Whois information
NetRange: 127.0.0.0 - 127.255.255.255
CIDR: 127.0.0.0/8
NetName: SPECIAL-IPV4-LOOPBACK-IANA-RESERVED
NetHandle: NET-127-0-0-0-1
Parent: ()
NetType: IANA Special Use
OriginAS:
Organization: Internet Assigned Numbers Authority (IANA)
RegDate:
Updated: 2024-05-24
Comment: Addresses starting with "127." are used when one program needs to talk to another program running on the same machine using the Internet
Comment: Protocol. 127.0.0.1 is the most commonly used address and is called the "loopback" address.
Comment:
Comment: These addresses were assigned by the IETF, the organization that develops Internet protocols, in the Standard document, RFC 1122, which can
Comment: be found here:
Comment: http://datatracker.ietf.org/doc/rfc1122
Ref: https://rdap.arin.net/registry/ip/127.0.0.0
OrgName: Internet Assigned Numbers Authority
OrgId: IANA
Address: 12025 Waterfront Drive
Address: Suite 300
City: Los Angeles
StateProv: CA
PostalCode: 90292
Country: US
RegDate:
Updated: 2024-05-24
Ref: https://rdap.arin.net/registry/entity/IANA
OrgTechHandle: IANA-IP-ARIN
OrgTechName: ICANN
OrgTechPhone: +1-310-301-5820
OrgTechEmail: abuse@iana.org
OrgTechRef: https://rdap.arin.net/registry/entity/IANA-IP-ARIN
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: ICANN
OrgAbusePhone: +1-310-301-5820
OrgAbuseEmail: abuse@iana.org
OrgAbuseRef: https://rdap.arin.net/registry/entity/IANA-IP-ARIN
Most recent complaints
Please help us keep Internet safer and cleaner by leaving a descriptive comment about 127.255.255.255 IP address
DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.
WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.
** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.
Complaint by K :
This keeps infecting my laptop. Who is this?
Complaint by Angela :
I dont usually call out IPs but todays logs went bananas with some weird port scanning nonsense. Looked into the email headers and something smells fishy in the From field. My SIEM flagged it as a potential sniffing attempt so I dug deeper. Now Im no theory master but seeing repeated failed logins and odd user agents got my spidey senses tingling. To be honest this reeks of a bot farm or some script kiddie testing the waters. Someone better wake up and patch those open RDP endpoints before this turns into a full blown mess. Im posting so it aint buried in some syslog abyss. Lets see if this ripples some action towards better monitoring. Dont say I didnt warn ya.