197.248.7.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Kenya

Internet Service Provider: Safaricom

Hostname: unknown

Organization: Safaricom

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.248.74.218	attackbots	Honeypot attack, port: 445, PTR: 197-248-74-218.safaricombusiness.co.ke.	2020-07-14 20:35:22
197.248.73.246	attackspambots	2019-03-11 18:53:52 1h3P7Q-0003Rw-7x SMTP connection from \(197-248-73-246.safaricombusiness.co.ke\) \[197.248.73.246\]:43469 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-11 18:54:42 1h3P8I-0003UF-Hw SMTP connection from \(197-248-73-246.safaricombusiness.co.ke\) \[197.248.73.246\]:43660 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-11 18:55:14 1h3P8o-0003We-Ra SMTP connection from \(197-248-73-246.safaricombusiness.co.ke\) \[197.248.73.246\]:43747 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-30 04:01:48
197.248.73.246	attackbotsspam	Jan 10 13:58:31 grey postfix/smtpd\[18142\]: NOQUEUE: reject: RCPT from unknown\[197.248.73.246\]: 554 5.7.1 Service unavailable\; Client host \[197.248.73.246\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[197.248.73.246\]\; from=\ to=\ proto=ESMTP helo=\<197-248-73-246.safaricombusiness.co.ke\> ...	2020-01-11 00:11:56
197.248.79.46	attackbots	Unauthorized connection attempt detected from IP address 197.248.79.46 to port 445	2019-12-31 20:56:34
197.248.73.70	attack	Brute force attempt	2019-07-27 01:56:20

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.248.7.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17254
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.248.7.91.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042800 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sun Apr 28 20:07:05 +08 2019
;; MSG SIZE  rcvd: 116

Host info

91.7.248.197.in-addr.arpa domain name pointer 197-248-7-91.safaricombusiness.co.ke.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
91.7.248.197.in-addr.arpa	name = 197-248-7-91.safaricombusiness.co.ke.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.143.178.163	attackbotsspam	Jul 13 23:20:26 debian-2gb-nbg1-2 kernel: \[16933798.700361\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=79.143.178.163 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=61336 PROTO=TCP SPT=47756 DPT=2112 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-14 07:12:44
157.35.241.156	attack	Unauthorized connection attempt from IP address 157.35.241.156 on Port 445(SMB)	2020-07-14 06:49:28
94.102.51.152	attack	Attempts against SMTP/SSMTP	2020-07-14 07:19:27
181.129.165.139	attack	Jul 13 19:09:16 ws24vmsma01 sshd[44304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.129.165.139 Jul 13 19:09:19 ws24vmsma01 sshd[44304]: Failed password for invalid user ubuntu from 181.129.165.139 port 50072 ssh2 ...	2020-07-14 07:14:20
66.249.66.91	attack	Automatic report - Banned IP Access	2020-07-14 06:48:43
62.234.114.92	attack	bruteforce detected	2020-07-14 07:18:47
103.99.1.183	attack	Port scan: Attack repeated for 24 hours	2020-07-14 07:27:26
114.112.72.130	attack	TCP (SYN) 114.112.72.130:44766 -> port 23, len 44	2020-07-14 06:54:49
118.25.177.225	attackbots	Jul 14 00:35:08 sip sshd[929592]: Invalid user memo from 118.25.177.225 port 54170 Jul 14 00:35:10 sip sshd[929592]: Failed password for invalid user memo from 118.25.177.225 port 54170 ssh2 Jul 14 00:36:46 sip sshd[929606]: Invalid user lm from 118.25.177.225 port 43784 ...	2020-07-14 07:26:01
185.176.27.30	attackbotsspam	TCP (SYN) 185.176.27.30:49585 -> port 39595, len 44	2020-07-14 06:51:19
141.98.81.210	attack	SSH Brute-Force attacks	2020-07-14 07:18:01
54.38.183.181	attack	Jul 14 00:37:57 server sshd[16103]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 Jul 14 00:38:00 server sshd[16103]: Failed password for invalid user user from 54.38.183.181 port 33086 ssh2 Jul 14 00:40:56 server sshd[16570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.183.181 ...	2020-07-14 07:09:38
92.63.194.104	attack	Triggered: repeated knocking on closed ports.	2020-07-14 07:12:30
192.241.238.210	attackbotsspam	Auto Detect Rule! proto TCP (SYN), 192.241.238.210:50435->gjan.info:3306, len 40	2020-07-14 06:55:36
47.176.104.74	attack	Jul 13 22:17:14 xeon sshd[10825]: Failed password for invalid user eran from 47.176.104.74 port 30889 ssh2	2020-07-14 07:11:28

Recently Reported IPs

197.248.4.24	191.241.253.20	76.241.156.140	125.115.167.161
5.181.164.223	187.64.0.217	197.248.2.55	197.247.53.145
160.57.218.209	190.69.135.182	197.245.32.117	140.6.13.20
170.84.48.230	57.35.221.84	151.209.207.76	46.1.211.139
114.120.237.235	103.109.57.204	150.174.79.239	78.65.43.164