62.4.55.22 - IPInfo

Basic Info

City: Podgorica

Region: Podgorica

Country: Montenegro

Internet Service Provider: Drustvo za telekomunikacije MTEL DOO

Hostname: unknown

Organization: Drustvo za telekomunikacije MTEL DOO

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Email rejected due to spam filtering	2020-10-06 05:42:14
attackbots	Email rejected due to spam filtering	2020-10-05 21:46:10
attack	Email rejected due to spam filtering	2020-10-05 13:39:39

Comments on same subnet:

IP	Type	Details	Datetime
62.4.55.67	attack	Automatic report - Banned IP Access	2020-10-06 04:23:59
62.4.55.67	attack	TCP (SYN) 62.4.55.67:20834 -> port 60001, len 44	2020-10-05 20:25:00
62.4.55.67	attack	23/tcp 5501/tcp 60001/tcp... [2020-08-12/10-04]31pkt,4pt.(tcp)	2020-10-05 12:16:00
62.4.55.39	attack	[SPAM] Personal notes on information request	2020-07-03 21:41:36
62.4.55.235	attackspam	Unauthorized connection attempt detected from IP address 62.4.55.235 to port 445	2020-07-01 20:50:56
62.4.55.230	attack	WordPress XMLRPC scan :: 62.4.55.230 0.088 - [15/Feb/2020:04:46:31 0000] www.[censored_1] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" "HTTP/1.1"	2020-02-15 21:19:50
62.4.55.219	attackspambots	Honeypot attack, port: 1, PTR: cable-cgn.219.mtel.me.	2020-01-18 06:16:43
62.4.55.56	attackbots	Jan 10 22:10:06 grey postfix/smtpd\[27528\]: NOQUEUE: reject: RCPT from unknown\[62.4.55.56\]: 554 5.7.1 Service unavailable\; Client host \[62.4.55.56\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[62.4.55.56\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-11 07:02:42
62.4.55.144	attack	Unauthorized connection attempt detected from IP address 62.4.55.144 to port 445	2019-12-28 00:49:24
62.4.55.20	attackspam	Autoban 62.4.55.20 AUTH/CONNECT	2019-12-13 02:12:08
62.4.55.133	attack	Autoban 62.4.55.133 AUTH/CONNECT	2019-12-13 02:11:51
62.4.55.144	attackspambots	Unauthorized connection attempt from IP address 62.4.55.144 on Port 445(SMB)	2019-09-11 02:41:23
62.4.55.144	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 19:52:34,638 INFO [shellcode_manager] (62.4.55.144) no match, writing hexdump (8e36df09280896c49ab595c856f1db59 :2354843) - MS17010 (EternalBlue)	2019-07-10 11:10:56
62.4.55.144	attackbots	Unauthorized connection attempt from IP address 62.4.55.144 on Port 445(SMB)	2019-06-22 02:01:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 62.4.55.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1877
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;62.4.55.22.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061702 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jun 18 15:52:43 CST 2019
;; MSG SIZE  rcvd: 114

Host info

22.55.4.62.in-addr.arpa domain name pointer cable-cgn.22.mtel.me.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
22.55.4.62.in-addr.arpa	name = cable-cgn.22.mtel.me.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
195.159.234.190	attackspam	$f2bV_matches	2020-09-02 05:45:03
113.193.25.98	attackbotsspam	Aug 21 01:59:29 server sshd[29116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.193.25.98 Aug 21 01:59:31 server sshd[29116]: Failed password for invalid user mia from 113.193.25.98 port 52538 ssh2 Aug 21 02:04:47 server sshd[29531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.193.25.98 user=root Aug 21 02:04:49 server sshd[29531]: Failed password for invalid user root from 113.193.25.98 port 40140 ssh2	2020-09-02 05:58:00
178.64.247.134	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-02 05:59:18
49.235.209.206	attackspam	(sshd) Failed SSH login from 49.235.209.206 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 1 22:32:34 amsweb01 sshd[5677]: Invalid user support from 49.235.209.206 port 55598 Sep 1 22:32:36 amsweb01 sshd[5677]: Failed password for invalid user support from 49.235.209.206 port 55598 ssh2 Sep 1 22:38:11 amsweb01 sshd[6545]: Invalid user karen from 49.235.209.206 port 55644 Sep 1 22:38:13 amsweb01 sshd[6545]: Failed password for invalid user karen from 49.235.209.206 port 55644 ssh2 Sep 1 22:43:25 amsweb01 sshd[7506]: Invalid user bea from 49.235.209.206 port 53890	2020-09-02 05:48:12
115.238.65.36	attackspambots	Invalid user alfred from 115.238.65.36 port 47470	2020-09-02 05:26:54
193.228.91.123	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-01T21:20:58Z and 2020-09-01T21:21:44Z	2020-09-02 05:36:35
91.202.132.7	attackspam	Icarus honeypot on github	2020-09-02 05:43:27
104.155.213.9	attackbotsspam	Invalid user admin123 from 104.155.213.9 port 49832	2020-09-02 05:40:10
114.112.161.155	attack	Sep 1 22:25:00 lnxmail61 postfix/smtpd[27588]: lost connection after CONNECT from unknown[114.112.161.155] Sep 1 22:25:04 lnxmail61 postfix/smtpd[27588]: warning: unknown[114.112.161.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 1 22:25:04 lnxmail61 postfix/smtpd[27588]: warning: unknown[114.112.161.155]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2020-09-02 05:35:28
106.13.19.75	attack	Aug 27 13:30:29 server sshd[12871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.19.75 user=root Aug 27 13:30:31 server sshd[12871]: Failed password for invalid user root from 106.13.19.75 port 56198 ssh2 Aug 27 13:38:50 server sshd[13145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.19.75 user=root Aug 27 13:38:52 server sshd[13145]: Failed password for invalid user root from 106.13.19.75 port 48120 ssh2	2020-09-02 05:53:28
159.65.154.48	attackbots	Invalid user teamspeak from 159.65.154.48 port 34434	2020-09-02 05:49:14
139.155.21.34	attackbots	Input Traffic from this IP, but critial abuseconfidencescore	2020-09-02 05:39:51
222.186.42.7	attack	Sep 1 23:51:11 * sshd[14078]: Failed password for root from 222.186.42.7 port 60957 ssh2	2020-09-02 05:53:15
114.231.42.212	attackbots	malicious Brute-Force reported by https://www.patrick-binder.de ...	2020-09-02 05:37:15
68.183.92.52	attackbots	(sshd) Failed SSH login from 68.183.92.52 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 1 15:33:58 server5 sshd[9117]: Failed password for root from 68.183.92.52 port 36774 ssh2 Sep 1 15:35:34 server5 sshd[9855]: Invalid user tzq from 68.183.92.52 Sep 1 15:35:36 server5 sshd[9855]: Failed password for invalid user tzq from 68.183.92.52 port 53604 ssh2 Sep 1 15:36:46 server5 sshd[10454]: Invalid user postgres from 68.183.92.52 Sep 1 15:36:49 server5 sshd[10454]: Failed password for invalid user postgres from 68.183.92.52 port 41472 ssh2	2020-09-02 05:38:44

Recently Reported IPs

147.44.5.200	187.243.194.97	171.109.149.159	5.200.48.18
118.220.14.169	101.206.135.167	36.72.79.9	178.254.221.33
37.87.137.220	95.55.42.205	211.158.193.209	147.90.5.182
217.160.143.93	57.240.163.188	207.107.245.130	185.7.229.152
131.40.243.173	192.243.108.171	53.246.153.107	192.216.213.207