1.2.138.164 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Invalid user admin from 1.2.138.164 port 54440	2020-05-23 15:52:33

Comments on same subnet:

IP	Type	Details	Datetime
1.2.138.31	attack	unauthorized connection attempt	2020-02-29 21:57:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.138.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58771
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.2.138.164.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052301 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat May 23 15:52:30 CST 2020
;; MSG SIZE  rcvd: 115

Host info

164.138.2.1.in-addr.arpa domain name pointer node-23o.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
164.138.2.1.in-addr.arpa	name = node-23o.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
80.211.243.183	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-05-22 23:33:14
190.182.179.12	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-05-22 23:43:12
101.89.95.77	attackbots	May 22 09:55:27 firewall sshd[1200]: Invalid user rje from 101.89.95.77 May 22 09:55:29 firewall sshd[1200]: Failed password for invalid user rje from 101.89.95.77 port 49512 ssh2 May 22 10:01:31 firewall sshd[1393]: Invalid user owa from 101.89.95.77 ...	2020-05-22 23:35:09
152.136.153.17	attackbotsspam	2020-05-22T18:35:02.941165afi-git.jinr.ru sshd[10489]: Invalid user cup from 152.136.153.17 port 44530 2020-05-22T18:35:02.944194afi-git.jinr.ru sshd[10489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.153.17 2020-05-22T18:35:02.941165afi-git.jinr.ru sshd[10489]: Invalid user cup from 152.136.153.17 port 44530 2020-05-22T18:35:04.972397afi-git.jinr.ru sshd[10489]: Failed password for invalid user cup from 152.136.153.17 port 44530 ssh2 2020-05-22T18:38:44.156129afi-git.jinr.ru sshd[11321]: Invalid user aqv from 152.136.153.17 port 50086 ...	2020-05-22 23:40:15
195.54.166.180	attack	Port scan on 51 port(s): 10 28 46 47 53 85 112 114 192 206 252 290 296 320 324 334 348 405 415 420 435 462 485 504 530 564 597 606 624 645 648 659 664 683 720 745 750 755 797 821 829 863 883 958 988 5563 5692 5766 5786 5788 5818	2020-05-22 23:45:32
78.128.112.14	attackbotsspam	May 22 16:30:23 debian-2gb-nbg1-2 kernel: \[12416640.190017\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=78.128.112.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=16850 PROTO=TCP SPT=48904 DPT=8765 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-22 23:13:51
210.21.226.2	attack	May 22 12:15:19 firewall sshd[4416]: Invalid user wof from 210.21.226.2 May 22 12:15:22 firewall sshd[4416]: Failed password for invalid user wof from 210.21.226.2 port 21969 ssh2 May 22 12:18:26 firewall sshd[4660]: Invalid user yuf from 210.21.226.2 ...	2020-05-22 23:36:26
80.82.77.86	attack	scans once in preceeding hours on the ports (in chronological order) 49153 resulting in total of 45 scans from 80.82.64.0/20 block.	2020-05-22 23:19:27
91.206.14.169	attackspambots	May 22 09:05:48 ny01 sshd[25405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.206.14.169 May 22 09:05:50 ny01 sshd[25405]: Failed password for invalid user lry from 91.206.14.169 port 51618 ssh2 May 22 09:08:01 ny01 sshd[25685]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.206.14.169	2020-05-22 23:48:12
18.229.69.96	attackspambots	fail2ban/May 22 14:20:47 h1962932 sshd[3357]: Invalid user yuanliang from 18.229.69.96 port 48048 May 22 14:20:47 h1962932 sshd[3357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-18-229-69-96.sa-east-1.compute.amazonaws.com May 22 14:20:47 h1962932 sshd[3357]: Invalid user yuanliang from 18.229.69.96 port 48048 May 22 14:20:49 h1962932 sshd[3357]: Failed password for invalid user yuanliang from 18.229.69.96 port 48048 ssh2 May 22 14:24:41 h1962932 sshd[3507]: Invalid user fui from 18.229.69.96 port 36618	2020-05-22 23:57:06
80.82.77.245	attackbots	firewall-block, port(s): 2638/udp, 3671/udp, 5093/udp, 6144/udp	2020-05-22 23:22:20
123.206.26.133	attackspam	May 22 18:40:07 gw1 sshd[8686]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.26.133 May 22 18:40:08 gw1 sshd[8686]: Failed password for invalid user ufa from 123.206.26.133 port 35460 ssh2 ...	2020-05-22 23:54:27
54.39.151.44	attack	May 22 14:57:47 ajax sshd[16338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.151.44 May 22 14:57:49 ajax sshd[16338]: Failed password for invalid user mst from 54.39.151.44 port 53632 ssh2	2020-05-22 23:48:41
176.59.102.151	attack	1590148348 - 05/22/2020 13:52:28 Host: 176.59.102.151/176.59.102.151 Port: 445 TCP Blocked	2020-05-22 23:49:21
159.65.217.53	attackbotsspam	" "	2020-05-22 23:37:10

Recently Reported IPs

162.172.24.69	90.159.130.111	125.88.38.73	122.56.116.8
83.192.77.247	206.167.183.234	124.220.140.202	33.195.163.97
220.132.245.196	222.165.55.188	232.252.254.142	62.248.184.76
57.212.33.159	74.7.179.0	220.132.182.203	219.9.254.199
185.0.45.43	171.218.0.57	220.132.110.37	220.132.50.112