195.54.160.213

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: Arkada LLC

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 195.54.160.213:48736 -> port 8880, len 44	2020-06-10 22:50:21
attack	Persistent port scanning [15 denied]	2020-06-10 13:01:26
attack	TCP (SYN) 195.54.160.213:59446 -> port 13371, len 44	2020-06-07 01:57:17
attack	Jun 6 09:24:09 debian kernel: [327209.886094] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=195.54.160.213 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=22443 PROTO=TCP SPT=59446 DPT=13338 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-06 14:49:45
attackspam	[H1.VM7] Blocked by UFW	2020-06-06 08:54:21
attackbots	Jun 4 18:23:53 debian kernel: [186796.261264] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=195.54.160.213 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=21645 PROTO=TCP SPT=56237 DPT=3030 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-04 23:34:48
attack	SmallBizIT.US 4 packets to tcp(9301,31023,53389,59202)	2020-06-02 06:01:27
attackspam	05/31/2020-15:38:40.499963 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-06-01 03:55:46
attackbots	05/29/2020-10:08:31.504034 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-29 22:09:15
attackbotsspam	05/26/2020-09:31:10.239118 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-26 22:11:56
attackbotsspam	firewall-block, port(s): 22366/tcp	2020-05-23 23:45:51
attack	Port scan on 3 port(s): 22341 22365 22368	2020-05-23 16:11:24
attackspambots	05/21/2020-09:07:51.065220 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-21 23:39:15
attackbots	05/20/2020-14:07:15.824286 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-21 02:34:10
attackbotsspam	SmallBizIT.US 4 packets to tcp(55554,55611,55656,55664)	2020-05-15 12:11:36
attackbots	05/06/2020-23:57:50.949291 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-05-07 12:01:24
attackspam	firewall-block, port(s): 11111/tcp, 16000/tcp	2020-05-06 23:34:26
attack	firewall-block, port(s): 11000/tcp, 15000/tcp, 33000/tcp, 47000/tcp, 53000/tcp	2020-05-06 05:58:58
attackspambots	Remote recon	2020-05-05 18:02:37
attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-02 18:36:59
attackspam	firewall-block, port(s): 33392/tcp	2020-04-29 04:17:55
attackspam	04/27/2020-08:43:27.119979 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-28 02:46:59
attack	04/26/2020-03:50:25.225693 195.54.160.213 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-26 15:53:30

Comments on same subnet:

IP	Type	Details	Datetime
195.54.160.180	attackspambots	Invalid user 9122 from 195.54.160.180 port 53705	2020-10-14 07:03:26
195.54.160.180	attackspam	Oct 13 09:25:01 santamaria sshd\[2434\]: Invalid user test from 195.54.160.180 Oct 13 09:25:01 santamaria sshd\[2434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 13 09:25:02 santamaria sshd\[2434\]: Failed password for invalid user test from 195.54.160.180 port 58091 ssh2 ...	2020-10-13 15:27:41
195.54.160.180	attackspambots	Oct 12 20:05:00 er4gw sshd[19698]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180	2020-10-13 08:03:50
195.54.160.180	attackspambots	Oct 11 23:32:20 vmd26974 sshd[30264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 23:32:23 vmd26974 sshd[30264]: Failed password for invalid user system from 195.54.160.180 port 14159 ssh2 ...	2020-10-12 05:35:19
195.54.160.180	attack	Oct 11 15:41:50 santamaria sshd\[26585\]: Invalid user system from 195.54.160.180 Oct 11 15:41:50 santamaria sshd\[26585\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 15:41:52 santamaria sshd\[26585\]: Failed password for invalid user system from 195.54.160.180 port 32650 ssh2 ...	2020-10-11 21:42:00
195.54.160.180	attackbotsspam	Oct 11 06:35:54 ajax sshd[22680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 06:35:56 ajax sshd[22680]: Failed password for invalid user system from 195.54.160.180 port 14992 ssh2	2020-10-11 13:39:13
195.54.160.180	attackspam	Oct 11 01:01:19 jane sshd[1580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 11 01:01:21 jane sshd[1580]: Failed password for invalid user system from 195.54.160.180 port 22480 ssh2 ...	2020-10-11 07:02:46
195.54.160.180	attackspambots	Oct 10 15:31:39 vps639187 sshd\[5463\]: Invalid user video from 195.54.160.180 port 52740 Oct 10 15:31:39 vps639187 sshd\[5463\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.54.160.180 Oct 10 15:31:41 vps639187 sshd\[5463\]: Failed password for invalid user video from 195.54.160.180 port 52740 ssh2 ...	2020-10-10 21:45:57
195.54.160.180	attackbots	2020-10-09 13:00:16.840788-0500 localhost sshd[8287]: Failed password for invalid user video from 195.54.160.180 port 14076 ssh2	2020-10-10 02:12:15
195.54.160.180	attackspambots	2020-10-08 UTC: (14x) - admin(8x),record(6x)	2020-10-09 17:56:43
195.54.160.183	attack	Invalid user ftp from 195.54.160.183 port 22214	2020-10-07 04:56:15
195.54.160.188	attackbotsspam	Repeated RDP login failures. Last user: admin	2020-10-07 04:50:44
195.54.160.180	attack	SSH login attempts.	2020-10-07 04:39:54
195.54.160.183	attackspam	Invalid user ftp from 195.54.160.183 port 22214	2020-10-06 21:02:54
195.54.160.188	attackspam	Repeated RDP login failures. Last user: administrator	2020-10-06 20:56:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 195.54.160.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55488
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;195.54.160.213.			IN	A

