145.255.5.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Russian Federation

Internet Service Provider: OJSC Ufanet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 145.255.5.55 to port 81 [T]	2020-05-09 02:19:43

Comments on same subnet:

IP	Type	Details	Datetime
145.255.5.101	attack	Honeypot attack, port: 445, PTR: 145.255.5.101.static.ufanet.ru.	2020-09-18 00:51:34
145.255.5.101	attackspambots	Honeypot attack, port: 445, PTR: 145.255.5.101.static.ufanet.ru.	2020-09-17 16:53:00
145.255.5.101	attack	Honeypot attack, port: 445, PTR: 145.255.5.101.static.ufanet.ru.	2020-09-17 07:58:34
145.255.5.53	attackbots	Unauthorized connection attempt detected from IP address 145.255.5.53 to port 8080 [T]	2020-01-20 07:07:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 145.255.5.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47932
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;145.255.5.55.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070102 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 06:45:43 CST 2019
;; MSG SIZE  rcvd: 116

Host info

55.5.255.145.in-addr.arpa domain name pointer 145.255.5.55.static.ufanet.ru.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
55.5.255.145.in-addr.arpa	name = 145.255.5.55.static.ufanet.ru.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
128.199.18.67	attackbotsspam	invalid login attempt (kbe)	2020-09-22 22:20:14
157.230.24.226	attackbots	SSH brutforce	2020-09-22 22:22:39
167.86.124.59	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-09-22 22:35:20
191.235.94.176	attack	[ssh] SSH attack	2020-09-22 22:19:21
63.80.187.116	attack	E-Mail Spam (RBL) [REJECTED]	2020-09-22 22:30:40
49.234.99.246	attackspam	Invalid user xguest from 49.234.99.246 port 44914	2020-09-22 22:34:09
64.225.70.10	attackspam	Sep 22 10:39:36 firewall sshd[13933]: Invalid user toby from 64.225.70.10 Sep 22 10:39:38 firewall sshd[13933]: Failed password for invalid user toby from 64.225.70.10 port 43454 ssh2 Sep 22 10:46:53 firewall sshd[14222]: Invalid user c from 64.225.70.10 ...	2020-09-22 22:28:49
3.216.24.200	attackspam	3.216.24.200 - - [22/Sep/2020:14:18:51 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.216.24.200 - - [22/Sep/2020:14:18:52 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 3.216.24.200 - - [22/Sep/2020:14:18:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-22 22:34:53
116.75.213.147	attackspam	DATE:2020-09-21 19:00:52, IP:116.75.213.147, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-22 22:46:40
47.56.223.58	attackspam	47.56.223.58 - - [21/Sep/2020:11:02:39 -0600] "GET /xmlrpc.php HTTP/1.1" 404 6157 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" ...	2020-09-22 22:50:30
213.92.200.123	attackspam	Listed on zen-spamhaus also abuseat.org / proto=6 . srcport=2730 . dstport=80 . (3223)	2020-09-22 22:19:01
67.205.144.31	attackbotsspam	xmlrpc attack	2020-09-22 22:35:38
5.141.81.141	attackbotsspam	Brute%20Force%20SSH	2020-09-22 22:49:51
50.227.195.3	attack	Sep 22 15:42:08 pornomens sshd\[14151\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.227.195.3 user=root Sep 22 15:42:10 pornomens sshd\[14151\]: Failed password for root from 50.227.195.3 port 60160 ssh2 Sep 22 15:55:34 pornomens sshd\[14360\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.227.195.3 user=root ...	2020-09-22 22:26:41
106.13.9.153	attackbots	Sep 22 06:20:39 Tower sshd[26452]: Connection from 106.13.9.153 port 39606 on 192.168.10.220 port 22 rdomain "" Sep 22 06:20:41 Tower sshd[26452]: Invalid user g from 106.13.9.153 port 39606 Sep 22 06:20:41 Tower sshd[26452]: error: Could not get shadow information for NOUSER Sep 22 06:20:41 Tower sshd[26452]: Failed password for invalid user g from 106.13.9.153 port 39606 ssh2 Sep 22 06:20:41 Tower sshd[26452]: Received disconnect from 106.13.9.153 port 39606:11: Bye Bye [preauth] Sep 22 06:20:41 Tower sshd[26452]: Disconnected from invalid user g 106.13.9.153 port 39606 [preauth]	2020-09-22 22:28:28

Recently Reported IPs

186.16.103.220	187.108.213.111	121.242.170.190	57.238.107.169
62.12.86.150	62.16.44.37	77.243.183.16	163.181.98.200
75.186.115.244	81.242.120.155	185.177.151.34	159.228.138.225
118.25.192.84	45.136.144.249	186.178.61.140	67.189.50.76
68.183.151.169	153.36.233.244	211.194.203.190	147.116.208.125