197.214.112.218

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
197.214.112.126	attack	Unauthorized connection attempt detected from IP address 197.214.112.126 to port 23	2020-05-31 21:28:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.214.112.218
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;197.214.112.218.		IN	A

;; AUTHORITY SECTION:
.			599	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020701 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 03:31:59 CST 2022
;; MSG SIZE  rcvd: 108

Host info

Host 218.112.214.197.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 218.112.214.197.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
156.194.38.180	attackbotsspam	Lines containing failures of 156.194.38.180 Aug 29 01:29:28 shared06 sshd[21123]: Invalid user admin from 156.194.38.180 port 33689 Aug 29 01:29:28 shared06 sshd[21123]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.194.38.180 Aug 29 01:29:30 shared06 sshd[21123]: Failed password for invalid user admin from 156.194.38.180 port 33689 ssh2 Aug 29 01:29:30 shared06 sshd[21123]: Connection closed by invalid user admin 156.194.38.180 port 33689 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=156.194.38.180	2019-08-29 15:43:34
121.226.45.49	attackspambots	Aug 28 19:45:56 localhost kernel: [773772.221082] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=121.226.45.49 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x20 TTL=45 ID=32277 DF PROTO=TCP SPT=55398 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 28 19:45:56 localhost kernel: [773772.221112] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=121.226.45.49 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x20 TTL=45 ID=32277 DF PROTO=TCP SPT=55398 DPT=1433 SEQ=3045286876 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405A00103030201010402) Aug 28 19:45:59 localhost kernel: [773775.319290] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=121.226.45.49 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x20 TTL=45 ID=32573 DF PROTO=TCP SPT=55398 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 28 19:45:59 localhost kernel: [773775.319321] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=121.226.45.49 DST	2019-08-29 15:29:04
201.240.164.247	attack	Aug 29 01:28:32 mxgate1 postfix/postscreen[7219]: CONNECT from [201.240.164.247]:16136 to [176.31.12.44]:25 Aug 29 01:28:32 mxgate1 postfix/dnsblog[7220]: addr 201.240.164.247 listed by domain zen.spamhaus.org as 127.0.0.11 Aug 29 01:28:32 mxgate1 postfix/dnsblog[7220]: addr 201.240.164.247 listed by domain zen.spamhaus.org as 127.0.0.4 Aug 29 01:28:32 mxgate1 postfix/dnsblog[7224]: addr 201.240.164.247 listed by domain cbl.abuseat.org as 127.0.0.2 Aug 29 01:28:32 mxgate1 postfix/dnsblog[7223]: addr 201.240.164.247 listed by domain bl.spamcop.net as 127.0.0.2 Aug 29 01:28:32 mxgate1 postfix/dnsblog[7222]: addr 201.240.164.247 listed by domain b.barracudacentral.org as 127.0.0.2 Aug 29 01:28:38 mxgate1 postfix/postscreen[7219]: DNSBL rank 5 for [201.240.164.247]:16136 Aug x@x Aug 29 01:28:39 mxgate1 postfix/postscreen[7219]: HANGUP after 0.83 from [201.240.164.247]:16136 in tests after SMTP handshake Aug 29 01:28:39 mxgate1 postfix/postscreen[7219]: DISCONNECT [201.240.1........ -------------------------------	2019-08-29 15:42:45
185.209.0.33	attackspambots	Port scan on 3 port(s): 4407 4415 4448	2019-08-29 16:04:50
185.56.81.41	attackspam	" "	2019-08-29 15:19:58
63.224.216.238	attackspambots	Automatic report - Port Scan Attack	2019-08-29 15:11:20
