213.55.95.185 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Ethiopia

Internet Service Provider: Ethio Telecom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 213.55.95.185 to port 445 [T]	2020-08-14 01:54:51

Comments on same subnet:

IP	Type	Details	Datetime
213.55.95.203	attackspambots	Unauthorized IMAP connection attempt	2020-08-21 23:59:23
213.55.95.186	attack	Unauthorized connection attempt from IP address 213.55.95.186 on Port 445(SMB)	2020-08-18 01:30:00
213.55.95.177	attackbots	20/6/3@07:49:40: FAIL: Alarm-Network address from=213.55.95.177 ...	2020-06-04 02:06:58
213.55.95.228	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-14 02:15:19
213.55.95.171	attackspam	Unauthorized connection attempt from IP address 213.55.95.171 on Port 445(SMB)	2019-12-06 08:20:26
213.55.95.187	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 16-11-2019 06:20:33.	2019-11-16 20:16:36
213.55.95.149	attack	Unauthorized connection attempt from IP address 213.55.95.149 on Port 445(SMB)	2019-10-26 01:54:03
213.55.95.158	attackbots	Unauthorised access (Oct 12) SRC=213.55.95.158 LEN=52 TTL=112 ID=14240 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-12 21:56:02
213.55.95.150	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-25 14:18:02,900 INFO [shellcode_manager] (213.55.95.150) no match, writing hexdump (c0023eea185e3c8551cdc9ee669bfa00 :2357805) - MS17010 (EternalBlue)	2019-08-26 05:44:39
213.55.95.137	attackspam	Unauthorized connection attempt from IP address 213.55.95.137 on Port 445(SMB)	2019-08-23 03:44:32
213.55.95.150	attackspambots	Unauthorised access (Jul 30) SRC=213.55.95.150 LEN=52 TTL=112 ID=6749 DF TCP DPT=445 WINDOW=8192 SYN	2019-07-31 06:04:22
213.55.95.158	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-18 08:17:24,370 INFO [amun_request_handler] PortScan Detected on Port: 445 (213.55.95.158)	2019-07-19 00:25:29
213.55.95.140	attackbotsspam	Detected by ModSecurity. Request URI: /wp-login.php	2019-06-30 23:35:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 213.55.95.185
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8844
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;213.55.95.185.			IN	A

;; AUTHORITY SECTION:
.			374	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020081300 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Aug 14 01:54:46 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 185.95.55.213.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 185.95.55.213.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.104.7.32	attackspam	Brute force SMTP login attempts.	2019-10-13 23:03:18
148.72.210.28	attack	2019-10-13T15:58:12.485748tmaserv sshd\[10394\]: Failed password for invalid user password123!@\# from 148.72.210.28 port 57570 ssh2 2019-10-13T17:00:17.973688tmaserv sshd\[12868\]: Invalid user %TGB$RFV\#EDC from 148.72.210.28 port 42934 2019-10-13T17:00:17.976665tmaserv sshd\[12868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-210-28.ip.secureserver.net 2019-10-13T17:00:19.446748tmaserv sshd\[12868\]: Failed password for invalid user %TGB$RFV\#EDC from 148.72.210.28 port 42934 ssh2 2019-10-13T17:04:40.804297tmaserv sshd\[13073\]: Invalid user %TGB$RFV\#EDC from 148.72.210.28 port 53968 2019-10-13T17:04:40.806761tmaserv sshd\[13073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip-148-72-210-28.ip.secureserver.net ...	2019-10-13 23:08:42
51.255.199.33	attack	Automatic report - Banned IP Access	2019-10-13 23:24:55
181.177.113.96	attackspam	Automatic report - Banned IP Access	2019-10-13 22:43:39
149.56.89.123	attack	Oct 13 16:12:54 tux-35-217 sshd\[21808\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.89.123 user=root Oct 13 16:12:56 tux-35-217 sshd\[21808\]: Failed password for root from 149.56.89.123 port 43408 ssh2 Oct 13 16:22:14 tux-35-217 sshd\[21873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.89.123 user=root Oct 13 16:22:16 tux-35-217 sshd\[21873\]: Failed password for root from 149.56.89.123 port 35350 ssh2 ...	2019-10-13 23:01:03
185.156.1.99	attackspambots	F2B jail: sshd. Time: 2019-10-13 16:27:20, Reported by: VKReport	2019-10-13 22:43:11
104.131.109.193	attackspam	port scan and connect, tcp 80 (http)	2019-10-13 23:25:28
104.244.78.231	attack	$f2bV_matches	2019-10-13 22:41:08
134.209.154.25	attackbotsspam	Oct 13 16:02:36 vmanager6029 sshd\[15019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.154.25 user=root Oct 13 16:02:39 vmanager6029 sshd\[15019\]: Failed password for root from 134.209.154.25 port 57560 ssh2 Oct 13 16:07:17 vmanager6029 sshd\[15106\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.154.25 user=root	2019-10-13 22:42:30
114.67.76.63	attackbots	Oct 13 22:11:14 webhost01 sshd[8930]: Failed password for root from 114.67.76.63 port 53584 ssh2 ...	2019-10-13 23:26:41
118.25.39.110	attackbotsspam	Oct 13 01:47:50 web9 sshd\[30159\]: Invalid user 123Alex from 118.25.39.110 Oct 13 01:47:50 web9 sshd\[30159\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.39.110 Oct 13 01:47:51 web9 sshd\[30159\]: Failed password for invalid user 123Alex from 118.25.39.110 port 36720 ssh2 Oct 13 01:52:24 web9 sshd\[30768\]: Invalid user 1234Root from 118.25.39.110 Oct 13 01:52:24 web9 sshd\[30768\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.39.110	2019-10-13 23:15:41
222.186.190.2	attackspam	SSH Brute Force, server-1 sshd[16160]: Failed password for root from 222.186.190.2 port 10268 ssh2	2019-10-13 22:40:37
104.244.77.210	attackbotsspam	2019-10-13T14:45:35.784257abusebot-6.cloudsearch.cf sshd\[24230\]: Invalid user fake from 104.244.77.210 port 55658	2019-10-13 22:46:59
50.62.208.74	attackspambots	port scan and connect, tcp 80 (http)	2019-10-13 23:21:23
189.125.2.234	attackspambots	Oct 13 04:57:15 web9 sshd\[23720\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.125.2.234 user=root Oct 13 04:57:17 web9 sshd\[23720\]: Failed password for root from 189.125.2.234 port 11965 ssh2 Oct 13 05:01:39 web9 sshd\[24259\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.125.2.234 user=root Oct 13 05:01:41 web9 sshd\[24259\]: Failed password for root from 189.125.2.234 port 54853 ssh2 Oct 13 05:05:55 web9 sshd\[24956\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.125.2.234 user=root	2019-10-13 23:19:19

Recently Reported IPs

113.173.85.110	103.81.114.117	102.165.30.1	95.57.79.194
89.98.225.31	213.242.239.1	109.234.224.121	130.202.240.20
201.20.149.24	52.76.109.55	46.143.103.157	51.253.44.167
47.9.124.99	37.52.163.163	31.217.213.190	5.236.137.104
5.156.98.75	5.105.23.118	212.193.179.25	189.173.183.17