121.157.1.20 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea Republic of

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
121.157.146.57	attack	Port probing on unauthorized port 23	2020-05-30 06:07:13
121.157.107.22	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-05-11 04:10:29
121.157.134.23	attackbots	Unauthorized connection attempt detected from IP address 121.157.134.23 to port 23 [J]	2020-02-23 18:01:36
121.157.186.96	attackbots	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-02-04 18:21:28
121.157.186.96	attackspambots	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-01-07 20:23:51
121.157.186.96	attack	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-01-06 21:04:42
121.157.186.96	attackspambots	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23 [J]	2020-01-06 04:18:37
121.157.186.96	attackbotsspam	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23	2019-12-30 03:05:39
121.157.186.96	attackbotsspam	Unauthorized connection attempt detected from IP address 121.157.186.96 to port 23	2019-12-29 19:21:37
121.157.186.96	attackspam	Unauthorised access (Oct 18) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 18) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 16) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 15) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 15) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN	2019-10-19 05:13:09
121.157.186.96	attack	Unauthorised access (Oct 15) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN Unauthorised access (Oct 14) SRC=121.157.186.96 LEN=40 TTL=53 ID=1452 TCP DPT=23 WINDOW=58663 SYN	2019-10-15 13:57:51
121.157.186.96	attackspam	Sep 21 05:53:48 h2177944 kernel: \[1914389.116177\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:48 h2177944 kernel: \[1914389.243579\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:49 h2177944 kernel: \[1914389.460719\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:49 h2177944 kernel: \[1914389.481178\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=51 ID=40058 PROTO=TCP SPT=6599 DPT=23 WINDOW=58663 RES=0x00 SYN URGP=0 Sep 21 05:53:49 h2177944 kernel: \[1914389.562125\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=121.157.186.96 DST=85.214.117.9 LEN=40	2019-09-21 14:32:18
121.157.186.96	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-09-07 20:33:58
121.157.186.96	attackspam	Telnetd brute force attack detected by fail2ban	2019-07-16 09:58:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.157.1.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2782
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;121.157.1.20.			IN	A

;; AUTHORITY SECTION:
.			35	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021300 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 14:12:39 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 20.1.157.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.1.157.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.203.14.170	attackbots	Unauthorised access (Nov 8) SRC=193.203.14.170 LEN=40 TOS=0x08 PREC=0x20 TTL=235 ID=32043 TCP DPT=1433 WINDOW=1024 SYN	2019-11-08 08:19:50
52.203.165.82	attackspam	Automatic report - XMLRPC Attack	2019-11-08 08:13:33
178.62.23.108	attack	2019-11-07T23:47:15.061338abusebot-8.cloudsearch.cf sshd\[4705\]: Invalid user admin from 178.62.23.108 port 41894	2019-11-08 08:32:54
139.199.35.66	attackbotsspam	$f2bV_matches	2019-11-08 08:05:05
81.192.159.130	attack	Nov 7 16:06:25 XXX sshd[57486]: Invalid user User from 81.192.159.130 port 48624	2019-11-08 08:21:10
61.76.169.138	attackspambots	Nov 8 00:07:47 web8 sshd\[22550\]: Invalid user password from 61.76.169.138 Nov 8 00:07:47 web8 sshd\[22550\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.169.138 Nov 8 00:07:49 web8 sshd\[22550\]: Failed password for invalid user password from 61.76.169.138 port 31373 ssh2 Nov 8 00:12:09 web8 sshd\[24640\]: Invalid user zhizhe from 61.76.169.138 Nov 8 00:12:09 web8 sshd\[24640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.76.169.138	2019-11-08 08:38:24
178.32.121.145	attack	Automatic report - XMLRPC Attack	2019-11-08 08:31:47
106.12.22.23	attack	web-1 [ssh_2] SSH Attack	2019-11-08 08:25:01
45.95.55.12	attackspam	Nov 4 08:56:46 reporting1 sshd[31793]: Address 45.95.55.12 maps to 45.95.55.12.linkways.de, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 4 08:56:46 reporting1 sshd[31793]: Invalid user knoxville from 45.95.55.12 Nov 4 08:56:46 reporting1 sshd[31793]: Failed password for invalid user knoxville from 45.95.55.12 port 58457 ssh2 Nov 4 09:13:23 reporting1 sshd[9301]: Address 45.95.55.12 maps to 45.95.55.12.linkways.de, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 4 09:13:23 reporting1 sshd[9301]: User r.r from 45.95.55.12 not allowed because not listed in AllowUsers Nov 4 09:13:23 reporting1 sshd[9301]: Failed password for invalid user r.r from 45.95.55.12 port 54813 ssh2 Nov 4 09:16:55 reporting1 sshd[11109]: Address 45.95.55.12 maps to 45.95.55.12.linkways.de, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Nov 4 09:16:55 reporting1 sshd[11109]: Invalid user terminfo from 45.95.55.12........ -------------------------------	2019-11-08 08:31:18
93.185.104.26	attackspambots	Automatic report - XMLRPC Attack	2019-11-08 08:13:55
129.122.16.156	attackspambots	Nov 8 00:23:34 lnxded64 sshd[15102]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.122.16.156	2019-11-08 08:26:46
111.199.13.197	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.199.13.197/ CN - 1H : (431) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4808 IP : 111.199.13.197 CIDR : 111.199.0.0/18 PREFIX COUNT : 1972 UNIQUE IP COUNT : 6728192 ATTACKS DETECTED ASN4808 : 1H - 1 3H - 2 6H - 6 12H - 10 24H - 32 DateTime : 2019-11-07 23:42:04 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-08 08:24:19
132.232.74.106	attack	Nov 8 00:45:13 icinga sshd[23907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.74.106 Nov 8 00:45:15 icinga sshd[23907]: Failed password for invalid user saxon from 132.232.74.106 port 38710 ssh2 ...	2019-11-08 08:38:56
139.198.189.36	attackbotsspam	Nov 8 00:54:51 tux-35-217 sshd\[8729\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.189.36 user=root Nov 8 00:54:53 tux-35-217 sshd\[8729\]: Failed password for root from 139.198.189.36 port 39572 ssh2 Nov 8 00:59:26 tux-35-217 sshd\[8764\]: Invalid user sybase from 139.198.189.36 port 46186 Nov 8 00:59:26 tux-35-217 sshd\[8764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.189.36 ...	2019-11-08 08:20:23
109.106.139.225	attack	109.106.139.225 has been banned for [spam] ...	2019-11-08 08:11:00

Recently Reported IPs

121.153.35.26	121.158.45.247	121.156.137.5	121.158.60.192
121.158.119.192	121.158.89.25	121.158.62.105	121.159.135.195
121.160.190.163	121.160.48.83	121.161.87.207	121.160.178.14
121.166.35.252	121.164.239.163	121.166.15.112	121.159.21.159
121.163.108.48	121.169.160.173	121.159.115.242	121.169.178.112