41.207.239.241

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: Currant Technologies

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Aug 12 05:08:24 mail.srvfarm.net postfix/smtpd[2866063]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: Aug 12 05:08:25 mail.srvfarm.net postfix/smtpd[2866063]: lost connection after AUTH from unknown[41.207.239.241] Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: lost connection after AUTH from unknown[41.207.239.241] Aug 12 05:17:22 mail.srvfarm.net postfix/smtpd[2866064]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed:	2020-08-12 14:49:12

Type

Details

Datetime

attackbotsspam

Aug 12 05:08:24 mail.srvfarm.net postfix/smtpd[2866063]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: 
Aug 12 05:08:25 mail.srvfarm.net postfix/smtpd[2866063]: lost connection after AUTH from unknown[41.207.239.241]
Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed: 
Aug 12 05:17:09 mail.srvfarm.net postfix/smtps/smtpd[2853878]: lost connection after AUTH from unknown[41.207.239.241]
Aug 12 05:17:22 mail.srvfarm.net postfix/smtpd[2866064]: warning: unknown[41.207.239.241]: SASL PLAIN authentication failed:

2020-08-12 14:49:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.207.239.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35149
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.207.239.241.			IN	A

;; AUTHORITY SECTION:
.			209	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081200 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Aug 12 14:49:05 CST 2020
;; MSG SIZE  rcvd: 118

