JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.211.63.155

197.211.63.155 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 46%: ?

46%

ISP	Globacom Limited
Usage Type	Mobile ISP
ASN	AS37148
Domain Name	glosmartbiz.com
Country	🇳🇬 Nigeria
City	Abuja, FCT

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.211.63.155

Whois 197.211.63.155

IP Abuse Reports for 197.211.63.155:

This IP address has been reported a total of 43 times from 25 distinct sources. 197.211.63.155 was first reported on January 30th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇰 KZP	2026-06-26 05:00:24 (3 hours ago)	Automatic report from KZP firewall log.	Port Scan Hacking Brute-Force
🇵🇱 IT RDC	2026-06-26 01:41:34 (6 hours ago)	Jun 26 03:41:22 rdcmail postfix/submission/smtpd[157141]: warning: unknown[197.211.63.155]: SASL LOG ... show more Jun 26 03:41:22 rdcmail postfix/submission/smtpd[157141]: warning: unknown[197.211.63.155]: SASL LOGIN authentication failed: authentication failure, [email protected] Jun 26 03:41:24 rdcmail postfix/submission/smtpd[157141]: warning: unknown[197.211.63.155]: SASL LOGIN authentication failed: authentication failure, [email protected] Jun 26 03:41:33 rdcmail postfix/submission/smtpd[157141]: warning: unknown[197.211.63.155]: SASL LOGIN authentication failed: authentication failure, [email protected] ... show less	Brute-Force
🇸🇰 KZP	2026-06-25 22:54:47 (9 hours ago)	RdpGuard detected brute-force attempt on SMTP	Brute-Force
Anonymous	2026-06-25 17:13:19 (14 hours ago)	Authentication failure	Brute-Force
🇵🇦 iphezimbra	2026-06-25 17:12:02 (14 hours ago)	Fail2Ban reported IP from jail zimbra-smtp on <hostname>	Brute-Force SSH
🇮🇩 xveil	2026-06-25 15:11:17 (16 hours ago)	2026-06-25T22:11:15.407193 mail-honeypot postfix/submission/smtpd[17625]: warning: unknown[197.211.6 ... show more 2026-06-25T22:11:15.407193 mail-honeypot postfix/submission/smtpd[17625]: warning: unknown[197.211.63.155]: SASL LOGIN authentication failed: authentication failure ... show less	Brute-Force
🇮🇩 sockominfo	2026-06-25 15:00:53 (17 hours ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 7.3/10 (HIGH). Confidence: 50%. CVSS ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 7.3/10 (HIGH). Confidence: 50%. CVSS v3.1: 6.3/10 (Medium). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 87%. MITRE ATT&CK: T1110 (Brute Force). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Exploited Host
🇮🇩 sockominfo	2026-06-25 14:00:09 (18 hours ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5.4/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5.4/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 xveil	2026-06-25 13:22:42 (18 hours ago)	2026-06-25T20:22:39.860753 mail-honeypot postfix/submission/smtpd[23957]: warning: unknown[197.211.6 ... show more 2026-06-25T20:22:39.860753 mail-honeypot postfix/submission/smtpd[23957]: warning: unknown[197.211.63.155]: SASL LOGIN authentication failed: authentication failure ... show less	Brute-Force
🇮🇩 sockominfo	2026-06-25 13:00:09 (19 hours ago)	Postfix: Multiple SASL authentication failures.. Threat Score: 5.5/10 (MEDIUM). Reported by Tangeran ... show more Postfix: Multiple SASL authentication failures.. Threat Score: 5.5/10 (MEDIUM). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 aaKenshin	2026-06-25 12:39:26 (19 hours ago)	Suspicious activity detected from IP 197.211.63.155 based on mailserver logs. Sample logs: 2026-06-2 ... show more Suspicious activity detected from IP 197.211.63.155 based on mailserver logs. Sample logs: 2026-06-25 20:39:05,098 INFO [qtp2102534528-121055] [name=*@.id;ip=172.16.0.182;oip=197.211.63.155;oport=36755;oproto=smtp;port=41192;soapId=1e119cb3;] soap - AuthRequest elapsed=412 2026-06-25 20:39:12,933 INFO [qtp2102534528-121036] [name=*@.id;ip=172.16.0.182;oip=197.211.63.155;oport=36756;oproto=smtp;port=33380;soapId=1e119cb5;] SoapEngine - handler exception: authentication failed for [], LDAP error: - unable to ldap authenticate: invalid credentials 2026-06-25 20:39:12,933 INFO [qtp2102534528-121036] [name=@.id;ip=172.16.0.182;oip=197.211.63.155;oport=36756;oproto=smtp;port=33380;soapId=1e119cb5;] soap - AuthRequest elapsed=3 2026-06-25 20:39:25,809 INFO [qtp2102534528-121062] [name=@.id;ip=172.16.0.182;oip=197.211.63.155;oport=36757;oproto=smtp;port=38378;soapId=1e119cb6;] SoapEngine - handler exception: authentication failed for [**], LDAP error: - unable to ldap authent show less	Brute-Force
Anonymous	2026-05-07 00:41:41 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 stechusa	2026-03-29 17:18:46 (2 months ago)	[Askari] \| Behavior: Holding server worker, HTTP/1.1 over TLS, Targeting specific pages, Outdated br ... show more [Askari] \| Behavior: Holding server worker, HTTP/1.1 over TLS, Targeting specific pages, Outdated browser, Concurrent page load during attack show less	Bad Web Bot DDoS Attack
🇺🇸 stechusa	2026-03-29 17:18:46 (2 months ago)	ELEVATED_THREAT \| 10 IPs targeting /category/light-fixtures.html \| Facet request during elevated thr ... show more ELEVATED_THREAT \| 10 IPs targeting /category/light-fixtures.html \| Facet request during elevated threat (facet_ratio=0.77, unique_ips=298) \| HTTP/1.1 over TLS (elevated=True) show less	Bad Web Bot DDoS Attack
🇺🇸 gui-ying233	2026-03-12 00:02:27 (3 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 show less	Bad Web Bot

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.184

🇮🇩 110.137.73.65

🇸🇬 103.189.234.96

🇸🇪 79.136.7.167

🇸🇬 68.183.178.130

🇮🇳 182.95.184.110

🇵🇭 180.194.1.84

🇨🇳 180.76.147.239

🇺🇸 172.253.213.30

🇿🇦 154.16.95.227

🇫🇮 147.185.133.59

🇫🇷 88.181.255.93

🇩🇪 47.245.137.197

🇧🇷 45.183.93.195

🇺🇸 43.153.54.14

🇩🇪 185.242.3.195

🇫🇷 185.182.186.243

🇺🇸 162.255.116.165

🇸🇬 161.118.214.247

🇬🇷 91.140.29.139