1.55.6.162 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: FPT Broadband Service

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Fail2Ban Ban Triggered	2019-11-24 19:37:25

Comments on same subnet:

IP	Type	Details	Datetime
1.55.68.1	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-02-20 05:04:00
1.55.68.24	attackspambots	unauthorized connection attempt	2020-02-19 14:12:18
1.55.64.113	attackbots	unauthorized connection attempt	2020-01-28 16:51:51
1.55.60.32	attackbotsspam	Unauthorized connection attempt detected from IP address 1.55.60.32 to port 23	2020-01-01 02:44:15
1.55.69.29	attack	Unauthorized connection attempt detected from IP address 1.55.69.29 to port 23	2019-12-31 09:05:07
1.55.68.121	attack	23/tcp 23/tcp 23/tcp... [2019-12-24]18pkt,1pt.(tcp)	2019-12-26 16:46:23
1.55.6.148	attack	UTC: 2019-12-06 port: 23/tcp	2019-12-07 17:45:39
1.55.64.3	attackspam	Unauthorised access (Dec 7) SRC=1.55.64.3 LEN=52 TTL=109 ID=7610 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Dec 7) SRC=1.55.64.3 LEN=52 TTL=109 ID=104 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-07 17:28:43
1.55.63.3	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 25-11-2019 06:20:24.	2019-11-25 21:41:28
1.55.63.17	attackspambots	Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=37224 TCP DPT=8080 WINDOW=59935 SYN Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=5660 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=22092 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=29458 TCP DPT=8080 WINDOW=25836 SYN Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=14610 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=56307 TCP DPT=8080 WINDOW=1189 SYN	2019-10-15 07:16:48
1.55.63.17	attack	Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=14610 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 14) SRC=1.55.63.17 LEN=40 TTL=52 ID=56307 TCP DPT=8080 WINDOW=1189 SYN	2019-10-14 15:41:38
1.55.64.4	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 04:55:17.	2019-10-14 14:20:33
1.55.63.17	attackbots	Unauthorised access (Oct 12) SRC=1.55.63.17 LEN=40 TTL=52 ID=57390 TCP DPT=8080 WINDOW=1189 SYN Unauthorised access (Oct 12) SRC=1.55.63.17 LEN=40 TTL=52 ID=25899 TCP DPT=8080 WINDOW=59935 SYN Unauthorised access (Oct 12) SRC=1.55.63.17 LEN=40 TTL=52 ID=51293 TCP DPT=8080 WINDOW=25836 SYN Unauthorised access (Oct 12) SRC=1.55.63.17 LEN=40 TTL=52 ID=1622 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 12) SRC=1.55.63.17 LEN=40 TTL=52 ID=40523 TCP DPT=8080 WINDOW=25836 SYN Unauthorised access (Oct 12) SRC=1.55.63.17 LEN=40 TTL=52 ID=57092 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 12) SRC=1.55.63.17 LEN=40 TTL=52 ID=31894 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 11) SRC=1.55.63.17 LEN=40 TTL=52 ID=64777 TCP DPT=8080 WINDOW=48437 SYN Unauthorised access (Oct 11) SRC=1.55.63.17 LEN=40 TTL=47 ID=10441 TCP DPT=8080 WINDOW=25836 SYN Unauthorised access (Oct 11) SRC=1.55.63.17 LEN=40 TTL=47 ID=59806 TCP DPT=8080 WINDOW=1189 SYN	2019-10-13 04:00:25
1.55.63.249	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 02-10-2019 13:35:25.	2019-10-02 21:41:20
1.55.63.154	attackbots	Unauthorised access (Sep 25) SRC=1.55.63.154 LEN=40 TTL=47 ID=42102 TCP DPT=8080 WINDOW=26262 SYN Unauthorised access (Sep 25) SRC=1.55.63.154 LEN=40 TTL=47 ID=48381 TCP DPT=8080 WINDOW=26758 SYN Unauthorised access (Sep 25) SRC=1.55.63.154 LEN=40 TTL=47 ID=58210 TCP DPT=8080 WINDOW=26262 SYN Unauthorised access (Sep 24) SRC=1.55.63.154 LEN=40 TTL=47 ID=24294 TCP DPT=8080 WINDOW=26262 SYN Unauthorised access (Sep 24) SRC=1.55.63.154 LEN=40 TTL=44 ID=4218 TCP DPT=8080 WINDOW=55846 SYN Unauthorised access (Sep 24) SRC=1.55.63.154 LEN=40 TTL=44 ID=35587 TCP DPT=8080 WINDOW=26758 SYN Unauthorised access (Sep 24) SRC=1.55.63.154 LEN=40 TTL=47 ID=40597 TCP DPT=8080 WINDOW=26262 SYN Unauthorised access (Sep 23) SRC=1.55.63.154 LEN=40 TTL=47 ID=3871 TCP DPT=8080 WINDOW=55846 SYN Unauthorised access (Sep 23) SRC=1.55.63.154 LEN=40 TTL=47 ID=53461 TCP DPT=8080 WINDOW=26758 SYN Unauthorised access (Sep 23) SRC=1.55.63.154 LEN=40 TTL=47 ID=27581 TCP DPT=8080 WINDOW=55846 SYN	2019-09-25 16:04:56