Host info

241.239.207.41.in-addr.arpa domain name pointer 41-207-239-241.currant.co.za.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
241.239.207.41.in-addr.arpa	name = 41-207-239-241.currant.co.za.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.42.7	attackspambots	Aug 26 21:59:49 NPSTNNYC01T sshd[12246]: Failed password for root from 222.186.42.7 port 10981 ssh2 Aug 26 22:00:00 NPSTNNYC01T sshd[12259]: Failed password for root from 222.186.42.7 port 40294 ssh2 Aug 26 22:00:02 NPSTNNYC01T sshd[12259]: Failed password for root from 222.186.42.7 port 40294 ssh2 ...	2020-08-27 10:10:27
165.22.206.182	attackbots	Aug 26 22:42:51 ip40 sshd[3399]: Failed password for root from 165.22.206.182 port 53380 ssh2 Aug 26 22:46:15 ip40 sshd[3656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.206.182 ...	2020-08-27 10:27:40
75.112.68.166	attackspambots	Aug 26 23:58:49 meumeu sshd[385277]: Invalid user dev from 75.112.68.166 port 10426 Aug 26 23:58:49 meumeu sshd[385277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.112.68.166 Aug 26 23:58:49 meumeu sshd[385277]: Invalid user dev from 75.112.68.166 port 10426 Aug 26 23:58:51 meumeu sshd[385277]: Failed password for invalid user dev from 75.112.68.166 port 10426 ssh2 Aug 27 00:03:02 meumeu sshd[385792]: Invalid user prueba01 from 75.112.68.166 port 36047 Aug 27 00:03:02 meumeu sshd[385792]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.112.68.166 Aug 27 00:03:02 meumeu sshd[385792]: Invalid user prueba01 from 75.112.68.166 port 36047 Aug 27 00:03:04 meumeu sshd[385792]: Failed password for invalid user prueba01 from 75.112.68.166 port 36047 ssh2 Aug 27 00:07:19 meumeu sshd[385928]: Invalid user ftpuser from 75.112.68.166 port 56385 ...	2020-08-27 09:50:26
74.121.150.130	attack	Aug 26 22:28:41 hidden sshd[17029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.121.150.130 Aug 26 22:28:43 hidden sshd[17029]: Failed password for invalid user dcmtk from 74.121.150.130 port 44586 ssh2 Aug 26 22:46:49 hidden sshd[20748]: Invalid user jeffrey from 74.121.150.130 port 55952	2020-08-27 10:05:39
191.37.128.112	attackbotsspam	Aug 26 22:46:59 server postfix/smtpd[26470]: NOQUEUE: reject: RCPT from unknown[191.37.128.112]: 554 5.7.1 Service unavailable; Client host [191.37.128.112] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/191.37.128.112; from= to= proto=ESMTP helo=<[191.37.128.112]>	2020-08-27 09:59:24
13.65.44.234	attackspam	Lines containing failures of 13.65.44.234 Aug 24 18:49:50 kmh-vmh-001-fsn07 sshd[3626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.65.44.234 user=r.r Aug 24 18:49:52 kmh-vmh-001-fsn07 sshd[3626]: Failed password for r.r from 13.65.44.234 port 54194 ssh2 Aug 24 18:49:55 kmh-vmh-001-fsn07 sshd[3626]: Failed password for r.r from 13.65.44.234 port 54194 ssh2 Aug 24 18:49:58 kmh-vmh-001-fsn07 sshd[3626]: Failed password for r.r from 13.65.44.234 port 54194 ssh2 Aug 24 18:50:02 kmh-vmh-001-fsn07 sshd[3626]: Failed password for r.r from 13.65.44.234 port 54194 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=13.65.44.234	2020-08-27 10:04:51
187.25.60.106	attackspam	Brute forcing RDP port 3389	2020-08-27 09:52:53
200.73.240.238	attack	Aug 26 23:48:03 pve1 sshd[9956]: Failed password for root from 200.73.240.238 port 45458 ssh2 ...	2020-08-27 10:00:52
178.93.28.212	attackspam	Brute Force	2020-08-27 10:01:20
192.99.45.31	attackspam	192.99.45.31 was recorded 10 times by 4 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 10, 20, 20	2020-08-27 10:12:22
154.34.24.212	attack	2020-08-26T23:13:44.032043abusebot-2.cloudsearch.cf sshd[32428]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.34.24.212 user=root 2020-08-26T23:13:46.345063abusebot-2.cloudsearch.cf sshd[32428]: Failed password for root from 154.34.24.212 port 54512 ssh2 2020-08-26T23:18:22.490754abusebot-2.cloudsearch.cf sshd[32484]: Invalid user mozilla from 154.34.24.212 port 32924 2020-08-26T23:18:22.497040abusebot-2.cloudsearch.cf sshd[32484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.34.24.212 2020-08-26T23:18:22.490754abusebot-2.cloudsearch.cf sshd[32484]: Invalid user mozilla from 154.34.24.212 port 32924 2020-08-26T23:18:24.639497abusebot-2.cloudsearch.cf sshd[32484]: Failed password for invalid user mozilla from 154.34.24.212 port 32924 ssh2 2020-08-26T23:22:20.853102abusebot-2.cloudsearch.cf sshd[32540]: Invalid user iov from 154.34.24.212 port 39528 ...	2020-08-27 10:21:30
123.171.42.16	attack	fail2ban -- 123.171.42.16 ...	2020-08-27 10:11:28
103.205.5.179	attack	" "	2020-08-27 10:24:49
92.50.249.166	attackbots	Invalid user ansibleuser from 92.50.249.166 port 34666	2020-08-27 10:07:39
193.112.108.11	attackspambots	2020-08-26T22:41:28.727911mail.broermann.family sshd[14328]: Invalid user hadoop from 193.112.108.11 port 47960 2020-08-26T22:41:28.732446mail.broermann.family sshd[14328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.108.11 2020-08-26T22:41:28.727911mail.broermann.family sshd[14328]: Invalid user hadoop from 193.112.108.11 port 47960 2020-08-26T22:41:30.495002mail.broermann.family sshd[14328]: Failed password for invalid user hadoop from 193.112.108.11 port 47960 ssh2 2020-08-26T22:47:18.260472mail.broermann.family sshd[14532]: Invalid user warehouse from 193.112.108.11 port 51862 ...	2020-08-27 09:49:52

Recently Reported IPs

116.24.64.56	113.174.171.128	95.121.175.69	45.143.223.132
123.4.86.156	109.131.13.169	90.87.162.62	91.139.52.70
103.109.52.52	147.139.137.68	222.180.149.101	95.38.201.101
52.68.18.239	90.17.6.234	35.208.30.246	84.209.139.0
86.229.12.72	19.100.42.15	210.246.40.67	92.205.149.26