197.248.10.220

Basic Info

City: unknown

Region: unknown

Country: Kenya

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.248.10.108	attackspam	Sep 3 18:26:04 gamehost-one sshd[22697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 Sep 3 18:26:06 gamehost-one sshd[22697]: Failed password for invalid user sysadmin from 197.248.10.108 port 57110 ssh2 Sep 3 18:42:16 gamehost-one sshd[23926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 ...	2020-09-05 04:23:46
197.248.10.108	attack	Sep 3 18:26:04 gamehost-one sshd[22697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 Sep 3 18:26:06 gamehost-one sshd[22697]: Failed password for invalid user sysadmin from 197.248.10.108 port 57110 ssh2 Sep 3 18:42:16 gamehost-one sshd[23926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 ...	2020-09-04 19:59:05
197.248.102.161	attack	Unauthorized connection attempt detected from IP address 197.248.102.161 to port 1433 [J]	2020-03-02 04:53:00
197.248.101.174	attack	unauthorized connection attempt	2020-02-16 16:02:19
197.248.102.161	attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 10:21:38
197.248.10.108	attack	Jan 29 20:37:05 localhost sshd[14055]: reverse mapping checking getaddrinfo for 197-248-10-108.safaricombusiness.co.ke [197.248.10.108] failed - POSSIBLE BREAK-IN ATTEMPT! Jan 29 20:37:05 localhost sshd[14055]: Invalid user oracle from 197.248.10.108 Jan 29 20:37:05 localhost sshd[14055]: input_userauth_request: invalid user oracle [preauth] Jan 29 20:37:05 localhost sshd[14055]: pam_unix(sshd:auth): check pass; user unknown Jan 29 20:37:05 localhost sshd[14055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 Jan 29 20:37:07 localhost sshd[14055]: Failed password for invalid user oracle from 197.248.10.108 port 48676 ssh2	2020-01-30 21:49:30
197.248.102.161	attackbots	firewall-block, port(s): 1433/tcp	2020-01-26 15:41:37
197.248.10.108	attackspam	Oct 23 22:14:11 pornomens sshd\[8463\]: Invalid user nginx from 197.248.10.108 port 49192 Oct 23 22:14:11 pornomens sshd\[8463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 Oct 23 22:14:13 pornomens sshd\[8463\]: Failed password for invalid user nginx from 197.248.10.108 port 49192 ssh2 ...	2019-10-24 06:43:58
197.248.10.108	attackbots	Oct 20 21:41:34 pornomens sshd\[29050\]: Invalid user user from 197.248.10.108 port 35706 Oct 20 21:41:34 pornomens sshd\[29050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 Oct 20 21:41:36 pornomens sshd\[29050\]: Failed password for invalid user user from 197.248.10.108 port 35706 ssh2 ...	2019-10-21 04:20:21
197.248.10.108	attackspam	Oct 14 12:21:59 host sshd\[13218\]: Invalid user test from 197.248.10.108Oct 14 12:49:30 host sshd\[25592\]: Invalid user test from 197.248.10.108Oct 14 13:16:57 host sshd\[6224\]: Invalid user test from 197.248.10.108 ...	2019-10-15 01:24:05
197.248.10.108	attackbotsspam	Sep 14 14:07:17 localhost sshd[31324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 Sep 14 14:07:18 localhost sshd[31324]: Failed password for invalid user user from 197.248.10.108 port 49898 ssh2 Sep 14 14:13:22 localhost sshd[31458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.10.108 Sep 14 14:13:25 localhost sshd[31458]: Failed password for invalid user bitrix from 197.248.10.108 port 35432 ssh2 ...	2019-09-15 09:13:14
197.248.10.108	attackspam	Aug 24 13:43:14 XXXXX sshd[20617]: Failed password for invalid user oracle from 197.248.10.108 port 52720 ssh2	2019-08-24 20:21:17
197.248.10.108	attackspambots	2019-08-23T22:53:28.100075ns1.unifynetsol.net sshd\[18271\]: Invalid user bussel from 197.248.10.108 port 33714 2019-08-24T00:01:28.432327ns1.unifynetsol.net sshd\[28378\]: Invalid user gitmaster from 197.248.10.108 port 50776 2019-08-24T01:09:44.837167ns1.unifynetsol.net sshd\[5382\]: Invalid user gitmaster from 197.248.10.108 port 39610 2019-08-24T02:18:15.857608ns1.unifynetsol.net sshd\[15685\]: Invalid user griha from 197.248.10.108 port 56674 2019-08-24T03:27:03.545160ns1.unifynetsol.net sshd\[25628\]: Invalid user griha from 197.248.10.108 port 45510	2019-08-24 07:11:35
197.248.100.50	attackbots	8291/tcp	2019-08-02 04:08:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.248.10.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 840
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;197.248.10.220.			IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021100 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 11 14:41:10 CST 2022
;; MSG SIZE  rcvd: 107

