Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: Nigeria

Internet Service Provider: Ahmadu Bello University Zaria Nigeria

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:
Type Details Datetime
attack
$f2bV_matches
2020-08-24 18:21:27
attackspam
$f2bV_matches
2020-07-17 19:32:42
attack
$f2bV_matches
2020-07-12 01:02:34
attackbots
Jun  9 08:37:54 ns382633 sshd\[16394\]: Invalid user eng from 196.220.67.2 port 37915
Jun  9 08:37:54 ns382633 sshd\[16394\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
Jun  9 08:37:56 ns382633 sshd\[16394\]: Failed password for invalid user eng from 196.220.67.2 port 37915 ssh2
Jun  9 08:49:20 ns382633 sshd\[18477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2  user=root
Jun  9 08:49:22 ns382633 sshd\[18477\]: Failed password for root from 196.220.67.2 port 38581 ssh2
2020-06-09 15:02:43
attackbots
<6 unauthorized SSH connections
2020-06-03 16:05:54
attack
SSH Brute Force
2020-04-23 18:18:05
attack
Invalid user john from 196.220.67.2 port 52517
2020-04-17 14:19:15
attack
Apr 13 07:36:01 host01 sshd[18787]: Failed password for root from 196.220.67.2 port 34852 ssh2
Apr 13 07:41:15 host01 sshd[19849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2 
Apr 13 07:41:17 host01 sshd[19849]: Failed password for invalid user sprocket from 196.220.67.2 port 59991 ssh2
...
2020-04-13 13:43:27
attackspam
Apr 12 22:41:39 ks10 sshd[4063243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2 
Apr 12 22:41:41 ks10 sshd[4063243]: Failed password for invalid user lian from 196.220.67.2 port 55580 ssh2
...
2020-04-13 04:59:10
attackbotsspam
(sshd) Failed SSH login from 196.220.67.2 (NG/Nigeria/-): 5 in the last 3600 secs
2020-03-28 14:38:25
attackbots
Mar 12 08:52:51 ns41 sshd[30479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
2020-03-12 17:01:39
attack
Mar 11 03:40:23 sd-53420 sshd\[12469\]: User root from 196.220.67.2 not allowed because none of user's groups are listed in AllowGroups
Mar 11 03:40:23 sd-53420 sshd\[12469\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2  user=root
Mar 11 03:40:25 sd-53420 sshd\[12469\]: Failed password for invalid user root from 196.220.67.2 port 60855 ssh2
Mar 11 03:46:20 sd-53420 sshd\[13170\]: User root from 196.220.67.2 not allowed because none of user's groups are listed in AllowGroups
Mar 11 03:46:20 sd-53420 sshd\[13170\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2  user=root
...
2020-03-11 16:17:21
attackspambots
Feb 25 01:09:10 zeus sshd[4123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2 
Feb 25 01:09:12 zeus sshd[4123]: Failed password for invalid user email from 196.220.67.2 port 58852 ssh2
Feb 25 01:15:21 zeus sshd[4272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2 
Feb 25 01:15:23 zeus sshd[4272]: Failed password for invalid user magda from 196.220.67.2 port 59646 ssh2
2020-02-25 09:29:44
attackspam
Feb 18 14:54:42 legacy sshd[15882]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
Feb 18 14:54:44 legacy sshd[15882]: Failed password for invalid user phrae from 196.220.67.2 port 40441 ssh2
Feb 18 14:58:41 legacy sshd[16084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
...
2020-02-18 22:00:54
attackspambots
Unauthorized connection attempt detected from IP address 196.220.67.2 to port 2220 [J]
2020-01-16 03:22:16
attackbotsspam
Jan  8 06:16:51 localhost sshd\[18944\]: Invalid user bot from 196.220.67.2 port 43726
Jan  8 06:16:51 localhost sshd\[18944\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
Jan  8 06:16:53 localhost sshd\[18944\]: Failed password for invalid user bot from 196.220.67.2 port 43726 ssh2
2020-01-08 13:39:50
attackbotsspam
Jan  1 18:56:26 web9 sshd\[23311\]: Invalid user cepeda from 196.220.67.2
Jan  1 18:56:26 web9 sshd\[23311\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
Jan  1 18:56:28 web9 sshd\[23311\]: Failed password for invalid user cepeda from 196.220.67.2 port 52999 ssh2
Jan  1 18:59:17 web9 sshd\[23731\]: Invalid user harizan from 196.220.67.2
Jan  1 18:59:17 web9 sshd\[23731\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
2020-01-02 13:20:08
attack
"SSH brute force auth login attempt."
2019-12-25 04:50:24
attackspambots
Aug 18 08:02:00 mail sshd\[32051\]: Invalid user 777 from 196.220.67.2 port 48485
Aug 18 08:02:00 mail sshd\[32051\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.220.67.2
...
2019-08-18 20:00:49
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.220.67.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25132
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.220.67.2.			IN	A

;; AUTHORITY SECTION:
.			2647	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052701 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 28 10:27:21 CST 2019
;; MSG SIZE  rcvd: 116

Host info
Host 2.67.220.196.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 2.67.220.196.in-addr.arpa: NXDOMAIN

