197.253.124.204

Basic Info

City: unknown

Region: unknown

Country: Ghana

Internet Service Provider: Ghana Government

Hostname: unknown

Organization: unknown

Usage Type: Government

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Sep 16 21:25:32 gw1 sshd[31879]: Failed password for root from 197.253.124.204 port 47406 ssh2 ...	2020-09-17 00:30:31
attackspambots	Time: Wed Sep 16 06:57:42 2020 +0000 IP: 197.253.124.204 (GH/Ghana/glmis.gov.gh) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 16 06:29:06 ca-1-ams1 sshd[47893]: Failed password for root from 197.253.124.204 port 46540 ssh2 Sep 16 06:44:06 ca-1-ams1 sshd[48292]: Failed password for root from 197.253.124.204 port 49010 ssh2 Sep 16 06:48:30 ca-1-ams1 sshd[48420]: Failed password for root from 197.253.124.204 port 59746 ssh2 Sep 16 06:52:59 ca-1-ams1 sshd[48575]: Failed password for root from 197.253.124.204 port 42264 ssh2 Sep 16 06:57:36 ca-1-ams1 sshd[48724]: Failed password for root from 197.253.124.204 port 53012 ssh2	2020-09-16 16:46:58
attackspambots	2020-09-01T11:54:57.914429centos sshd[29360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.204 2020-09-01T11:54:57.908471centos sshd[29360]: Invalid user ljl from 197.253.124.204 port 58630 2020-09-01T11:55:00.311436centos sshd[29360]: Failed password for invalid user ljl from 197.253.124.204 port 58630 ssh2 ...	2020-09-01 17:55:09
attackbotsspam	20 attempts against mh-ssh on cloud	2020-08-26 02:35:02
attackspam	Invalid user apitest from 197.253.124.204 port 53672	2020-08-18 13:04:16

Comments on same subnet:

IP	Type	Details	Datetime
197.253.124.133	attackspambots	SSH Bruteforce Attempt on Honeypot	2020-09-18 22:44:25
197.253.124.133	attack	fail2ban -- 197.253.124.133 ...	2020-09-18 14:58:41
197.253.124.133	attackspam	SSH BruteForce Attack	2020-09-18 05:14:37
197.253.124.133	attackspambots	2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:02.020806abusebot-7.cloudsearch.cf sshd[20818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:04.433003abusebot-7.cloudsearch.cf sshd[20818]: Failed password for invalid user webmaster from 197.253.124.133 port 57640 ssh2 2020-09-02T16:39:29.180281abusebot-7.cloudsearch.cf sshd[20822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root 2020-09-02T16:39:30.581020abusebot-7.cloudsearch.cf sshd[20822]: Failed password for root from 197.253.124.133 port 38060 ssh2 2020-09-02T16:44:07.343054abusebot-7.cloudsearch.cf sshd[20874]: Invalid user zoneminder from 197.253.124.133 port 45794 ...	2020-09-04 01:33:52
197.253.124.133	attack	2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:02.020806abusebot-7.cloudsearch.cf sshd[20818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 2020-09-02T16:35:02.015976abusebot-7.cloudsearch.cf sshd[20818]: Invalid user webmaster from 197.253.124.133 port 57640 2020-09-02T16:35:04.433003abusebot-7.cloudsearch.cf sshd[20818]: Failed password for invalid user webmaster from 197.253.124.133 port 57640 ssh2 2020-09-02T16:39:29.180281abusebot-7.cloudsearch.cf sshd[20822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root 2020-09-02T16:39:30.581020abusebot-7.cloudsearch.cf sshd[20822]: Failed password for root from 197.253.124.133 port 38060 ssh2 2020-09-02T16:44:07.343054abusebot-7.cloudsearch.cf sshd[20874]: Invalid user zoneminder from 197.253.124.133 port 45794 ...	2020-09-03 16:55:46
197.253.124.133	attackbots	Aug 26 00:07:48 inter-technics sshd[13403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root Aug 26 00:07:50 inter-technics sshd[13403]: Failed password for root from 197.253.124.133 port 60974 ssh2 Aug 26 00:10:30 inter-technics sshd[15518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 user=root Aug 26 00:10:31 inter-technics sshd[15518]: Failed password for root from 197.253.124.133 port 40898 ssh2 Aug 26 00:13:07 inter-technics sshd[15655]: Invalid user cloud from 197.253.124.133 port 49066 ...	2020-08-26 06:16:11
197.253.124.133	attack	Aug 25 11:08:56 vps46666688 sshd[18478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 Aug 25 11:08:58 vps46666688 sshd[18478]: Failed password for invalid user zx from 197.253.124.133 port 46896 ssh2 ...	2020-08-25 22:57:05
197.253.124.133	attackspam	2020-07-18T21:51:17+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-19 04:52:02
197.253.124.133	attackspambots	(sshd) Failed SSH login from 197.253.124.133 (GH/Ghana/-): 5 in the last 3600 secs	2020-07-13 01:44:33
197.253.124.133	attackbotsspam	Jun 30 19:48:44 PorscheCustomer sshd[17910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 Jun 30 19:48:46 PorscheCustomer sshd[17910]: Failed password for invalid user tt from 197.253.124.133 port 46878 ssh2 Jun 30 19:53:03 PorscheCustomer sshd[17975]: Failed password for root from 197.253.124.133 port 45382 ssh2 ...	2020-07-01 12:22:21
197.253.124.133	attackspambots	Jun 10 18:33:44 r.ca sshd[12364]: Failed password for invalid user WinD3str0y from 197.253.124.133 port 51240 ssh2	2020-06-11 08:03:33
197.253.124.133	attack	Jun 8 17:11:45 ny01 sshd[20370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133 Jun 8 17:11:47 ny01 sshd[20370]: Failed password for invalid user rlorca from 197.253.124.133 port 44172 ssh2 Jun 8 17:16:06 ny01 sshd[20936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.253.124.133	2020-06-09 05:32:11
197.253.124.65	attack	firewall-block, port(s): 445/tcp	2020-02-25 10:16:21
197.253.124.218	attackbots	11/28/2019-01:27:18.210807 197.253.124.218 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-11-28 17:07:11
197.253.124.218	attack	Brute forcing RDP port 3389	2019-11-06 19:25:43

