199.195.252.213

Basic Info

City: unknown

Region: unknown

Country: United States

Internet Service Provider: Frantech Solutions

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Apr 18 04:57:53 web8 sshd\[4978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Apr 18 04:57:54 web8 sshd\[4978\]: Failed password for root from 199.195.252.213 port 44526 ssh2 Apr 18 05:01:47 web8 sshd\[7042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Apr 18 05:01:49 web8 sshd\[7042\]: Failed password for root from 199.195.252.213 port 56524 ssh2 Apr 18 05:05:31 web8 sshd\[9109\]: Invalid user admin from 199.195.252.213 Apr 18 05:05:31 web8 sshd\[9109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213	2020-04-18 15:54:46
attack	Invalid user juan from 199.195.252.213 port 60680	2020-03-22 04:12:04
attackspam	Mar 17 22:58:04 sigma sshd\[29428\]: Invalid user kafka from 199.195.252.213Mar 17 22:58:07 sigma sshd\[29428\]: Failed password for invalid user kafka from 199.195.252.213 port 43128 ssh2 ...	2020-03-18 08:54:19
attackbots	Feb 8 07:16:55 silence02 sshd[9739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Feb 8 07:16:56 silence02 sshd[9739]: Failed password for invalid user sek from 199.195.252.213 port 51890 ssh2 Feb 8 07:19:56 silence02 sshd[9915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213	2020-02-08 19:49:53
attackbotsspam	2020-01-26T08:38:46.975851abusebot-3.cloudsearch.cf sshd[18490]: Invalid user docs from 199.195.252.213 port 50172 2020-01-26T08:38:46.990756abusebot-3.cloudsearch.cf sshd[18490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2020-01-26T08:38:46.975851abusebot-3.cloudsearch.cf sshd[18490]: Invalid user docs from 199.195.252.213 port 50172 2020-01-26T08:38:49.071593abusebot-3.cloudsearch.cf sshd[18490]: Failed password for invalid user docs from 199.195.252.213 port 50172 ssh2 2020-01-26T08:40:29.877749abusebot-3.cloudsearch.cf sshd[18581]: Invalid user telekom from 199.195.252.213 port 39684 2020-01-26T08:40:29.884341abusebot-3.cloudsearch.cf sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2020-01-26T08:40:29.877749abusebot-3.cloudsearch.cf sshd[18581]: Invalid user telekom from 199.195.252.213 port 39684 2020-01-26T08:40:32.437089abusebot-3.cloudsearch.cf sshd ...	2020-01-26 16:41:19
attackbots	Unauthorized connection attempt detected from IP address 199.195.252.213 to port 2220 [J]	2020-01-15 14:03:29
attackbots	Invalid user nqa from 199.195.252.213 port 41858	2020-01-10 22:02:19
attackspambots	Jan 10 08:24:24 hosting180 sshd[14165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Jan 10 08:24:27 hosting180 sshd[14165]: Failed password for root from 199.195.252.213 port 54404 ssh2 ...	2020-01-10 16:15:12
attack	Unauthorized connection attempt detected from IP address 199.195.252.213 to port 2220 [J]	2020-01-06 13:39:52
attackspam	$f2bV_matches	2020-01-02 20:40:13
attackspam	Jan 1 16:04:23 localhost sshd\[4202\]: Invalid user rt from 199.195.252.213 port 39886 Jan 1 16:04:23 localhost sshd\[4202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Jan 1 16:04:25 localhost sshd\[4202\]: Failed password for invalid user rt from 199.195.252.213 port 39886 ssh2	2020-01-02 05:22:49
attack	Dec 25 10:50:00 vibhu-HP-Z238-Microtower-Workstation sshd\[13859\]: Invalid user cpa from 199.195.252.213 Dec 25 10:50:00 vibhu-HP-Z238-Microtower-Workstation sshd\[13859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Dec 25 10:50:02 vibhu-HP-Z238-Microtower-Workstation sshd\[13859\]: Failed password for invalid user cpa from 199.195.252.213 port 32824 ssh2 Dec 25 10:52:07 vibhu-HP-Z238-Microtower-Workstation sshd\[14026\]: Invalid user nobody8888 from 199.195.252.213 Dec 25 10:52:07 vibhu-HP-Z238-Microtower-Workstation sshd\[14026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 ...	2019-12-25 14:03:05
attack	Dec 21 06:06:41 auw2 sshd\[25950\]: Invalid user bitnami from 199.195.252.213 Dec 21 06:06:41 auw2 sshd\[25950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Dec 21 06:06:43 auw2 sshd\[25950\]: Failed password for invalid user bitnami from 199.195.252.213 port 41856 ssh2 Dec 21 06:12:06 auw2 sshd\[26675\]: Invalid user home from 199.195.252.213 Dec 21 06:12:06 auw2 sshd\[26675\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213	2019-12-22 03:41:11
attack	SSH login attempts.	2019-12-18 05:56:45
attack	$f2bV_matches	2019-12-12 09:58:22
