1.2.138.31 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	unauthorized connection attempt	2020-02-29 21:57:46

Comments on same subnet:

IP	Type	Details	Datetime
1.2.138.164	attackspambots	Invalid user admin from 1.2.138.164 port 54440	2020-05-23 15:52:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.138.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63594
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.2.138.31.			IN	A

;; AUTHORITY SECTION:
.			582	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 29 21:57:41 CST 2020
;; MSG SIZE  rcvd: 114

Host info

31.138.2.1.in-addr.arpa domain name pointer node-1zz.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
31.138.2.1.in-addr.arpa	name = node-1zz.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
24.232.123.133	attackbots	Dec 26 06:27:39 eventyay sshd[7981]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.232.123.133 Dec 26 06:27:41 eventyay sshd[7981]: Failed password for invalid user racerx from 24.232.123.133 port 45822 ssh2 Dec 26 06:34:52 eventyay sshd[8051]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=24.232.123.133 ...	2019-12-26 13:50:44
217.138.76.66	attack	Dec 26 05:36:49 localhost sshd\[42072\]: Invalid user tammi from 217.138.76.66 port 34788 Dec 26 05:36:49 localhost sshd\[42072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.76.66 Dec 26 05:36:51 localhost sshd\[42072\]: Failed password for invalid user tammi from 217.138.76.66 port 34788 ssh2 Dec 26 05:39:47 localhost sshd\[42192\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.138.76.66 user=root Dec 26 05:39:49 localhost sshd\[42192\]: Failed password for root from 217.138.76.66 port 49415 ssh2 ...	2019-12-26 13:58:52
218.92.0.155	attackbotsspam	Dec 26 11:14:19 areeb-Workstation sshd[8922]: Failed password for root from 218.92.0.155 port 10972 ssh2 Dec 26 11:14:24 areeb-Workstation sshd[8922]: Failed password for root from 218.92.0.155 port 10972 ssh2 ...	2019-12-26 14:02:16
222.186.175.216	attackbots	Dec 26 06:52:25 vps691689 sshd[7669]: Failed password for root from 222.186.175.216 port 44134 ssh2 Dec 26 06:52:41 vps691689 sshd[7669]: error: maximum authentication attempts exceeded for root from 222.186.175.216 port 44134 ssh2 [preauth] ...	2019-12-26 13:55:34
62.234.73.104	attack	Dec 26 05:59:16 zulu412 sshd\[18826\]: Invalid user viveca from 62.234.73.104 port 49298 Dec 26 05:59:16 zulu412 sshd\[18826\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.73.104 Dec 26 05:59:17 zulu412 sshd\[18826\]: Failed password for invalid user viveca from 62.234.73.104 port 49298 ssh2 ...	2019-12-26 14:13:10
188.19.190.28	attackspam	UTC: 2019-12-25 pkts: 2 port: 23/tcp	2019-12-26 14:19:49
112.198.43.130	attack	2019-12-26T05:09:33.365675shield sshd\[32711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.198.43.130 user=root 2019-12-26T05:09:35.801258shield sshd\[32711\]: Failed password for root from 112.198.43.130 port 53479 ssh2 2019-12-26T05:13:54.934142shield sshd\[1072\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.198.43.130 user=root 2019-12-26T05:13:56.867753shield sshd\[1072\]: Failed password for root from 112.198.43.130 port 46864 ssh2 2019-12-26T05:18:07.268344shield sshd\[2418\]: Invalid user zdziedzic from 112.198.43.130 port 39889 2019-12-26T05:18:07.271627shield sshd\[2418\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.198.43.130	2019-12-26 14:22:23
185.132.53.133	attackbots	Dec 26 06:52:25 django sshd[12643]: Invalid user fake from 185.132.53.133 Dec 26 06:52:25 django sshd[12643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.132.53.133 Dec 26 06:52:27 django sshd[12643]: Failed password for invalid user fake from 185.132.53.133 port 53096 ssh2 Dec 26 06:52:27 django sshd[12644]: Received disconnect from 185.132.53.133: 11: Bye Bye Dec 26 06:52:28 django sshd[12665]: User admin from 185.132.53.133 not allowed because not listed in AllowUsers Dec 26 06:52:28 django sshd[12665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.132.53.133 user=admin ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=185.132.53.133	2019-12-26 13:54:36
103.89.168.196	attackbots	B: Magento admin pass test (abusive)	2019-12-26 14:15:40
122.140.131.73	attackspam	UTC: 2019-12-25 port: 23/tcp	2019-12-26 14:02:44
204.42.253.130	attack	UTC: 2019-12-25 pkts: 2 port: 161/udp	2019-12-26 14:06:54
14.215.165.133	attackbots	Dec 26 05:40:11 localhost sshd[17689]: Failed password for root from 14.215.165.133 port 55154 ssh2 Dec 26 05:56:31 localhost sshd[18391]: Failed password for invalid user ar from 14.215.165.133 port 60934 ssh2 Dec 26 05:59:35 localhost sshd[18542]: Failed password for root from 14.215.165.133 port 51630 ssh2	2019-12-26 14:00:58
200.110.174.137	attackbots	Dec 26 05:59:35 mail sshd[23773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.110.174.137 user=root Dec 26 05:59:37 mail sshd[23773]: Failed password for root from 200.110.174.137 port 52613 ssh2 ...	2019-12-26 13:59:06
78.110.155.250	attackspam	1577336360 - 12/26/2019 05:59:20 Host: 78.110.155.250/78.110.155.250 Port: 445 TCP Blocked	2019-12-26 14:10:56
178.128.144.227	attack	Dec 26 03:21:39 ws12vmsma01 sshd[52609]: Failed password for invalid user cimtig from 178.128.144.227 port 51290 ssh2 Dec 26 03:23:46 ws12vmsma01 sshd[52874]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.144.227 user=root Dec 26 03:23:48 ws12vmsma01 sshd[52874]: Failed password for root from 178.128.144.227 port 39910 ssh2 ...	2019-12-26 13:48:17

Recently Reported IPs

183.120.233.60	14.172.3.59	194.14.48.241	181.191.228.84
2.235.170.195	181.128.94.177	178.47.137.122	177.93.165.177
168.121.69.230	162.199.10.80	159.192.225.248	156.213.188.86
14.252.55.58	14.191.224.71	1.222.231.117	177.72.89.128
124.123.119.130	122.100.177.42	61.80.102.150	146.160.126.27