1.20.99.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.99.89	attackbotsspam	xmlrpc attack	2020-01-23 15:48:02

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.99.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5041
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.99.28.			IN	A

;; AUTHORITY SECTION:
.			136	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 59 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 10:16:13 CST 2022
;; MSG SIZE  rcvd: 103

Host info

Host 28.99.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.99.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
54.39.209.237	attack	Sep 13 18:57:25 hanapaa sshd\[25782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.209.237 user=root Sep 13 18:57:27 hanapaa sshd\[25782\]: Failed password for root from 54.39.209.237 port 40818 ssh2 Sep 13 18:58:32 hanapaa sshd\[25871\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.209.237 user=root Sep 13 18:58:35 hanapaa sshd\[25871\]: Failed password for root from 54.39.209.237 port 34406 ssh2 Sep 13 18:59:41 hanapaa sshd\[25985\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.209.237 user=root	2020-09-14 13:18:43
193.169.252.217	attack	Icarus honeypot on github	2020-09-14 13:17:48
192.99.11.223	attackspam	192.99.11.223 - - [14/Sep/2020:07:28:45 +0200] "GET /wp-login.php HTTP/1.1" 200 9184 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.11.223 - - [14/Sep/2020:07:28:47 +0200] "POST /wp-login.php HTTP/1.1" 200 9435 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.11.223 - - [14/Sep/2020:07:28:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-14 13:36:24
1.11.201.18	attackbots	2020-09-14T06:41:34.311229ns386461 sshd\[30182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.11.201.18 user=root 2020-09-14T06:41:36.510466ns386461 sshd\[30182\]: Failed password for root from 1.11.201.18 port 45560 ssh2 2020-09-14T06:49:09.712581ns386461 sshd\[4791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.11.201.18 user=root 2020-09-14T06:49:11.374609ns386461 sshd\[4791\]: Failed password for root from 1.11.201.18 port 49394 ssh2 2020-09-14T06:51:34.492910ns386461 sshd\[7074\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.11.201.18 user=root ...	2020-09-14 13:24:18
117.176.104.102	attack	Invalid user local from 117.176.104.102 port 43478	2020-09-14 13:37:31
37.49.224.205	attack	MAIL: User Login Brute Force Attempt	2020-09-14 13:49:53
54.37.71.203	attack	Time: Sun Sep 13 21:18:47 2020 +0000 IP: 54.37.71.203 (FR/France/203.ip-54-37-71.eu) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 13 21:00:16 ca-48-ede1 sshd[57218]: Invalid user xavier from 54.37.71.203 port 33692 Sep 13 21:00:18 ca-48-ede1 sshd[57218]: Failed password for invalid user xavier from 54.37.71.203 port 33692 ssh2 Sep 13 21:08:22 ca-48-ede1 sshd[57552]: Failed password for root from 54.37.71.203 port 53132 ssh2 Sep 13 21:13:38 ca-48-ede1 sshd[57702]: Failed password for root from 54.37.71.203 port 36508 ssh2 Sep 13 21:18:43 ca-48-ede1 sshd[57850]: Failed password for root from 54.37.71.203 port 48104 ssh2	2020-09-14 13:12:19
112.85.42.102	attackspambots	Sep 14 12:27:59 webhost01 sshd[28632]: Failed password for root from 112.85.42.102 port 63675 ssh2 Sep 14 12:28:01 webhost01 sshd[28632]: Failed password for root from 112.85.42.102 port 63675 ssh2 ...	2020-09-14 13:53:48
118.89.231.109	attackbotsspam	Sep 14 05:15:00 localhost sshd[48267]: Invalid user R00tAdm!n123 from 118.89.231.109 port 57024 Sep 14 05:15:00 localhost sshd[48267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.231.109 Sep 14 05:15:00 localhost sshd[48267]: Invalid user R00tAdm!n123 from 118.89.231.109 port 57024 Sep 14 05:15:02 localhost sshd[48267]: Failed password for invalid user R00tAdm!n123 from 118.89.231.109 port 57024 ssh2 Sep 14 05:20:46 localhost sshd[48796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.89.231.109 user=root Sep 14 05:20:48 localhost sshd[48796]: Failed password for root from 118.89.231.109 port 60775 ssh2 ...	2020-09-14 13:33:18
177.69.237.54	attack	2020-09-14T05:35:28.334373abusebot-7.cloudsearch.cf sshd[4056]: Invalid user admin from 177.69.237.54 port 33826 2020-09-14T05:35:28.338602abusebot-7.cloudsearch.cf sshd[4056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.237.54 2020-09-14T05:35:28.334373abusebot-7.cloudsearch.cf sshd[4056]: Invalid user admin from 177.69.237.54 port 33826 2020-09-14T05:35:29.845797abusebot-7.cloudsearch.cf sshd[4056]: Failed password for invalid user admin from 177.69.237.54 port 33826 ssh2 2020-09-14T05:41:11.720956abusebot-7.cloudsearch.cf sshd[4060]: Invalid user ec2-user from 177.69.237.54 port 39970 2020-09-14T05:41:11.729044abusebot-7.cloudsearch.cf sshd[4060]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.69.237.54 2020-09-14T05:41:11.720956abusebot-7.cloudsearch.cf sshd[4060]: Invalid user ec2-user from 177.69.237.54 port 39970 2020-09-14T05:41:13.657756abusebot-7.cloudsearch.cf sshd[4060]: Failed p ...	2020-09-14 13:45:39
191.242.217.110	attackbots	Sep 14 05:27:32 vmd26974 sshd[22903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.242.217.110 Sep 14 05:27:34 vmd26974 sshd[22903]: Failed password for invalid user zhaowei from 191.242.217.110 port 18673 ssh2 ...	2020-09-14 13:24:39
51.15.191.81	attack	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-09-14 13:28:25
5.188.116.52	attackbotsspam	Sep 14 02:35:18 mavik sshd[13203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.188.116.52 user=root Sep 14 02:35:20 mavik sshd[13203]: Failed password for root from 5.188.116.52 port 45314 ssh2 Sep 14 02:39:16 mavik sshd[13418]: Invalid user steamsrv from 5.188.116.52 Sep 14 02:39:16 mavik sshd[13418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.188.116.52 Sep 14 02:39:17 mavik sshd[13418]: Failed password for invalid user steamsrv from 5.188.116.52 port 57732 ssh2 ...	2020-09-14 13:49:06
212.230.191.245	attackspambots	Sep 13 18:55:28 lnxweb61 sshd[3417]: Failed password for root from 212.230.191.245 port 47142 ssh2 Sep 13 18:55:28 lnxweb61 sshd[3417]: Failed password for root from 212.230.191.245 port 47142 ssh2	2020-09-14 13:40:55
169.239.108.52	attackspam	Unauthorised access (Sep 13) SRC=169.239.108.52 LEN=52 PREC=0x20 TTL=115 ID=619 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-14 13:49:34

Recently Reported IPs

1.20.99.253	1.20.99.3	1.20.99.32	1.20.99.40
219.146.105.33	1.20.99.42	1.20.99.44	1.20.99.47
1.20.99.5	1.20.99.50	1.205.67.175	1.205.73.94
1.205.78.240	78.87.27.247	1.205.82.177	1.205.90.153
1.205.92.11	233.117.21.9	1.205.98.51	1.206.148.187