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.253.124.204
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6442
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.253.124.204.		IN	A

;; AUTHORITY SECTION:
.			457	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080700 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 07 13:33:08 CST 2020
;; MSG SIZE  rcvd: 119

Host info

204.124.253.197.in-addr.arpa domain name pointer glmis.gov.gh.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
204.124.253.197.in-addr.arpa	name = glmis.gov.gh.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.209.124.155	attack	Jun 21 03:34:32 vtv3 sshd\[10438\]: Invalid user nagios from 125.209.124.155 port 38096 Jun 21 03:34:32 vtv3 sshd\[10438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.209.124.155 Jun 21 03:34:33 vtv3 sshd\[10438\]: Failed password for invalid user nagios from 125.209.124.155 port 38096 ssh2 Jun 21 03:38:55 vtv3 sshd\[12478\]: Invalid user fou from 125.209.124.155 port 49134 Jun 21 03:38:55 vtv3 sshd\[12478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.209.124.155 Jun 21 03:49:41 vtv3 sshd\[17418\]: Invalid user minecraft from 125.209.124.155 port 49128 Jun 21 03:49:41 vtv3 sshd\[17418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.209.124.155 Jun 21 03:49:42 vtv3 sshd\[17418\]: Failed password for invalid user minecraft from 125.209.124.155 port 49128 ssh2 Jun 21 03:51:33 vtv3 sshd\[18579\]: Invalid user shu from 125.209.124.155 port 34904 Jun 21 03:51:33 v	2019-08-14 04:22:56
51.83.74.158	attackspambots	2019-08-14T03:09:25.304543enmeeting.mahidol.ac.th sshd\[31142\]: Invalid user inspur from 51.83.74.158 port 60517 2019-08-14T03:09:25.318529enmeeting.mahidol.ac.th sshd\[31142\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.ip-51-83-74.eu 2019-08-14T03:09:26.783058enmeeting.mahidol.ac.th sshd\[31142\]: Failed password for invalid user inspur from 51.83.74.158 port 60517 ssh2 ...	2019-08-14 04:22:15
107.175.194.181	attackbots	$f2bV_matches	2019-08-14 04:14:02
167.71.56.222	attackspambots	Aug 13 21:21:48 mail sshd\[20913\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.56.222 user=root Aug 13 21:21:49 mail sshd\[20913\]: Failed password for root from 167.71.56.222 port 46658 ssh2 Aug 13 21:21:52 mail sshd\[20913\]: Failed password for root from 167.71.56.222 port 46658 ssh2 Aug 13 21:21:55 mail sshd\[20913\]: Failed password for root from 167.71.56.222 port 46658 ssh2 Aug 13 21:21:58 mail sshd\[20913\]: Failed password for root from 167.71.56.222 port 46658 ssh2	2019-08-14 04:18:37
125.17.212.55	attackbots	Aug 13 18:58:56 *** sshd[27871]: Failed password for invalid user test from 125.17.212.55 port 56846 ssh2	2019-08-14 04:14:20
177.154.43.126	attack	Aug 13 21:07:20 XXX sshd[11791]: Invalid user vi from 177.154.43.126 port 52297	2019-08-14 04:03:09
103.206.209.238	attackspam	Mail sent to address hacked/leaked from Last.fm	2019-08-14 04:20:06
67.207.95.12	attack	Aug 13 22:20:47 SilenceServices sshd[20677]: Failed password for avahi from 67.207.95.12 port 47758 ssh2 Aug 13 22:21:40 SilenceServices sshd[21059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.207.95.12 Aug 13 22:21:42 SilenceServices sshd[21059]: Failed password for invalid user usbmuxd from 67.207.95.12 port 51334 ssh2	2019-08-14 04:21:57