attackspambots	Dec 8 14:38:34 web9 sshd\[8096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Dec 8 14:38:37 web9 sshd\[8096\]: Failed password for root from 199.195.252.213 port 38282 ssh2 Dec 8 14:43:49 web9 sshd\[8869\]: Invalid user xz from 199.195.252.213 Dec 8 14:43:49 web9 sshd\[8869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Dec 8 14:43:51 web9 sshd\[8869\]: Failed password for invalid user xz from 199.195.252.213 port 52852 ssh2	2019-12-09 08:44:29
attackbots	Nov 30 03:33:48 mockhub sshd[404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Nov 30 03:33:50 mockhub sshd[404]: Failed password for invalid user talee from 199.195.252.213 port 50364 ssh2 ...	2019-11-30 21:52:31
attackspam	ssh failed login	2019-11-26 19:54:28
attackspam	Nov 21 07:28:06 : SSH login attempts with invalid user	2019-11-22 07:59:12
attack	$f2bV_matches	2019-11-21 18:20:59
attackspambots	2019-11-19T14:14:48.872029hub.schaetter.us sshd\[18193\]: Invalid user relyea from 199.195.252.213 port 39698 2019-11-19T14:14:48.888745hub.schaetter.us sshd\[18193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2019-11-19T14:14:50.227108hub.schaetter.us sshd\[18193\]: Failed password for invalid user relyea from 199.195.252.213 port 39698 ssh2 2019-11-19T14:18:23.758605hub.schaetter.us sshd\[18198\]: Invalid user www-data from 199.195.252.213 port 48556 2019-11-19T14:18:23.766563hub.schaetter.us sshd\[18198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 ...	2019-11-19 23:25:36
attackbotsspam	2019-11-11T16:20:41.764066abusebot-4.cloudsearch.cf sshd\[20290\]: Invalid user ftpuser from 199.195.252.213 port 33056	2019-11-12 00:42:22
attackspam	ssh failed login	2019-11-10 03:43:35
attack	2019-11-06T07:26:40.070558host3.slimhost.com.ua sshd[3923382]: Invalid user !QAZ2wsx from 199.195.252.213 port 38992 2019-11-06T07:26:40.076088host3.slimhost.com.ua sshd[3923382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2019-11-06T07:26:40.070558host3.slimhost.com.ua sshd[3923382]: Invalid user !QAZ2wsx from 199.195.252.213 port 38992 2019-11-06T07:26:41.955889host3.slimhost.com.ua sshd[3923382]: Failed password for invalid user !QAZ2wsx from 199.195.252.213 port 38992 ssh2 2019-11-06T07:30:28.261577host3.slimhost.com.ua sshd[3926120]: Invalid user ctrls from 199.195.252.213 port 50288 ...	2019-11-06 14:48:17
attack	2019-11-03T15:54:09.875804abusebot-5.cloudsearch.cf sshd\[4651\]: Invalid user test from 199.195.252.213 port 51658	2019-11-04 04:25:39
attack	Oct 28 04:52:14 srv01 sshd[16030]: Invalid user repos from 199.195.252.213 Oct 28 04:52:14 srv01 sshd[16030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Oct 28 04:52:14 srv01 sshd[16030]: Invalid user repos from 199.195.252.213 Oct 28 04:52:16 srv01 sshd[16030]: Failed password for invalid user repos from 199.195.252.213 port 36462 ssh2 Oct 28 04:55:44 srv01 sshd[16367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Oct 28 04:55:46 srv01 sshd[16367]: Failed password for root from 199.195.252.213 port 47730 ssh2 ...	2019-10-28 12:11:35
attack	Oct 19 22:21:02 lcl-usvr-02 sshd[18789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Oct 19 22:21:04 lcl-usvr-02 sshd[18789]: Failed password for root from 199.195.252.213 port 38042 ssh2 Oct 19 22:24:43 lcl-usvr-02 sshd[19619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Oct 19 22:24:45 lcl-usvr-02 sshd[19619]: Failed password for root from 199.195.252.213 port 48772 ssh2 ...	2019-10-19 23:55:47
attackbotsspam	Oct 19 08:54:56 jane sshd[28486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Oct 19 08:54:58 jane sshd[28486]: Failed password for invalid user Text123 from 199.195.252.213 port 55042 ssh2 ...	2019-10-19 15:21:20
attackbots	Oct 17 10:56:06 dedicated sshd[29633]: Invalid user gusr from 199.195.252.213 port 33502 Oct 17 10:56:08 dedicated sshd[29633]: Failed password for invalid user gusr from 199.195.252.213 port 33502 ssh2 Oct 17 10:56:06 dedicated sshd[29633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Oct 17 10:56:06 dedicated sshd[29633]: Invalid user gusr from 199.195.252.213 port 33502 Oct 17 10:56:08 dedicated sshd[29633]: Failed password for invalid user gusr from 199.195.252.213 port 33502 ssh2	2019-10-17 17:13:44
attackspam	2019-10-13T08:21:43.048552abusebot-3.cloudsearch.cf sshd\[11961\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root	2019-10-13 16:26:13

