197.45.213.5 - IPInfo

Basic Info

City: Giza

Region: Giza

Country: Egypt

Internet Service Provider: TE Data

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	TCP (SYN) 197.45.213.5:56723 -> port 445, len 52	2020-07-02 07:45:55

Comments on same subnet:

IP	Type	Details	Datetime
197.45.213.47	attack	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-11-07 06:33:23

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 197.45.213.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46739
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.45.213.5.			IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070103 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 02 07:45:44 CST 2020
;; MSG SIZE  rcvd: 116

Host info

5.213.45.197.in-addr.arpa domain name pointer host-197.45.213.5.tedata.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
5.213.45.197.in-addr.arpa	name = host-197.45.213.5.tedata.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
100.3.129.59	attack	1 pkts, ports: TCP:445	2019-10-06 07:43:03
150.95.212.72	attackbotsspam	Oct 6 05:51:10 sso sshd[20402]: Failed password for root from 150.95.212.72 port 54978 ssh2 ...	2019-10-06 12:23:01
113.22.64.143	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 06-10-2019 04:55:15.	2019-10-06 12:21:09
84.150.111.61	attackspambots	WordPress wp-login brute force :: 84.150.111.61 0.136 BYPASS [06/Oct/2019:14:55:27 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-06 12:05:55
92.118.161.37	attackspambots	1 pkts, ports: TCP:22	2019-10-06 07:44:10
142.93.222.197	attack	Oct 6 06:53:32 pkdns2 sshd\[11604\]: Address 142.93.222.197 maps to jira-support.terasoftware.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 6 06:53:35 pkdns2 sshd\[11604\]: Failed password for root from 142.93.222.197 port 45024 ssh2Oct 6 06:57:39 pkdns2 sshd\[11835\]: Address 142.93.222.197 maps to jira-support.terasoftware.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 6 06:57:41 pkdns2 sshd\[11835\]: Failed password for root from 142.93.222.197 port 56662 ssh2Oct 6 07:01:43 pkdns2 sshd\[12072\]: Address 142.93.222.197 maps to jira-support.terasoftware.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Oct 6 07:01:43 pkdns2 sshd\[12072\]: Invalid user 12345 from 142.93.222.197 ...	2019-10-06 12:12:54
192.241.249.226	attackspambots	Oct 6 07:10:58 www sshd\[35931\]: Invalid user Rapido-123 from 192.241.249.226Oct 6 07:11:00 www sshd\[35931\]: Failed password for invalid user Rapido-123 from 192.241.249.226 port 34018 ssh2Oct 6 07:14:05 www sshd\[36010\]: Invalid user Ant@2017 from 192.241.249.226Oct 6 07:14:07 www sshd\[36010\]: Failed password for invalid user Ant@2017 from 192.241.249.226 port 41726 ssh2 ...	2019-10-06 12:25:53
77.40.3.223	attackbots	10/06/2019-05:55:32.380990 77.40.3.223 Protocol: 6 SURICATA SMTP tls rejected	2019-10-06 12:02:23
122.195.200.148	attackspam	2019-10-06T04:03:04.307328abusebot-2.cloudsearch.cf sshd\[20317\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.195.200.148 user=root	2019-10-06 12:09:40
51.77.148.77	attack	Oct 5 17:51:30 hanapaa sshd\[29316\]: Invalid user Voiture_123 from 51.77.148.77 Oct 5 17:51:30 hanapaa sshd\[29316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.ip-51-77-148.eu Oct 5 17:51:31 hanapaa sshd\[29316\]: Failed password for invalid user Voiture_123 from 51.77.148.77 port 53336 ssh2 Oct 5 17:55:16 hanapaa sshd\[29603\]: Invalid user 123QweAsdZxc from 51.77.148.77 Oct 5 17:55:16 hanapaa sshd\[29603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=77.ip-51-77-148.eu	2019-10-06 12:16:51
92.30.116.32	attackspam	1 pkts, ports: UDP:1	2019-10-06 07:45:07
37.187.26.207	attackspambots	2019-10-06T04:25:47.337464abusebot.cloudsearch.cf sshd\[19762\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns314782.ip-37-187-26.eu user=root	2019-10-06 12:27:25
187.63.73.56	attack	Oct 6 06:55:21 www5 sshd\[45543\]: Invalid user FAKEPASS from 187.63.73.56 Oct 6 06:55:21 www5 sshd\[45543\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.63.73.56 Oct 6 06:55:23 www5 sshd\[45543\]: Failed password for invalid user FAKEPASS from 187.63.73.56 port 54994 ssh2 ...	2019-10-06 12:03:57
178.128.127.171	attackbotsspam	Oct 5 18:08:08 php1 sshd\[29767\]: Invalid user Automation-123 from 178.128.127.171 Oct 5 18:08:08 php1 sshd\[29767\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.127.171 Oct 5 18:08:09 php1 sshd\[29767\]: Failed password for invalid user Automation-123 from 178.128.127.171 port 35046 ssh2 Oct 5 18:12:37 php1 sshd\[30238\]: Invalid user qwert12345 from 178.128.127.171 Oct 5 18:12:37 php1 sshd\[30238\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.127.171	2019-10-06 12:23:51
14.248.83.163	attack	Oct 5 18:08:49 hanapaa sshd\[30773\]: Invalid user Hospital123 from 14.248.83.163 Oct 5 18:08:49 hanapaa sshd\[30773\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.83.163 Oct 5 18:08:51 hanapaa sshd\[30773\]: Failed password for invalid user Hospital123 from 14.248.83.163 port 34760 ssh2 Oct 5 18:13:27 hanapaa sshd\[31262\]: Invalid user Hospital123 from 14.248.83.163 Oct 5 18:13:27 hanapaa sshd\[31262\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.83.163	2019-10-06 12:21:41

Recently Reported IPs

113.205.99.88	110.245.133.58	198.69.118.97	204.185.152.240
103.196.240.85	46.9.241.220	84.94.8.109	181.223.88.68
60.116.100.69	164.132.189.182	98.26.61.50	160.24.171.139
175.67.95.50	89.32.80.220	116.48.164.112	183.157.53.20
70.144.85.242	168.228.244.228	204.12.182.81	120.223.133.190