216.245.197.254

Basic Info

City: Dallas

Region: Texas

Country: United States

Internet Service Provider: Limestone Networks Inc.

Hostname: unknown

Organization: Limestone Networks, Inc.

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-11-21 07:19:39
attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-11-06 16:08:41
attackspam	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-09-30 16:42:25
attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-09-05 19:19:31
attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-08-26 20:04:59
attackbots	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-07-25 02:08:00
attack	Honeypot attack, port: 81, PTR: 254-197-245-216.static.reverse.lstn.net.	2019-07-23 07:18:45

Comments on same subnet:

IP	Type	Details	Datetime
216.245.197.22	attackbots	1433/tcp [2020-04-12]1pkt	2020-04-13 02:55:13
216.245.197.14	attackbotsspam	5060/udp 6060/udp 1024/udp... [2020-01-22/03-08]22pkt,7pt.(udp)	2020-03-09 08:00:43
216.245.197.14	attackspam	[2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password [2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.747-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82cb29a68",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5631",Challenge="58d51e48",ReceivedChallenge="58d51e48",ReceivedHash="941115d03dd74673edc56361c308a039" [2020-03-04 01:29:18] NOTICE[1148] chan_sip.c: Registration from '"4003" ' failed for '216.245.197.14:5631' - Wrong password [2020-03-04 01:29:18] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-04T01:29:18.833-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="4003",SessionID="0x7fd82c39c1e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP ...	2020-03-04 14:36:17
216.245.197.14	attackbots	[2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.677-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c538db8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.245.197.14/5204",Challenge="3d64269d",ReceivedChallenge="3d64269d",ReceivedHash="4392e871555fe6b6aa8f81a7af1819b6" [2020-03-01 08:26:14] NOTICE[1148] chan_sip.c: Registration from '"701" ' failed for '216.245.197.14:5204' - Wrong password [2020-03-01 08:26:14] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-01T08:26:14.762-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="701",SessionID="0x7fd82c81c298",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/216.2 ...	2020-03-01 21:49:56

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.245.197.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24338
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;216.245.197.254.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 02 10:01:52 +08 2019
;; MSG SIZE  rcvd: 119

Host info

254.197.245.216.in-addr.arpa domain name pointer 254-197-245-216.static.reverse.lstn.net.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
254.197.245.216.in-addr.arpa	name = 254-197-245-216.static.reverse.lstn.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.26.29.110	attackspam	Mar 25 11:21:45 src: 194.26.29.110 signature match: "BACKDOOR NetSphere Connection attempt" (sid: 100044) tcp port: 30100	2020-03-25 19:23:00
45.151.254.234	attackbotsspam	45.151.254.234 was recorded 7 times by 7 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 7, 34, 141	2020-03-25 19:07:08
162.243.132.250	attackbots	20/3/25@06:46:27: FAIL: IoT-SSH address from=162.243.132.250 ...	2020-03-25 19:41:17
192.241.237.68	attack	SSH-bruteforce attempts	2020-03-25 19:29:32
185.202.1.34	attackbots	" "	2020-03-25 19:31:51
79.124.62.66	attack	Port scan: Attack repeated for 24 hours	2020-03-25 19:01:25
77.247.110.123	attackspam	Port 5038 scan denied	2020-03-25 19:02:21
45.143.220.48	attackspam	Mar 25 09:30:53 debian-2gb-nbg1-2 kernel: \[7384133.538915\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.143.220.48 DST=195.201.40.59 LEN=427 TOS=0x00 PREC=0x00 TTL=54 ID=52712 DF PROTO=UDP SPT=5072 DPT=5260 LEN=407 Mar 25 09:30:53 debian-2gb-nbg1-2 kernel: \[7384133.554919\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.143.220.48 DST=195.201.40.59 LEN=427 TOS=0x00 PREC=0x00 TTL=54 ID=52711 DF PROTO=UDP SPT=5072 DPT=5160 LEN=407 Mar 25 09:30:53 debian-2gb-nbg1-2 kernel: \[7384133.571832\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.143.220.48 DST=195.201.40.59 LEN=425 TOS=0x00 PREC=0x00 TTL=54 ID=52713 DF PROTO=UDP SPT=5072 DPT=5360 LEN=405	2020-03-25 19:09:26
212.129.17.32	attackspambots	SIPVicious Scanner Detection	2020-03-25 19:16:26
194.26.29.112	attack	Mar 25 11:40:32 debian-2gb-nbg1-2 kernel: \[7391912.290905\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.112 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=9915 PROTO=TCP SPT=50721 DPT=33940 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-25 19:22:34
192.241.239.71	attackspam	Unauthorized connection attempt IP: 192.241.239.71 Ports affected IMAP over TLS protocol (993) Abuse Confidence rating 100% ASN Details AS14061 DigitalOcean LLC United States (US) CIDR 192.241.128.0/17 Log Date: 25/03/2020 6:58:55 AM UTC	2020-03-25 19:24:52
182.61.109.105	attack	Port 21795 scan denied	2020-03-25 19:38:49
192.241.237.69	attack	404 NOT FOUND	2020-03-25 19:29:04
192.241.239.30	attack	Unauthorized connection attempt detected from IP address 192.241.239.30 to port 20	2020-03-25 19:25:20
87.251.74.8	attackspam	03/25/2020-05:21:12.021171 87.251.74.8 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-03-25 18:55:56

Recently Reported IPs

103.7.212.28	46.105.89.195	223.62.8.77	103.21.76.18
88.247.153.96	58.218.213.188	135.23.48.232	118.187.15.104
111.231.82.143	198.199.120.229	220.248.28.134	185.52.1.175
185.254.122.22	123.27.24.231	118.24.45.165	81.22.45.133
222.64.148.165	177.193.177.80	186.42.226.218	159.89.182.5