213.55.95.140 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Ethiopia

Internet Service Provider: Ethio Telecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Detected by ModSecurity. Request URI: /wp-login.php	2019-06-30 23:35:10

Comments on same subnet:

IP	Type	Details	Datetime
213.55.95.203	attackspambots	Unauthorized IMAP connection attempt	2020-08-21 23:59:23
213.55.95.186	attack	Unauthorized connection attempt from IP address 213.55.95.186 on Port 445(SMB)	2020-08-18 01:30:00
213.55.95.185	attack	Unauthorized connection attempt detected from IP address 213.55.95.185 to port 445 [T]	2020-08-14 01:54:51
213.55.95.177	attackbots	20/6/3@07:49:40: FAIL: Alarm-Network address from=213.55.95.177 ...	2020-06-04 02:06:58
213.55.95.228	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-14 02:15:19
213.55.95.171	attackspam	Unauthorized connection attempt from IP address 213.55.95.171 on Port 445(SMB)	2019-12-06 08:20:26
213.55.95.187	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 16-11-2019 06:20:33.	2019-11-16 20:16:36
213.55.95.149	attack	Unauthorized connection attempt from IP address 213.55.95.149 on Port 445(SMB)	2019-10-26 01:54:03
213.55.95.158	attackbots	Unauthorised access (Oct 12) SRC=213.55.95.158 LEN=52 TTL=112 ID=14240 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-12 21:56:02
213.55.95.150	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 14:18:02,900 INFO [shellcode_manager] (213.55.95.150) no match, writing hexdump (c0023eea185e3c8551cdc9ee669bfa00 :2357805) - MS17010 (EternalBlue)	2019-08-26 05:44:39
213.55.95.137	attackspam	Unauthorized connection attempt from IP address 213.55.95.137 on Port 445(SMB)	2019-08-23 03:44:32
213.55.95.150	attackspambots	Unauthorised access (Jul 30) SRC=213.55.95.150 LEN=52 TTL=112 ID=6749 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-31 06:04:22
213.55.95.158	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 08:17:24,370 INFO [amun_request_handler] PortScan Detected on Port: 445 (213.55.95.158)	2019-07-19 00:25:29

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.55.95.140
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49111
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.55.95.140.			IN	A

;; AUTHORITY SECTION:
.			2228	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052800 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue May 28 18:31:53 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 140.95.55.213.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 140.95.55.213.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.27.80.70	attackspam	IP: 213.27.80.70 ASN: AS60496 MTS PJSC Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 16/12/2019 6:57:14 AM UTC	2019-12-16 17:39:14
41.216.186.89	attack	1576477633 - 12/16/2019 07:27:13 Host: 41.216.186.89/41.216.186.89 Port: 8080 TCP Blocked	2019-12-16 17:38:04
183.89.211.143	attack	IP: 183.89.211.143 ASN: AS45758 Triple T Internet/Triple T Broadband Port: Message Submission 587 Found in one or more Blacklists Date: 16/12/2019 6:57:08 AM UTC	2019-12-16 17:47:43
89.248.174.193	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-12-16 17:48:44
1.1.217.216	attack	1576477640 - 12/16/2019 07:27:20 Host: 1.1.217.216/1.1.217.216 Port: 445 TCP Blocked	2019-12-16 17:27:14
129.28.177.29	attack	Dec 16 09:18:45 icinga sshd[17964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.28.177.29 Dec 16 09:18:47 icinga sshd[17964]: Failed password for invalid user food from 129.28.177.29 port 60116 ssh2 ...	2019-12-16 17:19:48
197.47.21.221	attack	IP: 197.47.21.221 ASN: AS8452 TE-AS Port: Message Submission 587 Found in one or more Blacklists Date: 16/12/2019 6:57:12 AM UTC	2019-12-16 17:42:02
203.160.162.213	attackbots	Dec 16 10:10:44 ns381471 sshd[5016]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.160.162.213 Dec 16 10:10:46 ns381471 sshd[5016]: Failed password for invalid user sarmiento from 203.160.162.213 port 47676 ssh2	2019-12-16 17:44:49
80.211.179.154	attackbots	Dec 16 01:09:10 mockhub sshd[8922]: Failed password for root from 80.211.179.154 port 53386 ssh2 ...	2019-12-16 17:24:02
181.231.227.248	attackbotsspam	" "	2019-12-16 17:52:12
182.61.26.50	attackbots	Dec 16 08:49:09 heissa sshd\[14049\]: Invalid user gdm from 182.61.26.50 port 48546 Dec 16 08:49:09 heissa sshd\[14049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.26.50 Dec 16 08:49:11 heissa sshd\[14049\]: Failed password for invalid user gdm from 182.61.26.50 port 48546 ssh2 Dec 16 08:55:09 heissa sshd\[15011\]: Invalid user alsager from 182.61.26.50 port 33594 Dec 16 08:55:09 heissa sshd\[15011\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.26.50	2019-12-16 17:28:23
106.13.52.234	attackbotsspam	Dec 16 07:27:00 tuxlinux sshd[28236]: Invalid user daniel from 106.13.52.234 port 38118 Dec 16 07:27:00 tuxlinux sshd[28236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Dec 16 07:27:00 tuxlinux sshd[28236]: Invalid user daniel from 106.13.52.234 port 38118 Dec 16 07:27:00 tuxlinux sshd[28236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Dec 16 07:27:00 tuxlinux sshd[28236]: Invalid user daniel from 106.13.52.234 port 38118 Dec 16 07:27:00 tuxlinux sshd[28236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.52.234 Dec 16 07:27:01 tuxlinux sshd[28236]: Failed password for invalid user daniel from 106.13.52.234 port 38118 ssh2 ...	2019-12-16 17:53:02
197.56.21.168	attackspam	IP: 197.56.21.168 ASN: AS8452 TE-AS Port: Message Submission 587 Found in one or more Blacklists Date: 16/12/2019 6:57:13 AM UTC	2019-12-16 17:40:41
111.241.123.202	attackbotsspam	" "	2019-12-16 17:28:54
222.252.113.158	attack	IP: 222.252.113.158 ASN: AS45899 VNPT Corp Port: Message Submission 587 Found in one or more Blacklists Date: 16/12/2019 6:57:15 AM UTC	2019-12-16 17:38:49

Recently Reported IPs

123.16.67.221	196.124.43.19	70.99.11.212	62.190.24.196
71.146.174.139	104.89.120.235	40.226.95.39	179.68.44.246
87.236.27.177	150.229.221.59	24.31.193.234	108.230.215.166
85.243.95.43	32.91.153.23	42.188.178.214	133.88.170.167
90.143.10.247	204.88.136.208	59.118.108.194	64.129.148.74