5.144.130.12 - IPInfo

Basic Info

City: Tehran

Region: Ostan-e Tehran

Country: Iran

Internet Service Provider: Noavaran Shabakeh Sabz Mehregan Company Limited

Hostname: unknown

Organization: Noavaran Shabakeh Sabz Mehregan Company Limited

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Attempts to probe for or exploit a Drupal site on url: /wp-login.php. Reported by the module https://www.drupal.org/project/abuseipdb.	2020-02-25 15:53:51
attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2019-10-19 06:31:28

Comments on same subnet:

IP	Type	Details	Datetime
5.144.130.16	attackbotsspam	LGS,WP GET /blogs/wp-includes/wlwmanifest.xml	2020-06-01 15:56:09
5.144.130.21	attackspambots	php WP PHPmyadamin ABUSE blocked for 12h	2019-11-20 05:23:56
5.144.130.21	attackbotsspam	abcdata-sys.de:80 5.144.130.21 - - \[10/Oct/2019:13:53:46 +0200\] "POST /xmlrpc.php HTTP/1.1" 301 441 "-" "Windows Live Writter" www.goldgier.de 5.144.130.21 \[10/Oct/2019:13:53:46 +0200\] "POST /xmlrpc.php HTTP/1.1" 200 4484 "-" "Windows Live Writter"	2019-10-11 00:18:40
5.144.130.15	attackbotsspam	proto=tcp . spt=54496 . dpt=25 . (listed on 5.144.128.0/21 Iranian ip dnsbl-sorbs abuseat-org barracuda) (15)	2019-07-03 10:40:44
5.144.130.15	attackspam	2019-06-23T21:07:13.384655beta postfix/smtpd[8110]: NOQUEUE: reject: RCPT from 5-144-130-15.static.hostiran.name[5.144.130.15]: 554 5.7.1 Service unavailable; Client host [5.144.130.15] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/5.144.130.15; from= to= proto=ESMTP helo=<5-144-130-15.static.hostiran.name> ...	2019-06-24 06:18:46

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 5.144.130.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46459
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;5.144.130.12.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 00:12:04 +08 2019
;; MSG SIZE  rcvd: 116

Host info

12.130.144.5.in-addr.arpa domain name pointer 5-144-130-12.static.hostiran.name.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
12.130.144.5.in-addr.arpa	name = 5-144-130-12.static.hostiran.name.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
179.57.224.150	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-28 07:22:50
42.98.7.111	attack	Honeypot attack, port: 5555, PTR: 42-98-7-111.static.netvigator.com.	2020-01-28 07:18:13
138.197.33.113	attackbots	Jan 27 21:10:12 ourumov-web sshd\[24136\]: Invalid user hattori from 138.197.33.113 port 38846 Jan 27 21:10:12 ourumov-web sshd\[24136\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.33.113 Jan 27 21:10:14 ourumov-web sshd\[24136\]: Failed password for invalid user hattori from 138.197.33.113 port 38846 ssh2 ...	2020-01-28 07:28:18
45.72.220.247	attackbots	Honeypot attack, port: 5555, PTR: 45-72-220-247.cpe.teksavvy.com.	2020-01-28 07:04:55
91.215.57.179	attackspam	2019-03-13 20:08:21 H=\(ip-57-179.dynamic.pool.volsstroy.com.ua\) \[91.215.57.179\]:15796 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-13 20:08:55 H=\(ip-57-179.dynamic.pool.volsstroy.com.ua\) \[91.215.57.179\]:16051 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-13 20:09:18 H=\(ip-57-179.dynamic.pool.volsstroy.com.ua\) \[91.215.57.179\]:16220 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-01-28 07:15:04
218.50.76.209	attackbotsspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-01-28 07:36:15
118.69.174.108	attack	Automatic report - XMLRPC Attack	2020-01-28 07:37:02
125.179.77.222	attackbots	Unauthorized connection attempt detected from IP address 125.179.77.222 to port 5555 [J]	2020-01-28 07:28:51
187.163.100.128	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-28 07:32:22
159.65.54.221	attackbots	Invalid user nagios from 159.65.54.221 port 48080	2020-01-28 07:39:47
123.170.45.180	attackspam	5555/tcp [2020-01-27]1pkt	2020-01-28 07:08:02
69.70.96.242	attackbots	Unauthorised access (Jan 27) SRC=69.70.96.242 LEN=40 TTL=54 ID=35116 TCP DPT=23 WINDOW=30996 SYN	2020-01-28 07:15:45
91.20.100.81	attackspam	2019-11-25 01:34:04 1iZ2KH-0005cR-Mk SMTP connection from p5b146451.dip0.t-ipconnect.de \[91.20.100.81\]:18966 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-11-25 01:34:09 1iZ2KN-0005cn-9O SMTP connection from p5b146451.dip0.t-ipconnect.de \[91.20.100.81\]:19007 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-11-25 01:34:13 1iZ2KR-0005cu-Rk SMTP connection from p5b146451.dip0.t-ipconnect.de \[91.20.100.81\]:19033 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 07:25:23
58.152.135.139	attackspambots	Unauthorized connection attempt detected from IP address 58.152.135.139 to port 5555 [J]	2020-01-28 07:21:43
41.41.77.154	attack	23/tcp [2020-01-27]1pkt	2020-01-28 07:20:34

Recently Reported IPs

183.91.67.246	212.253.77.169	183.157.169.145	177.184.139.230
222.139.92.89	59.1.104.140	218.60.67.7	36.81.112.131
187.72.232.172	211.105.82.250	187.120.183.20	51.15.156.40
212.42.215.226	117.2.160.166	77.247.109.64	182.160.97.222
114.24.220.237	149.56.102.221	23.234.10.197	220.191.249.253