191.248.200.214

Basic Info

City: unknown

Region: unknown

Country: Brazil

Internet Service Provider: Vivo S.A.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Oct 6 15:47:27 localhost kernel: [4129066.314647] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=490 PROTO=UDP SPT=1025 DPT=111 LEN=48 Oct 6 15:47:27 localhost kernel: [4129066.314670] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=490 PROTO=UDP SPT=1025 DPT=111 LEN=48 Oct 6 15:48:11 localhost kernel: [4129110.388647] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=22412 PROTO=UDP SPT=1025 DPT=111 LEN=48 Oct 6 15:48:11 localhost kernel: [4129110.388679] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=22412 PROTO=UDP SPT=1025 DPT=111 LEN=48	2019-10-07 07:18:03

Type

Details

Datetime

attackspambots

Oct  6 15:47:27 localhost kernel: [4129066.314647] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=490 PROTO=UDP SPT=1025 DPT=111 LEN=48 
Oct  6 15:47:27 localhost kernel: [4129066.314670] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=490 PROTO=UDP SPT=1025 DPT=111 LEN=48 
Oct  6 15:48:11 localhost kernel: [4129110.388647] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=22412 PROTO=UDP SPT=1025 DPT=111 LEN=48 
Oct  6 15:48:11 localhost kernel: [4129110.388679] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=191.248.200.214 DST=[mungedIP2] LEN=68 TOS=0x00 PREC=0x00 TTL=244 ID=22412 PROTO=UDP SPT=1025 DPT=111 LEN=48

2019-10-07 07:18:03

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 191.248.200.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25106
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;191.248.200.214.		IN	A

;; AUTHORITY SECTION:
.			474	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100601 1800 900 604800 86400

;; Query time: 131 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 07 07:18:00 CST 2019
;; MSG SIZE  rcvd: 119

Host info

214.200.248.191.in-addr.arpa domain name pointer 191.248.200.214.dynamic.adsl.gvt.net.br.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.200.248.191.in-addr.arpa	name = 191.248.200.214.dynamic.adsl.gvt.net.br.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.15.115	attack	Jul 15 08:11:49 minden010 sshd[9073]: Failed password for root from 222.186.15.115 port 20127 ssh2 Jul 15 08:11:51 minden010 sshd[9073]: Failed password for root from 222.186.15.115 port 20127 ssh2 Jul 15 08:11:54 minden010 sshd[9073]: Failed password for root from 222.186.15.115 port 20127 ssh2 ...	2020-07-15 14:15:17
110.232.72.109	attackbotsspam	07/14/2020-22:02:34.021400 110.232.72.109 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-15 14:05:13
52.172.216.105	attackspambots	Jul 15 04:34:14 ncomp sshd[1679]: Invalid user admin from 52.172.216.105 Jul 15 04:34:14 ncomp sshd[1679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.216.105 Jul 15 04:34:14 ncomp sshd[1679]: Invalid user admin from 52.172.216.105 Jul 15 04:34:17 ncomp sshd[1679]: Failed password for invalid user admin from 52.172.216.105 port 53377 ssh2	2020-07-15 14:17:05
14.179.44.178	attackspam	Unauthorized connection attempt from IP address 14.179.44.178 on Port 445(SMB)	2020-07-15 14:20:58
84.54.12.243	attack	IP: 84.54.12.243 Ports affected Simple Mail Transfer (25) Found in DNSBL('s) ASN Details AS202505 Onlinenet Bil. Turzm. Teks. San. Ve Tic. Ltd. Sti. Turkey (TR) CIDR 84.54.12.0/24 Log Date: 15/07/2020 2:29:37 AM UTC	2020-07-15 14:06:23
52.244.70.121	attack	Jul 15 07:49:50 fhem-rasp sshd[12715]: Invalid user admin from 52.244.70.121 port 54449 ...	2020-07-15 13:56:07
1.4.128.47	attack	Unauthorized connection attempt from IP address 1.4.128.47 on Port 445(SMB)	2020-07-15 14:32:31
104.210.105.222	attackspambots	$f2bV_matches	2020-07-15 14:34:03
183.165.61.228	attackspambots	Jul 15 05:00:12 journals sshd\[34452\]: Invalid user user1 from 183.165.61.228 Jul 15 05:00:13 journals sshd\[34452\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.165.61.228 Jul 15 05:00:14 journals sshd\[34452\]: Failed password for invalid user user1 from 183.165.61.228 port 34630 ssh2 Jul 15 05:02:22 journals sshd\[34667\]: Invalid user tester from 183.165.61.228 Jul 15 05:02:22 journals sshd\[34667\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.165.61.228 ...	2020-07-15 14:25:20
52.152.138.54	attack	" "	2020-07-15 14:09:20
112.85.42.195	attack	Jul 15 03:08:02 onepixel sshd[1501780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Jul 15 03:08:04 onepixel sshd[1501780]: Failed password for root from 112.85.42.195 port 40443 ssh2 Jul 15 03:08:02 onepixel sshd[1501780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.195 user=root Jul 15 03:08:04 onepixel sshd[1501780]: Failed password for root from 112.85.42.195 port 40443 ssh2 Jul 15 03:08:08 onepixel sshd[1501780]: Failed password for root from 112.85.42.195 port 40443 ssh2	2020-07-15 13:55:23
161.35.4.190	attack	$f2bV_matches	2020-07-15 14:02:13
52.250.3.18	attackbots	Jul 14 13:59:32 django sshd[124561]: User admin from 52.250.3.18 not allowed because not listed in AllowUsers Jul 14 13:59:32 django sshd[124554]: Invalid user localhost from 52.250.3.18 Jul 14 13:59:32 django sshd[124559]: User admin from 52.250.3.18 not allowed because not listed in AllowUsers Jul 14 13:59:32 django sshd[124555]: Invalid user localhost from 52.250.3.18 Jul 14 13:59:32 django sshd[124554]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.250.3.18 Jul 14 13:59:32 django sshd[124555]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.250.3.18 Jul 14 13:59:32 django sshd[124561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.250.3.18 user=admin Jul 14 13:59:32 django sshd[124559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.250.3.18 user=admin Jul 14 13:59:32 django sshd[124553]:........ -------------------------------	2020-07-15 14:30:15
70.37.70.119	attackspam	SSH/22 MH Probe, BF, Hack -	2020-07-15 14:34:34
172.241.112.83	attackspambots	20 attempts against mh-misbehave-ban on twig	2020-07-15 13:57:59

Recently Reported IPs

71.139.227.104	198.206.209.114	14.32.14.161	109.209.226.244
176.107.133.97	1.58.9.123	4.182.123.67	52.167.8.80
156.8.84.249	215.44.181.85	163.9.218.195	162.86.121.246
172.70.37.205	55.64.145.52	31.235.50.147	79.96.99.125
199.136.162.217	200.69.146.44	222.242.172.2	64.243.41.243