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.55.6.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60246
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.55.6.162.			IN	A

;; AUTHORITY SECTION:
.			10800	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112400 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Sun Nov 24 19:42:27 CST 2019
;; MSG SIZE  rcvd: 114

Host info

Host 162.6.55.1.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 162.6.55.1.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.120.63.89	attackbots	Aug 29 18:52:09 nextcloud sshd\[29476\]: Invalid user jl from 210.120.63.89 Aug 29 18:52:09 nextcloud sshd\[29476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.120.63.89 Aug 29 18:52:11 nextcloud sshd\[29476\]: Failed password for invalid user jl from 210.120.63.89 port 57117 ssh2 ...	2019-08-30 01:52:05
49.235.35.12	attack	Invalid user user from 49.235.35.12 port 57408	2019-08-30 01:46:21
177.129.206.45	attack	Aug 29 05:22:29 web1 postfix/smtpd[30637]: warning: unknown[177.129.206.45]: SASL PLAIN authentication failed: authentication failure ...	2019-08-30 01:43:50
23.225.166.80	attackspam	Aug 29 17:49:23 MK-Soft-Root2 sshd\[10292\]: Invalid user mcedit from 23.225.166.80 port 35148 Aug 29 17:49:23 MK-Soft-Root2 sshd\[10292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23.225.166.80 Aug 29 17:49:26 MK-Soft-Root2 sshd\[10292\]: Failed password for invalid user mcedit from 23.225.166.80 port 35148 ssh2 ...	2019-08-30 01:13:11
91.233.116.240	attack	3389BruteforceIDS	2019-08-30 01:56:48
200.54.242.46	attackbotsspam	Aug 29 15:18:28 pornomens sshd\[19761\]: Invalid user angie from 200.54.242.46 port 57126 Aug 29 15:18:28 pornomens sshd\[19761\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.242.46 Aug 29 15:18:30 pornomens sshd\[19761\]: Failed password for invalid user angie from 200.54.242.46 port 57126 ssh2 ...	2019-08-30 01:08:54
181.44.68.66	attack	Invalid user ekain from 181.44.68.66 port 61447	2019-08-30 00:43:37
49.88.112.77	attackspam	Aug 29 13:38:47 fr01 sshd[8119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.77 user=root Aug 29 13:38:50 fr01 sshd[8119]: Failed password for root from 49.88.112.77 port 49672 ssh2 ...	2019-08-30 00:47:05
159.65.7.56	attackspambots	Aug 29 19:18:56 ubuntu-2gb-nbg1-dc3-1 sshd[2190]: Failed password for root from 159.65.7.56 port 36532 ssh2 ...	2019-08-30 01:50:31
59.149.237.145	attackbots	$f2bV_matches	2019-08-30 00:38:04
59.125.120.118	attack	2019-08-29T12:37:32.425305abusebot-8.cloudsearch.cf sshd\[12799\]: Invalid user supervisor from 59.125.120.118 port 56768	2019-08-30 01:07:06
62.210.149.30	attack	\[2019-08-29 12:48:54\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-29T12:48:54.866-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="57160012342186069",SessionID="0x7f7b30db7498",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/49537",ACLName="no_extension_match" \[2019-08-29 12:50:35\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-29T12:50:35.955-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="92201112342186069",SessionID="0x7f7b300df5b8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/50006",ACLName="no_extension_match" \[2019-08-29 12:51:31\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-29T12:51:31.779-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="28560012342186069",SessionID="0x7f7b30364938",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.149.30/52207",ACLName="	2019-08-30 01:16:10
222.186.42.94	attack	2019-08-29T16:30:49.831986abusebot-6.cloudsearch.cf sshd\[8813\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.94 user=root	2019-08-30 01:04:48
174.138.40.132	attack	Aug 29 09:16:52 vps200512 sshd\[21024\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.40.132 user=uucp Aug 29 09:16:54 vps200512 sshd\[21024\]: Failed password for uucp from 174.138.40.132 port 44134 ssh2 Aug 29 09:20:43 vps200512 sshd\[21146\]: Invalid user disk from 174.138.40.132 Aug 29 09:20:43 vps200512 sshd\[21146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174.138.40.132 Aug 29 09:20:45 vps200512 sshd\[21146\]: Failed password for invalid user disk from 174.138.40.132 port 58340 ssh2	2019-08-30 01:33:14
167.71.13.164	attackbotsspam	scan r	2019-08-30 00:55:52

Recently Reported IPs

68.169.169.85	185.232.67.7	84.53.218.109	81.171.108.183
111.246.6.32	103.85.106.77	237.249.208.220	172.98.193.43
62.115.87.77	204.30.224.129	223.191.146.51	155.52.106.38
13.92.166.147	45.14.148.97	37.49.231.129	42.115.207.36
5.235.247.121	222.69.136.182	218.173.6.37	42.114.162.152