115.52.169.62	attack	Aug 29 01:37:16 h2065291 sshd[18223]: reveeclipse mapping checking getaddrinfo for hn.kd.ny.adsl [115.52.169.62] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 29 01:37:16 h2065291 sshd[18223]: Invalid user admin from 115.52.169.62 Aug 29 01:37:16 h2065291 sshd[18223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.52.169.62 Aug 29 01:37:19 h2065291 sshd[18223]: Failed password for invalid user admin from 115.52.169.62 port 32460 ssh2 Aug 29 01:37:21 h2065291 sshd[18223]: Failed password for invalid user admin from 115.52.169.62 port 32460 ssh2 Aug 29 01:37:23 h2065291 sshd[18223]: Failed password for invalid user admin from 115.52.169.62 port 32460 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=115.52.169.62	2019-08-29 15:59:25
128.199.253.133	attack	Invalid user xmodem from 128.199.253.133 port 42110	2019-08-29 15:55:18
45.115.178.195	attack	Aug 29 09:02:55 MK-Soft-Root2 sshd\[3100\]: Invalid user lori from 45.115.178.195 port 45610 Aug 29 09:02:55 MK-Soft-Root2 sshd\[3100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.115.178.195 Aug 29 09:02:57 MK-Soft-Root2 sshd\[3100\]: Failed password for invalid user lori from 45.115.178.195 port 45610 ssh2 ...	2019-08-29 15:56:56
108.179.219.114	attack	WordPress wp-login brute force :: 108.179.219.114 0.144 BYPASS [29/Aug/2019:09:46:30 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-29 15:00:13
157.25.160.75	attackbots	Aug 29 02:52:25 mail1 sshd\[14056\]: Invalid user dancer from 157.25.160.75 port 41763 Aug 29 02:52:25 mail1 sshd\[14056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.25.160.75 Aug 29 02:52:28 mail1 sshd\[14056\]: Failed password for invalid user dancer from 157.25.160.75 port 41763 ssh2 Aug 29 03:04:23 mail1 sshd\[19471\]: Invalid user cactiuser from 157.25.160.75 port 41304 Aug 29 03:04:23 mail1 sshd\[19471\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.25.160.75 ...	2019-08-29 15:49:09
132.232.2.184	attackbots	Aug 29 08:58:06 srv-4 sshd\[7902\]: Invalid user 123456 from 132.232.2.184 Aug 29 08:58:06 srv-4 sshd\[7902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.2.184 Aug 29 08:58:08 srv-4 sshd\[7902\]: Failed password for invalid user 123456 from 132.232.2.184 port 30596 ssh2 ...	2019-08-29 15:57:29
89.107.120.19	attackbotsspam	Lines containing failures of 89.107.120.19 Aug 28 23:28:20 s390x sshd[21598]: Connection from 89.107.120.19 port 53369 on 10.42.2.18 port 22 Aug 28 23:28:24 s390x sshd[21598]: Did not receive identification string from 89.107.120.19 port 53369 Aug 28 23:28:31 s390x sshd[21600]: Connection from 89.107.120.19 port 64666 on 10.42.2.18 port 22 Aug 28 23:28:34 s390x sshd[21600]: Invalid user support from 89.107.120.19 port 64666 Aug 28 23:28:34 s390x sshd[21600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.107.120.19 Aug 28 23:28:37 s390x sshd[21600]: Failed password for invalid user support from 89.107.120.19 port 64666 ssh2 Aug 28 23:28:37 s390x sshd[21600]: Connection closed by invalid user support 89.107.120.19 port 64666 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=89.107.120.19	2019-08-29 15:32:43
187.190.236.88	attack	Invalid user nagios from 187.190.236.88 port 56057	2019-08-29 15:27:20
139.165.121.244	attackspambots	Aug 29 03:10:37 debian sshd[4481]: Unable to negotiate with 139.165.121.244 port 55086: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Aug 29 03:16:34 debian sshd[4834]: Unable to negotiate with 139.165.121.244 port 42514: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-08-29 15:17:04

Recently Reported IPs

137.184.215.25	80.1.249.5	191.209.72.147	192.168.2.124
201.150.180.180	180.93.32.190	222.129.37.77	86.63.84.243
62.76.153.96	115.56.131.95	43.133.1.142	179.177.187.202
91.178.155.40	182.116.30.200	31.206.202.188	190.182.127.12
178.141.27.120	78.188.13.108	103.163.248.63	113.246.131.119