;; AUTHORITY SECTION:
.			593	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042600 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Apr 26 15:53:18 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 213.160.54.195.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.160.54.195.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
104.236.124.45	attack	2019-11-18T18:08:03.353471abusebot-4.cloudsearch.cf sshd\[19837\]: Invalid user com from 104.236.124.45 port 34055	2019-11-19 02:10:05
222.186.173.238	attackbots	Nov 18 18:46:58 ns381471 sshd[26405]: Failed password for root from 222.186.173.238 port 11094 ssh2 Nov 18 18:47:11 ns381471 sshd[26405]: error: maximum authentication attempts exceeded for root from 222.186.173.238 port 11094 ssh2 [preauth]	2019-11-19 01:52:39
106.12.185.54	attack	Nov 18 08:06:19 hanapaa sshd\[24543\]: Invalid user gavidia from 106.12.185.54 Nov 18 08:06:19 hanapaa sshd\[24543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.54 Nov 18 08:06:21 hanapaa sshd\[24543\]: Failed password for invalid user gavidia from 106.12.185.54 port 59198 ssh2 Nov 18 08:10:08 hanapaa sshd\[24992\]: Invalid user ab from 106.12.185.54 Nov 18 08:10:08 hanapaa sshd\[24992\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.185.54	2019-11-19 02:12:31
188.166.246.46	attack	Nov 18 14:51:01 sshgateway sshd\[5556\]: Invalid user schumann from 188.166.246.46 Nov 18 14:51:01 sshgateway sshd\[5556\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.166.246.46 Nov 18 14:51:03 sshgateway sshd\[5556\]: Failed password for invalid user schumann from 188.166.246.46 port 46160 ssh2	2019-11-19 01:58:04
45.82.35.22	attackbots	2019-11-18 1iWiFt-0007Dz-Dq H=herculean.acebankz.com $herculean.mantraainc.co$ \[45.82.35.22\] rejected REMOVED : REJECTED - You seem to be a spammer! 2019-11-18 1iWiT2-0007F2-5M H=herculean.acebankz.com $herculean.mantraainc.co$ \[45.82.35.22\] rejected REMOVED : REJECTED - You seem to be a spammer! 2019-11-18 1iWiTy-0007FF-2O H=herculean.acebankz.com $herculean.mantraainc.co$ \[45.82.35.22\] rejected REMOVED : REJECTED - You seem to be a spammer!	2019-11-19 02:20:39
216.218.206.6	attackbots	Brute-Force on ftp	2019-11-19 01:44:14
178.128.191.4	attack	SSH login attempts with user root.	2019-11-19 02:00:11
123.28.41.55	attackbotsspam	Automatic report - Port Scan Attack	2019-11-19 01:40:13
112.64.170.1	attack	SSH login attempts with user root.	2019-11-19 01:58:58
45.55.173.2	attackbots	SSH login attempts with user root.	2019-11-19 02:03:12
119.147.210.4	attack	SSH login attempts with user root.	2019-11-19 01:51:11
54.36.63.4	attackbots	Web application attack detected by fail2ban	2019-11-19 01:43:44
101.89.150.73	attack	SSH bruteforce (Triggered fail2ban)	2019-11-19 02:06:30
111.200.242.26	attackbotsspam	$f2bV_matches	2019-11-19 02:13:44
107.173.35.2	attackbots	SSH login attempts with user root.	2019-11-19 01:56:29

Recently Reported IPs

106.67.121.173	123.194.143.13	208.54.178.54	14.173.21.71
252.32.241.198	139.50.243.33	114.222.120.61	124.235.82.218
121.170.98.170	45.153.157.109	221.182.36.41	176.226.136.71
119.236.185.153	149.248.52.27	201.130.109.111	193.118.53.210
88.142.233.141	180.116.86.127	171.255.121.124	186.46.27.30