1.199.134.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Henan Telecom Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorised access (Aug 4) SRC=1.199.134.55 LEN=40 TTL=49 ID=50378 TCP DPT=23 WINDOW=57297 SYN	2020-08-04 13:06:21

Comments on same subnet:

IP	Type	Details	Datetime
1.199.134.100	attackbotsspam	"SSH brute force auth login attempt."	2020-01-27 19:03:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.199.134.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59572
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.199.134.55.			IN	A

;; AUTHORITY SECTION:
.			561	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020080301 1800 900 604800 86400

;; Query time: 21 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Aug 04 13:06:09 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 55.134.199.1.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 55.134.199.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
158.140.112.58	attackspam	Icarus honeypot on github	2020-10-03 06:51:25
183.166.170.133	attack	Oct 2 22:30:45 srv01 postfix/smtpd\[1755\]: warning: unknown\[183.166.170.133\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 22:34:11 srv01 postfix/smtpd\[6490\]: warning: unknown\[183.166.170.133\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 22:37:37 srv01 postfix/smtpd\[11183\]: warning: unknown\[183.166.170.133\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 22:41:03 srv01 postfix/smtpd\[11183\]: warning: unknown\[183.166.170.133\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 2 22:41:14 srv01 postfix/smtpd\[11183\]: warning: unknown\[183.166.170.133\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-03 07:11:24
5.188.84.242	attack	5,67-01/02 [bc01/m12] PostRequest-Spammer scoring: maputo01_x2b	2020-10-03 06:39:48
103.57.220.28	attackspambots	WordPress wp-login brute force :: 103.57.220.28 0.076 BYPASS [02/Oct/2020:20:41:24 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2577 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-03 07:05:44
51.38.85.146	attackbots	[portscan] Port scan	2020-10-03 07:15:30
128.14.230.12	attackspambots	SSH Invalid Login	2020-10-03 06:37:28
101.133.174.69	attackbotsspam	101.133.174.69 - - [03/Oct/2020:01:07:05 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 101.133.174.69 - - [03/Oct/2020:01:07:09 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 101.133.174.69 - - [03/Oct/2020:01:07:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-10-03 07:16:00
2.57.122.221	attackspambots	Oct 2 18:01:24 vz239 sshd[17521]: Invalid user ubnt from 2.57.122.221 Oct 2 18:01:24 vz239 sshd[17521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.122.221 Oct 2 18:01:27 vz239 sshd[17521]: Failed password for invalid user ubnt from 2.57.122.221 port 43296 ssh2 Oct 2 18:01:27 vz239 sshd[17521]: Received disconnect from 2.57.122.221: 11: Bye Bye [preauth] Oct 2 18:01:27 vz239 sshd[17523]: Invalid user admin from 2.57.122.221 Oct 2 18:01:27 vz239 sshd[17523]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.122.221 Oct 2 18:01:29 vz239 sshd[17523]: Failed password for invalid user admin from 2.57.122.221 port 51310 ssh2 Oct 2 18:01:29 vz239 sshd[17523]: Received disconnect from 2.57.122.221: 11: Bye Bye [preauth] Oct 2 18:01:30 vz239 sshd[17525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.57.122.221 user=r.r Oct 2 18:01:3........ -------------------------------	2020-10-03 06:59:26
34.120.202.146	attack	RU spamvertising, health fraud - From: GlucaFIX UBE 185.176.220.179 (EHLO gopxk.imkeeperr.com) 2 Cloud Ltd. Spam link redfloppy.com = 185.246.116.174 Vpsville LLC – phishing redirect: a) aptrk13.com = 35.204.93.160 Google b) www.ep20trk.com = 34.120.202.146 Google c) www.glucafix.us = 104.27.187.98, 104.27.186.98, 172.67.201.182 Cloudflare d) glucafix.us = ditto Images - - http://redfloppy.com/web/imgs/mi1tb6fg.png = dailybetterhealth.com = 104.27.138.27, 104.27.139.27, 172.67.218.161 Cloudflare - http://redfloppy.com/web/imgs/24sc48jt.png = unsub; no entity/address	2020-10-03 06:48:21
199.187.211.101	attackbotsspam	3,78-01/02 [bc00/m27] PostRequest-Spammer scoring: zurich	2020-10-03 06:45:37
14.200.208.244	attackbots	SSH Invalid Login	2020-10-03 07:10:31
189.154.176.137	attack	Oct 3 00:41:28 ift sshd\[40748\]: Invalid user dr from 189.154.176.137Oct 3 00:41:30 ift sshd\[40748\]: Failed password for invalid user dr from 189.154.176.137 port 41832 ssh2Oct 3 00:45:24 ift sshd\[41531\]: Invalid user gaurav from 189.154.176.137Oct 3 00:45:27 ift sshd\[41531\]: Failed password for invalid user gaurav from 189.154.176.137 port 52752 ssh2Oct 3 00:49:25 ift sshd\[41718\]: Invalid user demon from 189.154.176.137 ...	2020-10-03 07:07:00
170.0.160.165	attackbots	Oct 2 16:27:05 cumulus sshd[22622]: Did not receive identification string from 170.0.160.165 port 56894 Oct 2 16:27:05 cumulus sshd[22624]: Did not receive identification string from 170.0.160.165 port 56901 Oct 2 16:27:05 cumulus sshd[22623]: Did not receive identification string from 170.0.160.165 port 56900 Oct 2 16:27:06 cumulus sshd[22625]: Did not receive identification string from 170.0.160.165 port 57113 Oct 2 16:27:06 cumulus sshd[22626]: Did not receive identification string from 170.0.160.165 port 57110 Oct 2 16:27:06 cumulus sshd[22627]: Did not receive identification string from 170.0.160.165 port 57122 Oct 2 16:27:06 cumulus sshd[22628]: Did not receive identification string from 170.0.160.165 port 57151 Oct 2 16:27:08 cumulus sshd[22631]: Invalid user guest from 170.0.160.165 port 57170 Oct 2 16:27:08 cumulus sshd[22634]: Invalid user guest from 170.0.160.165 port 57173 Oct 2 16:27:08 cumulus sshd[22632]: Invalid user guest from 170.0.160.165 po........ -------------------------------	2020-10-03 06:57:56
121.201.124.41	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-10-03 06:38:39
188.131.131.59	attackspam	SSH bruteforce	2020-10-03 06:51:04

Recently Reported IPs

2607:f298:5:105b:0:6d3:3b1f:5029	186.10.245.152	183.12.243.75	119.186.251.163
157.55.39.79	191.235.78.100	3.9.114.138	190.203.122.28
161.97.86.153	145.209.133.5	142.93.229.65	5.140.165.39
87.101.143.194	60.213.233.122	194.26.149.226	115.178.223.67
40.74.231.133	95.154.106.197	36.133.86.246	35.167.235.175