1.55.135.14 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): FPT Broadband Service

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Email rejected due to spam filtering	2020-02-05 21:47:17

相同子网IP讨论:

IP	类型	评论内容	时间
1.55.135.137	attackbots	2020-03-13 20:47:53 H=\(\[1.55.135.137\]\) \[1.55.135.137\]:20601 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2020-03-13 20:48:28 H=\(\[1.55.135.137\]\) \[1.55.135.137\]:24475 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2020-03-13 20:48:56 H=\(\[1.55.135.137\]\) \[1.55.135.137\]:42950 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-06-01 21:24:38
1.55.135.191	attack	2019-09-25 x@x 2019-09-25 x@x 2019-09-25 x@x 2019-09-25 x@x 2019-09-25 15:03:18 dovecot_plain authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:9373: 535 Incorrect authentication data (set_id=info) 2019-09-25 15:03:25 dovecot_login authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:9373: 535 Incorrect authentication data (set_id=info) 2019-09-25 15:03:36 dovecot_plain authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:28816: 535 Incorrect authentication data (set_id=info) 2019-09-25 15:03:39 dovecot_login authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:28816: 535 Incorrect authentication data (set_id=info) 2019-09-25 x@x 2019-09-25 x@x 2019-09-25 x@x 2019-09-25 x@x 2019-09-25 15:04:19 dovecot_plain authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:14790: 535 Incorrect authentication data (set_id=info) 2019-09-25 15:04:21 dovecot_login authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:14790: 535 Incorrect authentication data........ ------------------------------	2019-09-25 21:06:32

类型

评论内容

时间

1.55.135.137

attackbots

2020-03-13 20:47:53 H=\(\[1.55.135.137\]\) \[1.55.135.137\]:20601 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2020-03-13 20:48:28 H=\(\[1.55.135.137\]\) \[1.55.135.137\]:24475 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
2020-03-13 20:48:56 H=\(\[1.55.135.137\]\) \[1.55.135.137\]:42950 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed
...

2020-06-01 21:24:38

1.55.135.191

attack

2019-09-25 x@x
2019-09-25 x@x
2019-09-25 x@x
2019-09-25 x@x
2019-09-25 15:03:18 dovecot_plain authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:9373: 535 Incorrect authentication data (set_id=info)
2019-09-25 15:03:25 dovecot_login authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:9373: 535 Incorrect authentication data (set_id=info)
2019-09-25 15:03:36 dovecot_plain authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:28816: 535 Incorrect authentication data (set_id=info)
2019-09-25 15:03:39 dovecot_login authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:28816: 535 Incorrect authentication data (set_id=info)
2019-09-25 x@x
2019-09-25 x@x
2019-09-25 x@x
2019-09-25 x@x
2019-09-25 15:04:19 dovecot_plain authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:14790: 535 Incorrect authentication data (set_id=info)
2019-09-25 15:04:21 dovecot_login authenticator failed for (DESKTOP-21VMKCK) [1.55.135.191]:14790: 535 Incorrect authentication data........
------------------------------

2019-09-25 21:06:32

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.55.135.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27104
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.55.135.14.			IN	A

;; AUTHORITY SECTION:
.			568	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020500 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 21:46:58 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 14.135.55.1.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 14.135.55.1.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
49.89.221.54	attackbotsspam	Port Scan detected from 49.89.221.54 (CN/China/54.221.89.49.broad.sz.js.dynamic.163data.com.cn). 4 hits in the last 221 seconds	2019-10-15 06:48:34
185.90.118.103	attack	10/14/2019-18:25:16.817347 185.90.118.103 Protocol: 6 ET SCAN Potential SSH Scan	2019-10-15 06:28:32
222.186.180.6	attackbotsspam	Oct 14 19:28:38 firewall sshd[2883]: Failed password for root from 222.186.180.6 port 30336 ssh2 Oct 14 19:28:55 firewall sshd[2883]: error: maximum authentication attempts exceeded for root from 222.186.180.6 port 30336 ssh2 [preauth] Oct 14 19:28:55 firewall sshd[2883]: Disconnecting: Too many authentication failures [preauth] ...	2019-10-15 06:31:37
14.136.118.138	attack	2019-10-14T22:28:46.904675abusebot-5.cloudsearch.cf sshd\[28275\]: Invalid user kernel from 14.136.118.138 port 39018	2019-10-15 06:31:11
64.150.183.27	attack	Brute force SMTP login attempts.	2019-10-15 06:54:42
138.36.209.77	attackspambots	Automatic report - Port Scan Attack	2019-10-15 06:39:26
47.110.238.176	attackspam	Exploid host for vulnerabilities on 14-10-2019 21:25:22.	2019-10-15 06:29:14
106.75.17.91	attackbots	$f2bV_matches	2019-10-15 06:43:25
176.31.253.55	attackbots	$f2bV_matches	2019-10-15 06:36:45
46.61.176.86	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 20:55:23.	2019-10-15 06:37:45
185.21.41.142	attackbotsspam	DATE:2019-10-14 21:44:16, IP:185.21.41.142, PORT:ssh SSH brute force auth on honeypot server (honey-neo-dc-bis)	2019-10-15 06:34:21
70.35.207.85	attack	WordPress login Brute force / Web App Attack on client site.	2019-10-15 06:34:48
210.17.195.138	attackbotsspam	Oct 14 10:40:30 php1 sshd\[14163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.17.195.138 user=root Oct 14 10:40:32 php1 sshd\[14163\]: Failed password for root from 210.17.195.138 port 44404 ssh2 Oct 14 10:44:26 php1 sshd\[14482\]: Invalid user mmk from 210.17.195.138 Oct 14 10:44:26 php1 sshd\[14482\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.17.195.138 Oct 14 10:44:28 php1 sshd\[14482\]: Failed password for invalid user mmk from 210.17.195.138 port 54958 ssh2	2019-10-15 07:01:33
133.130.99.77	attackbots	2019-10-14T21:01:40.795844abusebot.cloudsearch.cf sshd\[22303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v133-130-99-77.a028.g.tyo1.static.cnode.io user=root	2019-10-15 07:04:27
178.46.164.91	attack	IMAP brute force ...	2019-10-15 06:45:12

最近上报的IP列表

176.114.112.2	192.140.123.231	26.38.151.103	191.237.253.25
190.236.149.50	194.164.93.169	96.63.208.28	81.214.223.65
189.130.107.50	183.82.140.122	41.140.72.164	54.38.159.122
42.115.215.123	153.201.196.62	51.68.47.44	14.227.64.204
20.175.0.121	132.255.153.209	123.28.6.252	230.27.192.246