199.195.252.213

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): Frantech Solutions

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Apr 18 04:57:53 web8 sshd\[4978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Apr 18 04:57:54 web8 sshd\[4978\]: Failed password for root from 199.195.252.213 port 44526 ssh2 Apr 18 05:01:47 web8 sshd\[7042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Apr 18 05:01:49 web8 sshd\[7042\]: Failed password for root from 199.195.252.213 port 56524 ssh2 Apr 18 05:05:31 web8 sshd\[9109\]: Invalid user admin from 199.195.252.213 Apr 18 05:05:31 web8 sshd\[9109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213	2020-04-18 15:54:46
attack	Invalid user juan from 199.195.252.213 port 60680	2020-03-22 04:12:04
attackspam	Mar 17 22:58:04 sigma sshd\[29428\]: Invalid user kafka from 199.195.252.213Mar 17 22:58:07 sigma sshd\[29428\]: Failed password for invalid user kafka from 199.195.252.213 port 43128 ssh2 ...	2020-03-18 08:54:19
attackbots	Feb 8 07:16:55 silence02 sshd[9739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Feb 8 07:16:56 silence02 sshd[9739]: Failed password for invalid user sek from 199.195.252.213 port 51890 ssh2 Feb 8 07:19:56 silence02 sshd[9915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213	2020-02-08 19:49:53
attackbotsspam	2020-01-26T08:38:46.975851abusebot-3.cloudsearch.cf sshd[18490]: Invalid user docs from 199.195.252.213 port 50172 2020-01-26T08:38:46.990756abusebot-3.cloudsearch.cf sshd[18490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2020-01-26T08:38:46.975851abusebot-3.cloudsearch.cf sshd[18490]: Invalid user docs from 199.195.252.213 port 50172 2020-01-26T08:38:49.071593abusebot-3.cloudsearch.cf sshd[18490]: Failed password for invalid user docs from 199.195.252.213 port 50172 ssh2 2020-01-26T08:40:29.877749abusebot-3.cloudsearch.cf sshd[18581]: Invalid user telekom from 199.195.252.213 port 39684 2020-01-26T08:40:29.884341abusebot-3.cloudsearch.cf sshd[18581]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2020-01-26T08:40:29.877749abusebot-3.cloudsearch.cf sshd[18581]: Invalid user telekom from 199.195.252.213 port 39684 2020-01-26T08:40:32.437089abusebot-3.cloudsearch.cf sshd ...	2020-01-26 16:41:19
attackbots	Unauthorized connection attempt detected from IP address 199.195.252.213 to port 2220 [J]	2020-01-15 14:03:29
attackbots	Invalid user nqa from 199.195.252.213 port 41858	2020-01-10 22:02:19
attackspambots	Jan 10 08:24:24 hosting180 sshd[14165]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Jan 10 08:24:27 hosting180 sshd[14165]: Failed password for root from 199.195.252.213 port 54404 ssh2 ...	2020-01-10 16:15:12
attack	Unauthorized connection attempt detected from IP address 199.195.252.213 to port 2220 [J]	2020-01-06 13:39:52
attackspam	$f2bV_matches	2020-01-02 20:40:13
attackspam	Jan 1 16:04:23 localhost sshd\[4202\]: Invalid user rt from 199.195.252.213 port 39886 Jan 1 16:04:23 localhost sshd\[4202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Jan 1 16:04:25 localhost sshd\[4202\]: Failed password for invalid user rt from 199.195.252.213 port 39886 ssh2	2020-01-02 05:22:49
attack	Dec 25 10:50:00 vibhu-HP-Z238-Microtower-Workstation sshd\[13859\]: Invalid user cpa from 199.195.252.213 Dec 25 10:50:00 vibhu-HP-Z238-Microtower-Workstation sshd\[13859\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Dec 25 10:50:02 vibhu-HP-Z238-Microtower-Workstation sshd\[13859\]: Failed password for invalid user cpa from 199.195.252.213 port 32824 ssh2 Dec 25 10:52:07 vibhu-HP-Z238-Microtower-Workstation sshd\[14026\]: Invalid user nobody8888 from 199.195.252.213 Dec 25 10:52:07 vibhu-HP-Z238-Microtower-Workstation sshd\[14026\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 ...	2019-12-25 14:03:05
attack	Dec 21 06:06:41 auw2 sshd\[25950\]: Invalid user bitnami from 199.195.252.213 Dec 21 06:06:41 auw2 sshd\[25950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Dec 21 06:06:43 auw2 sshd\[25950\]: Failed password for invalid user bitnami from 199.195.252.213 port 41856 ssh2 Dec 21 06:12:06 auw2 sshd\[26675\]: Invalid user home from 199.195.252.213 Dec 21 06:12:06 auw2 sshd\[26675\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213	2019-12-22 03:41:11
attack	SSH login attempts.	2019-12-18 05:56:45
attack	$f2bV_matches	2019-12-12 09:58:22
