107.196.214.111

Basic Info

City: Raleigh

Region: North Carolina

Country: United States

Internet Service Provider: AT&T

Hostname: unknown

Organization: AT&T Services, Inc.

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.196.214.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31394
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;107.196.214.111.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061201 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 13 02:52:58 CST 2019
;; MSG SIZE  rcvd: 119

Host info

111.214.196.107.in-addr.arpa domain name pointer 107-196-214-111.lightspeed.rlghnc.sbcglobal.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
111.214.196.107.in-addr.arpa	name = 107-196-214-111.lightspeed.rlghnc.sbcglobal.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.51.241.109	attackbots	Invalid user cloud from 122.51.241.109 port 53642	2020-05-15 06:30:14
182.75.115.62	attack	Invalid user pubsub1 from 182.75.115.62 port 57370	2020-05-15 06:30:34
222.186.31.83	attackspambots	05/14/2020-18:21:08.271420 222.186.31.83 Protocol: 6 ET SCAN Potential SSH Scan	2020-05-15 06:21:40
3.11.149.42	attack	xmlrpc attack	2020-05-15 06:04:11
61.132.225.37	attack	61.132.225.37 - - [18/Apr/2020:12:16:31 +0200] "POST //plus/mytag_js.php?aid=9090 HTTP/1.1" 301 641 ...	2020-05-15 06:10:41
92.246.243.163	attackspambots	2020-05-14T22:14:03.960581shield sshd\[4824\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.246.243.163 user=root 2020-05-14T22:14:06.281582shield sshd\[4824\]: Failed password for root from 92.246.243.163 port 60844 ssh2 2020-05-14T22:21:18.962432shield sshd\[7916\]: Invalid user comune from 92.246.243.163 port 42152 2020-05-14T22:21:18.966599shield sshd\[7916\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.246.243.163 2020-05-14T22:21:21.006180shield sshd\[7916\]: Failed password for invalid user comune from 92.246.243.163 port 42152 ssh2	2020-05-15 06:35:41
136.53.67.174	attack	Invalid user geir from 136.53.67.174 port 48226	2020-05-15 06:31:47
140.143.56.61	attackspambots	May 15 00:10:26 electroncash sshd[48534]: Invalid user leng from 140.143.56.61 port 48460 May 15 00:10:26 electroncash sshd[48534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.56.61 May 15 00:10:26 electroncash sshd[48534]: Invalid user leng from 140.143.56.61 port 48460 May 15 00:10:27 electroncash sshd[48534]: Failed password for invalid user leng from 140.143.56.61 port 48460 ssh2 May 15 00:14:32 electroncash sshd[49657]: Invalid user nnn from 140.143.56.61 port 38184 ...	2020-05-15 06:34:46
54.36.77.233	attack	[Thu May 14 18:36:43.285432 2020] [:error] [pid 185897] [client 54.36.77.233:59194] [client 54.36.77.233] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "Xr256kYM-MpM8O47hf7vigAAAAM"] ...	2020-05-15 06:12:54
61.160.207.4	attackspam	61.160.207.4 - - [08/May/2020:18:18:19 +0200] "GET /plus/search.php?keyword=xxx&arrs1%5B%5D=99&arrs1%5B%5D=102&arrs1%5B%5D=103&arrs1%5B%5D=95&arrs1%5B%5D=100&arrs1%5B%5D=102&arrs1%5B%5D=95&arrs1%5B%5D=115&arrs1%5B%5D=116&arrs1%5B%5D=121&arrs1%5B%5D=108&arrs1%5B%5D=101&arrs2%5B%5D=47&arrs2%5B%5D=47&arrs2%5B%5D=46&arrs2%5B%5D=46&arrs2%5B%5D=47&arrs2%5B%5D=46&arrs2%5B%5D=46&arrs2%5B%5D=47&arrs2%5B%5D=105&arrs2%5B%5D=110&arrs2%5B%5D=99&arrs2%5B%5D=108&arrs2%5B%5D=117&arrs2%5B%5D=100&arrs2%5B%5D=101&arrs2%5B%5D=47&arrs2%5B%5D=99&arrs2%5B%5D=111&arrs2%5B%5D=109&arrs2%5B%5D=109&arrs2%5B%5D=111&arrs2%5B%5D=110&arrs2%5B%5D=46&arrs2%5B%5D=105&arrs2%5B%5D=110&arrs2%5B%5D=99&arrs2%5B%5D=46&arrs2%5B%5D=112&arrs2%5B%5D=104&arrs2%5B%5D=112&arrs2%5B%5D=0 HTTP/1.1" 301 2154 ...	2020-05-15 06:05:52
167.71.69.193	attackbotsspam	Invalid user irene from 167.71.69.193 port 52244	2020-05-15 06:15:28
185.173.35.1	attack	Port scan: Attack repeated for 24 hours	2020-05-15 06:24:21
89.248.168.244	attack	May 15 00:36:30 debian-2gb-nbg1-2 kernel: \[11754642.162125\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=89.248.168.244 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=14844 PROTO=TCP SPT=40762 DPT=260 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-15 06:37:43
62.234.78.62	attack	SSH Invalid Login	2020-05-15 06:01:17
130.61.236.64	attackspam	C1,DEF GET /phpMyAdmin/scripts/setup.php	2020-05-15 06:20:48

Recently Reported IPs

196.70.13.3	35.205.47.133	207.239.39.106	12.231.35.42
136.228.161.66	95.249.33.168	163.172.58.50	86.124.202.16
74.114.149.247	187.118.143.143	33.119.99.76	146.200.228.6
189.211.189.44	37.127.209.215	212.220.203.110	203.19.95.79
217.241.197.194	184.155.163.16	149.202.162.220	90.176.151.242