41.207.239.241

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Currant Technologies

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Aug 12 05:08:24 mail.srvfarm.net postfix/smtpd[2866063]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: Aug 12 05:08:25 mail.srvfarm.net postfix/smtpd[2866063]: lost connection after AUTH from unknown[41.207.239.241] Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: lost connection after AUTH from unknown[41.207.239.241] Aug 12 05:17:22 mail.srvfarm.net postfix/smtpd[2866064]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed:	2020-08-12 14:49:12

Type

Details

Datetime

attackbotsspam

Aug 12 05:08:24 mail.srvfarm.net postfix/smtpd[2866063]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: 
Aug 12 05:08:25 mail.srvfarm.net postfix/smtpd[2866063]: lost connection after AUTH from unknown[41.207.239.241]
Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: 
Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: lost connection after AUTH from unknown[41.207.239.241]
Aug 12 05:17:22 mail.srvfarm.net postfix/smtpd[2866064]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed:

2020-08-12 14:49:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.207.239.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35149
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.207.239.241.			IN	A

;; AUTHORITY SECTION:
.			209	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081200 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 12 14:49:05 CST 2020
;; MSG SIZE  rcvd: 118

Host info

241.239.207.41.in-addr.arpa domain name pointer 41-207-239-241.currant.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
241.239.207.41.in-addr.arpa	name = 41-207-239-241.currant.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
207.180.239.212	attackspambots	Oct 8 20:38:49 dedicated sshd[12168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.180.239.212 user=root Oct 8 20:38:51 dedicated sshd[12168]: Failed password for root from 207.180.239.212 port 50968 ssh2	2019-10-09 02:53:13
119.29.53.107	attack	Oct 8 08:32:42 tdfoods sshd\[11615\]: Invalid user Success2017 from 119.29.53.107 Oct 8 08:32:42 tdfoods sshd\[11615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107 Oct 8 08:32:44 tdfoods sshd\[11615\]: Failed password for invalid user Success2017 from 119.29.53.107 port 40283 ssh2 Oct 8 08:36:40 tdfoods sshd\[11933\]: Invalid user R00T@123 from 119.29.53.107 Oct 8 08:36:40 tdfoods sshd\[11933\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.53.107	2019-10-09 02:43:15
80.211.243.247	attackbotsspam	10/08/2019-16:29:30.179015 80.211.243.247 Protocol: 17 ET SCAN Sipvicious Scan	2019-10-09 02:42:06
54.36.150.171	attackbotsspam	Automatic report - Banned IP Access	2019-10-09 02:55:55
185.112.63.198	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/185.112.63.198/ IT - 1H : (69) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN204176 IP : 185.112.63.198 CIDR : 185.112.60.0/22 PREFIX COUNT : 1 UNIQUE IP COUNT : 1024 WYKRYTE ATAKI Z ASN204176 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-08 13:48:05 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 02:46:37
218.173.235.86	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/218.173.235.86/ TW - 1H : (343) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 218.173.235.86 CIDR : 218.173.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 15 3H - 34 6H - 96 12H - 186 24H - 332 DateTime : 2019-10-08 13:48:05 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 02:45:47