attackspambots	Dec 8 14:38:34 web9 sshd\[8096\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Dec 8 14:38:37 web9 sshd\[8096\]: Failed password for root from 199.195.252.213 port 38282 ssh2 Dec 8 14:43:49 web9 sshd\[8869\]: Invalid user xz from 199.195.252.213 Dec 8 14:43:49 web9 sshd\[8869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Dec 8 14:43:51 web9 sshd\[8869\]: Failed password for invalid user xz from 199.195.252.213 port 52852 ssh2	2019-12-09 08:44:29
attackbots	Nov 30 03:33:48 mockhub sshd[404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Nov 30 03:33:50 mockhub sshd[404]: Failed password for invalid user talee from 199.195.252.213 port 50364 ssh2 ...	2019-11-30 21:52:31
attackspam	ssh failed login	2019-11-26 19:54:28
attackspam	Nov 21 07:28:06 : SSH login attempts with invalid user	2019-11-22 07:59:12
attack	$f2bV_matches	2019-11-21 18:20:59
attackspambots	2019-11-19T14:14:48.872029hub.schaetter.us sshd\[18193\]: Invalid user relyea from 199.195.252.213 port 39698 2019-11-19T14:14:48.888745hub.schaetter.us sshd\[18193\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2019-11-19T14:14:50.227108hub.schaetter.us sshd\[18193\]: Failed password for invalid user relyea from 199.195.252.213 port 39698 ssh2 2019-11-19T14:18:23.758605hub.schaetter.us sshd\[18198\]: Invalid user www-data from 199.195.252.213 port 48556 2019-11-19T14:18:23.766563hub.schaetter.us sshd\[18198\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 ...	2019-11-19 23:25:36
attackbotsspam	2019-11-11T16:20:41.764066abusebot-4.cloudsearch.cf sshd\[20290\]: Invalid user ftpuser from 199.195.252.213 port 33056	2019-11-12 00:42:22
attackspam	ssh failed login	2019-11-10 03:43:35
attack	2019-11-06T07:26:40.070558host3.slimhost.com.ua sshd[3923382]: Invalid user !QAZ2wsx from 199.195.252.213 port 38992 2019-11-06T07:26:40.076088host3.slimhost.com.ua sshd[3923382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 2019-11-06T07:26:40.070558host3.slimhost.com.ua sshd[3923382]: Invalid user !QAZ2wsx from 199.195.252.213 port 38992 2019-11-06T07:26:41.955889host3.slimhost.com.ua sshd[3923382]: Failed password for invalid user !QAZ2wsx from 199.195.252.213 port 38992 ssh2 2019-11-06T07:30:28.261577host3.slimhost.com.ua sshd[3926120]: Invalid user ctrls from 199.195.252.213 port 50288 ...	2019-11-06 14:48:17
attack	2019-11-03T15:54:09.875804abusebot-5.cloudsearch.cf sshd\[4651\]: Invalid user test from 199.195.252.213 port 51658	2019-11-04 04:25:39
attack	Oct 28 04:52:14 srv01 sshd[16030]: Invalid user repos from 199.195.252.213 Oct 28 04:52:14 srv01 sshd[16030]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Oct 28 04:52:14 srv01 sshd[16030]: Invalid user repos from 199.195.252.213 Oct 28 04:52:16 srv01 sshd[16030]: Failed password for invalid user repos from 199.195.252.213 port 36462 ssh2 Oct 28 04:55:44 srv01 sshd[16367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Oct 28 04:55:46 srv01 sshd[16367]: Failed password for root from 199.195.252.213 port 47730 ssh2 ...	2019-10-28 12:11:35
attack	Oct 19 22:21:02 lcl-usvr-02 sshd[18789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Oct 19 22:21:04 lcl-usvr-02 sshd[18789]: Failed password for root from 199.195.252.213 port 38042 ssh2 Oct 19 22:24:43 lcl-usvr-02 sshd[19619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root Oct 19 22:24:45 lcl-usvr-02 sshd[19619]: Failed password for root from 199.195.252.213 port 48772 ssh2 ...	2019-10-19 23:55:47
attackbotsspam	Oct 19 08:54:56 jane sshd[28486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Oct 19 08:54:58 jane sshd[28486]: Failed password for invalid user Text123 from 199.195.252.213 port 55042 ssh2 ...	2019-10-19 15:21:20
attackbots	Oct 17 10:56:06 dedicated sshd[29633]: Invalid user gusr from 199.195.252.213 port 33502 Oct 17 10:56:08 dedicated sshd[29633]: Failed password for invalid user gusr from 199.195.252.213 port 33502 ssh2 Oct 17 10:56:06 dedicated sshd[29633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 Oct 17 10:56:06 dedicated sshd[29633]: Invalid user gusr from 199.195.252.213 port 33502 Oct 17 10:56:08 dedicated sshd[29633]: Failed password for invalid user gusr from 199.195.252.213 port 33502 ssh2	2019-10-17 17:13:44
attackspam	2019-10-13T08:21:43.048552abusebot-3.cloudsearch.cf sshd\[11961\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=199.195.252.213 user=root	2019-10-13 16:26:13

