1.55.108.127 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: FPT Telecom Company

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 1.55.108.127 to port 445	2019-12-25 02:59:24

Comments on same subnet:

IP	Type	Details	Datetime
1.55.108.58	attackbots	2020-06-27 22:41:51.946579-0500 localhost smtpd[52166]: NOQUEUE: reject: RCPT from unknown[1.55.108.58]: 554 5.7.1 Service unavailable; Client host [1.55.108.58] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/1.55.108.58; from= to= proto=ESMTP helo=<[1.55.108.58]>	2020-06-28 19:27:02
1.55.108.102	attackbotsspam	Unauthorized IMAP connection attempt	2020-06-26 04:01:30
1.55.108.46	attackbotsspam	2020-03-14 14:17:50 1jD6fk-0002IS-GS SMTP connection from $\[1.55.108.46\]$ \[1.55.108.46\]:51276 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-03-14 14:18:40 1jD6gX-0002Jd-PO SMTP connection from $\[1.55.108.46\]$ \[1.55.108.46\]:2982 I=\[193.107.88.166\]:25 closed by DROP in ACL 2020-03-14 14:19:32 1jD6hM-0002Kb-Rw SMTP connection from $\[1.55.108.46\]$ \[1.55.108.46\]:10038 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-06-01 21:28:09
1.55.108.2	attackspam	Attempted connection to ports 8291, 8728.	2020-03-11 20:36:16
1.55.108.74	attack	Host Scan	2020-02-29 09:30:09
1.55.108.204	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-02-11 17:03:26
1.55.108.170	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-22 04:43:03
1.55.108.27	attackbots	Unauthorized connection attempt from IP address 1.55.108.27 on Port 445(SMB)	2019-12-27 07:49:14
1.55.108.91	attackbotsspam	Unauthorised access (Nov 28) SRC=1.55.108.91 LEN=52 TTL=108 ID=4877 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-29 02:46:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.55.108.127
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10171
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.55.108.127.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122401 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 25 02:59:19 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 127.108.55.1.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 127.108.55.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.76.83.168	attackspam	Mar 19 22:52:07 sticky sshd\[29784\]: Invalid user pi from 183.76.83.168 port 55810 Mar 19 22:52:07 sticky sshd\[29785\]: Invalid user pi from 183.76.83.168 port 55812 Mar 19 22:52:07 sticky sshd\[29784\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.76.83.168 Mar 19 22:52:07 sticky sshd\[29785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.76.83.168 Mar 19 22:52:09 sticky sshd\[29784\]: Failed password for invalid user pi from 183.76.83.168 port 55810 ssh2 Mar 19 22:52:09 sticky sshd\[29785\]: Failed password for invalid user pi from 183.76.83.168 port 55812 ssh2 ...	2020-03-20 07:55:00
222.186.31.83	attackbots	Mar 20 00:22:06 vpn01 sshd[25504]: Failed password for root from 222.186.31.83 port 56723 ssh2 Mar 20 00:22:09 vpn01 sshd[25504]: Failed password for root from 222.186.31.83 port 56723 ssh2 ...	2020-03-20 07:27:15
112.85.42.178	attack	Mar 20 00:27:33 srv206 sshd[25693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root Mar 20 00:27:35 srv206 sshd[25693]: Failed password for root from 112.85.42.178 port 8462 ssh2 ...	2020-03-20 07:27:49
104.236.246.16	attackspam	Invalid user postgres from 104.236.246.16 port 58814	2020-03-20 07:47:35
51.83.73.160	attackbotsspam	$f2bV_matches	2020-03-20 07:34:24
111.229.76.117	attackspam	Mar 19 15:10:26 mockhub sshd[18852]: Failed password for root from 111.229.76.117 port 58482 ssh2 ...	2020-03-20 07:46:38
222.236.198.50	attack	Invalid user postgres from 222.236.198.50 port 33702	2020-03-20 07:24:46
139.59.38.252	attack	Mar 20 00:28:22 ns381471 sshd[10631]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.38.252 Mar 20 00:28:24 ns381471 sshd[10631]: Failed password for invalid user root1 from 139.59.38.252 port 38892 ssh2	2020-03-20 07:43:32
51.178.51.119	attackspambots	Mar 19 23:52:26 ns382633 sshd\[26410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.51.119 user=root Mar 19 23:52:28 ns382633 sshd\[26410\]: Failed password for root from 51.178.51.119 port 60966 ssh2 Mar 20 00:03:57 ns382633 sshd\[28581\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.51.119 user=root Mar 20 00:03:58 ns382633 sshd\[28581\]: Failed password for root from 51.178.51.119 port 52956 ssh2 Mar 20 00:20:00 ns382633 sshd\[31664\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.51.119 user=root	2020-03-20 07:36:38
95.73.72.139	attackbots	Automatic report - Port Scan Attack	2020-03-20 08:03:35
201.182.66.18	attackbotsspam	2020-03-19T23:00:03.082680homeassistant sshd[13105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.182.66.18 user=root 2020-03-19T23:00:04.923739homeassistant sshd[13105]: Failed password for root from 201.182.66.18 port 11956 ssh2 ...	2020-03-20 07:58:07
85.108.68.34	attackbotsspam	DATE:2020-03-19 22:52:14, IP:85.108.68.34, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-03-20 07:48:59
148.66.135.152	attack	148.66.135.152 - - [19/Mar/2020:22:52:33 +0100] "GET /wp-login.php HTTP/1.1" 200 6115 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.135.152 - - [19/Mar/2020:22:52:35 +0100] "POST /wp-login.php HTTP/1.1" 200 7014 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 148.66.135.152 - - [19/Mar/2020:22:52:37 +0100] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-03-20 07:35:39
192.241.255.92	attackspambots	Mar 20 00:16:21 sshd\[22844\]: Invalid user test from 192.241.255.92Mar 20 00:16:23 sshd\[22844\]: Failed password for invalid user test from 192.241.255.92 port 45072 ssh2 ...	2020-03-20 07:44:08
139.59.71.104	attackspambots	Invalid user user from 139.59.71.104 port 50698	2020-03-20 07:49:58

Recently Reported IPs

72.94.231.87	187.23.174.164	207.96.161.132	66.168.122.180
203.202.192.195	85.59.255.178	119.74.213.125	39.48.94.136
188.2.174.164	173.191.149.3	117.218.130.191	117.218.72.9
196.90.5.135	85.96.10.199	175.169.31.201	140.139.196.14
190.144.216.206	107.91.217.88	68.37.196.45	1.92.43.143