213.55.95.171 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Ethiopia

Internet Service Provider: Ethio Telecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 213.55.95.171 on Port 445(SMB)	2019-12-06 08:20:26

Comments on same subnet:

IP	Type	Details	Datetime
213.55.95.203	attackspambots	Unauthorized IMAP connection attempt	2020-08-21 23:59:23
213.55.95.186	attack	Unauthorized connection attempt from IP address 213.55.95.186 on Port 445(SMB)	2020-08-18 01:30:00
213.55.95.185	attack	Unauthorized connection attempt detected from IP address 213.55.95.185 to port 445 [T]	2020-08-14 01:54:51
213.55.95.177	attackbots	20/6/3@07:49:40: FAIL: Alarm-Network address from=213.55.95.177 ...	2020-06-04 02:06:58
213.55.95.228	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-14 02:15:19
213.55.95.187	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 16-11-2019 06:20:33.	2019-11-16 20:16:36
213.55.95.149	attack	Unauthorized connection attempt from IP address 213.55.95.149 on Port 445(SMB)	2019-10-26 01:54:03
213.55.95.158	attackbots	Unauthorised access (Oct 12) SRC=213.55.95.158 LEN=52 TTL=112 ID=14240 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-12 21:56:02
213.55.95.150	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 14:18:02,900 INFO [shellcode_manager] (213.55.95.150) no match, writing hexdump (c0023eea185e3c8551cdc9ee669bfa00 :2357805) - MS17010 (EternalBlue)	2019-08-26 05:44:39
213.55.95.137	attackspam	Unauthorized connection attempt from IP address 213.55.95.137 on Port 445(SMB)	2019-08-23 03:44:32
213.55.95.150	attackspambots	Unauthorised access (Jul 30) SRC=213.55.95.150 LEN=52 TTL=112 ID=6749 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-31 06:04:22
213.55.95.158	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 08:17:24,370 INFO [amun_request_handler] PortScan Detected on Port: 445 (213.55.95.158)	2019-07-19 00:25:29
213.55.95.140	attackbotsspam	Detected by ModSecurity. Request URI: /wp-login.php	2019-06-30 23:35:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.55.95.171
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34130
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.55.95.171.			IN	A

;; AUTHORITY SECTION:
.			295	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120502 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Dec 06 08:20:21 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 171.95.55.213.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 171.95.55.213.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.87.139.159	attackspam	DATE:2020-09-03 21:38:21, IP:194.87.139.159, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-09-04 04:19:16
220.134.126.57	attack	Port Scan ...	2020-09-04 04:19:00
117.85.113.111	attackbots	/%23	2020-09-04 04:31:59
111.93.41.206	attack	1599151869 - 09/03/2020 18:51:09 Host: 111.93.41.206/111.93.41.206 Port: 445 TCP Blocked	2020-09-04 04:36:45
191.240.89.232	attack	Attempted Brute Force (dovecot)	2020-09-04 04:35:15
112.85.42.172	attackbots	Sep 3 20:31:40 ip-172-31-61-156 sshd[14022]: Failed password for root from 112.85.42.172 port 62677 ssh2 Sep 3 20:31:43 ip-172-31-61-156 sshd[14022]: Failed password for root from 112.85.42.172 port 62677 ssh2 Sep 3 20:31:38 ip-172-31-61-156 sshd[14022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.172 user=root Sep 3 20:31:40 ip-172-31-61-156 sshd[14022]: Failed password for root from 112.85.42.172 port 62677 ssh2 Sep 3 20:31:43 ip-172-31-61-156 sshd[14022]: Failed password for root from 112.85.42.172 port 62677 ssh2 ...	2020-09-04 04:38:43
183.83.160.190	attack	1599151865 - 09/03/2020 18:51:05 Host: 183.83.160.190/183.83.160.190 Port: 445 TCP Blocked ...	2020-09-04 04:40:07
5.125.73.250	attack	TCP (SYN) 5.125.73.250:61597 -> port 445, len 52	2020-09-04 04:18:30
217.21.54.221	attack	Sep 3 19:12:24 inter-technics sshd[22402]: Invalid user user3 from 217.21.54.221 port 37344 Sep 3 19:12:24 inter-technics sshd[22402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.21.54.221 Sep 3 19:12:24 inter-technics sshd[22402]: Invalid user user3 from 217.21.54.221 port 37344 Sep 3 19:12:26 inter-technics sshd[22402]: Failed password for invalid user user3 from 217.21.54.221 port 37344 ssh2 Sep 3 19:13:51 inter-technics sshd[22443]: Invalid user admin from 217.21.54.221 port 39834 ...	2020-09-04 04:39:05
91.200.115.75	attack	TCP (SYN) 91.200.115.75:27693 -> port 7547, len 40	2020-09-04 04:23:08
206.189.181.12	attackspam	TCP (SYN) 206.189.181.12:34377 -> port 23, len 44	2020-09-04 04:09:28
192.99.175.184	attack	TCP (SYN) 192.99.175.184:27179 -> port 1080, len 60	2020-09-04 04:19:36
112.115.105.132	attack	TCP (SYN) 112.115.105.132:59629 -> port 1433, len 44	2020-09-04 04:30:29
125.211.119.98	attackspambots	TCP (SYN) 125.211.119.98:59792 -> port 1433, len 52	2020-09-04 04:21:42
220.135.63.171	attackbots	23/tcp 23/tcp [2020-08-31/09-01]2pkt	2020-09-04 04:08:37

Recently Reported IPs

177.133.58.0	187.237.19.114	201.48.143.0	183.17.231.184
188.36.121.218	122.51.58.42	216.55.147.45	191.55.139.253
118.69.128.182	41.186.57.190	202.108.199.62	1.161.63.4
184.169.45.4	182.232.236.154	190.39.255.129	177.38.76.190
94.231.160.54	43.226.73.25	27.79.149.173	223.97.197.140