相同子网IP讨论:

IP	类型	评论内容	时间
199.195.252.122	attack	Scan port	2023-09-13 12:25:59
199.195.252.209	attackspambots	Port Scan detected from 199.195.252.209 (US/United States/-). 11 hits in the last 110 seconds; Ports: *; Direction: in; Trigger: PS_LIMIT	2020-10-09 02:05:01
199.195.252.209	attackbots	Oct 8 04:11:13 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=11610 PROTO=TCP SPT=43070 DPT=8089 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:11:25 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=31460 PROTO=TCP SPT=43070 DPT=7070 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:11:27 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=3869 PROTO=TCP SPT=43070 DPT=21071 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:11:53 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=199.195.252.209 DST=77.73.69.240 LEN=40 TOS=0x08 PREC=0x20 TTL=241 ID=64468 PROTO=TCP SPT=43070 DPT=2080 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 8 04:12:20 hidden ...	2020-10-08 18:01:44
199.195.252.245	attack	Tor exit node	2020-05-28 06:32:46
199.195.252.209	attackspambots	port scans on irc network	2020-05-06 21:42:02
199.195.252.209	attackbots	slow and persistent scanner	2020-02-01 10:33:44

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 199.195.252.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63733
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;199.195.252.213.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032900 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 16:57:28 +08 2019
;; MSG SIZE  rcvd: 119

HOST信息:

Host 213.252.195.199.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 213.252.195.199.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
102.40.86.10	attack	23/tcp [2020-04-06]1pkt	2020-04-07 00:09:23
106.12.82.136	attackbots	SSH Brute-Force reported by Fail2Ban	2020-04-06 23:43:35
171.241.118.149	attackspambots	445/tcp [2020-04-06]1pkt	2020-04-07 00:11:50
45.112.205.59	attackspam	Port probing on unauthorized port 6379	2020-04-06 23:45:51
89.208.209.92	attackbotsspam	8080/tcp [2020-04-06]1pkt	2020-04-06 23:42:10
104.248.45.204	attackbots	Brute force attempt	2020-04-07 00:06:54
94.102.49.159	attack	Apr 6 17:52:22 debian-2gb-nbg1-2 kernel: \[8447367.813535\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.49.159 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=54665 PROTO=TCP SPT=49302 DPT=4992 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-06 23:55:00
113.160.37.176	attackspambots	23/tcp 23/tcp [2020-04-06]2pkt	2020-04-06 23:55:50
112.85.42.181	attackspam	Apr 6 17:39:31 jane sshd[22125]: Failed password for root from 112.85.42.181 port 11845 ssh2 Apr 6 17:39:35 jane sshd[22125]: Failed password for root from 112.85.42.181 port 11845 ssh2 ...	2020-04-06 23:53:08
190.200.29.133	attackbotsspam	445/tcp [2020-04-06]1pkt	2020-04-06 23:41:44
178.128.226.2	attackbotsspam	2020-04-06T17:29:21.778414vps751288.ovh.net sshd\[20687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.226.2 user=root 2020-04-06T17:29:24.093459vps751288.ovh.net sshd\[20687\]: Failed password for root from 178.128.226.2 port 42394 ssh2 2020-04-06T17:33:01.997714vps751288.ovh.net sshd\[20719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.226.2 user=root 2020-04-06T17:33:04.181981vps751288.ovh.net sshd\[20719\]: Failed password for root from 178.128.226.2 port 47885 ssh2 2020-04-06T17:36:45.899766vps751288.ovh.net sshd\[20749\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.226.2 user=root	2020-04-07 00:25:33
223.99.248.117	attackspam	Apr 6 22:34:36 webhost01 sshd[30708]: Failed password for root from 223.99.248.117 port 34259 ssh2 ...	2020-04-07 00:17:17
114.67.70.94	attackspambots	SSH brute-force attempt	2020-04-06 23:40:07
95.133.156.130	attack	445/tcp [2020-04-06]1pkt	2020-04-07 00:10:28
2.51.120.70	attackbotsspam	5555/tcp [2020-04-06]1pkt	2020-04-07 00:23:38

最近上报的IP列表

139.59.34.17	134.175.129.225	134.175.49.215	130.105.68.200
111.231.83.123	106.12.131.50	103.65.236.179	98.234.14.119
94.191.99.114	94.23.55.228	90.171.227.63	86.61.66.59
67.248.136.89	51.255.174.215	51.68.122.216	50.116.98.174
34.221.12.99	34.195.79.46	31.30.91.115	27.66.68.227