Comments on same subnet:

IP	Type	Details	Datetime
199.195.252.122	attack	Scan port	2023-09-13 12:25:59
199.195.252.209	attackspambots	Port Scan detected from 199.195.252.209 (US/United States/-). 11 hits in the last 110 seconds; Ports: *; Direction: in; Trigger: PS_LIMIT	2020-10-09 02:05:01
199.195.252.209	attackbots	Oct 8 04:11:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=11610 PROTO=TCP SPT=43070 DPT=8089 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:11:25 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=31460 PROTO=TCP SPT=43070 DPT=7070 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:11:27 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=3869 PROTO=TCP SPT=43070 DPT=21071 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:11:53 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=64468 PROTO=TCP SPT=43070 DPT=2080 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:12:20 hidden ...	2020-10-08 18:01:44
199.195.252.245	attack	Tor exit node	2020-05-28 06:32:46
199.195.252.209	attackspambots	port scans on irc network	2020-05-06 21:42:02
199.195.252.209	attackbots	slow and persistent scanner	2020-02-01 10:33:44

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 199.195.252.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63733
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;199.195.252.213.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 16:57:28 +08 2019
;; MSG SIZE  rcvd: 119

Host info

Host 213.252.195.199.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 213.252.195.199.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
117.62.22.55	attackspam	Jun 28 06:07:31 OPSO sshd\[5013\]: Invalid user web from 117.62.22.55 port 46728 Jun 28 06:07:31 OPSO sshd\[5013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.62.22.55 Jun 28 06:07:33 OPSO sshd\[5013\]: Failed password for invalid user web from 117.62.22.55 port 46728 ssh2 Jun 28 06:13:07 OPSO sshd\[5986\]: Invalid user user from 117.62.22.55 port 54864 Jun 28 06:13:07 OPSO sshd\[5986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.62.22.55	2020-06-28 12:31:34
106.54.16.96	attackspam	Jun 28 03:44:47 ns3033917 sshd[23041]: Invalid user ifc from 106.54.16.96 port 56482 Jun 28 03:44:48 ns3033917 sshd[23041]: Failed password for invalid user ifc from 106.54.16.96 port 56482 ssh2 Jun 28 03:57:22 ns3033917 sshd[23174]: Invalid user deploy from 106.54.16.96 port 50100 ...	2020-06-28 12:04:03
79.124.62.66	attackbots	Unauthorized connection attempt from IP address 79.124.62.66 on Port 3389(RDP)	2020-06-28 12:06:42
129.28.197.173	attack	Jun 28 05:50:41 eventyay sshd[14162]: Failed password for root from 129.28.197.173 port 40810 ssh2 Jun 28 05:53:43 eventyay sshd[14224]: Failed password for postgres from 129.28.197.173 port 55622 ssh2 Jun 28 05:56:51 eventyay sshd[14279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.197.173 ...	2020-06-28 12:27:40