77.40.3.223	attack	2019-10-08 dovecot_login authenticator failed for $localhost.localdomain$ \[77.40.3.223\]: 535 Incorrect authentication data $set_id=invoices@REMOVED.de$ 2019-10-08 dovecot_login authenticator failed for $localhost.localdomain$ \[77.40.3.223\]: 535 Incorrect authentication data $set_id=invoices@REMOVED.de$ 2019-10-08 dovecot_login authenticator failed for $localhost.localdomain$ \[77.40.3.223\]: 535 Incorrect authentication data $set_id=kontakt@REMOVED.de$	2019-10-09 02:30:40
217.11.183.58	attack	CloudCIX Reconnaissance Scan Detected, PTR: PTR record not found	2019-10-09 03:00:30
170.106.7.216	attack	Oct 8 12:12:42 venus sshd\[10935\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.106.7.216 user=root Oct 8 12:12:45 venus sshd\[10935\]: Failed password for root from 170.106.7.216 port 45958 ssh2 Oct 8 12:16:50 venus sshd\[10957\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.106.7.216 user=root ...	2019-10-09 02:54:58
14.169.187.45	attackbots	Chat Spam	2019-10-09 02:28:42
113.188.69.122	attack	Oct 8 13:38:58 tux postfix/smtpd[18359]: warning: hostname static.vnpt.vn does not resolve to address 113.188.69.122 Oct 8 13:38:58 tux postfix/smtpd[18359]: connect from unknown[113.188.69.122] Oct x@x Oct 8 13:38:59 tux postfix/smtpd[18359]: lost connection after DATA from unknown[113.188.69.122] Oct 8 13:38:59 tux postfix/smtpd[18359]: disconnect from unknown[113.188.69.122] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.188.69.122	2019-10-09 02:52:15
51.75.18.215	attackspam	Oct 8 03:51:27 kapalua sshd\[11648\]: Invalid user 321 from 51.75.18.215 Oct 8 03:51:27 kapalua sshd\[11648\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.ip-51-75-18.eu Oct 8 03:51:29 kapalua sshd\[11648\]: Failed password for invalid user 321 from 51.75.18.215 port 52722 ssh2 Oct 8 03:55:37 kapalua sshd\[12020\]: Invalid user !@\#\$%TREWQ from 51.75.18.215 Oct 8 03:55:37 kapalua sshd\[12020\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=215.ip-51-75-18.eu	2019-10-09 02:29:18
103.44.27.58	attackspambots	Oct 8 14:24:38 xtremcommunity sshd\[318267\]: Invalid user 123 from 103.44.27.58 port 60575 Oct 8 14:24:38 xtremcommunity sshd\[318267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.44.27.58 Oct 8 14:24:40 xtremcommunity sshd\[318267\]: Failed password for invalid user 123 from 103.44.27.58 port 60575 ssh2 Oct 8 14:30:32 xtremcommunity sshd\[318372\]: Invalid user Bonjour2016 from 103.44.27.58 port 50582 Oct 8 14:30:32 xtremcommunity sshd\[318372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.44.27.58 ...	2019-10-09 02:38:16
41.239.167.220	attackbotsspam	Lines containing failures of 41.239.167.220 Oct 8 13:40:19 shared07 sshd[2945]: Invalid user admin from 41.239.167.220 port 58169 Oct 8 13:40:19 shared07 sshd[2945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.239.167.220 Oct 8 13:40:22 shared07 sshd[2945]: Failed password for invalid user admin from 41.239.167.220 port 58169 ssh2 Oct 8 13:40:23 shared07 sshd[2945]: Connection closed by invalid user admin 41.239.167.220 port 58169 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.239.167.220	2019-10-09 02:32:25
222.186.175.216	attackspambots	Oct 8 13:39:21 xtremcommunity sshd\[317556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.216 user=root Oct 8 13:39:23 xtremcommunity sshd\[317556\]: Failed password for root from 222.186.175.216 port 47636 ssh2 Oct 8 13:39:27 xtremcommunity sshd\[317556\]: Failed password for root from 222.186.175.216 port 47636 ssh2 Oct 8 13:39:31 xtremcommunity sshd\[317556\]: Failed password for root from 222.186.175.216 port 47636 ssh2 Oct 8 13:39:35 xtremcommunity sshd\[317556\]: Failed password for root from 222.186.175.216 port 47636 ssh2 ...	2019-10-09 02:36:39

Recently Reported IPs

116.24.64.56	113.174.171.128	95.121.175.69	45.143.223.132
123.4.86.156	109.131.13.169	90.87.162.62	91.139.52.70
103.109.52.52	147.139.137.68	222.180.149.101	95.38.201.101
52.68.18.239	90.17.6.234	35.208.30.246	84.209.139.0
86.229.12.72	19.100.42.15	210.246.40.67	92.205.149.26