109.165.197.212

Basic Info

City: unknown

Region: unknown

Country: Bosnia and Herzegovina

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 109.165.197.212
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38362
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;109.165.197.212.		IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012802 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 08:49:30 CST 2025
;; MSG SIZE  rcvd: 108

Host info

212.197.165.109.in-addr.arpa domain name pointer adsl-165-197-212.teol.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
212.197.165.109.in-addr.arpa	name = adsl-165-197-212.teol.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
79.172.193.32	attack	79.172.193.32 - - [08/Aug/2020:17:37:58 -0300] "GET /wp-json/wp/v2/users/1 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:37:59 -0300] "GET /wp-json/wp/v2/users/2 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:37:59 -0300] "GET /wp-json/wp/v2/users/3 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:37:59 -0300] "GET /wp-json/wp/v2/users/4 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:38:00 -0300] "GET /wp-json/wp/v2/users/5 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:38:01 -0300] "GET /wp-json/wp/v2/users/6 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:38:01 -0300] "GET /wp-json/wp/v2/users/7 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:38:02 -0300] "GET /wp-json/wp/v2/users/8 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:38:02 -0300] "GET /wp-json/wp/v2/users/9 HTTP/1.1" 403 9 79.172.193.32 - - [08/Aug/2020:17:38:02 -0300] "GET /wp-json/wp/v2/users/10 HTTP/1.1" 403 9	2020-08-12 01:48:40
103.145.12.7	attackbotsspam	SIP Server BruteForce Attack	2020-08-12 01:27:16
212.83.172.78	attackspambots	212.83.172.78 - - [11/Aug/2020:18:25:46 +0100] "POST /wp-login.php HTTP/1.1" 200 1969 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.83.172.78 - - [11/Aug/2020:18:25:47 +0100] "POST /wp-login.php HTTP/1.1" 200 1977 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 212.83.172.78 - - [11/Aug/2020:18:25:47 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-12 01:45:50
222.186.30.76	attackbotsspam	2020-08-11T19:49:23.251415vps773228.ovh.net sshd[9905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-08-11T19:49:25.013133vps773228.ovh.net sshd[9905]: Failed password for root from 222.186.30.76 port 60848 ssh2 2020-08-11T19:49:23.251415vps773228.ovh.net sshd[9905]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root 2020-08-11T19:49:25.013133vps773228.ovh.net sshd[9905]: Failed password for root from 222.186.30.76 port 60848 ssh2 2020-08-11T19:49:26.948299vps773228.ovh.net sshd[9905]: Failed password for root from 222.186.30.76 port 60848 ssh2 ...	2020-08-12 01:50:34
31.207.47.99	attack	Aug 11 17:57:21 fhem-rasp sshd[27167]: Bad protocol version identification '\003' from 31.207.47.99 port 65520 Aug 11 19:04:44 fhem-rasp sshd[26351]: Bad protocol version identification '\003' from 31.207.47.99 port 64676 ...	2020-08-12 01:14:18
165.22.31.24	attackspam	TCP (SYN) 165.22.31.24:51452 -> port 80, len 60	2020-08-12 01:22:39
95.213.243.77	attack	Aug 10 14:58:11 www sshd[13260]: Address 95.213.243.77 maps to cris02.sacnotificacoes.ch, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 10 14:58:11 www sshd[13260]: Invalid user admin from 95.213.243.77 Aug 10 14:58:11 www sshd[13260]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.213.243.77 Aug 10 14:58:13 www sshd[13260]: Failed password for invalid user admin from 95.213.243.77 port 35612 ssh2 Aug 10 14:58:13 www sshd[13260]: Received disconnect from 95.213.243.77: 11: Bye Bye [preauth] Aug 10 14:58:13 www sshd[13262]: Address 95.213.243.77 maps to cris02.sacnotificacoes.ch, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Aug 10 14:58:13 www sshd[13262]: Invalid user admin from 95.213.243.77 Aug 10 14:58:13 www sshd[13262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.213.243.77 ........ ----------------------------------------------- https://www.blocklist.de/en	2020-08-12 01:44:21
121.122.103.87	attackspam	Brute-force attempt banned	2020-08-12 01:35:38
212.83.186.26	attackspam	Aug 11 19:12:25 marvibiene sshd[27774]: Failed password for root from 212.83.186.26 port 12074 ssh2	2020-08-12 01:54:20
209.97.150.150	attackbotsspam	xmlrpc attack	2020-08-12 01:29:11
51.91.111.136	attackspam	Aug 11 12:16:11 vm10 sshd[3422]: Did not receive identification string from 51.91.111.136 port 41182 Aug 11 12:18:35 vm10 sshd[3428]: Received disconnect from 51.91.111.136 port 51586:11: Normal Shutdown, Thank you for playing [preauth] Aug 11 12:18:35 vm10 sshd[3428]: Disconnected from 51.91.111.136 port 51586 [preauth] Aug 11 12:18:43 vm10 sshd[3430]: Received disconnect from 51.91.111.136 port 55560:11: Normal Shutdown, Thank you for playing [preauth] Aug 11 12:18:43 vm10 sshd[3430]: Disconnected from 51.91.111.136 port 55560 [preauth] Aug 11 12:18:51 vm10 sshd[3432]: Received disconnect from 51.91.111.136 port 59268:11: Normal Shutdown, Thank you for playing [preauth] Aug 11 12:18:51 vm10 sshd[3432]: Disconnected from 51.91.111.136 port 59268 [preauth] Aug 11 12:19:00 vm10 sshd[3434]: Received disconnect from 51.91.111.136 port 34896:11: Normal Shutdown, Thank you for playing [preauth] Aug 11 12:19:00 vm10 sshd[3434]: Disconnected from 51.91.111.136 port 34896 [prea........ -------------------------------	2020-08-12 01:49:49
218.29.219.20	attackspam	frenzy	2020-08-12 01:42:39
222.186.171.247	attackspam	Aug 11 18:44:56 prod4 sshd\[29397\]: Failed password for root from 222.186.171.247 port 49927 ssh2 Aug 11 18:47:47 prod4 sshd\[30683\]: Failed password for root from 222.186.171.247 port 37247 ssh2 Aug 11 18:50:47 prod4 sshd\[32173\]: Failed password for root from 222.186.171.247 port 52802 ssh2 ...	2020-08-12 01:41:37
50.66.157.156	attackspambots	Aug 11 13:58:31 ns382633 sshd\[9336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.66.157.156 user=root Aug 11 13:58:33 ns382633 sshd\[9336\]: Failed password for root from 50.66.157.156 port 43382 ssh2 Aug 11 14:04:11 ns382633 sshd\[10329\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.66.157.156 user=root Aug 11 14:04:14 ns382633 sshd\[10329\]: Failed password for root from 50.66.157.156 port 43640 ssh2 Aug 11 14:08:12 ns382633 sshd\[11132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.66.157.156 user=root	2020-08-12 01:48:59
157.32.191.140	attackspambots	20/8/11@08:08:31: FAIL: Alarm-Network address from=157.32.191.140 ...	2020-08-12 01:34:22

Recently Reported IPs

255.37.46.237	77.28.201.241	70.200.222.191	131.104.40.91
253.159.166.49	40.215.202.93	29.220.206.104	98.105.80.150
43.170.252.123	211.242.2.166	73.141.89.159	251.127.81.162
195.195.104.30	40.95.37.209	23.199.174.40	218.106.218.39
137.29.50.29	223.57.145.29	119.27.32.145	46.171.143.152