195.54.160.211

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Arkada LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	TCP (SYN) 195.54.160.211:47990 -> port 56786, len 44	2020-06-12 02:42:10
attackbots	Jun 10 14:28:18 debian-2gb-nbg1-2 kernel: \[14050828.627947\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.211 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=26409 PROTO=TCP SPT=44985 DPT=12233 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-10 20:31:37
attack	Jun 10 00:53:57 debian-2gb-nbg1-2 kernel: \[14001970.747735\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.211 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=13278 PROTO=TCP SPT=51718 DPT=56505 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-10 07:05:34
attack	Fail2Ban Ban Triggered	2020-06-10 00:48:12
attackbotsspam	ET DROP Dshield Block Listed Source group 1 - port: 14017 proto: TCP cat: Misc Attack	2020-06-05 16:43:18
attackbotsspam	Jun 4 01:14:57 debian-2gb-nbg1-2 kernel: \[13484857.760436\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.211 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=33712 PROTO=TCP SPT=45749 DPT=52303 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-04 07:52:02
attackbotsspam	SmallBizIT.US 9 packets to tcp(56302,56304,56305,56306,56307,59202,59205,59206,59209)	2020-06-03 19:06:44
attack	SmallBizIT.US 7 packets to tcp(54544,54547,54548,54549,56781,56787,56788)	2020-06-02 07:02:27
attackbots	Persistent port scanning [11 denied]	2020-06-01 03:33:53
attackspambots	May 26 10:18:59 debian-2gb-nbg1-2 kernel: \[12739938.791271\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.211 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=35231 PROTO=TCP SPT=44354 DPT=3018 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-26 17:16:28
attackspam	TCP (SYN) 195.54.160.211:58889 -> port 59555, len 44	2020-05-25 22:34:32
attackbotsspam	05/25/2020-06:42:02.475762 195.54.160.211 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-25 19:03:04
attackbots	ET DROP Dshield Block Listed Source group 1 - port: 55555 proto: TCP cat: Misc Attack	2020-05-23 16:12:11
attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 31794 proto: TCP cat: Misc Attack	2020-05-21 23:40:01
attackbotsspam	May 20 21:33:14 debian-2gb-nbg1-2 kernel: \[12262019.700817\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.211 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=62108 PROTO=TCP SPT=49534 DPT=39596 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-21 05:12:48
attack	RU_OOO Network of data-centers Selectel_<177>1589962255 [1:2402000:5550] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2]: {TCP} 195.54.160.211:55625	2020-05-20 16:26:37
attackbots	May 9 04:36:44 debian-2gb-nbg1-2 kernel: \[11250682.515232\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.211 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=11082 PROTO=TCP SPT=47923 DPT=31625 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-09 19:02:40
attackbotsspam	05/08/2020-13:37:19.483301 195.54.160.211 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-09 01:42:25
attack	firewall-block, port(s): 11179/tcp, 11187/tcp	2020-05-07 01:45:53
attack	Portscan or hack attempt detected by psad/fwsnort	2020-04-29 21:47:28

Comments on same subnet:

IP	Type	Details	Datetime
195.54.160.180	attackspambots	Invalid user 9122 from 195.54.160.180 port 53705	2020-10-14 07:03:26
195.54.160.180	attackspam	Oct 13 09:25:01 santamaria sshd\[2434\]: Invalid user test from 195.54.160.180 Oct 13 09:25:01 santamaria sshd\[2434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 13 09:25:02 santamaria sshd\[2434\]: Failed password for invalid user test from 195.54.160.180 port 58091 ssh2 ...	2020-10-13 15:27:41
195.54.160.180	attackspambots	Oct 12 20:05:00 er4gw sshd[19698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180	2020-10-13 08:03:50
195.54.160.180	attackspambots	Oct 11 23:32:20 vmd26974 sshd[30264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 23:32:23 vmd26974 sshd[30264]: Failed password for invalid user system from 195.54.160.180 port 14159 ssh2 ...	2020-10-12 05:35:19
195.54.160.180	attack	Oct 11 15:41:50 santamaria sshd\[26585\]: Invalid user system from 195.54.160.180 Oct 11 15:41:50 santamaria sshd\[26585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 15:41:52 santamaria sshd\[26585\]: Failed password for invalid user system from 195.54.160.180 port 32650 ssh2 ...	2020-10-11 21:42:00
195.54.160.180	attackbotsspam	Oct 11 06:35:54 ajax sshd[22680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 06:35:56 ajax sshd[22680]: Failed password for invalid user system from 195.54.160.180 port 14992 ssh2	2020-10-11 13:39:13
195.54.160.180	attackspam	Oct 11 01:01:19 jane sshd[1580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 01:01:21 jane sshd[1580]: Failed password for invalid user system from 195.54.160.180 port 22480 ssh2 ...	2020-10-11 07:02:46
195.54.160.180	attackspambots	Oct 10 15:31:39 vps639187 sshd\[5463\]: Invalid user video from 195.54.160.180 port 52740 Oct 10 15:31:39 vps639187 sshd\[5463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 10 15:31:41 vps639187 sshd\[5463\]: Failed password for invalid user video from 195.54.160.180 port 52740 ssh2 ...	2020-10-10 21:45:57
195.54.160.180	attackbots	2020-10-09 13:00:16.840788-0500 localhost sshd[8287]: Failed password for invalid user video from 195.54.160.180 port 14076 ssh2	2020-10-10 02:12:15
195.54.160.180	attackspambots	2020-10-08 UTC: (14x) - admin(8x),record(6x)	2020-10-09 17:56:43
195.54.160.183	attack	Invalid user ftp from 195.54.160.183 port 22214	2020-10-07 04:56:15
195.54.160.188	attackbotsspam	Repeated RDP login failures. Last user: admin	2020-10-07 04:50:44
195.54.160.180	attack	SSH login attempts.	2020-10-07 04:39:54
195.54.160.183	attackspam	Invalid user ftp from 195.54.160.183 port 22214	2020-10-06 21:02:54
195.54.160.188	attackspam	Repeated RDP login failures. Last user: administrator	2020-10-06 20:56:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.54.160.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33031
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;195.54.160.211.			IN	A

