1.20.151.55 - IPInfo

Basic Info

City: Ang Thong

Region: Ang Thong

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.151.60	attackbots	2020-07-19T15:41:17.980847suse-nuc sshd[7754]: Invalid user admin from 1.20.151.60 port 53635 ...	2020-09-27 05:18:05
1.20.151.60	attackbots	2020-07-19T15:41:17.980847suse-nuc sshd[7754]: Invalid user admin from 1.20.151.60 port 53635 ...	2020-09-26 21:31:12
1.20.151.60	attackspam	2020-07-19T15:41:17.980847suse-nuc sshd[7754]: Invalid user admin from 1.20.151.60 port 53635 ...	2020-09-26 13:13:13
1.20.151.42	attack	1600880493 - 09/23/2020 19:01:33 Host: 1.20.151.42/1.20.151.42 Port: 445 TCP Blocked	2020-09-25 01:26:49
1.20.151.42	attackspam	1600880493 - 09/23/2020 19:01:33 Host: 1.20.151.42/1.20.151.42 Port: 445 TCP Blocked	2020-09-24 17:04:44
1.20.151.111	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-20 12:21:29,125 INFO [shellcode_manager] (1.20.151.111) no match, writing hexdump (65eddc221a04ff1a92ff1a0076769df0 :2382146) - MS17010 (EternalBlue)	2019-07-22 15:16:52
1.20.151.73	attack	1.20.151.73 - - [13/Apr/2019:04:10:01 +0800] "GET /phpMyAdmins/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0 .2623.105 Safari/537.36" 1.20.151.73 - - [13/Apr/2019:04:10:01 +0800] "GET /phpMyAdmin._/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49. 0.2623.105 Safari/537.36" 1.20.151.73 - - [13/Apr/2019:04:10:01 +0800] "GET /phpmyadmin2222/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/4 9.0.2623.105 Safari/537.36" 1.20.151.73 - - [13/Apr/2019:04:10:01 +0800] "GET /php2MyAdmin/index.php HTTP/1.1" 301 194 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0 .2623.105 Safari/537.36"	2019-04-13 06:21:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.151.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60725
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.151.55.			IN	A

;; AUTHORITY SECTION:
.			94	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022040301 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 04 11:46:47 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 55.151.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.151.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.59.84.29	attack	Mar 31 04:31:20 cumulus sshd[29787]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.29 user=r.r Mar 31 04:31:23 cumulus sshd[29787]: Failed password for r.r from 139.59.84.29 port 49410 ssh2 Mar 31 04:31:23 cumulus sshd[29787]: Received disconnect from 139.59.84.29 port 49410:11: Bye Bye [preauth] Mar 31 04:31:23 cumulus sshd[29787]: Disconnected from 139.59.84.29 port 49410 [preauth] Mar 31 04:44:30 cumulus sshd[30753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.29 user=r.r Mar 31 04:44:33 cumulus sshd[30753]: Failed password for r.r from 139.59.84.29 port 55432 ssh2 Mar 31 04:44:33 cumulus sshd[30753]: Received disconnect from 139.59.84.29 port 55432:11: Bye Bye [preauth] Mar 31 04:44:33 cumulus sshd[30753]: Disconnected from 139.59.84.29 port 55432 [preauth] Mar 31 04:49:16 cumulus sshd[31032]: Invalid user user from 139.59.84.29 port 50670 Mar 31 04:49:16 cumu........ -------------------------------	2020-04-02 20:55:35
24.150.181.239	attackspam	Attempted connection to port 10865.	2020-04-02 21:03:29
178.69.40.160	attackspambots	<a href=https://cleaningservices.kiev.ua/>клининговые агенства</a> Буду очень рада если информация окажется полезной -- Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 OPR/54.0.2952.64 (Edition Yx)	2020-04-02 20:50:53
144.217.34.147	attack	144.217.34.147 was recorded 9 times by 8 hosts attempting to connect to the following ports: 3478,3283. Incident counter (4h, 24h, all-time): 9, 39, 1244	2020-04-02 20:47:56
46.38.145.4	attack	2020-04-02 16:06:56 dovecot_login authenticator failed for \(User\) \[46.38.145.4\]: 535 Incorrect authentication data \(set_id=ns202@org.ua\)2020-04-02 16:07:27 dovecot_login authenticator failed for \(User\) \[46.38.145.4\]: 535 Incorrect authentication data \(set_id=vh2@org.ua\)2020-04-02 16:07:57 dovecot_login authenticator failed for \(User\) \[46.38.145.4\]: 535 Incorrect authentication data \(set_id=www17@org.ua\) ...	2020-04-02 21:15:35
23.41.114.28	attackbots	Attempted connection to port 18671.	2020-04-02 21:07:08
222.186.175.154	attackbots	Apr 2 15:10:59 silence02 sshd[13430]: Failed password for root from 222.186.175.154 port 34976 ssh2 Apr 2 15:11:02 silence02 sshd[13430]: Failed password for root from 222.186.175.154 port 34976 ssh2 Apr 2 15:11:12 silence02 sshd[13430]: Failed password for root from 222.186.175.154 port 34976 ssh2 Apr 2 15:11:12 silence02 sshd[13430]: error: maximum authentication attempts exceeded for root from 222.186.175.154 port 34976 ssh2 [preauth]	2020-04-02 21:12:58
171.103.54.166	attackbotsspam	Apr 2 15:31:25 master sshd[12107]: Failed password for invalid user admin from 171.103.54.166 port 54896 ssh2 Apr 2 15:31:46 master sshd[12109]: Failed password for invalid user admin from 171.103.54.166 port 55012 ssh2	2020-04-02 21:00:19
14.231.90.3	attack	Apr 2 14:51:36 master sshd[12045]: Failed password for invalid user admin from 14.231.90.3 port 48487 ssh2 Apr 2 14:51:42 master sshd[12047]: Failed password for invalid user admin from 14.231.90.3 port 20570 ssh2	2020-04-02 21:16:02
46.48.144.187	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 02-04-2020 04:50:23.	2020-04-02 20:27:09
125.91.32.65	attack	Apr 2 14:45:02 hell sshd[21016]: Failed password for root from 125.91.32.65 port 25560 ssh2 ...	2020-04-02 21:00:43
219.100.124.189	attackbotsspam	Attempted connection to port 26765.	2020-04-02 21:16:22
171.238.18.88	attackspambots	Attempted connection to port 26.	2020-04-02 20:41:39
216.143.135.241	attackbots	SMB Server BruteForce Attack	2020-04-02 21:02:38
34.68.214.96	attack	Attempted connection to port 10408.	2020-04-02 20:53:35

Recently Reported IPs

1.20.150.200	1.20.154.132	1.20.157.230	1.20.168.144
1.20.168.29	1.20.175.58	1.20.180.169	1.20.180.222
1.20.180.48	1.20.180.67	1.20.181.193	1.20.181.95
1.20.203.227	1.20.203.42	1.20.207.199	1.20.207.215
1.20.207.235	1.20.207.74	1.20.210.18	1.20.218.143