1.20.211.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.211.225	attackspambots	1582519708 - 02/24/2020 05:48:28 Host: 1.20.211.225/1.20.211.225 Port: 445 TCP Blocked	2020-02-24 18:07:48
1.20.211.219	attackbots	Unauthorized connection attempt detected from IP address 1.20.211.219 to port 81	2020-01-01 02:17:30
1.20.211.231	attack	19/11/25@17:45:16: FAIL: IoT-Telnet address from=1.20.211.231 ...	2019-11-26 08:30:42

Type

Details

Datetime

1.20.211.225

attackspambots

1582519708 - 02/24/2020 05:48:28 Host: 1.20.211.225/1.20.211.225 Port: 445 TCP Blocked

2020-02-24 18:07:48

1.20.211.219

attackbots

Unauthorized connection attempt detected from IP address 1.20.211.219 to port 81

2020-01-01 02:17:30

1.20.211.231

attack

19/11/25@17:45:16: FAIL: IoT-Telnet address from=1.20.211.231
...

2019-11-26 08:30:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.211.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56985
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.211.48.			IN	A

;; AUTHORITY SECTION:
.			155	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 166 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 20:45:26 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 48.211.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.211.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
125.39.237.230	attackbots	Jul 5 23:43:43 123flo sshd[46703]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.39.237.230 user=root Jul 5 23:43:45 123flo sshd[46707]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.39.237.230 user=root Jul 5 23:43:49 123flo sshd[46723]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.39.237.230 user=root	2019-07-06 17:07:24
218.108.74.250	attackbots	2019-07-06T00:44:09.829394mizuno.rwx.ovh sshd[12937]: Connection from 218.108.74.250 port 50418 on 78.46.61.178 port 22 2019-07-06T00:44:14.211389mizuno.rwx.ovh sshd[12937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.108.74.250 user=root 2019-07-06T00:44:15.999664mizuno.rwx.ovh sshd[12937]: Failed password for root from 218.108.74.250 port 50418 ssh2 2019-07-06T00:44:20.144324mizuno.rwx.ovh sshd[12937]: Failed password for root from 218.108.74.250 port 50418 ssh2 2019-07-06T00:44:09.829394mizuno.rwx.ovh sshd[12937]: Connection from 218.108.74.250 port 50418 on 78.46.61.178 port 22 2019-07-06T00:44:14.211389mizuno.rwx.ovh sshd[12937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.108.74.250 user=root 2019-07-06T00:44:15.999664mizuno.rwx.ovh sshd[12937]: Failed password for root from 218.108.74.250 port 50418 ssh2 2019-07-06T00:44:20.144324mizuno.rwx.ovh sshd[12937]: Failed password for root ...	2019-07-06 16:54:34
162.243.151.108	attack	110/tcp 27025/tcp 587/tcp... [2019-05-15/07-05]22pkt,20pt.(tcp)	2019-07-06 17:16:02
203.195.155.100	attackspambots	Jul 1 03:34:03 mail-host sshd[6733]: Invalid user tushar from 203.195.155.100 Jul 1 03:34:03 mail-host sshd[6733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.155.100 Jul 1 03:34:05 mail-host sshd[6733]: Failed password for invalid user tushar from 203.195.155.100 port 51942 ssh2 Jul 1 03:34:06 mail-host sshd[6780]: Received disconnect from 203.195.155.100: 11: Bye Bye Jul 1 03:46:35 mail-host sshd[4885]: Invalid user biology from 203.195.155.100 Jul 1 03:46:35 mail-host sshd[4885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.195.155.100 Jul 1 03:46:37 mail-host sshd[4885]: Failed password for invalid user biology from 203.195.155.100 port 50420 ssh2 Jul 1 03:46:37 mail-host sshd[4886]: Received disconnect from 203.195.155.100: 11: Bye Bye Jul 1 03:47:47 mail-host sshd[5087]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos........ -------------------------------	2019-07-06 16:23:28
206.189.197.48	attackbotsspam	Jul 6 09:36:40 srv206 sshd[8960]: Invalid user toor from 206.189.197.48 Jul 6 09:36:40 srv206 sshd[8960]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.197.48 Jul 6 09:36:40 srv206 sshd[8960]: Invalid user toor from 206.189.197.48 Jul 6 09:36:42 srv206 sshd[8960]: Failed password for invalid user toor from 206.189.197.48 port 58410 ssh2 ...	2019-07-06 16:31:56
181.97.163.96	attack	2019-07-03 17:54:06 H=(host96.181-97-163.telecom.net.ar) [181.97.163.96]:31185 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.97.163.96) 2019-07-03 17:54:07 unexpected disconnection while reading SMTP command from (host96.181-97-163.telecom.net.ar) [181.97.163.96]:31185 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-07-03 19:52:52 H=(host96.181-97-163.telecom.net.ar) [181.97.163.96]:10490 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.97.163.96) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.97.163.96	2019-07-06 16:45:05
