1.55.174.139 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Broadband Service

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorised access (Sep 23) SRC=1.55.174.139 LEN=40 TTL=46 ID=2461 TCP DPT=8080 WINDOW=20850 SYN	2019-09-23 06:22:36

Comments on same subnet:

IP	Type	Details	Datetime
1.55.174.179	attackbots	DATE:2020-01-06 12:09:01, IP:1.55.174.179, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-01-06 19:25:30
1.55.174.217	attack	Unauthorized connection attempt detected from IP address 1.55.174.217 to port 23 [J]	2020-01-05 00:55:28
1.55.174.40	attackbotsspam	Unauthorized connection attempt detected from IP address 1.55.174.40 to port 23	2020-01-02 21:29:54
1.55.174.223	attack	Unauthorized connection attempt detected from IP address 1.55.174.223 to port 23	2020-01-02 20:12:35
1.55.174.179	attackbots	Unauthorized connection attempt detected from IP address 1.55.174.179 to port 23	2020-01-01 22:26:18
1.55.174.2	attack	Unauthorized connection attempt detected from IP address 1.55.174.2 to port 23	2020-01-01 19:41:15
1.55.174.71	attack	Unauthorized connection attempt detected from IP address 1.55.174.71 to port 23	2020-01-01 03:54:06
1.55.174.100	attack	Unauthorized connection attempt detected from IP address 1.55.174.100 to port 23	2020-01-01 02:43:44
1.55.174.40	attackspam	Unauthorized connection attempt detected from IP address 1.55.174.40 to port 23	2019-12-31 21:25:24
1.55.174.141	attack	Unauthorized connection attempt detected from IP address 1.55.174.141 to port 23	2019-12-31 03:18:48
1.55.174.71	attackbotsspam	Unauthorized connection attempt detected from IP address 1.55.174.71 to port 23	2019-12-31 01:13:37
1.55.174.140	attack	Unauthorized connection attempt detected from IP address 1.55.174.140 to port 23	2019-12-30 09:20:58
1.55.174.31	attackbots	Trying to (more than 3 packets) bruteforce (not open) telnet port 23	2019-09-01 19:29:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.55.174.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59340
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.55.174.139.			IN	A

