134.97.252.196

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.97.252.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50091
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;134.97.252.196.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012201 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 23 07:56:15 CST 2025
;; MSG SIZE  rcvd: 107

Host info

Host 196.252.97.134.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.252.97.134.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.176	attack	Apr 16 03:56:16 ip-172-31-62-245 sshd\[13298\]: Failed password for root from 112.85.42.176 port 14073 ssh2\ Apr 16 03:56:19 ip-172-31-62-245 sshd\[13298\]: Failed password for root from 112.85.42.176 port 14073 ssh2\ Apr 16 03:56:22 ip-172-31-62-245 sshd\[13298\]: Failed password for root from 112.85.42.176 port 14073 ssh2\ Apr 16 03:56:25 ip-172-31-62-245 sshd\[13298\]: Failed password for root from 112.85.42.176 port 14073 ssh2\ Apr 16 03:56:28 ip-172-31-62-245 sshd\[13298\]: Failed password for root from 112.85.42.176 port 14073 ssh2\	2020-04-16 12:04:49
222.186.15.158	attackspam	Apr 16 06:59:34 server2 sshd\[16711\]: User root from 222.186.15.158 not allowed because not listed in AllowUsers Apr 16 06:59:35 server2 sshd\[16713\]: User root from 222.186.15.158 not allowed because not listed in AllowUsers Apr 16 07:02:35 server2 sshd\[17039\]: User root from 222.186.15.158 not allowed because not listed in AllowUsers Apr 16 07:02:41 server2 sshd\[17037\]: User root from 222.186.15.158 not allowed because not listed in AllowUsers Apr 16 07:04:19 server2 sshd\[17101\]: User root from 222.186.15.158 not allowed because not listed in AllowUsers Apr 16 07:04:19 server2 sshd\[17103\]: User root from 222.186.15.158 not allowed because not listed in AllowUsers	2020-04-16 12:07:29
183.236.9.163	attackbotsspam	postfix (unknown user, SPF fail or relay access denied)	2020-04-16 12:29:46
195.49.186.130	attackbots	Port Scan: Events[162] countPorts[1]: 22 ..	2020-04-16 08:28:05
209.97.170.56	attack	Apr 16 05:56:16 vpn01 sshd[17872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.170.56 Apr 16 05:56:18 vpn01 sshd[17872]: Failed password for invalid user user from 209.97.170.56 port 44012 ssh2 ...	2020-04-16 12:17:19
200.201.199.74	attackspam	Apr 16 05:56:12 * sshd[24679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.201.199.74 Apr 16 05:56:14 * sshd[24679]: Failed password for invalid user wwwroot from 200.201.199.74 port 26377 ssh2	2020-04-16 12:17:54
213.180.203.173	attackbots	[Thu Apr 16 05:39:39.946927 2020] [:error] [pid 6111:tid 140689482336000] [client 213.180.203.173:43804] [client 213.180.203.173] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XpeNK0LHrILhzgme3dl9pwAAALQ"] ...	2020-04-16 08:22:21
210.96.48.228	attack	Invalid user netman from 210.96.48.228 port 41372	2020-04-16 12:27:42
5.183.93.156	attack	Brute-Force	2020-04-16 11:11:39
210.182.73.138	attackspam	2020-04-1605:55:371jOvcl-0003D4-Dl\<=info@whatsup2013.chH=$localhost$[14.186.7.117]:41503P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3159id=af03ecbfb49f4a46612492c135f2f8f4c75a84b9@whatsup2013.chT="fromHollytoevanosborne89"forevanosborne89@gmail.comabuyousef_23@yahoo.com2020-04-1605:53:291jOvaf-0002x3-FG\<=info@whatsup2013.chH=$localhost$[123.21.242.52]:46892P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3113id=021fa9faf1daf0f86461d77b9c68425e1769dc@whatsup2013.chT="fromHelentojeffreyjcummins"forjeffreyjcummins@gmail.comjwsmitty402@gmail.com2020-04-1605:56:011jOvdA-0003F7-NZ\<=info@whatsup2013.chH=$localhost$[210.182.73.138]:49293P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3066id=8d5153000b20f5f9de9b2d7e8a4d474b785b7089@whatsup2013.chT="NewlikereceivedfromSimonette"forhchance118@gmail.comimranqamrul009@gmail.com2020-04-1605:55:241jOvcZ-0003CS-H1\<=info@whatsup20	2020-04-16 12:01:27
175.24.135.91	attackbotsspam	2020-04-16T05:51:08.698480sd-86998 sshd[30000]: Invalid user flexit from 175.24.135.91 port 33696 2020-04-16T05:51:08.703905sd-86998 sshd[30000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.135.91 2020-04-16T05:51:08.698480sd-86998 sshd[30000]: Invalid user flexit from 175.24.135.91 port 33696 2020-04-16T05:51:10.325708sd-86998 sshd[30000]: Failed password for invalid user flexit from 175.24.135.91 port 33696 ssh2 2020-04-16T05:56:13.730017sd-86998 sshd[30393]: Invalid user lex from 175.24.135.91 port 43420 ...	2020-04-16 12:18:39
190.128.118.185	attackbotsspam	Apr 16 05:56:19 mail sshd\[3213\]: Invalid user kiosk from 190.128.118.185 Apr 16 05:56:19 mail sshd\[3213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.128.118.185 Apr 16 05:56:20 mail sshd\[3213\]: Failed password for invalid user kiosk from 190.128.118.185 port 47575 ssh2 ...	2020-04-16 12:09:32
192.241.237.105	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 5984 resulting in total of 25 scans from 192.241.128.0/17 block.	2020-04-16 08:19:32
129.204.71.16	attackbots	$f2bV_matches	2020-04-16 12:27:58
177.188.198.7	attackspambots	Automatic report - Port Scan Attack	2020-04-16 12:00:06

Recently Reported IPs

150.240.114.15	134.177.29.184	145.1.219.226	146.96.181.243
192.175.31.32	182.166.184.126	37.75.189.254	8.124.161.183
31.103.73.107	3.34.109.249	117.1.224.97	218.87.254.213
99.217.114.42	241.215.19.141	222.18.255.35	122.168.231.91
96.211.99.2	99.18.225.59	24.148.209.1	77.0.179.74