197.220.2.134 - IPInfo

Basic Info

City: Lusaka

Region: Lusaka Province

Country: Zambia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.220.21.182	attack	(imapd) Failed IMAP login from 197.220.21.182 (ZM/Zambia/host-197-220-21-182.iconnect.zm): 1 in the last 3600 secs	2020-04-04 20:48:46
197.220.21.126	attackspambots	Nov 24 00:20:24 ms-srv sshd[55027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.220.21.126 Nov 24 00:20:26 ms-srv sshd[55027]: Failed password for invalid user admin from 197.220.21.126 port 48038 ssh2	2020-03-10 09:20:48
197.220.22.104	attackspam	Apr 3 15:06:57 ms-srv sshd[13601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.220.22.104 Apr 3 15:07:00 ms-srv sshd[13601]: Failed password for invalid user admin from 197.220.22.104 port 59826 ssh2	2020-03-10 09:20:31
197.220.206.197	attack	DATE:2020-02-19 14:35:07, IP:197.220.206.197, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-02-19 23:17:09
197.220.20.112	attackspambots	Invalid user admin from 197.220.20.112 port 55309	2019-11-20 03:53:45
197.220.21.130	attackspambots	port scan and connect, tcp 22 (ssh)	2019-11-03 19:57:17
197.220.255.44	attackspam	Email IMAP login failure	2019-10-18 22:06:33
197.220.255.26	attackbots	23/tcp [2019-07-30]1pkt	2019-07-31 05:16:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.220.2.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1733
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.220.2.134.			IN	A