;; AUTHORITY SECTION:
.			238	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042900 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Apr 29 21:47:21 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 211.160.54.195.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 211.160.54.195.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.235.6.213	attackspambots	Mar 3 19:31:02 tdfoods sshd\[18074\]: Invalid user test from 49.235.6.213 Mar 3 19:31:02 tdfoods sshd\[18074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.6.213 Mar 3 19:31:04 tdfoods sshd\[18074\]: Failed password for invalid user test from 49.235.6.213 port 54482 ssh2 Mar 3 19:39:17 tdfoods sshd\[18804\]: Invalid user laravel from 49.235.6.213 Mar 3 19:39:17 tdfoods sshd\[18804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.6.213	2020-03-04 20:06:23
115.75.82.50	attackbotsspam	1583297502 - 03/04/2020 05:51:42 Host: 115.75.82.50/115.75.82.50 Port: 445 TCP Blocked	2020-03-04 20:16:14
122.51.83.175	attack	Mar 4 02:01:17 web1 sshd\[8235\]: Invalid user admin from 122.51.83.175 Mar 4 02:01:17 web1 sshd\[8235\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.83.175 Mar 4 02:01:19 web1 sshd\[8235\]: Failed password for invalid user admin from 122.51.83.175 port 60708 ssh2 Mar 4 02:07:09 web1 sshd\[8769\]: Invalid user wcp from 122.51.83.175 Mar 4 02:07:09 web1 sshd\[8769\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.83.175	2020-03-04 20:07:49
52.246.161.60	attackbotsspam	Mar 4 19:16:59 webhost01 sshd[20172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.246.161.60 Mar 4 19:17:01 webhost01 sshd[20172]: Failed password for invalid user admin from 52.246.161.60 port 34790 ssh2 ...	2020-03-04 20:18:06
77.78.52.96	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=38930)(03041211)	2020-03-04 19:47:20
192.241.232.168	attack	" "	2020-03-04 20:12:06
92.117.240.216	attackspambots	Automatic report - Port Scan Attack	2020-03-04 20:23:17
129.211.111.239	attackspambots	Mar 4 11:35:47 lock-38 sshd[24011]: Failed password for invalid user admin from 129.211.111.239 port 33926 ssh2 Mar 4 11:50:35 lock-38 sshd[24046]: Failed password for invalid user a from 129.211.111.239 port 52362 ssh2 Mar 4 12:01:52 lock-38 sshd[24087]: Failed password for invalid user jack from 129.211.111.239 port 33540 ssh2 ...	2020-03-04 20:22:45
218.92.0.168	attackspam	Multiple SSH login attempts.	2020-03-04 19:54:53
106.13.230.238	attackspam	Mar 3 22:56:06 hanapaa sshd\[17914\]: Invalid user speech-dispatcher from 106.13.230.238 Mar 3 22:56:06 hanapaa sshd\[17914\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.238 Mar 3 22:56:08 hanapaa sshd\[17914\]: Failed password for invalid user speech-dispatcher from 106.13.230.238 port 60354 ssh2 Mar 3 23:03:32 hanapaa sshd\[18665\]: Invalid user amandabackup from 106.13.230.238 Mar 3 23:03:32 hanapaa sshd\[18665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.230.238	2020-03-04 19:43:37
60.216.249.20	attackspam	DATE:2020-03-04 05:49:34, IP:60.216.249.20, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-03-04 19:57:54
213.32.92.57	attackspambots	Mar 4 06:04:18 ks10 sshd[285890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.92.57 Mar 4 06:04:21 ks10 sshd[285890]: Failed password for invalid user jira from 213.32.92.57 port 57988 ssh2 ...	2020-03-04 20:10:29
180.76.153.74	attack	Mar 4 11:06:33 vps sshd[17405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.153.74 Mar 4 11:06:35 vps sshd[17405]: Failed password for invalid user itmanie from 180.76.153.74 port 53000 ssh2 Mar 4 11:12:01 vps sshd[17647]: Failed password for root from 180.76.153.74 port 55372 ssh2 ...	2020-03-04 19:48:01
80.14.8.71	attack	spam	2020-03-04 19:41:09
106.12.192.107	attackspam	Mar 4 06:57:56 NPSTNNYC01T sshd[19259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.107 Mar 4 06:57:57 NPSTNNYC01T sshd[19259]: Failed password for invalid user jenkins from 106.12.192.107 port 50690 ssh2 Mar 4 07:05:53 NPSTNNYC01T sshd[19810]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.107 ...	2020-03-04 20:16:36

Recently Reported IPs

125.127.25.215	157.32.150.215	90.150.172.114	128.201.51.241
139.155.127.170	208.109.8.138	89.248.168.218	112.121.153.187
180.251.248.61	47.97.96.252	222.178.12.98	50.21.186.31
14.175.15.6	161.132.78.162	142.4.9.161	190.37.249.131
46.153.120.17	36.48.144.246	94.25.228.225	84.56.165.135