1.20.221.138 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.221.210	attackbots	Unauthorized connection attempt from IP address 1.20.221.210 on Port 445(SMB)	2020-09-15 21:40:38
1.20.221.210	attackspambots	Unauthorized connection attempt from IP address 1.20.221.210 on Port 445(SMB)	2020-09-15 13:37:52
1.20.221.210	attackbots	Unauthorized connection attempt from IP address 1.20.221.210 on Port 445(SMB)	2020-09-15 05:50:15
1.20.221.249	attack	Unauthorized connection attempt detected from IP address 1.20.221.249 to port 445 [T]	2020-08-10 19:49:10
1.20.221.94	attackspam	Portscan or hack attempt detected by psad/fwsnort	2019-12-09 19:54:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.221.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30284
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.221.138.			IN	A

;; AUTHORITY SECTION:
.			313	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 20:50:59 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 138.221.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.221.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
175.24.59.130	attackbotsspam	Invalid user dovecot from 175.24.59.130 port 55304	2020-04-11 17:09:21
222.186.30.59	attackbots	Apr 11 05:23:16 ny01 sshd[10663]: Failed password for root from 222.186.30.59 port 50745 ssh2 Apr 11 05:23:20 ny01 sshd[10663]: Failed password for root from 222.186.30.59 port 50745 ssh2 Apr 11 05:23:23 ny01 sshd[10663]: Failed password for root from 222.186.30.59 port 50745 ssh2	2020-04-11 17:35:15
106.75.231.188	attackbots	Lines containing failures of 106.75.231.188 Apr 11 07:42:30 jarvis sshd[3458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.231.188 user=r.r Apr 11 07:42:33 jarvis sshd[3458]: Failed password for r.r from 106.75.231.188 port 45730 ssh2 Apr 11 07:42:35 jarvis sshd[3458]: Received disconnect from 106.75.231.188 port 45730:11: Bye Bye [preauth] Apr 11 07:42:35 jarvis sshd[3458]: Disconnected from authenticating user r.r 106.75.231.188 port 45730 [preauth] Apr 11 07:56:51 jarvis sshd[5893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.231.188 user=r.r Apr 11 07:56:52 jarvis sshd[5893]: Failed password for r.r from 106.75.231.188 port 56388 ssh2 Apr 11 07:56:53 jarvis sshd[5893]: Received disconnect from 106.75.231.188 port 56388:11: Bye Bye [preauth] Apr 11 07:56:53 jarvis sshd[5893]: Disconnected from authenticating user r.r 106.75.231.188 port 56388 [preauth] Apr 11 08:01:........ ------------------------------	2020-04-11 17:07:22
2604:a880:800:10::3b7:c001	attackspambots	WordPress wp-login brute force :: 2604:a880:800:10::3b7:c001 0.328 BYPASS [11/Apr/2020:04:55:24 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-11 17:43:47
139.59.7.251	attackspam	Apr 11 05:49:36 debian-2gb-nbg1-2 kernel: \[8835981.069877\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=139.59.7.251 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=37647 PROTO=TCP SPT=42959 DPT=31872 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-11 17:15:12
134.209.182.198	attack	2020-04-11T05:40:11.742084shield sshd\[20091\]: Invalid user poh from 134.209.182.198 port 54104 2020-04-11T05:40:11.745948shield sshd\[20091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.182.198 2020-04-11T05:40:14.533547shield sshd\[20091\]: Failed password for invalid user poh from 134.209.182.198 port 54104 ssh2 2020-04-11T05:43:10.570385shield sshd\[20348\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.182.198 user=root 2020-04-11T05:43:12.595635shield sshd\[20348\]: Failed password for root from 134.209.182.198 port 40880 ssh2	2020-04-11 17:42:41
34.246.37.66	attack	2020-04-11T08:01:54.513321dmca.cloudsearch.cf sshd[24008]: Invalid user pawel from 34.246.37.66 port 48036 2020-04-11T08:01:54.529997dmca.cloudsearch.cf sshd[24008]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-34-246-37-66.eu-west-1.compute.amazonaws.com 2020-04-11T08:01:54.513321dmca.cloudsearch.cf sshd[24008]: Invalid user pawel from 34.246.37.66 port 48036 2020-04-11T08:01:56.631566dmca.cloudsearch.cf sshd[24008]: Failed password for invalid user pawel from 34.246.37.66 port 48036 ssh2 2020-04-11T08:06:35.266560dmca.cloudsearch.cf sshd[24347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ec2-34-246-37-66.eu-west-1.compute.amazonaws.com user=root 2020-04-11T08:06:37.278098dmca.cloudsearch.cf sshd[24347]: Failed password for root from 34.246.37.66 port 57994 ssh2 2020-04-11T08:10:48.333643dmca.cloudsearch.cf sshd[24691]: Invalid user wayne from 34.246.37.66 port 39688 ...	2020-04-11 17:20:06
222.190.130.62	attackbotsspam	$f2bV_matches	2020-04-11 17:45:23
212.95.137.35	attackspam	frenzy	2020-04-11 17:24:26
113.189.229.211	attackbotsspam	1586576944 - 04/11/2020 05:49:04 Host: 113.189.229.211/113.189.229.211 Port: 445 TCP Blocked	2020-04-11 17:34:35
167.172.207.89	attack	Apr 11 08:58:17 localhost sshd[24790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.207.89 user=root Apr 11 08:58:19 localhost sshd[24790]: Failed password for root from 167.172.207.89 port 36290 ssh2 Apr 11 09:05:37 localhost sshd[25773]: Invalid user erika from 167.172.207.89 port 35000 Apr 11 09:05:37 localhost sshd[25773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.207.89 Apr 11 09:05:37 localhost sshd[25773]: Invalid user erika from 167.172.207.89 port 35000 Apr 11 09:05:39 localhost sshd[25773]: Failed password for invalid user erika from 167.172.207.89 port 35000 ssh2 ...	2020-04-11 17:05:58
62.33.8.211	attackspambots	SMTP brute force ...	2020-04-11 17:21:25
148.70.169.14	attackbots	Apr 11 08:48:55 gw1 sshd[2248]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.169.14 Apr 11 08:48:56 gw1 sshd[2248]: Failed password for invalid user emese from 148.70.169.14 port 59184 ssh2 ...	2020-04-11 17:39:43
198.98.52.15	attackbots	Apr 11 07:47:17 debian-2gb-nbg1-2 kernel: \[8843041.594403\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=198.98.52.15 DST=195.201.40.59 LEN=44 TOS=0x08 PREC=0x00 TTL=240 ID=54321 PROTO=TCP SPT=49640 DPT=1122 WINDOW=65535 RES=0x00 SYN URGP=0	2020-04-11 17:15:28
222.186.42.136	attack	(sshd) Failed SSH login from 222.186.42.136 (CN/China/-): 5 in the last 3600 secs	2020-04-11 17:29:33

Recently Reported IPs

1.20.221.136	1.20.221.14	1.20.221.141	1.20.221.155
1.20.221.158	1.20.221.162	1.20.221.164	1.20.221.166
1.20.221.17	1.20.221.173	1.20.221.174	1.20.221.177
1.20.221.178	21.109.246.220	1.20.221.183	1.20.221.185
1.20.221.186	1.20.221.188	1.20.221.19	1.20.221.192