;; AUTHORITY SECTION:
.			523	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092201 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 23 06:22:33 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 139.174.55.1.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 139.174.55.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
164.163.226.200	attack	"SMTP brute force auth login attempt."	2020-08-15 00:01:21
103.242.56.183	attackspam	Aug 14 17:50:03 ns382633 sshd\[26396\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.56.183 user=root Aug 14 17:50:05 ns382633 sshd\[26396\]: Failed password for root from 103.242.56.183 port 52067 ssh2 Aug 14 17:58:25 ns382633 sshd\[27997\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.56.183 user=root Aug 14 17:58:28 ns382633 sshd\[27997\]: Failed password for root from 103.242.56.183 port 44423 ssh2 Aug 14 18:01:24 ns382633 sshd\[28772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.242.56.183 user=root	2020-08-15 00:27:48
27.70.238.102	attackspambots	1597407887 - 08/14/2020 14:24:47 Host: 27.70.238.102/27.70.238.102 Port: 445 TCP Blocked	2020-08-15 00:14:42
82.64.35.236	attack	Aug 12 00:04:07 our-server-hostname postfix/smtpd[8108]: connect from unknown[82.64.35.236] Aug x@x Aug 12 00:04:10 our-server-hostname postfix/smtpd[8108]: disconnect from unknown[82.64.35.236] Aug 12 00:04:50 our-server-hostname postfix/smtpd[1909]: connect from unknown[82.64.35.236] Aug x@x Aug 12 00:04:53 our-server-hostname postfix/smtpd[1909]: disconnect from unknown[82.64.35.236] Aug 12 00:05:00 our-server-hostname postfix/smtpd[2088]: connect from unknown[82.64.35.236] Aug x@x Aug 12 00:05:02 our-server-hostname postfix/smtpd[8149]: connect from unknown[82.64.35.236] Aug 12 00:05:03 our-server-hostname postfix/smtpd[2088]: disconnect from unknown[82.64.35.236] Aug x@x Aug 12 00:05:05 our-server-hostname postfix/smtpd[8149]: disconnect from unknown[82.64.35.236] Aug 12 00:05:19 our-server-hostname postfix/smtpd[8789]: connect from unknown[82.64.35.236] Aug x@x Aug 12 00:05:22 our-server-hostname postfix/smtpd[8789]: disconnect from unknown[82.64.35.236] Aug 12 00........ -------------------------------	2020-08-15 00:43:23
104.244.75.157	attack	(sshd) Failed SSH login from 104.244.75.157 (US/United States/tor-exit-levy.nucleosynth.space): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 14 18:21:28 amsweb01 sshd[6603]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.244.75.157 user=root Aug 14 18:21:30 amsweb01 sshd[6603]: Failed password for root from 104.244.75.157 port 36995 ssh2 Aug 14 18:21:32 amsweb01 sshd[6603]: Failed password for root from 104.244.75.157 port 36995 ssh2 Aug 14 18:21:33 amsweb01 sshd[6603]: Failed password for root from 104.244.75.157 port 36995 ssh2 Aug 14 18:21:35 amsweb01 sshd[6603]: Failed password for root from 104.244.75.157 port 36995 ssh2	2020-08-15 00:26:39
217.170.198.18	attackbots	217.170.198.18 - - [14/Aug/2020:14:44:35 +0100] "POST /wp-login.php HTTP/1.1" 200 1792 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.170.198.18 - - [14/Aug/2020:14:44:35 +0100] "POST /wp-login.php HTTP/1.1" 200 1768 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 217.170.198.18 - - [14/Aug/2020:14:44:36 +0100] "POST /wp-login.php HTTP/1.1" 200 1772 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-15 00:10:51
110.49.70.243	attackspam	Brute-force attempt banned	2020-08-15 00:26:08
220.244.58.58	attackbotsspam	frenzy	2020-08-15 00:10:00
178.62.118.53	attackbots	Aug 14 17:58:32 vmd36147 sshd[4509]: Failed password for root from 178.62.118.53 port 45200 ssh2 Aug 14 18:07:21 vmd36147 sshd[24356]: Failed password for root from 178.62.118.53 port 50774 ssh2 ...	2020-08-15 00:18:40
176.145.11.22	attackbots	Aug 14 18:12:31 lnxmail61 sshd[18634]: Failed password for root from 176.145.11.22 port 46946 ssh2 Aug 14 18:12:31 lnxmail61 sshd[18634]: Failed password for root from 176.145.11.22 port 46946 ssh2	2020-08-15 00:31:25
62.82.75.58	attack	Aug 14 15:55:50 PorscheCustomer sshd[17497]: Failed password for root from 62.82.75.58 port 24454 ssh2 Aug 14 16:00:00 PorscheCustomer sshd[17624]: Failed password for root from 62.82.75.58 port 19156 ssh2 ...	2020-08-15 00:32:05
122.165.207.151	attack	Aug 14 12:04:37 marvibiene sshd[34254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.207.151 user=root Aug 14 12:04:39 marvibiene sshd[34254]: Failed password for root from 122.165.207.151 port 57352 ssh2 Aug 14 12:24:40 marvibiene sshd[34425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.165.207.151 user=root Aug 14 12:24:43 marvibiene sshd[34425]: Failed password for root from 122.165.207.151 port 36379 ssh2	2020-08-15 00:17:47
58.87.108.224	attackbots	Aug 10 07:48:54 host sshd[24462]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.108.224 user=r.r Aug 10 07:48:57 host sshd[24462]: Failed password for r.r from 58.87.108.224 port 40678 ssh2 Aug 10 07:48:57 host sshd[24462]: Received disconnect from 58.87.108.224: 11: Bye Bye [preauth] Aug 10 07:58:11 host sshd[21721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.108.224 user=r.r Aug 10 07:58:14 host sshd[21721]: Failed password for r.r from 58.87.108.224 port 52148 ssh2 Aug 10 07:58:15 host sshd[21721]: Received disconnect from 58.87.108.224: 11: Bye Bye [preauth] Aug 10 08:01:14 host sshd[31651]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.87.108.224 user=r.r Aug 10 08:01:16 host sshd[31651]: Failed password for r.r from 58.87.108.224 port 34996 ssh2 Aug 10 08:01:16 host sshd[31651]: Received disconnect from 58.87.108.224: 1........ -------------------------------	2020-08-15 00:16:49
46.101.240.103	attackspambots	Port Scan ...	2020-08-15 00:09:19
180.166.117.254	attackspam	2020-08-14T15:20:45.382038snf-827550 sshd[7676]: Failed password for root from 180.166.117.254 port 31873 ssh2 2020-08-14T15:24:48.640592snf-827550 sshd[7701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.117.254 user=root 2020-08-14T15:24:50.137925snf-827550 sshd[7701]: Failed password for root from 180.166.117.254 port 1048 ssh2 ...	2020-08-15 00:12:15

Recently Reported IPs

196.31.98.122	79.56.6.201	134.209.158.77	117.193.122.73
222.188.29.91	113.35.96.245	198.12.86.18	104.248.149.81
104.211.229.225	39.70.32.158	181.236.250.193	52.184.136.218
156.234.192.235	129.146.129.165	119.237.177.121	52.199.163.188
115.90.244.154	51.83.98.104	11.14.57.216	21.223.184.199