121.157.1.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea Republic of

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
121.157.146.57	attack	Port probing on unauthorized port 23	2020-05-30 06:07:13
121.157.107.22	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-05-11 04:10:29
121.157.134.23	attackbots	Unauthorized connection attempt detected from IP address 121.157.134.23 to port 23 [J]	2020-02-23 18:01:36
121.157.186.96	attackbots	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-02-04 18:21:28
121.157.186.96	attackspambots	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-01-07 20:23:51
121.157.186.96	attack	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-01-06 21:04:42
121.157.186.96	attackspambots	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-01-06 04:18:37
121.157.186.96	attackbotsspam	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23	2019-12-30 03:05:39
121.157.186.96	attackbotsspam	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23	2019-12-29 19:21:37
121.157.186.96	attackspam	Unauthorised access (Oct 18) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 18) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 16) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 15) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 15) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN	2019-10-19 05:13:09
121.157.186.96	attack	Unauthorised access (Oct 15) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN	2019-10-15 13:57:51
121.157.186.96	attackspam	Sep 21 05:53:48 h2177944 kernel: \[1914389.116177\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:48 h2177944 kernel: \[1914389.243579\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:49 h2177944 kernel: \[1914389.460719\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:49 h2177944 kernel: \[1914389.481178\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:49 h2177944 kernel: \[1914389.562125\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40	2019-09-21 14:32:18
121.157.186.96	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-09-07 20:33:58
121.157.186.96	attackspam	Telnetd brute force attack detected by fail2ban	2019-07-16 09:58:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.157.1.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2782
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;121.157.1.20.			IN	A

