195.225.198.198

Basic Info

City: unknown

Region: unknown

Country: Germany

Internet Service Provider: Aixit GmbH

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Portscan detected	2019-12-10 02:41:01
attackspambots	UTC: 2019-12-06 pkts: 2 ports(tcp): 143, 443	2019-12-07 21:08:11

Comments on same subnet:

IP	Type	Details	Datetime
195.225.198.49	attackspambots	srv02 Mass scanning activity detected Target: 53(domain) ..	2020-04-22 12:43:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.225.198.198
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;195.225.198.198.		IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 07 21:08:07 CST 2019
;; MSG SIZE  rcvd: 119

Host info

198.198.225.195.in-addr.arpa domain name pointer 195-225-198-198.static.aixit.com.

Nslookup info:

Server:		100.100.2.136
Address:	100.100.2.136#53

Non-authoritative answer:
198.198.225.195.in-addr.arpa	name = 195-225-198-198.static.aixit.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.229.20.84	attack	5x Failed Password	2020-10-09 23:38:14
62.45.106.135	attack	Automatic report - Banned IP Access	2020-10-09 23:48:40
165.227.26.69	attackspam	Oct 9 16:53:00 lnxweb62 sshd[12718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.26.69 Oct 9 16:53:01 lnxweb62 sshd[12718]: Failed password for invalid user vcsa from 165.227.26.69 port 43424 ssh2 Oct 9 16:56:30 lnxweb62 sshd[14247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.26.69	2020-10-09 23:47:27
94.102.56.238	attackbotsspam	Oct 9 18:07:38 srv3 postfix/smtpd\[26675\]: warning: unknown\[94.102.56.238\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 18:07:44 srv3 postfix/smtpd\[26675\]: warning: unknown\[94.102.56.238\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 9 18:07:54 srv3 postfix/smtpd\[26675\]: warning: unknown\[94.102.56.238\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-10 00:10:00
121.46.84.150	attack	Oct 9 15:57:29 rush sshd[28646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.46.84.150 Oct 9 15:57:31 rush sshd[28646]: Failed password for invalid user sean from 121.46.84.150 port 57324 ssh2 Oct 9 16:01:52 rush sshd[28754]: Failed password for root from 121.46.84.150 port 54006 ssh2 ...	2020-10-10 00:06:48
112.85.42.185	attackspambots	2020-10-09T06:50:38+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-10-09 23:45:42
201.209.94.67	attack	20/10/8@16:46:01: FAIL: Alarm-Intrusion address from=201.209.94.67 ...	2020-10-09 23:42:52
200.84.46.60	attack	Unauthorized connection attempt from IP address 200.84.46.60 on Port 445(SMB)	2020-10-09 23:30:26
85.209.0.190	attackbots	Oct 8 17:45:49 vps46666688 sshd[29097]: Failed password for root from 85.209.0.190 port 41700 ssh2 ...	2020-10-10 00:02:48
106.75.132.3	attackbots	2020-10-09T16:43:37.829414amanda2.illicoweb.com sshd\[12094\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:43:39.800961amanda2.illicoweb.com sshd\[12094\]: Failed password for root from 106.75.132.3 port 34668 ssh2 2020-10-09T16:45:50.328788amanda2.illicoweb.com sshd\[12235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root 2020-10-09T16:45:52.225043amanda2.illicoweb.com sshd\[12235\]: Failed password for root from 106.75.132.3 port 58714 ssh2 2020-10-09T16:48:00.184111amanda2.illicoweb.com sshd\[12276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.132.3 user=root ...	2020-10-09 23:46:05
217.173.74.54	attackspambots	Unauthorized connection attempt from IP address 217.173.74.54 on Port 445(SMB)	2020-10-09 23:31:16
206.189.136.172	attackbots	206.189.136.172 - - [09/Oct/2020:16:34:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2252 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.136.172 - - [09/Oct/2020:16:35:09 +0100] "POST /wp-login.php HTTP/1.1" 200 2255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 206.189.136.172 - - [09/Oct/2020:16:35:16 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-09 23:51:53
186.30.58.56	attack	Oct 9 13:35:23 ip-172-31-42-142 sshd\[17214\]: Invalid user toor from 186.30.58.56\ Oct 9 13:35:25 ip-172-31-42-142 sshd\[17214\]: Failed password for invalid user toor from 186.30.58.56 port 60906 ssh2\ Oct 9 13:38:53 ip-172-31-42-142 sshd\[17275\]: Failed password for uucp from 186.30.58.56 port 53026 ssh2\ Oct 9 13:42:25 ip-172-31-42-142 sshd\[17407\]: Invalid user test from 186.30.58.56\ Oct 9 13:42:27 ip-172-31-42-142 sshd\[17407\]: Failed password for invalid user test from 186.30.58.56 port 45142 ssh2\	2020-10-09 23:29:51
182.208.112.240	attackbots	Oct 9 17:09:35 ovpn sshd\[16332\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.208.112.240 user=root Oct 9 17:09:37 ovpn sshd\[16332\]: Failed password for root from 182.208.112.240 port 63252 ssh2 Oct 9 17:12:41 ovpn sshd\[17129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.208.112.240 user=root Oct 9 17:12:43 ovpn sshd\[17129\]: Failed password for root from 182.208.112.240 port 64202 ssh2 Oct 9 17:14:15 ovpn sshd\[17564\]: Invalid user art from 182.208.112.240 Oct 9 17:14:15 ovpn sshd\[17564\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.208.112.240	2020-10-09 23:58:00
166.175.186.227	attackbots	Brute forcing email accounts	2020-10-09 23:31:28

Recently Reported IPs

253.39.151.241	154.169.211.98	187.45.116.52	146.155.4.14
45.234.116.190	165.227.39.133	111.85.159.55	157.62.213.44
74.60.208.3	123.108.171.55	93.173.91.116	40.77.167.121
203.59.168.49	103.117.192.87	192.143.220.97	107.0.199.195
64.133.186.113	40.32.27.124	104.73.15.154	134.138.59.123