Host info

220.10.248.197.in-addr.arpa domain name pointer 197-248-10-220.safaricombusiness.co.ke.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
220.10.248.197.in-addr.arpa	name = 197-248-10-220.safaricombusiness.co.ke.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.178.176.38	attackbotsspam	" "	2020-10-06 12:25:05
118.89.30.90	attackbotsspam	$f2bV_matches	2020-10-06 12:26:48
119.119.69.250	attack	Telnet Server BruteForce Attack	2020-10-06 12:12:32
187.189.52.132	attack	Oct 6 06:33:23 localhost sshd\[17830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.52.132 user=root Oct 6 06:33:25 localhost sshd\[17830\]: Failed password for root from 187.189.52.132 port 50718 ssh2 Oct 6 06:37:18 localhost sshd\[18049\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.52.132 user=root Oct 6 06:37:20 localhost sshd\[18049\]: Failed password for root from 187.189.52.132 port 45564 ssh2 Oct 6 06:41:13 localhost sshd\[18302\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.189.52.132 user=root ...	2020-10-06 12:44:12
139.199.5.50	attackspambots	Oct 6 02:46:56 hidden sshd[29517]: Failed password for hidden from 139.199.5.50 port 54982 ssh2 Oct 6 02:50:42 hidden sshd[30971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:50:45 hidden sshd[30971]: Failed password for hidden from 139.199.5.50 port 56904 ssh2 Oct 6 02:54:23 hidden sshd[32323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.5.50 user=root Oct 6 02:54:24 hidden sshd[32323]: Failed password for hidden from 139.199.5.50 port 58804 ssh2	2020-10-06 12:48:58
106.12.141.206	attack	Banned for a week because repeated abuses, for example SSH, but not only	2020-10-06 12:31:56
177.107.68.26	attackspambots	Dovecot Invalid User Login Attempt.	2020-10-06 12:44:44
141.98.10.138	attackbotsspam	Unauthorized connection attempt, Score = 100 , Banned for 15 Days	2020-10-06 12:28:04
46.209.4.194	attackspambots	Oct 6 03:28:12 nextcloud sshd\[4037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.209.4.194 user=root Oct 6 03:28:15 nextcloud sshd\[4037\]: Failed password for root from 46.209.4.194 port 37078 ssh2 Oct 6 03:32:31 nextcloud sshd\[7984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.209.4.194 user=root	2020-10-06 12:19:25
192.99.0.98	attack	Malicious File Upload attempt	2020-10-06 12:26:21
45.146.164.179	attackbots	Repeated RDP login failures. Last user: Test	2020-10-06 12:37:23
187.189.241.135	attackspam	Oct 6 05:49:32 vpn01 sshd[17412]: Failed password for root from 187.189.241.135 port 37850 ssh2 ...	2020-10-06 12:13:24
81.68.128.153	attack	20 attempts against mh-misbehave-ban on star	2020-10-06 12:29:14
141.98.9.163	attack	Triggered by Fail2Ban at Ares web server	2020-10-06 12:13:45
107.170.131.23	attackspambots	Oct 6 02:44:10 vlre-nyc-1 sshd\[25696\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.131.23 user=root Oct 6 02:44:12 vlre-nyc-1 sshd\[25696\]: Failed password for root from 107.170.131.23 port 45716 ssh2 Oct 6 02:48:33 vlre-nyc-1 sshd\[25840\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.131.23 user=root Oct 6 02:48:35 vlre-nyc-1 sshd\[25840\]: Failed password for root from 107.170.131.23 port 48772 ssh2 Oct 6 02:52:56 vlre-nyc-1 sshd\[26028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.131.23 user=root ...	2020-10-06 12:45:02

Recently Reported IPs

196.20.12.21	197.251.216.226	197.246.202.127	197.242.159.110
197.234.13.16	197.255.209.34	197.248.102.42	197.234.13.29
198.23.240.206	198.100.61.105	198.46.233.46	198.12.71.108
198.46.218.138	198.211.96.106	198.98.49.82	199.117.152.51
199.101.192.130	199.116.100.252	199.241.169.128	198.98.57.191