon01.zurich-datacenter.net sshd\[9512\]: Failed password for invalid user test4 from 103.207.2.204 port 40722 ssh2 2019-10-17T21:53:43.878240lon01.zurich-datacenter.net sshd\[9594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.2.204 user=root 2019-10-17T21:53:45.422820lon01.zurich-datacenter.net sshd\[9594\]: Failed password for root from 103.207.2.204 port 53434 ssh2 ...	2019-10-18 04:10:02
103.60.14.185	attackbots	SMTP/25/465/587 Probe, BadAuth, BF, SPAM -	2019-10-18 03:49:05
201.64.147.23	attackbots	Dec 5 16:09:15 odroid64 sshd\[12927\]: Invalid user Tenho from 201.64.147.23 Dec 5 16:09:15 odroid64 sshd\[12927\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.64.147.23 Dec 5 16:09:16 odroid64 sshd\[12927\]: Failed password for invalid user Tenho from 201.64.147.23 port 35818 ssh2 ...	2019-10-18 04:11:02
89.248.162.136	attackbots	10/17/2019-14:31:11.077738 89.248.162.136 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 97	2019-10-18 03:43:58
188.166.220.17	attackbotsspam	$f2bV_matches	2019-10-18 04:09:04

Recently Reported IPs

124.6.188.102	201.221.247.194	141.98.87.17	47.106.103.68
212.73.81.210	42.224.174.208	186.146.138.211	186.222.165.68
223.74.245.228	216.158.225.249	138.117.91.72	45.236.11.40
64.39.102.229	193.168.177.74	178.93.17.211	34.141.129.136
117.132.198.127	41.233.141.16	42.192.61.106	178.62.85.75