193.118.53.214

Basic Info

City: unknown

Region: unknown

Country: Netherlands

Internet Service Provider: Zenlayer Inc

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-07-31 01:13:00
attack	Port Scan detected! ...	2020-06-09 13:05:04
attackspam	TCP (SYN) 193.118.53.214:34024 -> port 80, len 40	2020-05-17 08:01:09
attack	Apr 24 06:14:04 debian-2gb-nbg1-2 kernel: \[9960590.532673\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=193.118.53.214 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=27842 PROTO=TCP SPT=16287 DPT=9200 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-24 18:55:04

Comments on same subnet:

IP	Type	Details	Datetime
193.118.53.91	attackproxy	Brute connect	2024-09-05 12:51:25
193.118.53.54	attack	Malicious IP / Malware	2024-04-25 13:29:05
193.118.53.45	attack	Malicious IP / Malware	2024-04-12 12:05:41
193.118.53.91	botsattack	hacking	2024-02-23 13:46:35
193.118.53.141	proxy	VPN	2023-02-10 21:17:18
193.118.53.212	attackbots	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-10 21:38:15
193.118.53.210	attack	Tried our host z.	2020-10-09 06:53:56
193.118.53.210	attackbots	Looking for configuration files	2020-10-08 23:18:32
193.118.53.210	attack	2 web vulnerability exploit attempts from 193.118.53.210 in past 24 hours	2020-10-08 15:13:34
193.118.53.202	attackbotsspam	[N3.H3.VM3] Port Scanner Detected Blocked by UFW	2020-10-08 02:17:47
193.118.53.202	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-07 18:27:27
193.118.53.142	attackbots	Found on Github Combined on 3 lists / proto=6 . srcport=39045 . dstport=443 HTTPS . (2747)	2020-10-02 01:53:17
193.118.53.142	attack	TCP (SYN) 193.118.53.142:23196 -> port 8080, len 44	2020-10-01 17:59:45
193.118.53.212	attackbotsspam	8020/tcp 999/tcp 27017/tcp... [2020-08-07/09-30]34pkt,13pt.(tcp)	2020-10-01 02:40:40
193.118.53.212	attackspambots	[N1.H1.VM1] Port Scanner Detected Blocked by UFW	2020-09-30 18:50:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 193.118.53.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 263
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;193.118.53.214.			IN	A

;; AUTHORITY SECTION:
.			352	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042400 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 24 18:55:01 CST 2020
;; MSG SIZE  rcvd: 118

Host info

214.53.118.193.in-addr.arpa domain name pointer survey.internet-census.org.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.53.118.193.in-addr.arpa	name = survey.internet-census.org.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
188.166.5.84	attackspam	Sep 2 21:06:09 minden010 sshd[27435]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.5.84 Sep 2 21:06:11 minden010 sshd[27435]: Failed password for invalid user ventas from 188.166.5.84 port 33324 ssh2 Sep 2 21:14:03 minden010 sshd[29131]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.5.84 ...	2020-09-03 04:38:48
68.183.178.111	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 58 - port: 3196 proto: tcp cat: Misc Attackbytes: 60	2020-09-03 04:29:45
45.143.223.6	attack	[2020-09-02 16:27:28] NOTICE[1185][C-0000a384] chan_sip.c: Call from '' (45.143.223.6:60114) to extension '288446903433909' rejected because extension not found in context 'public'. [2020-09-02 16:27:28] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-02T16:27:28.418-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="288446903433909",SessionID="0x7f10c4b99db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.223.6/60114",ACLName="no_extension_match" [2020-09-02 16:28:11] NOTICE[1185][C-0000a385] chan_sip.c: Call from '' (45.143.223.6:59566) to extension '838846903433909' rejected because extension not found in context 'public'. [2020-09-02 16:28:11] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-02T16:28:11.305-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="838846903433909",SessionID="0x7f10c4ace758",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45. ...	2020-09-03 04:30:22
185.180.231.141	attackspam	Port scan denied	2020-09-03 04:17:58
164.132.57.16	attackspambots	(sshd) Failed SSH login from 164.132.57.16 (FR/France/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 2 15:44:21 server2 sshd[14405]: Invalid user test from 164.132.57.16 Sep 2 15:44:23 server2 sshd[14405]: Failed password for invalid user test from 164.132.57.16 port 35836 ssh2 Sep 2 15:52:28 server2 sshd[20083]: Invalid user bart from 164.132.57.16 Sep 2 15:52:30 server2 sshd[20083]: Failed password for invalid user bart from 164.132.57.16 port 60446 ssh2 Sep 2 15:56:43 server2 sshd[22980]: Invalid user samplee from 164.132.57.16	2020-09-03 04:20:43
92.222.90.130	attackspambots	Invalid user admin from 92.222.90.130 port 47880	2020-09-03 04:21:10
165.227.50.84	attack	Sep 2 22:03:54 ns41 sshd[7549]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.50.84 Sep 2 22:03:56 ns41 sshd[7549]: Failed password for invalid user rjc from 165.227.50.84 port 43476 ssh2 Sep 2 22:07:23 ns41 sshd[7705]: Failed password for root from 165.227.50.84 port 49380 ssh2	2020-09-03 04:20:22
49.135.36.86	attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-02T16:35:47Z and 2020-09-02T16:50:02Z	2020-09-03 04:24:07
54.39.22.191	attackbotsspam	(sshd) Failed SSH login from 54.39.22.191 (CA/Canada/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 2 15:28:36 server5 sshd[1697]: Invalid user mna from 54.39.22.191 Sep 2 15:28:36 server5 sshd[1697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.22.191 Sep 2 15:28:38 server5 sshd[1697]: Failed password for invalid user mna from 54.39.22.191 port 37620 ssh2 Sep 2 15:36:59 server5 sshd[5353]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.22.191 user=root Sep 2 15:37:01 server5 sshd[5353]: Failed password for root from 54.39.22.191 port 57558 ssh2	2020-09-03 04:40:03
187.162.61.168	attackbots	Automatic report - Port Scan Attack	2020-09-03 04:16:47
37.235.142.10	attack	Automatic report - Banned IP Access	2020-09-03 04:27:00
218.92.0.172	attack	Sep 2 20:57:09 ajax sshd[7263]: Failed password for root from 218.92.0.172 port 33723 ssh2 Sep 2 20:57:13 ajax sshd[7263]: Failed password for root from 218.92.0.172 port 33723 ssh2	2020-09-03 04:20:58
222.186.180.147	attackbots	Sep 2 22:26:24 sso sshd[30676]: Failed password for root from 222.186.180.147 port 11602 ssh2 Sep 2 22:26:27 sso sshd[30676]: Failed password for root from 222.186.180.147 port 11602 ssh2 ...	2020-09-03 04:28:22
64.188.3.210	attackspambots	Fail2Ban Ban Triggered	2020-09-03 04:26:42
13.76.252.236	attackspambots	Sep 2 18:49:46 sshd\[16247\]: Invalid user ajay from 13.76.252.236Sep 2 18:49:49 sshd\[16247\]: Failed password for invalid user ajay from 13.76.252.236 port 44906 ssh2 ...	2020-09-03 04:32:24

Recently Reported IPs

57.142.47.121	179.163.80.186	172.23.163.193	39.143.10.252
126.81.161.182	14.140.131.82	180.92.213.94	64.119.245.239
227.196.176.122	11.211.94.151	188.137.115.27	61.180.52.231
224.50.25.225	175.32.1.69	179.68.48.185	178.255.168.38
37.49.226.127	171.30.43.255	95.91.74.80	251.106.85.48