;; AUTHORITY SECTION:
.			35	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 14:12:39 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 20.1.157.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.1.157.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
159.203.81.129	attackspam	159.203.81.129 was recorded 134 times by 14 hosts attempting to connect to the following ports: 8088. Incident counter (4h, 24h, all-time): 134, 144, 19214	2019-11-24 01:35:31
37.187.131.203	attackspambots	Automatic report - Banned IP Access	2019-11-24 01:30:13
218.94.136.90	attackspambots	2019-11-23T15:55:49.532369abusebot-5.cloudsearch.cf sshd\[9251\]: Invalid user administrator from 218.94.136.90 port 58621	2019-11-24 01:05:14
134.209.190.139	attackbotsspam	Automatic report - XMLRPC Attack	2019-11-24 01:15:44
35.183.208.142	attackspambots	Nov 23 17:32:08 markkoudstaal sshd[15312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.183.208.142 Nov 23 17:32:10 markkoudstaal sshd[15312]: Failed password for invalid user kostyk from 35.183.208.142 port 56590 ssh2 Nov 23 17:35:24 markkoudstaal sshd[15739]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.183.208.142	2019-11-24 00:57:11
181.230.133.83	attackbots	Nov 23 22:32:27 areeb-Workstation sshd[1772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.230.133.83 Nov 23 22:32:29 areeb-Workstation sshd[1772]: Failed password for invalid user soporte from 181.230.133.83 port 37862 ssh2 ...	2019-11-24 01:22:04
188.136.174.17	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-24 01:43:02
45.143.221.15	attackbots	\[2019-11-23 12:33:13\] NOTICE\[2754\] chan_sip.c: Registration from '"844" \' failed for '45.143.221.15:5469' - Wrong password \[2019-11-23 12:33:13\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-23T12:33:13.294-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="844",SessionID="0x7f26c4a90648",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.221.15/5469",Challenge="78150a53",ReceivedChallenge="78150a53",ReceivedHash="3b6f77c6133499cd2e80045c540ee682" \[2019-11-23 12:33:13\] NOTICE\[2754\] chan_sip.c: Registration from '"844" \' failed for '45.143.221.15:5469' - Wrong password \[2019-11-23 12:33:13\] SECURITY\[2765\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-23T12:33:13.420-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="844",SessionID="0x7f26c4ab1d88",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.1	2019-11-24 01:37:49
152.136.40.21	attack	Port scan on 4 port(s): 2375 2376 2377 4243	2019-11-24 01:37:35
113.172.191.34	attack	Nov 23 15:05:30 pl3server sshd[6637]: Address 113.172.191.34 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 23 15:05:30 pl3server sshd[6637]: Invalid user admin from 113.172.191.34 Nov 23 15:05:30 pl3server sshd[6637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.172.191.34 Nov 23 15:05:32 pl3server sshd[6637]: Failed password for invalid user admin from 113.172.191.34 port 43568 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=113.172.191.34	2019-11-24 01:08:06
14.134.203.63	attack	badbot	2019-11-24 01:03:22
190.22.180.45	attackspam	Nov 23 14:47:31 xxx sshd[21775]: Did not receive identification string from 190.22.180.45 port 46906 Nov 23 14:49:32 xxx sshd[21839]: Received disconnect from 190.22.180.45 port 48124:11: Bye Bye [preauth] Nov 23 14:49:32 xxx sshd[21839]: Disconnected from 190.22.180.45 port 48124 [preauth] Nov 23 15:06:46 xxx sshd[25566]: Invalid user admin from 190.22.180.45 port 50624 Nov 23 15:06:46 xxx sshd[25566]: Failed password for invalid user admin from 190.22.180.45 port 50624 ssh2 Nov 23 15:06:47 xxx sshd[25566]: Received disconnect from 190.22.180.45 port 50624:11: Bye Bye [preauth] Nov 23 15:06:47 xxx sshd[25566]: Disconnected from 190.22.180.45 port 50624 [preauth] Nov 23 15:09:27 xxx sshd[25651]: Invalid user ubuntu from 190.22.180.45 port 51402 Nov 23 15:09:27 xxx sshd[25651]: Failed password for invalid user ubuntu from 190.22.180.45 port 51402 ssh2 Nov 23 15:09:28 xxx sshd[25651]: Received disconnect from 190.22.180.45 port 51402:11: Bye Bye [preauth] Nov 23 15:09:28 ........ -------------------------------	2019-11-24 01:23:44
114.238.80.18	attack	Nov 23 15:06:55 nbi10206 sshd[11387]: Invalid user admin from 114.238.80.18 port 54463 Nov 23 15:06:58 nbi10206 sshd[11387]: Failed password for invalid user admin from 114.238.80.18 port 54463 ssh2 Nov 23 15:07:01 nbi10206 sshd[11393]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.238.80.18 user=r.r Nov 23 15:07:03 nbi10206 sshd[11393]: Failed password for r.r from 114.238.80.18 port 54505 ssh2 Nov 23 15:07:05 nbi10206 sshd[11393]: Failed password for r.r from 114.238.80.18 port 54505 ssh2 Nov 23 15:07:09 nbi10206 sshd[11393]: Failed password for r.r from 114.238.80.18 port 54505 ssh2 Nov 23 15:07:09 nbi10206 sshd[11393]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.238.80.18 user=r.r Nov 23 15:07:12 nbi10206 sshd[11466]: Invalid user enablediag from 114.238.80.18 port 54566 Nov 23 15:07:14 nbi10206 sshd[11466]: Failed password for invalid user enablediag from 114.238.80.18 port 54566........ -------------------------------	2019-11-24 01:17:33
106.57.22.160	attackbotsspam	badbot	2019-11-24 01:34:55
159.65.151.216	attackbotsspam	Nov 23 15:49:13 venus sshd\[1226\]: Invalid user ident from 159.65.151.216 port 36002 Nov 23 15:49:13 venus sshd\[1226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.151.216 Nov 23 15:49:14 venus sshd\[1226\]: Failed password for invalid user ident from 159.65.151.216 port 36002 ssh2 ...	2019-11-24 01:02:37

Recently Reported IPs

121.153.35.26	121.158.45.247	121.156.137.5	121.158.60.192
121.158.119.192	121.158.89.25	121.158.62.105	121.159.135.195
121.160.190.163	121.160.48.83	121.161.87.207	121.160.178.14
121.166.35.252	121.164.239.163	121.166.15.112	121.159.21.159
121.163.108.48	121.169.160.173	121.159.115.242	121.169.178.112