152.136.76.134	attackspam	Aug 13 20:54:51 vps647732 sshd[31060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.76.134 Aug 13 20:54:53 vps647732 sshd[31060]: Failed password for invalid user uuuuu from 152.136.76.134 port 52596 ssh2 ...	2019-08-14 04:03:58
137.74.25.247	attackspam	2019-08-13T18:34:08.154588abusebot.cloudsearch.cf sshd\[6364\]: Invalid user master from 137.74.25.247 port 41207	2019-08-14 04:12:11
51.68.229.59	attack	Aug 13 21:45:26 microserver sshd[8193]: Invalid user denys from 51.68.229.59 port 42084 Aug 13 21:45:26 microserver sshd[8193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.229.59 Aug 13 21:45:28 microserver sshd[8193]: Failed password for invalid user denys from 51.68.229.59 port 42084 ssh2 Aug 13 21:50:44 microserver sshd[8907]: Invalid user support from 51.68.229.59 port 41998 Aug 13 21:50:45 microserver sshd[8907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.229.59 Aug 13 22:03:54 microserver sshd[10466]: Invalid user compsx from 51.68.229.59 port 51602 Aug 13 22:03:54 microserver sshd[10466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.229.59 Aug 13 22:03:56 microserver sshd[10466]: Failed password for invalid user compsx from 51.68.229.59 port 51602 ssh2 Aug 13 22:08:31 microserver sshd[11129]: Invalid user ain from 51.68.229.59 port 45388 Aug 13 22:08:31 m	2019-08-14 04:11:40
185.220.101.58	attack	Aug 13 21:17:53 mail sshd\[20312\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.220.101.58 user=root Aug 13 21:17:55 mail sshd\[20312\]: Failed password for root from 185.220.101.58 port 40285 ssh2 Aug 13 21:17:58 mail sshd\[20312\]: Failed password for root from 185.220.101.58 port 40285 ssh2 Aug 13 21:18:01 mail sshd\[20312\]: Failed password for root from 185.220.101.58 port 40285 ssh2 Aug 13 21:18:03 mail sshd\[20312\]: Failed password for root from 185.220.101.58 port 40285 ssh2	2019-08-14 04:45:48
158.69.192.239	attackspam	Aug 13 20:26:21 mail sshd\[11728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.192.239 user=root Aug 13 20:26:23 mail sshd\[11728\]: Failed password for root from 158.69.192.239 port 52422 ssh2 Aug 13 20:26:26 mail sshd\[11728\]: Failed password for root from 158.69.192.239 port 52422 ssh2 Aug 13 20:26:28 mail sshd\[11728\]: Failed password for root from 158.69.192.239 port 52422 ssh2 Aug 13 20:26:31 mail sshd\[11728\]: Failed password for root from 158.69.192.239 port 52422 ssh2	2019-08-14 04:31:25
71.78.247.238	attackspam	Brute force RDP, port 3389	2019-08-14 04:34:48
189.84.211.2	attackbots	Aug 13 21:33:04 mout sshd[2590]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.84.211.2 user=root Aug 13 21:33:06 mout sshd[2590]: Failed password for root from 189.84.211.2 port 36564 ssh2	2019-08-14 04:07:43

Recently Reported IPs

93.41.127.168	82.123.49.189	45.142.166.61	60.166.112.211
58.213.22.242	186.79.27.98	182.207.182.156	101.128.190.88
196.220.66.132	192.169.243.111	250.190.141.227	32.93.24.5
122.116.241.142	82.102.20.167	180.93.242.211	213.35.159.26
255.53.226.32	163.86.217.69	25.46.85.184	31.170.48.194