1.20.248.206 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.248.101	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 10:26:39
1.20.248.250	attackspambots	firewall-block, port(s): 26/tcp	2019-11-28 15:12:07
1.20.248.226	attackspam	Chat Spam	2019-09-09 11:37:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.248.206
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8182
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.248.206.			IN	A

;; AUTHORITY SECTION:
.			384	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 21:08:38 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 206.248.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 206.248.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.61.130.121	attackbotsspam	Dec 1 22:47:32 hanapaa sshd\[14146\]: Invalid user ricoh from 182.61.130.121 Dec 1 22:47:32 hanapaa sshd\[14146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.130.121 Dec 1 22:47:34 hanapaa sshd\[14146\]: Failed password for invalid user ricoh from 182.61.130.121 port 32696 ssh2 Dec 1 22:55:27 hanapaa sshd\[3830\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.130.121 user=root Dec 1 22:55:29 hanapaa sshd\[3830\]: Failed password for root from 182.61.130.121 port 37929 ssh2	2019-12-02 17:03:40
220.174.36.183	attackbots	Multiple failed FTP logins	2019-12-02 17:04:05
218.92.0.171	attackbotsspam	2019-12-02T09:55:59.631250vps751288.ovh.net sshd\[30313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.171 user=root 2019-12-02T09:56:02.354880vps751288.ovh.net sshd\[30313\]: Failed password for root from 218.92.0.171 port 37396 ssh2 2019-12-02T09:56:05.903117vps751288.ovh.net sshd\[30313\]: Failed password for root from 218.92.0.171 port 37396 ssh2 2019-12-02T09:56:09.335321vps751288.ovh.net sshd\[30313\]: Failed password for root from 218.92.0.171 port 37396 ssh2 2019-12-02T09:56:13.180878vps751288.ovh.net sshd\[30313\]: Failed password for root from 218.92.0.171 port 37396 ssh2	2019-12-02 16:58:55
88.135.227.33	attackspam	Automatic report - Port Scan Attack	2019-12-02 16:43:40
195.84.49.20	attack	May 18 13:07:25 vtv3 sshd[959]: Invalid user 123 from 195.84.49.20 port 43136 May 18 13:07:25 vtv3 sshd[959]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.84.49.20 May 18 13:19:05 vtv3 sshd[6473]: Invalid user s0p0rte from 195.84.49.20 port 45278 May 18 13:19:05 vtv3 sshd[6473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.84.49.20 May 18 13:19:07 vtv3 sshd[6473]: Failed password for invalid user s0p0rte from 195.84.49.20 port 45278 ssh2 May 18 13:22:03 vtv3 sshd[8148]: Invalid user kr82@20140326 from 195.84.49.20 port 45820 May 18 13:22:03 vtv3 sshd[8148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.84.49.20 May 18 13:33:48 vtv3 sshd[13509]: Invalid user 123 from 195.84.49.20 port 47970 May 18 13:33:48 vtv3 sshd[13509]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.84.49.20 May 18 13:33:51 vtv3 sshd[13509]: Failed password	2019-12-02 16:35:58
106.54.48.29	attackspambots	Dec 2 02:24:22 srv01 sshd[11913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 user=r.r Dec 2 02:24:24 srv01 sshd[11913]: Failed password for r.r from 106.54.48.29 port 54008 ssh2 Dec 2 02:24:24 srv01 sshd[11913]: Received disconnect from 106.54.48.29: 11: Bye Bye [preauth] Dec 2 02:31:51 srv01 sshd[12282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 user=r.r Dec 2 02:31:53 srv01 sshd[12282]: Failed password for r.r from 106.54.48.29 port 40000 ssh2 Dec 2 02:31:54 srv01 sshd[12282]: Received disconnect from 106.54.48.29: 11: Bye Bye [preauth] Dec 2 02:39:14 srv01 sshd[12593]: Invalid user sula from 106.54.48.29 Dec 2 02:39:14 srv01 sshd[12593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.48.29 Dec 2 02:39:16 srv01 sshd[12593]: Failed password for invalid user sula from 106.54.48.29 port 49642 ssh2........ -------------------------------	2019-12-02 16:28:49
35.238.162.217	attack	SSH invalid-user multiple login attempts	2019-12-02 16:31:24
129.213.100.212	attackbotsspam	ssh intrusion attempt	2019-12-02 16:38:49
87.197.166.67	attackspambots	Dec 2 09:48:04 legacy sshd[11653]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.197.166.67 Dec 2 09:48:07 legacy sshd[11653]: Failed password for invalid user jw from 87.197.166.67 port 49442 ssh2 Dec 2 09:55:46 legacy sshd[12022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.197.166.67 ...	2019-12-02 17:01:27
35.236.66.200	attackspam	Triggered by Fail2Ban at Vostok web server	2019-12-02 16:35:14
155.230.35.195	attackbotsspam	/var/log/messages:Dec 2 06:05:53 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1575266753.548:6218): pid=13091 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=13092 suid=74 rport=59032 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=155.230.35.195 terminal=? res=success' /var/log/messages:Dec 2 06:05:53 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1575266753.551:6219): pid=13091 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=13092 suid=74 rport=59032 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=155.230.35.195 terminal=? res=success' /var/log/messages:Dec 2 06:05:54 sanyalnet-cloud-vps fail2ban.filter[1442]: INFO [sshd] Found........ -------------------------------	2019-12-02 16:38:05
23.239.111.138	attack	TCP Port Scanning	2019-12-02 17:03:15
66.70.206.215	attackbots	$f2bV_matches	2019-12-02 16:54:53
51.77.201.36	attackspam	Dec 2 09:30:02 vps691689 sshd[10773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.201.36 Dec 2 09:30:05 vps691689 sshd[10773]: Failed password for invalid user Pool@123 from 51.77.201.36 port 41108 ssh2 ...	2019-12-02 16:51:06
49.234.179.127	attack	Dec 2 14:25:30 areeb-Workstation sshd[7128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.179.127 Dec 2 14:25:32 areeb-Workstation sshd[7128]: Failed password for invalid user barbier from 49.234.179.127 port 59700 ssh2 ...	2019-12-02 17:01:55

Recently Reported IPs

1.20.248.201	1.20.248.208	1.20.248.210	1.20.248.217
1.20.248.221	1.20.248.238	1.20.248.246	1.20.248.25
1.20.248.28	1.20.248.36	1.20.248.38	1.20.248.40
1.20.248.45	1.20.248.49	1.20.248.5	1.20.248.52
1.20.248.56	1.20.248.61	1.20.248.67	1.20.248.72