1.2.138.164 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user admin from 1.2.138.164 port 54440	2020-05-23 15:52:33

Comments on same subnet:

IP	Type	Details	Datetime
1.2.138.31	attack	unauthorized connection attempt	2020-02-29 21:57:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.138.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58771
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.2.138.164.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052301 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 15:52:30 CST 2020
;; MSG SIZE  rcvd: 115

Host info

164.138.2.1.in-addr.arpa domain name pointer node-23o.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.138.2.1.in-addr.arpa	name = node-23o.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.88.3.145	attackspam	SSH-BruteForce	2020-07-08 10:43:59
157.245.83.8	attack	Jul 8 02:10:50 debian-2gb-nbg1-2 kernel: \[16425651.253810\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=157.245.83.8 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=10917 PROTO=TCP SPT=57781 DPT=10976 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-08 10:49:41
78.128.113.230	attackbots	...	2020-07-08 10:20:55
106.12.204.75	attackspambots	Jul 8 01:32:07 piServer sshd[28772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.204.75 Jul 8 01:32:08 piServer sshd[28772]: Failed password for invalid user tibor from 106.12.204.75 port 33702 ssh2 Jul 8 01:32:46 piServer sshd[28819]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.204.75 ...	2020-07-08 10:33:29
185.156.73.60	attackbots	TCP (SYN) 185.156.73.60:44420 -> port 3380, len 44	2020-07-08 10:42:24
2001:41d0:a:29ce::	attackspambots	2001:41d0:a:29ce:: - - [08/Jul/2020:02:32:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2413 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 2001:41d0:a:29ce:: - - [08/Jul/2020:02:32:28 +0100] "POST /wp-login.php HTTP/1.1" 200 2397 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 2001:41d0:a:29ce:: - - [08/Jul/2020:02:32:28 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-08 10:29:15
159.65.155.229	attackbotsspam	$f2bV_matches	2020-07-08 10:47:10
51.77.220.127	attackbotsspam	51.77.220.127 - - [08/Jul/2020:05:16:56 +0400] "POST /GponForm/diag_Form?style/ HTTP/1.1" 502 157 "-" "curl/7.3.2" ...	2020-07-08 10:15:48
212.117.61.60	attackbots	none	2020-07-08 10:19:46
49.232.172.244	attack	20 attempts against mh-ssh on glow	2020-07-08 10:32:05
88.214.26.91	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-08T00:01:03Z and 2020-07-08T00:31:03Z	2020-07-08 10:11:54
91.134.173.100	attack	2020-07-08T04:55:25.633258afi-git.jinr.ru sshd[711]: Invalid user lev from 91.134.173.100 port 36644 2020-07-08T04:55:25.636396afi-git.jinr.ru sshd[711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.173.100 2020-07-08T04:55:25.633258afi-git.jinr.ru sshd[711]: Invalid user lev from 91.134.173.100 port 36644 2020-07-08T04:55:27.965966afi-git.jinr.ru sshd[711]: Failed password for invalid user lev from 91.134.173.100 port 36644 ssh2 2020-07-08T04:58:16.198658afi-git.jinr.ru sshd[1612]: Invalid user sapr3 from 91.134.173.100 port 33070 ...	2020-07-08 10:18:19
64.137.120.25	attackspam	Automatic report - Banned IP Access	2020-07-08 10:50:37
190.116.41.227	attack	Jul 7 23:44:59 ns382633 sshd\[31882\]: Invalid user tomoko from 190.116.41.227 port 49412 Jul 7 23:44:59 ns382633 sshd\[31882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.116.41.227 Jul 7 23:45:01 ns382633 sshd\[31882\]: Failed password for invalid user tomoko from 190.116.41.227 port 49412 ssh2 Jul 7 23:53:31 ns382633 sshd\[1005\]: Invalid user renhongkai from 190.116.41.227 port 54850 Jul 7 23:53:31 ns382633 sshd\[1005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.116.41.227	2020-07-08 10:20:06
218.92.0.221	attackspam	Jul 8 09:23:32 itv-usvr-02 sshd[1640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.221 user=root	2020-07-08 10:27:36

Recently Reported IPs

162.172.24.69	90.159.130.111	125.88.38.73	122.56.116.8
83.192.77.247	206.167.183.234	124.220.140.202	33.195.163.97
220.132.245.196	222.165.55.188	232.252.254.142	62.248.184.76
57.212.33.159	74.7.179.0	220.132.182.203	219.9.254.199
185.0.45.43	171.218.0.57	220.132.110.37	220.132.50.112