197.253.124.204

Basic Info

City: unknown

Region: unknown

Country: Ghana

Internet Service Provider: Ghana Government

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Sep 16 21:25:32 gw1 sshd[31879]: Failed password for root from 197.253.124.204 port 47406 ssh2 ...	2020-09-17 00:30:31
attackspambots	Time: Wed Sep 16 06:57:42 2020 +0000 IP: 197.253.124.204 (GH/Ghana/glmis.gov.gh) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 16 06:29:06 ca-1-ams1 sshd[47893]: Failed password for root from 197.253.124.204 port 46540 ssh2 Sep 16 06:44:06 ca-1-ams1 sshd[48292]: Failed password for root from 197.253.124.204 port 49010 ssh2 Sep 16 06:48:30 ca-1-ams1 sshd[48420]: Failed password for root from 197.253.124.204 port 59746 ssh2 Sep 16 06:52:59 ca-1-ams1 sshd[48575]: Failed password for root from 197.253.124.204 port 42264 ssh2 Sep 16 06:57:36 ca-1-ams1 sshd[48724]: Failed password for root from 197.253.124.204 port 53012 ssh2	2020-09-16 16:46:58
attackspambots	2020-09-01T11:54:57.914429centos sshd[29360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.204 2020-09-01T11:54:57.908471centos sshd[29360]: Invalid user ljl from 197.253.124.204 port 58630 2020-09-01T11:55:00.311436centos sshd[29360]: Failed password for invalid user ljl from 197.253.124.204 port 58630 ssh2 ...	2020-09-01 17:55:09
attackbotsspam	20 attempts against mh-ssh on cloud	2020-08-26 02:35:02
attackspam	Invalid user apitest from 197.253.124.204 port 53672	2020-08-18 13:04:16

Comments on same subnet:

IP	Type	Details	Datetime
197.253.124.133	attackspambots	SSH Bruteforce Attempt on Honeypot	2020-09-18 22:44:25
197.253.124.133	attack	fail2ban -- 197.253.124.133 ...	2020-09-18 14:58:41
197.253.124.133	attackspam	SSH BruteForce Attack	2020-09-18 05:14:37
197.253.124.133	attackspambots	2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:02.020806abusebot-7.cloudsearch.cf sshd[20818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:04.433003abusebot-7.cloudsearch.cf sshd[20818]: Failed password for invalid user webmaster from 197.253.124.133 port 57640 ssh2 2020-09-02T16:39:29.180281abusebot-7.cloudsearch.cf sshd[20822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root 2020-09-02T16:39:30.581020abusebot-7.cloudsearch.cf sshd[20822]: Failed password for root from 197.253.124.133 port 38060 ssh2 2020-09-02T16:44:07.343054abusebot-7.cloudsearch.cf sshd[20874]: Invalid user zoneminder from 197.253.124.133 port 45794 ...	2020-09-04 01:33:52
197.253.124.133	attack	2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:02.020806abusebot-7.cloudsearch.cf sshd[20818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:04.433003abusebot-7.cloudsearch.cf sshd[20818]: Failed password for invalid user webmaster from 197.253.124.133 port 57640 ssh2 2020-09-02T16:39:29.180281abusebot-7.cloudsearch.cf sshd[20822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root 2020-09-02T16:39:30.581020abusebot-7.cloudsearch.cf sshd[20822]: Failed password for root from 197.253.124.133 port 38060 ssh2 2020-09-02T16:44:07.343054abusebot-7.cloudsearch.cf sshd[20874]: Invalid user zoneminder from 197.253.124.133 port 45794 ...	2020-09-03 16:55:46
197.253.124.133	attackbots	Aug 26 00:07:48 inter-technics sshd[13403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root Aug 26 00:07:50 inter-technics sshd[13403]: Failed password for root from 197.253.124.133 port 60974 ssh2 Aug 26 00:10:30 inter-technics sshd[15518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root Aug 26 00:10:31 inter-technics sshd[15518]: Failed password for root from 197.253.124.133 port 40898 ssh2 Aug 26 00:13:07 inter-technics sshd[15655]: Invalid user cloud from 197.253.124.133 port 49066 ...	2020-08-26 06:16:11
197.253.124.133	attack	Aug 25 11:08:56 vps46666688 sshd[18478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 Aug 25 11:08:58 vps46666688 sshd[18478]: Failed password for invalid user zx from 197.253.124.133 port 46896 ssh2 ...	2020-08-25 22:57:05
197.253.124.133	attackspam	2020-07-18T21:51:17+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-19 04:52:02
197.253.124.133	attackspambots	(sshd) Failed SSH login from 197.253.124.133 (GH/Ghana/-): 5 in the last 3600 secs	2020-07-13 01:44:33
197.253.124.133	attackbotsspam	Jun 30 19:48:44 PorscheCustomer sshd[17910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 Jun 30 19:48:46 PorscheCustomer sshd[17910]: Failed password for invalid user tt from 197.253.124.133 port 46878 ssh2 Jun 30 19:53:03 PorscheCustomer sshd[17975]: Failed password for root from 197.253.124.133 port 45382 ssh2 ...	2020-07-01 12:22:21
197.253.124.133	attackspambots	Jun 10 18:33:44 r.ca sshd[12364]: Failed password for invalid user WinD3str0y from 197.253.124.133 port 51240 ssh2	2020-06-11 08:03:33
197.253.124.133	attack	Jun 8 17:11:45 ny01 sshd[20370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 Jun 8 17:11:47 ny01 sshd[20370]: Failed password for invalid user rlorca from 197.253.124.133 port 44172 ssh2 Jun 8 17:16:06 ny01 sshd[20936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133	2020-06-09 05:32:11
197.253.124.65	attack	firewall-block, port(s): 445/tcp	2020-02-25 10:16:21
197.253.124.218	attackbots	11/28/2019-01:27:18.210807 197.253.124.218 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-28 17:07:11
197.253.124.218	attack	Brute forcing RDP port 3389	2019-11-06 19:25:43

