196.3.97.20 - IPInfo

Basic Info

City: Maputo

Region: Cidade de Maputo

Country: Mozambique

Internet Service Provider: Eduardo Mondlane University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 445, PTR: fdd020.uem.mz.	2020-01-25 07:10:06
attack	Unauthorized connection attempt from IP address 196.3.97.20 on Port 445(SMB)	2019-11-25 04:53:01

Comments on same subnet:

IP	Type	Details	Datetime
196.3.97.70	attack	Dovecot Invalid User Login Attempt.	2020-08-21 08:05:16
196.3.97.70	attack	SpamScore above: 10.0	2020-03-04 15:54:01
196.3.97.70	attackspam	spam	2020-01-24 15:11:00
196.3.97.70	attackbots	email spam	2019-12-17 16:41:58
196.3.97.86	attackspambots	Automatic report - XMLRPC Attack	2019-11-23 06:16:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 196.3.97.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36106
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;196.3.97.20.			IN	A

;; AUTHORITY SECTION:
.			505	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112401 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 25 04:52:57 CST 2019
;; MSG SIZE  rcvd: 115

Host info

20.97.3.196.in-addr.arpa domain name pointer fdd020.uem.mz.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.97.3.196.in-addr.arpa	name = fdd020.uem.mz.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.233.177.173	attackspam	Oct 7 01:38:58 ns382633 sshd\[8497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.177.173 user=root Oct 7 01:39:00 ns382633 sshd\[8497\]: Failed password for root from 49.233.177.173 port 39466 ssh2 Oct 7 01:51:12 ns382633 sshd\[10424\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.177.173 user=root Oct 7 01:51:14 ns382633 sshd\[10424\]: Failed password for root from 49.233.177.173 port 52378 ssh2 Oct 7 01:55:28 ns382633 sshd\[11061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.177.173 user=root	2020-10-07 15:16:50
140.143.61.200	attackspambots	Oct 7 08:29:55 ip106 sshd[32283]: Failed password for root from 140.143.61.200 port 59238 ssh2 ...	2020-10-07 14:51:23
182.122.75.56	attackbots	DATE:2020-10-07 04:23:18, IP:182.122.75.56, PORT:ssh SSH brute force auth (docker-dc)	2020-10-07 15:05:33
118.122.91.148	attack	SSH Brute-Forcing (server1)	2020-10-07 14:49:25
221.229.218.50	attackbotsspam	Oct 7 06:14:57 sso sshd[20905]: Failed password for root from 221.229.218.50 port 44002 ssh2 ...	2020-10-07 15:19:00
109.165.235.1	attack	IP 109.165.235.1 attacked honeypot on port: 1433 at 10/6/2020 1:41:40 PM	2020-10-07 15:16:22
122.194.229.59	attackbotsspam	$f2bV_matches	2020-10-07 15:13:59
180.76.152.65	attackbots	SSH brutforce	2020-10-07 15:09:39
83.103.98.211	attackspam	ssh brute force	2020-10-07 14:57:20
144.91.113.165	attack	Oct 6 22:43:06 game-panel sshd[1146]: Failed password for root from 144.91.113.165 port 36904 ssh2 Oct 6 22:46:33 game-panel sshd[1299]: Failed password for root from 144.91.113.165 port 45990 ssh2	2020-10-07 14:41:02
95.111.224.34	attackbotsspam	Automatic report - Port Scan Attack	2020-10-07 14:59:34
187.189.65.241	attack	Oct 7 08:12:08 rocket sshd[17571]: Failed password for root from 187.189.65.241 port 38612 ssh2 Oct 7 08:16:29 rocket sshd[18170]: Failed password for root from 187.189.65.241 port 47080 ssh2 ...	2020-10-07 15:18:28
119.28.73.193	attackbots	Oct 7 06:28:47 ns382633 sshd\[17167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.73.193 user=root Oct 7 06:28:49 ns382633 sshd\[17167\]: Failed password for root from 119.28.73.193 port 44386 ssh2 Oct 7 06:39:46 ns382633 sshd\[18940\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.73.193 user=root Oct 7 06:39:48 ns382633 sshd\[18940\]: Failed password for root from 119.28.73.193 port 55644 ssh2 Oct 7 06:43:39 ns382633 sshd\[19279\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.73.193 user=root	2020-10-07 14:59:06
51.15.229.216	attackspambots	TCP (SYN) 51.15.229.216:45457 -> port 80, len 44	2020-10-07 14:52:41
158.51.124.112	attack	Automatic report generated by Wazuh	2020-10-07 14:53:16

Recently Reported IPs

131.255.83.58	99.17.107.43	50.54.222.52	58.187.173.88
90.170.109.210	175.77.162.249	97.198.93.19	37.144.215.146
2.229.56.169	52.52.200.126	195.56.71.43	129.195.254.55
77.16.118.226	36.92.157.26	12.102.211.49	213.79.187.4
173.209.100.243	70.194.38.5	49.199.201.143	101.164.2.57