197.148.103.130

Basic Info

City: unknown

Region: unknown

Country: Togo

Internet Service Provider: TOGO Telecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Oct 14 13:33:04 mxgate1 postfix/postscreen[32436]: CONNECT from [197.148.103.130]:54920 to [176.31.12.44]:25 Oct 14 13:33:04 mxgate1 postfix/dnsblog[32438]: addr 197.148.103.130 listed by domain zen.spamhaus.org as 127.0.0.11 Oct 14 13:33:04 mxgate1 postfix/dnsblog[32438]: addr 197.148.103.130 listed by domain zen.spamhaus.org as 127.0.0.4 Oct 14 13:33:04 mxgate1 postfix/dnsblog[32441]: addr 197.148.103.130 listed by domain cbl.abuseat.org as 127.0.0.2 Oct 14 13:33:04 mxgate1 postfix/dnsblog[32437]: addr 197.148.103.130 listed by domain b.barracudacentral.org as 127.0.0.2 Oct 14 13:33:04 mxgate1 postfix/postscreen[32436]: PREGREET 24 after 0.21 from [197.148.103.130]:54920: EHLO [197.148.103.130] Oct 14 13:33:04 mxgate1 postfix/postscreen[32436]: DNSBL rank 4 for [197.148.103.130]:54920 Oct x@x Oct 14 13:33:06 mxgate1 postfix/postscreen[32436]: HANGUP after 1.3 from [197.148.103.130]:54920 in tests after SMTP handshake Oct 14 13:33:06 mxgate1 postfix/postscreen[32436]:........ -------------------------------	2019-10-15 03:26:24

Type

Details

Datetime

attackspambots

Oct 14 13:33:04 mxgate1 postfix/postscreen[32436]: CONNECT from [197.148.103.130]:54920 to [176.31.12.44]:25
Oct 14 13:33:04 mxgate1 postfix/dnsblog[32438]: addr 197.148.103.130 listed by domain zen.spamhaus.org as 127.0.0.11
Oct 14 13:33:04 mxgate1 postfix/dnsblog[32438]: addr 197.148.103.130 listed by domain zen.spamhaus.org as 127.0.0.4
Oct 14 13:33:04 mxgate1 postfix/dnsblog[32441]: addr 197.148.103.130 listed by domain cbl.abuseat.org as 127.0.0.2
Oct 14 13:33:04 mxgate1 postfix/dnsblog[32437]: addr 197.148.103.130 listed by domain b.barracudacentral.org as 127.0.0.2
Oct 14 13:33:04 mxgate1 postfix/postscreen[32436]: PREGREET 24 after 0.21 from [197.148.103.130]:54920: EHLO [197.148.103.130]

Oct 14 13:33:04 mxgate1 postfix/postscreen[32436]: DNSBL rank 4 for [197.148.103.130]:54920
Oct x@x
Oct 14 13:33:06 mxgate1 postfix/postscreen[32436]: HANGUP after 1.3 from [197.148.103.130]:54920 in tests after SMTP handshake
Oct 14 13:33:06 mxgate1 postfix/postscreen[32436]:........
-------------------------------

2019-10-15 03:26:24

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.148.103.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33353
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.148.103.130.		IN	A