;; AUTHORITY SECTION:
.			504	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092101 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 22 09:04:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 134.2.220.197.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.2.220.197.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.187.211.252	attack	SSH auth scanning - multiple failed logins	2020-06-25 21:17:34
213.160.143.146	attack	Jun 25 14:25:19 sticky sshd\[3116\]: Invalid user dwu from 213.160.143.146 port 18044 Jun 25 14:25:19 sticky sshd\[3116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.160.143.146 Jun 25 14:25:22 sticky sshd\[3116\]: Failed password for invalid user dwu from 213.160.143.146 port 18044 ssh2 Jun 25 14:27:40 sticky sshd\[3122\]: Invalid user 18 from 213.160.143.146 port 11551 Jun 25 14:27:40 sticky sshd\[3122\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.160.143.146	2020-06-25 21:30:59
222.186.175.212	attack	Jun 25 14:53:07 minden010 sshd[27133]: Failed password for root from 222.186.175.212 port 11346 ssh2 Jun 25 14:53:17 minden010 sshd[27133]: Failed password for root from 222.186.175.212 port 11346 ssh2 Jun 25 14:53:21 minden010 sshd[27133]: Failed password for root from 222.186.175.212 port 11346 ssh2 Jun 25 14:53:21 minden010 sshd[27133]: error: maximum authentication attempts exceeded for root from 222.186.175.212 port 11346 ssh2 [preauth] ...	2020-06-25 20:57:59
159.89.91.67	attackspambots	Jun 25 06:52:02 server1 sshd\[25389\]: Invalid user demo from 159.89.91.67 Jun 25 06:52:02 server1 sshd\[25389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.91.67 Jun 25 06:52:05 server1 sshd\[25389\]: Failed password for invalid user demo from 159.89.91.67 port 38152 ssh2 Jun 25 06:55:22 server1 sshd\[27784\]: Invalid user admin from 159.89.91.67 Jun 25 06:55:22 server1 sshd\[27784\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.91.67 ...	2020-06-25 21:08:24
177.19.176.234	attack	Jun 25 12:27:35 *** sshd[4299]: Invalid user arts from 177.19.176.234	2020-06-25 21:34:17
88.214.26.93	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-25T11:27:12Z and 2020-06-25T12:27:47Z	2020-06-25 21:26:31
167.71.109.97	attackbots	Jun 25 14:40:16 eventyay sshd[3429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.109.97 Jun 25 14:40:17 eventyay sshd[3429]: Failed password for invalid user debian from 167.71.109.97 port 35156 ssh2 Jun 25 14:43:29 eventyay sshd[3549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.109.97 ...	2020-06-25 21:30:08
85.209.0.103	attack	Total attacks: 4	2020-06-25 21:03:16
106.208.25.83	attackbotsspam	1593088098 - 06/25/2020 14:28:18 Host: 106.208.25.83/106.208.25.83 Port: 445 TCP Blocked	2020-06-25 20:57:28
54.38.65.215	attackbotsspam	2020-06-25T16:09:44.211139lavrinenko.info sshd[30009]: Invalid user ct from 54.38.65.215 port 54441 2020-06-25T16:09:44.218924lavrinenko.info sshd[30009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.65.215 2020-06-25T16:09:44.211139lavrinenko.info sshd[30009]: Invalid user ct from 54.38.65.215 port 54441 2020-06-25T16:09:46.736198lavrinenko.info sshd[30009]: Failed password for invalid user ct from 54.38.65.215 port 54441 ssh2 2020-06-25T16:12:47.249571lavrinenko.info sshd[30240]: Invalid user romain from 54.38.65.215 port 53345 ...	2020-06-25 21:23:58
86.145.179.94	attackbots	Port 22 Scan, PTR: None	2020-06-25 20:59:49
111.229.58.152	attack	Jun 25 12:25:32 ns3033917 sshd[21015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.58.152 user=root Jun 25 12:25:33 ns3033917 sshd[21015]: Failed password for root from 111.229.58.152 port 34162 ssh2 Jun 25 12:28:18 ns3033917 sshd[21028]: Invalid user yuyue from 111.229.58.152 port 33432 ...	2020-06-25 20:56:58
81.4.127.228	attackbotsspam	Jun 25 08:04:16 srv05 sshd[12219]: reveeclipse mapping checking getaddrinfo for m-15-0018.l3xs.net [81.4.127.228] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 25 08:04:18 srv05 sshd[12219]: Failed password for invalid user gast from 81.4.127.228 port 50624 ssh2 Jun 25 08:04:18 srv05 sshd[12219]: Received disconnect from 81.4.127.228: 11: Bye Bye [preauth] Jun 25 08:20:52 srv05 sshd[13110]: reveeclipse mapping checking getaddrinfo for m-15-0018.l3xs.net [81.4.127.228] failed - POSSIBLE BREAK-IN ATTEMPT! Jun 25 08:20:52 srv05 sshd[13110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.4.127.228 user=r.r Jun 25 08:20:54 srv05 sshd[13110]: Failed password for r.r from 81.4.127.228 port 59552 ssh2 Jun 25 08:20:54 srv05 sshd[13110]: Received disconnect from 81.4.127.228: 11: Bye Bye [preauth] Jun 25 08:24:05 srv05 sshd[13276]: reveeclipse mapping checking getaddrinfo for m-15-0018.l3xs.net [81.4.127.228] failed - POSSIBLE BREAK-IN ATTEM........ -------------------------------	2020-06-25 21:07:06
103.95.29.112	attack	Jun 25 14:27:43 vm0 sshd[13975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.95.29.112 Jun 25 14:27:45 vm0 sshd[13975]: Failed password for invalid user office from 103.95.29.112 port 47700 ssh2 ...	2020-06-25 21:28:07
222.186.173.238	attack	Jun 25 15:31:05 sso sshd[3537]: Failed password for root from 222.186.173.238 port 58964 ssh2 Jun 25 15:31:08 sso sshd[3537]: Failed password for root from 222.186.173.238 port 58964 ssh2 ...	2020-06-25 21:35:07

Recently Reported IPs

140.190.117.221	191.116.209.111	109.65.192.85	99.170.121.198
191.221.162.227	90.59.85.116	82.38.83.155	153.219.109.105
181.168.127.56	177.123.81.220	220.52.170.105	196.170.137.153
155.68.189.239	77.245.253.205	91.120.100.123	106.128.7.202
221.231.251.70	81.182.194.66	103.94.86.192	101.153.94.193