197.232.242.105

Basic Info

City: Nairobi

Region: Nairobi Province

Country: Kenya

Internet Service Provider: Jamii Telecommunications Limited

Hostname: unknown

Organization: unknown

Usage Type: Mobile ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 197.232.242.105 to port 8080 [T]	2020-05-06 08:02:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.232.242.105
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29790
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.232.242.105.		IN	A

;; AUTHORITY SECTION:
.			376	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050502 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 08:02:07 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 105.242.232.197.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 105.242.232.197.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.51.152.54	attack	Invalid user admin from 123.51.152.54 port 40620	2019-12-31 14:05:37
185.176.27.118	attackspambots	Dec 31 07:00:57 mc1 kernel: \[1930842.161356\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=4097 PROTO=TCP SPT=43120 DPT=8162 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 31 07:02:42 mc1 kernel: \[1930947.236421\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54070 PROTO=TCP SPT=43120 DPT=8227 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 31 07:03:01 mc1 kernel: \[1930965.501833\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=29148 PROTO=TCP SPT=43120 DPT=50183 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-31 14:13:07
14.177.12.49	attackbotsspam	1577768131 - 12/31/2019 05:55:31 Host: 14.177.12.49/14.177.12.49 Port: 445 TCP Blocked	2019-12-31 14:06:29
87.120.36.15	attack	Automatic report - XMLRPC Attack	2019-12-31 14:18:17
70.30.204.206	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-12-31 14:25:54
180.243.125.91	attackbotsspam	Automatic report - Port Scan Attack	2019-12-31 14:07:14
159.65.183.47	attackspambots	Dec 31 06:27:24 lnxmysql61 sshd[2078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.183.47 Dec 31 06:27:24 lnxmysql61 sshd[2078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.183.47	2019-12-31 14:10:46
122.51.115.226	attackspambots	Invalid user oseas from 122.51.115.226 port 57274	2019-12-31 14:17:38
46.233.10.106	attack	invalid login attempt (rwilliams)	2019-12-31 14:09:51
113.172.61.40	attackspambots	"SMTP brute force auth login attempt."	2019-12-31 14:45:10
188.166.237.191	attackbotsspam	2019-12-31T06:42:05.069396shield sshd\[31429\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.237.191 user=root 2019-12-31T06:42:07.105426shield sshd\[31429\]: Failed password for root from 188.166.237.191 port 47268 ssh2 2019-12-31T06:43:51.522994shield sshd\[32039\]: Invalid user meir from 188.166.237.191 port 34770 2019-12-31T06:43:51.527234shield sshd\[32039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.237.191 2019-12-31T06:43:54.115236shield sshd\[32039\]: Failed password for invalid user meir from 188.166.237.191 port 34770 ssh2	2019-12-31 14:56:37
14.248.83.163	attack	Invalid user smokvina from 14.248.83.163 port 56818	2019-12-31 14:15:33
223.71.167.164	attackspambots	scan z	2019-12-31 14:21:41
36.79.142.132	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 31-12-2019 04:55:10.	2019-12-31 14:18:47
66.70.189.209	attack	$f2bV_matches	2019-12-31 14:25:20

Recently Reported IPs

90.51.167.248	144.217.147.155	32.103.155.130	218.144.43.55
185.190.105.19	117.96.56.123	75.251.103.120	106.154.121.192
157.38.58.156	183.131.109.192	117.167.185.92	160.160.249.79
182.208.196.184	138.88.92.202	1.168.248.3	108.51.34.237
211.211.6.158	184.233.23.246	47.156.235.126	128.71.42.136