128.199.142.0	attackbotsspam	Invalid user ha from 128.199.142.0 port 35906	2020-06-28 08:49:45
112.85.42.174	attack	Brute-force attempt banned	2020-06-28 12:38:17
111.229.155.209	attackspam	2020-06-28T03:51:38.971816abusebot.cloudsearch.cf sshd[19079]: Invalid user postgres from 111.229.155.209 port 22930 2020-06-28T03:51:38.977624abusebot.cloudsearch.cf sshd[19079]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.155.209 2020-06-28T03:51:38.971816abusebot.cloudsearch.cf sshd[19079]: Invalid user postgres from 111.229.155.209 port 22930 2020-06-28T03:51:40.759860abusebot.cloudsearch.cf sshd[19079]: Failed password for invalid user postgres from 111.229.155.209 port 22930 ssh2 2020-06-28T03:54:27.255111abusebot.cloudsearch.cf sshd[19172]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.155.209 user=root 2020-06-28T03:54:29.238201abusebot.cloudsearch.cf sshd[19172]: Failed password for root from 111.229.155.209 port 52648 ssh2 2020-06-28T03:56:57.779094abusebot.cloudsearch.cf sshd[19253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111 ...	2020-06-28 12:20:55
192.241.227.81	attackspam	" "	2020-06-28 12:22:35
185.216.140.251	attackbotsspam	12 attempts against mh-misc-ban on wood	2020-06-28 12:33:48
160.153.154.29	attackspam	Automatic report - XMLRPC Attack	2020-06-28 12:37:58
202.137.20.58	attackspam	2020-06-28T05:56:14.160125+02:00 sshd[18147]: Failed password for invalid user user from 202.137.20.58 port 19097 ssh2	2020-06-28 12:17:27
185.143.75.81	attack	Jun 28 06:23:59 v22019058497090703 postfix/smtpd[17658]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 06:24:50 v22019058497090703 postfix/smtpd[17658]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 28 06:25:41 v22019058497090703 postfix/smtpd[17658]: warning: unknown[185.143.75.81]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-28 12:28:07
103.78.215.150	attackspambots	$f2bV_matches	2020-06-28 12:29:52
134.209.178.109	attackspam	Jun 27 21:43:13 l02a sshd[30776]: Invalid user tunnel from 134.209.178.109 Jun 27 21:43:13 l02a sshd[30776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.178.109 Jun 27 21:43:13 l02a sshd[30776]: Invalid user tunnel from 134.209.178.109 Jun 27 21:43:15 l02a sshd[30776]: Failed password for invalid user tunnel from 134.209.178.109 port 44552 ssh2	2020-06-28 08:49:58
184.168.152.99	attackbotsspam	Trolling for resource vulnerabilities	2020-06-28 12:34:12

Recently Reported IPs

139.59.34.17	134.175.129.225	134.175.49.215	130.105.68.200
111.231.83.123	106.12.131.50	103.65.236.179	98.234.14.119
94.191.99.114	94.23.55.228	90.171.227.63	86.61.66.59
67.248.136.89	51.255.174.215	51.68.122.216	50.116.98.174
34.221.12.99	34.195.79.46	31.30.91.115	27.66.68.227