197.248.119.140

Basic Info

City: unknown

Region: unknown

Country: Kenya

Internet Service Provider: Safaricom Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 197.248.119.140 on Port 445(SMB)	2020-08-02 19:23:56
attackspam	Honeypot attack, port: 445, PTR: 197-248-119-140.safaricombusiness.co.ke.	2020-01-18 21:05:22
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 23:26:55,820 INFO [shellcode_manager] (197.248.119.140) no match, writing hexdump (f102b713f665d9075dc6d356f8529986 :2162117) - MS17010 (EternalBlue)	2019-08-29 12:14:17

Type

Details

Datetime

attackbots

Unauthorized connection attempt from IP address 197.248.119.140 on Port 445(SMB)

2020-08-02 19:23:56

attackspam

Honeypot attack, port: 445, PTR: 197-248-119-140.safaricombusiness.co.ke.

2020-01-18 21:05:22

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 23:26:55,820 INFO [shellcode_manager] (197.248.119.140) no match, writing hexdump (f102b713f665d9075dc6d356f8529986 :2162117) - MS17010 (EternalBlue)

2019-08-29 12:14:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.248.119.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22243
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.248.119.140.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082802 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 29 12:14:12 CST 2019
;; MSG SIZE  rcvd: 119

Host info

140.119.248.197.in-addr.arpa domain name pointer 197-248-119-140.safaricombusiness.co.ke.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
140.119.248.197.in-addr.arpa	name = 197-248-119-140.safaricombusiness.co.ke.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.96.106.144	attackbots	Hit on /wp-login.php	2019-11-04 23:05:51
162.220.162.10	attackbots	[Mon Nov 04 12:34:58.814926 2019] [:error] [pid 14973] [client 162.220.162.10:40432] script '/var/www/www.periodicos.unifra.br/wp-login.php' not found or unable to stat [Mon Nov 04 12:35:16.372931 2019] [:error] [pid 17084] [client 162.220.162.10:45806] script '/var/www/www.periodicos.unifra.br/wp-login.php' not found or unable to stat [Mon Nov 04 12:35:17.011295 2019] [:error] [pid 17088] [client 162.220.162.10:47396] script '/var/www/www.periodicos.unifra.br/wp-login.php' not found or unable to stat ...	2019-11-04 23:13:23
91.206.30.218	attack	xmlrpc attack	2019-11-04 22:55:26
182.61.148.116	attackbotsspam	Nov 4 14:53:48 *** sshd[13043]: User root from 182.61.148.116 not allowed because not listed in AllowUsers	2019-11-04 23:06:51
222.186.175.147	attack	Nov 4 16:08:20 srv206 sshd[1149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.147 user=root Nov 4 16:08:22 srv206 sshd[1149]: Failed password for root from 222.186.175.147 port 37536 ssh2 ...	2019-11-04 23:14:14
222.186.190.2	attackspambots	Nov 4 15:50:03 srv206 sshd[1017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Nov 4 15:50:06 srv206 sshd[1017]: Failed password for root from 222.186.190.2 port 35804 ssh2 ...	2019-11-04 22:54:56
201.131.241.251	attackspam	port scan and connect, tcp 8080 (http-proxy)	2019-11-04 22:57:12
190.69.25.30	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 04-11-2019 14:35:22.	2019-11-04 23:31:30
220.98.84.31	attackbots	Nov 4 15:35:37 MK-Soft-Root2 sshd[9723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.98.84.31 Nov 4 15:35:38 MK-Soft-Root2 sshd[9723]: Failed password for invalid user ul from 220.98.84.31 port 64025 ssh2 ...	2019-11-04 23:15:58
42.200.206.225	attack	Nov 4 15:57:16 dedicated sshd[9619]: Invalid user user from 42.200.206.225 port 58276	2019-11-04 23:16:55
71.6.167.142	attackspambots	Scanning for random ports and web resources for possible exploits: 1. robots.txt 2. sitemap.xml 3. /.well-known/security.txt	2019-11-04 23:00:26
46.73.146.222	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 04-11-2019 14:35:23.	2019-11-04 23:29:28
36.155.114.151	attack	Nov 4 16:35:55 MK-Soft-VM6 sshd[22816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.155.114.151 Nov 4 16:35:56 MK-Soft-VM6 sshd[22816]: Failed password for invalid user Bed123 from 36.155.114.151 port 39067 ssh2 ...	2019-11-04 23:36:05
145.239.8.229	attackspam	Nov 4 10:18:37 TORMINT sshd\[19045\]: Invalid user justin from 145.239.8.229 Nov 4 10:18:37 TORMINT sshd\[19045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.8.229 Nov 4 10:18:40 TORMINT sshd\[19045\]: Failed password for invalid user justin from 145.239.8.229 port 39624 ssh2 ...	2019-11-04 23:21:31
190.72.184.19	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 04-11-2019 14:35:22.	2019-11-04 23:31:01

Recently Reported IPs

200.127.109.231	197.124.252.17	146.151.8.198	185.62.148.8
82.201.220.227	125.142.97.209	62.72.18.0	103.41.42.75
134.193.240.118	187.190.153.118	183.2.156.114	74.109.184.186
14.189.165.17	147.91.243.133	94.226.255.121	177.184.245.86
115.54.66.232	89.199.43.94	14.161.29.175	219.156.128.148