1.2.138.164 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user admin from 1.2.138.164 port 54440	2020-05-23 15:52:33

Comments on same subnet:

IP	Type	Details	Datetime
1.2.138.31	attack	unauthorized connection attempt	2020-02-29 21:57:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.138.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58771
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.2.138.164.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052301 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 15:52:30 CST 2020
;; MSG SIZE  rcvd: 115

Host info

164.138.2.1.in-addr.arpa domain name pointer node-23o.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.138.2.1.in-addr.arpa	name = node-23o.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
156.210.125.28	attackbotsspam	Aug 19 10:38:35 srv-4 sshd\[4551\]: Invalid user admin from 156.210.125.28 Aug 19 10:38:35 srv-4 sshd\[4551\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.210.125.28 Aug 19 10:38:37 srv-4 sshd\[4551\]: Failed password for invalid user admin from 156.210.125.28 port 37633 ssh2 ...	2019-08-19 19:27:25
46.101.81.143	attack	Aug 18 22:24:16 hiderm sshd\[19705\]: Invalid user tsadmin from 46.101.81.143 Aug 18 22:24:16 hiderm sshd\[19705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.81.143 Aug 18 22:24:19 hiderm sshd\[19705\]: Failed password for invalid user tsadmin from 46.101.81.143 port 58028 ssh2 Aug 18 22:28:22 hiderm sshd\[20071\]: Invalid user yuan from 46.101.81.143 Aug 18 22:28:22 hiderm sshd\[20071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.81.143	2019-08-19 19:28:31
81.22.45.25	attack	08/19/2019-06:46:08.338652 81.22.45.25 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-19 18:59:00
212.170.50.203	attackbots	2019-08-19T10:48:19.197620abusebot-8.cloudsearch.cf sshd\[11021\]: Invalid user hadoopuser from 212.170.50.203 port 39730	2019-08-19 19:12:46
118.24.34.19	attackspambots	Aug 18 22:22:05 sachi sshd\[19238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.34.19 user=root Aug 18 22:22:07 sachi sshd\[19238\]: Failed password for root from 118.24.34.19 port 33417 ssh2 Aug 18 22:27:35 sachi sshd\[19669\]: Invalid user gmodserver from 118.24.34.19 Aug 18 22:27:35 sachi sshd\[19669\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.34.19 Aug 18 22:27:37 sachi sshd\[19669\]: Failed password for invalid user gmodserver from 118.24.34.19 port 53466 ssh2	2019-08-19 18:59:59
157.52.252.203	attackbotsspam	helo=	2019-08-19 19:31:58
157.52.252.204	attackspambots	helo=	2019-08-19 19:15:39
123.207.142.31	attackspam	$f2bV_matches	2019-08-19 18:56:18
107.6.171.130	attackbotsspam	port scan and connect, tcp 8443 (https-alt)	2019-08-19 19:32:33
119.196.83.2	attackbots	Aug 19 12:31:21 XXX sshd[38847]: Invalid user ofsaa from 119.196.83.2 port 60386	2019-08-19 19:03:33
120.132.61.80	attackspambots	Aug 18 22:33:30 php2 sshd\[7932\]: Invalid user ullar from 120.132.61.80 Aug 18 22:33:30 php2 sshd\[7932\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.61.80 Aug 18 22:33:32 php2 sshd\[7932\]: Failed password for invalid user ullar from 120.132.61.80 port 57310 ssh2 Aug 18 22:36:55 php2 sshd\[8189\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.61.80 user=root Aug 18 22:36:57 php2 sshd\[8189\]: Failed password for root from 120.132.61.80 port 16422 ssh2	2019-08-19 19:10:33
200.111.137.132	attackspam	2019-08-19T11:32:53.807543abusebot-8.cloudsearch.cf sshd\[11355\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.111.137.132 user=root	2019-08-19 19:36:01
211.24.79.26	attack	2019-08-19T09:56:10.088507abusebot-8.cloudsearch.cf sshd\[10672\]: Invalid user factorio from 211.24.79.26 port 38780	2019-08-19 19:14:09
77.253.129.4	attackspam	[portscan] Port scan	2019-08-19 18:57:45
148.66.132.190	attackbots	Aug 19 09:39:03 vpn01 sshd\[15334\]: Invalid user web3 from 148.66.132.190 Aug 19 09:39:03 vpn01 sshd\[15334\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.66.132.190 Aug 19 09:39:05 vpn01 sshd\[15334\]: Failed password for invalid user web3 from 148.66.132.190 port 60294 ssh2	2019-08-19 19:01:51

Recently Reported IPs

162.172.24.69	90.159.130.111	125.88.38.73	122.56.116.8
83.192.77.247	206.167.183.234	124.220.140.202	33.195.163.97
220.132.245.196	222.165.55.188	232.252.254.142	62.248.184.76
57.212.33.159	74.7.179.0	220.132.182.203	219.9.254.199
185.0.45.43	171.218.0.57	220.132.110.37	220.132.50.112