197.248.4.24 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kenya

Internet Service Provider: Safaricom

Hostname: unknown

Organization: Safaricom

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.248.4.247	attack	Unauthorized connection attempt detected from IP address 197.248.4.247 to port 442 [T]	2020-08-14 01:12:00
197.248.4.247	attack	\x16\x03\x01 400 0 "-" "-"	2020-07-18 17:53:58
197.248.4.112	attack	Jun 5 18:53:29 auw2 sshd\[19985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.4.112 user=root Jun 5 18:53:31 auw2 sshd\[19985\]: Failed password for root from 197.248.4.112 port 46078 ssh2 Jun 5 18:58:09 auw2 sshd\[20341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.4.112 user=root Jun 5 18:58:11 auw2 sshd\[20341\]: Failed password for root from 197.248.4.112 port 42598 ssh2 Jun 5 19:03:08 auw2 sshd\[20730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.4.112 user=root	2020-06-06 17:44:01

Type

Details

Datetime

197.248.4.247

attack

Unauthorized connection attempt detected from IP address 197.248.4.247 to port 442 [T]

2020-08-14 01:12:00

197.248.4.247

attack

\x16\x03\x01 400 0 "-" "-"

2020-07-18 17:53:58

197.248.4.112

attack

Jun  5 18:53:29 auw2 sshd\[19985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.4.112  user=root
Jun  5 18:53:31 auw2 sshd\[19985\]: Failed password for root from 197.248.4.112 port 46078 ssh2
Jun  5 18:58:09 auw2 sshd\[20341\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.4.112  user=root
Jun  5 18:58:11 auw2 sshd\[20341\]: Failed password for root from 197.248.4.112 port 42598 ssh2
Jun  5 19:03:08 auw2 sshd\[20730\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.248.4.112  user=root

2020-06-06 17:44:01

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.248.4.24
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63425
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.248.4.24.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 20:07:48 +08 2019
;; MSG SIZE  rcvd: 116

Host info

Host 24.4.248.197.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 24.4.248.197.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.45.37.254	attack	Honeypot attack, port: 445, PTR: gw.stech.net.br.	2019-11-06 15:59:30
113.204.131.18	attackspam	11/06/2019-07:28:44.072192 113.204.131.18 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-06 16:00:11
41.223.202.81	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-06 16:11:27
120.132.7.52	attack	Nov 5 04:16:33 indra sshd[182921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.7.52 user=r.r Nov 5 04:16:35 indra sshd[182921]: Failed password for r.r from 120.132.7.52 port 47074 ssh2 Nov 5 04:16:35 indra sshd[182921]: Received disconnect from 120.132.7.52: 11: Bye Bye [preauth] Nov 5 04:24:21 indra sshd[184189]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.7.52 user=r.r Nov 5 04:24:23 indra sshd[184189]: Failed password for r.r from 120.132.7.52 port 43632 ssh2 Nov 5 04:24:23 indra sshd[184189]: Received disconnect from 120.132.7.52: 11: Bye Bye [preauth] Nov 5 04:29:25 indra sshd[185012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.7.52 user=r.r Nov 5 04:29:27 indra sshd[185012]: Failed password for r.r from 120.132.7.52 port 53294 ssh2 Nov 5 04:29:28 indra sshd[185012]: Received disconnect from 120.13........ -------------------------------	2019-11-06 16:37:08
125.40.199.8	attack	Honeypot attack, port: 23, PTR: hn.kd.ny.adsl.	2019-11-06 16:03:55
36.22.255.169	attackspambots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/36.22.255.169/ CN - 1H : (606) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 36.22.255.169 CIDR : 36.16.0.0/13 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 9 3H - 27 6H - 63 12H - 171 24H - 289 DateTime : 2019-11-06 07:28:28 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-06 16:08:09
151.106.31.153	attackspam	Nov 6 03:27:42 firewall sshd[13330]: Failed password for root from 151.106.31.153 port 59206 ssh2 Nov 6 03:28:24 firewall sshd[13383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.106.31.153 user=root Nov 6 03:28:25 firewall sshd[13383]: Failed password for root from 151.106.31.153 port 52200 ssh2 ...	2019-11-06 16:10:43
77.247.109.18	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-06 16:13:16
54.39.147.2	attack	Nov 6 07:47:01 web8 sshd\[12533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 user=root Nov 6 07:47:03 web8 sshd\[12533\]: Failed password for root from 54.39.147.2 port 40379 ssh2 Nov 6 07:51:19 web8 sshd\[14582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 user=root Nov 6 07:51:21 web8 sshd\[14582\]: Failed password for root from 54.39.147.2 port 59238 ssh2 Nov 6 07:55:38 web8 sshd\[16612\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 user=root	2019-11-06 16:05:53
222.186.175.215	attackbotsspam	2019-11-06T08:04:16.599269shield sshd\[22518\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.215 user=root 2019-11-06T08:04:18.740208shield sshd\[22518\]: Failed password for root from 222.186.175.215 port 6450 ssh2 2019-11-06T08:04:23.293214shield sshd\[22518\]: Failed password for root from 222.186.175.215 port 6450 ssh2 2019-11-06T08:04:27.237098shield sshd\[22518\]: Failed password for root from 222.186.175.215 port 6450 ssh2 2019-11-06T08:04:31.391602shield sshd\[22518\]: Failed password for root from 222.186.175.215 port 6450 ssh2	2019-11-06 16:12:45
118.24.102.70	attack	Nov 6 07:27:57 work-partkepr sshd\[1523\]: Invalid user Admin from 118.24.102.70 port 44152 Nov 6 07:27:57 work-partkepr sshd\[1523\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.102.70 ...	2019-11-06 16:23:09
45.118.144.31	attackspambots	Nov 5 22:00:02 sachi sshd\[27984\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.118.144.31 user=root Nov 5 22:00:04 sachi sshd\[27984\]: Failed password for root from 45.118.144.31 port 51446 ssh2 Nov 5 22:04:34 sachi sshd\[28362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.118.144.31 user=root Nov 5 22:04:35 sachi sshd\[28362\]: Failed password for root from 45.118.144.31 port 60490 ssh2 Nov 5 22:09:06 sachi sshd\[10955\]: Invalid user com from 45.118.144.31	2019-11-06 16:25:18
124.29.246.106	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-11-06 16:02:23
2001:41d0:303:5e44::	attackbots	xmlrpc attack	2019-11-06 16:27:07
216.245.197.254	attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-11-06 16:08:41

Recently Reported IPs

76.241.156.140	125.115.167.161	5.181.164.223	187.64.0.217
197.248.2.55	197.247.53.145	160.57.218.209	190.69.135.182
197.245.32.117	140.6.13.20	170.84.48.230	57.35.221.84
151.209.207.76	46.1.211.139	114.120.237.235	103.109.57.204
150.174.79.239	78.65.43.164	197.242.145.186	90.213.131.206