Related IP info:
Related comments:
IP Type Details Datetime
185.216.140.6 attackspambots
Port scan: Attack repeated for 24 hours
2019-10-22 02:18:58
106.54.220.176 attackspam
$f2bV_matches
2019-10-22 02:28:37
185.117.215.9 attackspam
Oct 21 18:38:11 rotator sshd\[13263\]: Failed password for root from 185.117.215.9 port 59610 ssh2Oct 21 18:38:14 rotator sshd\[13263\]: Failed password for root from 185.117.215.9 port 59610 ssh2Oct 21 18:38:16 rotator sshd\[13263\]: Failed password for root from 185.117.215.9 port 59610 ssh2Oct 21 18:38:19 rotator sshd\[13263\]: Failed password for root from 185.117.215.9 port 59610 ssh2Oct 21 18:38:21 rotator sshd\[13263\]: Failed password for root from 185.117.215.9 port 59610 ssh2Oct 21 18:38:24 rotator sshd\[13263\]: Failed password for root from 185.117.215.9 port 59610 ssh2
...
2019-10-22 02:34:48
54.39.145.31 attackspambots
Oct 21 16:40:12 tuxlinux sshd[17025]: Invalid user admin from 54.39.145.31 port 37930
Oct 21 16:40:12 tuxlinux sshd[17025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.145.31 
Oct 21 16:40:12 tuxlinux sshd[17025]: Invalid user admin from 54.39.145.31 port 37930
Oct 21 16:40:12 tuxlinux sshd[17025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.145.31 
Oct 21 16:40:12 tuxlinux sshd[17025]: Invalid user admin from 54.39.145.31 port 37930
Oct 21 16:40:12 tuxlinux sshd[17025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.145.31 
Oct 21 16:40:14 tuxlinux sshd[17025]: Failed password for invalid user admin from 54.39.145.31 port 37930 ssh2
...
2019-10-22 02:24:27
177.40.175.120 attackspam
Automatic report - Port Scan Attack
2019-10-22 02:23:47
142.93.81.77 attack
Oct 21 18:57:58 nextcloud sshd\[23102\]: Invalid user butter from 142.93.81.77
Oct 21 18:57:58 nextcloud sshd\[23102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.81.77
Oct 21 18:58:00 nextcloud sshd\[23102\]: Failed password for invalid user butter from 142.93.81.77 port 39064 ssh2
...
2019-10-22 02:16:20
41.87.80.26 attackspambots
Oct 21 04:58:09 mail sshd[25027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.87.80.26 
Oct 21 04:58:11 mail sshd[25027]: Failed password for invalid user neww from 41.87.80.26 port 33113 ssh2
Oct 21 05:07:46 mail sshd[29272]: Failed password for root from 41.87.80.26 port 10524 ssh2
2019-10-22 02:35:38
157.245.98.160 attackspam
2019-10-22T00:21:57.474740enmeeting.mahidol.ac.th sshd\[28826\]: User root from 157.245.98.160 not allowed because not listed in AllowUsers
2019-10-22T00:21:57.598602enmeeting.mahidol.ac.th sshd\[28826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.98.160  user=root
2019-10-22T00:21:59.910382enmeeting.mahidol.ac.th sshd\[28826\]: Failed password for invalid user root from 157.245.98.160 port 48112 ssh2
...
2019-10-22 02:39:26
180.168.141.246 attackbots
Oct 21 23:42:44 areeb-Workstation sshd[8983]: Failed password for root from 180.168.141.246 port 42310 ssh2
...
2019-10-22 02:29:41
175.170.212.37 attack
IP Ban Report :  
 https://help-dysk.pl/wordpress-firewall-plugins/ip/175.170.212.37/ 
 
 CN - 1H : (461)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : CN 
 NAME ASN : ASN4837 
 
 IP : 175.170.212.37 
 
 CIDR : 175.160.0.0/12 
 
 PREFIX COUNT : 1262 
 
 UNIQUE IP COUNT : 56665856 
 
 
 ATTACKS DETECTED ASN4837 :  
  1H - 6 
  3H - 23 
  6H - 54 
 12H - 106 
 24H - 161 
 
 DateTime : 2019-10-21 13:37:11 
 
 INFO : Port Scan TELNET Detected and Blocked by ADMIN  - data recovery
2019-10-22 02:38:27
190.141.44.170 attackbotsspam
Fail2Ban Ban Triggered
2019-10-22 02:32:57
185.23.200.181 attackbotsspam
Oct 21 13:22:55 firewall sshd[14988]: Invalid user welcome from 185.23.200.181
Oct 21 13:22:57 firewall sshd[14988]: Failed password for invalid user welcome from 185.23.200.181 port 44637 ssh2
Oct 21 13:27:36 firewall sshd[15068]: Invalid user raspbian from 185.23.200.181
...
2019-10-22 02:15:12
81.22.45.116 attack
Oct 21 20:20:52 mc1 kernel: \[2968405.021741\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=18491 PROTO=TCP SPT=56757 DPT=20112 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 21 20:23:20 mc1 kernel: \[2968553.715814\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=16203 PROTO=TCP SPT=56757 DPT=20311 WINDOW=1024 RES=0x00 SYN URGP=0 
Oct 21 20:25:09 mc1 kernel: \[2968662.163638\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.116 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=42402 PROTO=TCP SPT=56757 DPT=19936 WINDOW=1024 RES=0x00 SYN URGP=0 
...
2019-10-22 02:36:15
218.153.253.182 attack
$f2bV_matches
2019-10-22 02:16:07
106.53.69.173 attack
ssh failed login
2019-10-22 02:27:02

Recently Reported IPs

213.232.105.130 29.78.237.225 2001:41d0:a:4d90:: 81.242.6.36
91.217.4.74 66.240.130.242 212.19.8.179 61.212.118.131
208.241.11.53 118.127.10.152 167.129.63.74 29.185.3.172
96.16.203.230 99.244.152.132 241.42.30.4 33.163.101.200
236.237.80.119 132.240.114.32 193.0.204.73 154.5.41.26