213.73.171.52	attack	Jul 5 23:40:37 ntp sshd[6802]: Invalid user pi from 213.73.171.52 Jul 5 23:40:37 ntp sshd[6801]: Invalid user pi from 213.73.171.52 Jul 5 23:40:37 ntp sshd[6802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.73.171.52 Jul 5 23:40:37 ntp sshd[6801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.73.171.52 Jul 5 23:40:39 ntp sshd[6802]: Failed password for invalid user pi from 213.73.171.52 port 57198 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=213.73.171.52	2019-07-06 17:14:34
46.252.104.180	attackspam	2019-07-03 18:29:33 H=([46.252.104.180]) [46.252.104.180]:25728 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=46.252.104.180) 2019-07-03 18:29:33 unexpected disconnection while reading SMTP command from ([46.252.104.180]) [46.252.104.180]:25728 I=[10.100.18.22]:25 (error: Connection reset by peer) 2019-07-03 19:45:47 H=([46.252.104.180]) [46.252.104.180]:37976 I=[10.100.18.22]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=46.252.104.180) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=46.252.104.180	2019-07-06 16:28:55
159.69.220.250	attack	Jul 6 09:50:48 dcd-gentoo sshd[31943]: Invalid user Stockholm from 159.69.220.250 port 52750 Jul 6 09:50:49 dcd-gentoo sshd[31943]: error: PAM: Authentication failure for illegal user Stockholm from 159.69.220.250 Jul 6 09:50:48 dcd-gentoo sshd[31943]: Invalid user Stockholm from 159.69.220.250 port 52750 Jul 6 09:50:49 dcd-gentoo sshd[31943]: error: PAM: Authentication failure for illegal user Stockholm from 159.69.220.250 Jul 6 09:50:48 dcd-gentoo sshd[31943]: Invalid user Stockholm from 159.69.220.250 port 52750 Jul 6 09:50:49 dcd-gentoo sshd[31943]: error: PAM: Authentication failure for illegal user Stockholm from 159.69.220.250 Jul 6 09:50:49 dcd-gentoo sshd[31943]: Failed keyboard-interactive/pam for invalid user Stockholm from 159.69.220.250 port 52750 ssh2 ...	2019-07-06 16:40:48
140.143.156.96	attackspam	Jul 6 03:44:53 unicornsoft sshd\[28728\]: Invalid user ftp from 140.143.156.96 Jul 6 03:44:53 unicornsoft sshd\[28728\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.156.96 Jul 6 03:44:56 unicornsoft sshd\[28728\]: Failed password for invalid user ftp from 140.143.156.96 port 38504 ssh2	2019-07-06 16:39:51
117.66.243.77	attackspambots	2019-07-06T05:43:19.0534531240 sshd\[8008\]: Invalid user ethos from 117.66.243.77 port 57626 2019-07-06T05:43:19.0580601240 sshd\[8008\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.66.243.77 2019-07-06T05:43:20.6316401240 sshd\[8008\]: Failed password for invalid user ethos from 117.66.243.77 port 57626 ssh2 ...	2019-07-06 17:16:49
45.7.200.20	attack	Jul 3 19:52:45 h2421860 postfix/postscreen[26659]: CONNECT from [45.7.200.20]:39933 to [85.214.119.52]:25 Jul 3 19:52:45 h2421860 postfix/dnsblog[26664]: addr 45.7.200.20 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 3 19:52:45 h2421860 postfix/dnsblog[26668]: addr 45.7.200.20 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 3 19:52:45 h2421860 postfix/dnsblog[26667]: addr 45.7.200.20 listed by domain Unknown.trblspam.com as 185.53.179.7 Jul 3 19:52:45 h2421860 postfix/postscreen[26659]: PREGREET 22 after 0.51 from [45.7.200.20]:39933: EHLO 1015thehawk.com Jul 3 19:52:46 h2421860 postfix/postscreen[26659]: DNSBL rank 5 for [45.7.200.20]:39933 Jul x@x Jul 3 19:52:47 h2421860 postfix/postscreen[26659]: HANGUP after 1.2 from [45.7.200.20]:39933 in tests after SMTP handshake Jul 3 19:52:47 h2421860 postfix/postscreen[26659]: DISCONNECT [45.7.200.20]:39933 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=45.7.200.20	2019-07-06 16:43:25
65.175.175.194	attackbotsspam	Jul 6 06:43:34 srv-4 sshd\[5241\]: Invalid user tanya from 65.175.175.194 Jul 6 06:43:34 srv-4 sshd\[5241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.175.175.194 Jul 6 06:43:36 srv-4 sshd\[5241\]: Failed password for invalid user tanya from 65.175.175.194 port 53252 ssh2 ...	2019-07-06 17:10:38
177.128.144.12	attack	failed_logins	2019-07-06 16:50:40
37.59.116.10	attackspambots	Jul 6 10:12:36 core01 sshd\[26631\]: Invalid user tajiki from 37.59.116.10 port 45060 Jul 6 10:12:36 core01 sshd\[26631\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.116.10 ...	2019-07-06 16:47:34

Recently Reported IPs

254.155.102.229	1.20.211.52	1.20.211.55	1.20.211.58
1.20.211.60	1.20.211.65	1.20.211.73	1.20.211.76
1.20.211.81	1.20.212.102	236.167.165.196	1.20.212.107
1.20.212.110	1.20.212.112	1.20.212.130	1.20.212.149
1.20.212.15	1.20.212.178	1.20.212.185	1.20.212.191