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.253.124.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.253.124.204.		IN	A

;; AUTHORITY SECTION:
.			457	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080700 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 07 13:33:08 CST 2020
;; MSG SIZE  rcvd: 119

Host info

204.124.253.197.in-addr.arpa domain name pointer glmis.gov.gh.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
204.124.253.197.in-addr.arpa	name = glmis.gov.gh.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.247.110.161	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 70 - port: 3363 proto: TCP cat: Misc Attack	2019-11-07 06:07:53
185.176.27.246	attackspambots	11/06/2019-16:40:39.229178 185.176.27.246 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-07 05:49:35
183.134.199.68	attack	$f2bV_matches	2019-11-07 05:56:32
41.33.73.177	attackspam	Unauthorized connection attempt from IP address 41.33.73.177 on Port 445(SMB)	2019-11-07 05:53:26
202.169.46.52	attack	Unauthorized connection attempt from IP address 202.169.46.52 on Port 445(SMB)	2019-11-07 05:51:10
77.247.110.58	attackbotsspam	11/06/2019-14:37:23.600395 77.247.110.58 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 75	2019-11-07 05:50:33
202.176.5.177	attack	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-11-07 06:08:36
125.214.56.150	attackbots	Nov 6 15:32:02 server postfix/smtpd[11563]: NOQUEUE: reject: RCPT from unknown[125.214.56.150]: 554 5.7.1 Service unavailable; Client host [125.214.56.150] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/125.214.56.150; from= to= proto=ESMTP helo=<[125.214.56.150]>	2019-11-07 05:36:36
200.245.153.150	attack	Unauthorized connection attempt from IP address 200.245.153.150 on Port 445(SMB)	2019-11-07 05:47:53
72.69.72.10	attack	Unauthorized connection attempt from IP address 72.69.72.10 on Port 445(SMB)	2019-11-07 05:38:50
14.161.14.159	attackspam	Unauthorized connection attempt from IP address 14.161.14.159 on Port 445(SMB)	2019-11-07 05:54:32
52.177.17.246	attackspambots	Chat Spam	2019-11-07 06:13:16
139.59.95.216	attackbotsspam	Nov 6 09:11:50 wbs sshd\[25383\]: Invalid user conta from 139.59.95.216 Nov 6 09:11:50 wbs sshd\[25383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.95.216 Nov 6 09:11:52 wbs sshd\[25383\]: Failed password for invalid user conta from 139.59.95.216 port 46242 ssh2 Nov 6 09:16:57 wbs sshd\[25823\]: Invalid user umountsys from 139.59.95.216 Nov 6 09:16:57 wbs sshd\[25823\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.95.216	2019-11-07 05:54:18
151.80.61.103	attack	Nov 6 10:41:17 TORMINT sshd\[9293\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.61.103 user=root Nov 6 10:41:18 TORMINT sshd\[9293\]: Failed password for root from 151.80.61.103 port 59698 ssh2 Nov 6 10:44:49 TORMINT sshd\[9410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.61.103 user=root ...	2019-11-07 06:08:57
88.214.11.29	attackbotsspam	Unauthorized connection attempt from IP address 88.214.11.29 on Port 445(SMB)	2019-11-07 06:06:11

Recently Reported IPs

93.41.127.168	82.123.49.189	45.142.166.61	60.166.112.211
58.213.22.242	186.79.27.98	182.207.182.156	101.128.190.88
196.220.66.132	192.169.243.111	250.190.141.227	32.93.24.5
122.116.241.142	82.102.20.167	180.93.242.211	213.35.159.26
255.53.226.32	163.86.217.69	25.46.85.184	31.170.48.194