;; AUTHORITY SECTION:
.			577	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101402 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 15 03:26:22 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 130.103.148.197.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 130.103.148.197.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.75.13.213	attackspam	detected by Fail2Ban	2020-06-25 18:39:41
118.24.140.69	attack	Jun 25 11:57:59 meumeu sshd[1398153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.140.69 user=root Jun 25 11:58:01 meumeu sshd[1398153]: Failed password for root from 118.24.140.69 port 61778 ssh2 Jun 25 12:00:53 meumeu sshd[1398524]: Invalid user scpuser from 118.24.140.69 port 40699 Jun 25 12:00:53 meumeu sshd[1398524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.140.69 Jun 25 12:00:53 meumeu sshd[1398524]: Invalid user scpuser from 118.24.140.69 port 40699 Jun 25 12:00:55 meumeu sshd[1398524]: Failed password for invalid user scpuser from 118.24.140.69 port 40699 ssh2 Jun 25 12:03:35 meumeu sshd[1398574]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.140.69 user=root Jun 25 12:03:38 meumeu sshd[1398574]: Failed password for root from 118.24.140.69 port 19578 ssh2 Jun 25 12:06:33 meumeu sshd[1398668]: Invalid user zyq from 118.24.140.69 port 53464 ...	2020-06-25 18:33:05
222.186.15.115	attackspam	Jun 25 10:25:25 localhost sshd[31410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Jun 25 10:25:27 localhost sshd[31410]: Failed password for root from 222.186.15.115 port 47965 ssh2 Jun 25 10:25:31 localhost sshd[31410]: Failed password for root from 222.186.15.115 port 47965 ssh2 Jun 25 10:25:25 localhost sshd[31410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Jun 25 10:25:27 localhost sshd[31410]: Failed password for root from 222.186.15.115 port 47965 ssh2 Jun 25 10:25:31 localhost sshd[31410]: Failed password for root from 222.186.15.115 port 47965 ssh2 Jun 25 10:25:25 localhost sshd[31410]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root Jun 25 10:25:27 localhost sshd[31410]: Failed password for root from 222.186.15.115 port 47965 ssh2 Jun 25 10:25:31 localhost sshd[31410]: Fa ...	2020-06-25 18:33:45
101.128.65.182	attackbotsspam	2020-06-25T10:53:57.047403ionos.janbro.de sshd[33439]: Failed password for invalid user kafka from 101.128.65.182 port 48357 ssh2 2020-06-25T10:57:39.540686ionos.janbro.de sshd[33446]: Invalid user scp from 101.128.65.182 port 42780 2020-06-25T10:57:39.602200ionos.janbro.de sshd[33446]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.128.65.182 2020-06-25T10:57:39.540686ionos.janbro.de sshd[33446]: Invalid user scp from 101.128.65.182 port 42780 2020-06-25T10:57:41.153166ionos.janbro.de sshd[33446]: Failed password for invalid user scp from 101.128.65.182 port 42780 ssh2 2020-06-25T11:01:23.200431ionos.janbro.de sshd[33474]: Invalid user gmodserver1 from 101.128.65.182 port 49017 2020-06-25T11:01:23.419635ionos.janbro.de sshd[33474]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.128.65.182 2020-06-25T11:01:23.200431ionos.janbro.de sshd[33474]: Invalid user gmodserver1 from 101.128.65.182 port 4901 ...	2020-06-25 19:07:03
106.12.95.20	attackbotsspam	$f2bV_matches	2020-06-25 19:04:18
218.92.0.145	attack	Jun 25 10:58:40 ip-172-31-61-156 sshd[26346]: Failed password for root from 218.92.0.145 port 22533 ssh2 Jun 25 10:58:35 ip-172-31-61-156 sshd[26346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Jun 25 10:58:37 ip-172-31-61-156 sshd[26346]: Failed password for root from 218.92.0.145 port 22533 ssh2 Jun 25 10:58:40 ip-172-31-61-156 sshd[26346]: Failed password for root from 218.92.0.145 port 22533 ssh2 Jun 25 10:58:44 ip-172-31-61-156 sshd[26346]: Failed password for root from 218.92.0.145 port 22533 ssh2 ...	2020-06-25 18:59:15
193.27.228.13	attackspam	Jun 25 12:19:26 debian-2gb-nbg1-2 kernel: \[15339028.366846\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.27.228.13 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=19971 PROTO=TCP SPT=42319 DPT=326 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-25 18:46:52
46.218.85.122	attackspambots	Invalid user cop from 46.218.85.122 port 33855	2020-06-25 18:58:27
40.77.31.79	attackspam	Jun 25 10:26:09 ssh2 sshd[940]: User root from 40.77.31.79 not allowed because not listed in AllowUsers Jun 25 10:26:09 ssh2 sshd[940]: Failed password for invalid user root from 40.77.31.79 port 1890 ssh2 Jun 25 10:26:09 ssh2 sshd[940]: Disconnected from invalid user root 40.77.31.79 port 1890 [preauth] ...	2020-06-25 19:02:27
46.163.32.30	attack	Hits on port : 8080	2020-06-25 18:31:53
221.156.61.60	attackbots	Hits on port : 2323	2020-06-25 18:29:27
111.230.148.82	attackspam	Jun 25 07:54:30 lukav-desktop sshd\[28902\]: Invalid user postgres from 111.230.148.82 Jun 25 07:54:30 lukav-desktop sshd\[28902\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.148.82 Jun 25 07:54:32 lukav-desktop sshd\[28902\]: Failed password for invalid user postgres from 111.230.148.82 port 44372 ssh2 Jun 25 07:57:35 lukav-desktop sshd\[28931\]: Invalid user proxy1 from 111.230.148.82 Jun 25 07:57:35 lukav-desktop sshd\[28931\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.148.82	2020-06-25 18:45:04
129.204.42.144	attackbots	Jun 25 07:21:36 pornomens sshd\[23218\]: Invalid user kawamoto from 129.204.42.144 port 47660 Jun 25 07:21:36 pornomens sshd\[23218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.42.144 Jun 25 07:21:38 pornomens sshd\[23218\]: Failed password for invalid user kawamoto from 129.204.42.144 port 47660 ssh2 ...	2020-06-25 18:35:28
89.121.133.208	attackspam	Automatic report - Banned IP Access	2020-06-25 18:40:51
74.138.125.204	attackspambots	Scanning	2020-06-25 18:27:37

Recently Reported IPs

52.163.122.194	179.83.121.35	117.33.8.21	106.23.227.19
219.102.75.181	77.7.18.4	147.4.170.99	95.192.243.254
183.83.201.22	49.186.43.169	3.99.47.150	2.32.178.157
108.106.139.137	151.73.180.216	205.174.250.106	78.82.47.2
168.194.166.30	54.229.112.100	119.102.80.188	202.91.33.83