1.52.166.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Autoban 1.52.166.55 AUTH/CONNECT	2019-11-18 22:23:40

Comments on same subnet:

IP	Type	Details	Datetime
1.52.166.17	attack	1581601657 - 02/13/2020 14:47:37 Host: 1.52.166.17/1.52.166.17 Port: 445 TCP Blocked	2020-02-14 01:30:55
1.52.166.73	attackspambots	Unauthorized connection attempt from IP address 1.52.166.73 on Port 445(SMB)	2020-02-02 05:52:19
1.52.166.239	attackspam	Invalid user admin from 1.52.166.239 port 37660	2019-09-13 13:07:25
1.52.166.239	attackspambots	Sep 11 00:36:19 legacy sshd[24796]: Failed password for root from 1.52.166.239 port 30348 ssh2 Sep 11 00:37:01 legacy sshd[24836]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.52.166.239 Sep 11 00:37:03 legacy sshd[24836]: Failed password for invalid user user from 1.52.166.239 port 14666 ssh2 ...	2019-09-11 06:43:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.52.166.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56634
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.52.166.55.			IN	A

;; AUTHORITY SECTION:
.			400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111800 1800 900 604800 86400

;; Query time: 183 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 18 22:23:31 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 55.166.52.1.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 55.166.52.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.18.248	attack	Feb 25 01:36:59 sd-53420 sshd\[32555\]: Invalid user ansible from 106.12.18.248 Feb 25 01:36:59 sd-53420 sshd\[32555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.248 Feb 25 01:37:00 sd-53420 sshd\[32555\]: Failed password for invalid user ansible from 106.12.18.248 port 44804 ssh2 Feb 25 01:45:46 sd-53420 sshd\[1012\]: Invalid user ghost from 106.12.18.248 Feb 25 01:45:46 sd-53420 sshd\[1012\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.18.248 ...	2020-02-25 08:54:45
83.227.8.200	attack	Honeypot attack, port: 5555, PTR: ua-83-227-8-200.bbcust.telenor.se.	2020-02-25 08:53:07
180.190.112.226	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-25 09:01:41
180.76.53.230	attackspambots	Lines containing failures of 180.76.53.230 Feb 24 23:11:13 shared03 sshd[6912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.230 user=r.r Feb 24 23:11:15 shared03 sshd[6912]: Failed password for r.r from 180.76.53.230 port 57520 ssh2 Feb 24 23:11:15 shared03 sshd[6912]: Received disconnect from 180.76.53.230 port 57520:11: Bye Bye [preauth] Feb 24 23:11:15 shared03 sshd[6912]: Disconnected from authenticating user r.r 180.76.53.230 port 57520 [preauth] Feb 24 23:43:48 shared03 sshd[19573]: Invalid user mattermos from 180.76.53.230 port 40934 Feb 24 23:43:48 shared03 sshd[19573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.53.230 Feb 24 23:43:50 shared03 sshd[19573]: Failed password for invalid user mattermos from 180.76.53.230 port 40934 ssh2 Feb 24 23:43:50 shared03 sshd[19573]: Received disconnect from 180.76.53.230 port 40934:11: Bye Bye [preauth] Feb 24 23:43:50 s........ ------------------------------	2020-02-25 08:55:43
142.93.1.100	attack	Feb 25 00:28:53 *** sshd[28754]: Invalid user jyoti from 142.93.1.100	2020-02-25 08:57:42
111.229.36.119	attackbotsspam	Feb 25 00:22:41 silence02 sshd[20385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.36.119 Feb 25 00:22:43 silence02 sshd[20385]: Failed password for invalid user django from 111.229.36.119 port 59350 ssh2 Feb 25 00:24:16 silence02 sshd[21090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.36.119	2020-02-25 08:46:47
202.79.168.169	attack	Feb 25 01:24:45 jane sshd[19041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.79.168.169 Feb 25 01:24:47 jane sshd[19041]: Failed password for invalid user data from 202.79.168.169 port 47030 ssh2 ...	2020-02-25 08:37:56
209.105.243.145	attackbotsspam	Feb 25 01:36:18 mout sshd[22737]: Invalid user sinusbot from 209.105.243.145 port 43771	2020-02-25 09:03:25
134.17.139.223	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-25 08:29:56
114.142.169.39	attack	$f2bV_matches	2020-02-25 08:46:20
106.12.140.168	attack	Feb 25 00:30:26 game-panel sshd[18404]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.140.168 Feb 25 00:30:28 game-panel sshd[18404]: Failed password for invalid user nxroot from 106.12.140.168 port 44610 ssh2 Feb 25 00:34:22 game-panel sshd[18522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.140.168	2020-02-25 08:40:31
106.13.81.181	attackspam	Feb 25 01:29:26 plex sshd[30159]: Invalid user squadserver from 106.13.81.181 port 33164	2020-02-25 08:47:22
51.68.123.198	attack	Feb 25 01:21:10 MK-Soft-VM7 sshd[28034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.123.198 Feb 25 01:21:13 MK-Soft-VM7 sshd[28034]: Failed password for invalid user anton from 51.68.123.198 port 45180 ssh2 ...	2020-02-25 08:34:25
120.149.119.229	attackspam	Honeypot attack, port: 5555, PTR: cpe-120-149-119-229.wb03.wa.asp.telstra.net.	2020-02-25 08:54:18
222.186.30.248	attackspambots	Feb 25 02:00:59 dcd-gentoo sshd[32182]: User root from 222.186.30.248 not allowed because none of user's groups are listed in AllowGroups Feb 25 02:01:01 dcd-gentoo sshd[32182]: error: PAM: Authentication failure for illegal user root from 222.186.30.248 Feb 25 02:00:59 dcd-gentoo sshd[32182]: User root from 222.186.30.248 not allowed because none of user's groups are listed in AllowGroups Feb 25 02:01:01 dcd-gentoo sshd[32182]: error: PAM: Authentication failure for illegal user root from 222.186.30.248 Feb 25 02:00:59 dcd-gentoo sshd[32182]: User root from 222.186.30.248 not allowed because none of user's groups are listed in AllowGroups Feb 25 02:01:01 dcd-gentoo sshd[32182]: error: PAM: Authentication failure for illegal user root from 222.186.30.248 Feb 25 02:01:01 dcd-gentoo sshd[32182]: Failed keyboard-interactive/pam for invalid user root from 222.186.30.248 port 53582 ssh2 ...	2020-02-25 09:02:56

Recently Reported IPs

1.46.6.184	1.186.86.254	101.69.200.35	1.32.59.123
96.77.182.222	95.59.57.7	1.186.86.252	42.36.133.163
1.251.215.19	1.186.86.251	1.248.199.2	1.186.86.247
111.241.118.47	1.186.86.245	1.223.248.99	1.186.86.234
86.107.39.168	134.19.179.243	111.92.107.73	246.156.80.239