41.242.136.5 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Ghana

Internet Service Provider: Surfline Internal Use for EPC Network Subscribers

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Attempted to scam professionals in an online directory	2019-07-10 04:37:29

Comments on same subnet:

IP	Type	Details	Datetime
41.242.136.18	attackspam	WordPress brute force	2020-06-28 05:48:04
41.242.136.46	attackbotsspam	WordPress brute force	2020-06-28 05:47:35
41.242.136.23	attackspam	Mar 17 19:05:22 b-admin sshd[2734]: Invalid user pi from 41.242.136.23 port 59108 Mar 17 19:05:22 b-admin sshd[2734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.242.136.23 Mar 17 19:05:25 b-admin sshd[2734]: Failed password for invalid user pi from 41.242.136.23 port 59108 ssh2 Mar 17 19:05:26 b-admin sshd[2734]: Connection closed by 41.242.136.23 port 59108 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=41.242.136.23	2020-03-18 03:35:34
41.242.136.148	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-07 19:04:15
41.242.136.148	attackbotsspam	unauthorized connection attempt	2020-02-16 18:33:49

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 41.242.136.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34536
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;41.242.136.5.			IN	A

;; AUTHORITY SECTION:
.			3496	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070901 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jul 10 04:37:19 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 5.136.242.41.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 5.136.242.41.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
14.204.136.125	attackbotsspam	2019-08-29T11:26:51.408027centos sshd\[15667\]: Invalid user test from 14.204.136.125 port 48645 2019-08-29T11:26:51.414239centos sshd\[15667\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.204.136.125 2019-08-29T11:26:53.943830centos sshd\[15667\]: Failed password for invalid user test from 14.204.136.125 port 48645 ssh2	2019-08-29 20:33:24
193.110.157.151	attack	(sshd) Failed SSH login from 193.110.157.151 (tor.nohats.ca): 5 in the last 3600 secs	2019-08-29 19:59:46
107.172.193.134	attackspambots	Aug 29 11:27:24 dedicated sshd[24983]: Invalid user facturacion123 from 107.172.193.134 port 42281	2019-08-29 20:03:40
103.207.11.10	attackbotsspam	Aug 29 01:56:41 auw2 sshd\[11532\]: Invalid user pass from 103.207.11.10 Aug 29 01:56:41 auw2 sshd\[11532\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.11.10 Aug 29 01:56:42 auw2 sshd\[11532\]: Failed password for invalid user pass from 103.207.11.10 port 36846 ssh2 Aug 29 02:01:18 auw2 sshd\[11914\]: Invalid user wayne123 from 103.207.11.10 Aug 29 02:01:18 auw2 sshd\[11914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.11.10	2019-08-29 20:08:21
54.36.149.54	attack	Automatic report - Banned IP Access	2019-08-29 19:56:28
89.109.11.209	attackspam	Invalid user test2 from 89.109.11.209 port 45740	2019-08-29 20:28:48
114.41.208.135	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-29 20:01:29
159.89.155.148	attackspambots	Aug 29 14:08:15 localhost sshd\[23153\]: Invalid user vbox from 159.89.155.148 port 38914 Aug 29 14:08:15 localhost sshd\[23153\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.155.148 Aug 29 14:08:17 localhost sshd\[23153\]: Failed password for invalid user vbox from 159.89.155.148 port 38914 ssh2	2019-08-29 20:19:29
167.71.200.201	attackbotsspam	Aug 29 14:31:30 MK-Soft-Root1 sshd\[527\]: Invalid user infa from 167.71.200.201 port 56553 Aug 29 14:31:30 MK-Soft-Root1 sshd\[527\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.200.201 Aug 29 14:31:32 MK-Soft-Root1 sshd\[527\]: Failed password for invalid user infa from 167.71.200.201 port 56553 ssh2 ...	2019-08-29 20:33:54
2.125.96.185	attackspam	Automatic report - Port Scan Attack	2019-08-29 20:00:55
51.68.230.54	attackbotsspam	Invalid user test01 from 51.68.230.54 port 56146	2019-08-29 20:00:30
148.70.71.137	attack	Aug 29 01:16:57 hanapaa sshd\[18063\]: Invalid user arma from 148.70.71.137 Aug 29 01:16:57 hanapaa sshd\[18063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.71.137 Aug 29 01:16:59 hanapaa sshd\[18063\]: Failed password for invalid user arma from 148.70.71.137 port 46457 ssh2 Aug 29 01:22:18 hanapaa sshd\[18511\]: Invalid user dd from 148.70.71.137 Aug 29 01:22:18 hanapaa sshd\[18511\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.71.137	2019-08-29 19:48:28
178.20.55.16	attack	Aug 29 05:26:51 plusreed sshd[22359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.20.55.16 user=root Aug 29 05:26:54 plusreed sshd[22359]: Failed password for root from 178.20.55.16 port 44739 ssh2 Aug 29 05:27:01 plusreed sshd[22359]: Failed password for root from 178.20.55.16 port 44739 ssh2 Aug 29 05:26:51 plusreed sshd[22359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.20.55.16 user=root Aug 29 05:26:54 plusreed sshd[22359]: Failed password for root from 178.20.55.16 port 44739 ssh2 Aug 29 05:27:01 plusreed sshd[22359]: Failed password for root from 178.20.55.16 port 44739 ssh2 Aug 29 05:26:51 plusreed sshd[22359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.20.55.16 user=root Aug 29 05:26:54 plusreed sshd[22359]: Failed password for root from 178.20.55.16 port 44739 ssh2 Aug 29 05:27:01 plusreed sshd[22359]: Failed password for root from 178.20.55.16 port 447	2019-08-29 20:21:31
115.59.24.62	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-29 20:22:55
46.229.168.137	attack	SQL Injection	2019-08-29 19:57:56

Recently Reported IPs

94.249.105.70	92.154.56.45	176.103.97.38	168.62.20.37
115.236.236.183	110.93.244.136	46.19.67.14	62.159.22.239
175.150.166.207	195.158.229.20	27.124.18.18	109.123.18.250
51.37.12.106	240.8.37.9	188.24.228.238	213.232.124.244
114.234.38.231	106.111.101.98	90.184.153.35	193.37.252.78