138.91.11.214 - IPInfo

Basic Info

City: Tokyo

Region: Tokyo

Country: Japan

Internet Service Provider: unknown

Hostname: unknown

Organization: Microsoft Corporation

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
138.91.113.179	attackbots	5x Failed Password	2020-07-15 02:15:43
138.91.116.219	attackbots	Jul 14 16:37:58 piServer sshd[3711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.116.219 Jul 14 16:38:01 piServer sshd[3711]: Failed password for invalid user admin1 from 138.91.116.219 port 64120 ssh2 Jul 14 16:38:03 piServer sshd[3720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.116.219 ...	2020-07-14 22:55:18
138.91.116.219	attack	Jul 11 06:46:57 backup sshd[30012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.116.219 Jul 11 06:46:59 backup sshd[30012]: Failed password for invalid user admin1 from 138.91.116.219 port 57539 ssh2 ...	2020-07-11 16:53:28
138.91.113.179	attackbotsspam	Lines containing failures of 138.91.113.179 Jun 25 08:30:48 mellenthin sshd[21010]: User r.r from 138.91.113.179 not allowed because not listed in AllowUsers Jun 25 08:30:48 mellenthin sshd[21010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.113.179 user=r.r Jun 25 08:30:49 mellenthin sshd[21010]: Failed password for invalid user r.r from 138.91.113.179 port 60198 ssh2 Jun 25 08:30:49 mellenthin sshd[21010]: Received disconnect from 138.91.113.179 port 60198:11: Client disconnecting normally [preauth] Jun 25 08:30:49 mellenthin sshd[21010]: Disconnected from invalid user r.r 138.91.113.179 port 60198 [preauth] Jun 29 05:56:39 mellenthin sshd[17665]: User r.r from 138.91.113.179 not allowed because not listed in AllowUsers Jun 29 05:56:39 mellenthin sshd[17665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.113.179 user=r.r Jun 29 05:56:40 mellenthin sshd[17665]: Failed p........ ------------------------------	2020-06-30 01:24:08
138.91.113.179	attack	Jun 29 07:49:30 vps333114 sshd[18977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.91.113.179 user=root Jun 29 07:49:32 vps333114 sshd[18977]: Failed password for root from 138.91.113.179 port 55489 ssh2 ...	2020-06-29 13:54:42

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 138.91.11.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43995
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;138.91.11.214.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080502 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 03:27:28 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 214.11.91.138.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 214.11.91.138.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
34.97.100.10	attackbots	Unauthorized connection attempt detected from IP address 34.97.100.10 to port 2220 [J]	2020-01-28 07:38:46
91.197.64.60	attackspam	2019-01-31 15:27:41 H=\(nat33.teleconnect.ru\) \[91.197.64.60\]:20870 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-31 15:27:56 H=\(nat33.teleconnect.ru\) \[91.197.64.60\]:21145 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-01-31 15:28:05 H=\(nat33.teleconnect.ru\) \[91.197.64.60\]:21328 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-01-28 07:27:28
165.22.98.242	attackbotsspam	Invalid user johannes from 165.22.98.242 port 42124	2020-01-28 07:26:39
96.126.103.73	attackspambots	Unauthorized connection attempt detected from IP address 96.126.103.73 to port 2082 [J]	2020-01-28 07:12:54
187.163.100.128	attackbotsspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-28 07:32:22
63.81.87.133	attackspam	Jan 27 20:38:31 grey postfix/smtpd\[32484\]: NOQUEUE: reject: RCPT from situate.jcnovel.com\[63.81.87.133\]: 554 5.7.1 Service unavailable\; Client host \[63.81.87.133\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[63.81.87.133\]\; from=\ to=\ proto=ESMTP helo=\ ...	2020-01-28 07:44:02
67.207.89.137	attack	ZTE Router Exploit Scanner	2020-01-28 07:11:44
46.18.201.133	attackbots	Honeypot attack, port: 445, PTR: broadband-jnn-46-18-201-133.clients.kubtel.ru.	2020-01-28 07:30:49
91.190.25.13	attackspambots	2019-04-21 16:32:31 1hIDWA-0008RU-T5 SMTP connection from dhclient-91-190-25-13.flashcable.ch \[91.190.25.13\]:37458 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-21 16:33:13 1hIDWp-0008SJ-A4 SMTP connection from dhclient-91-190-25-13.flashcable.ch \[91.190.25.13\]:37636 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-04-21 16:33:41 1hIDXH-0008T6-UK SMTP connection from dhclient-91-190-25-13.flashcable.ch \[91.190.25.13\]:37775 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 07:37:50
138.197.222.141	attackbots	Jan 27 22:27:27 124388 sshd[17241]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 user=root Jan 27 22:27:29 124388 sshd[17241]: Failed password for root from 138.197.222.141 port 37130 ssh2 Jan 27 22:28:39 124388 sshd[17252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.222.141 user=root Jan 27 22:28:41 124388 sshd[17252]: Failed password for root from 138.197.222.141 port 49594 ssh2 Jan 27 22:29:53 124388 sshd[17254]: Invalid user bg from 138.197.222.141 port 33826	2020-01-28 07:36:47
212.64.89.221	attackbotsspam	Unauthorized connection attempt detected from IP address 212.64.89.221 to port 2220 [J]	2020-01-28 07:25:55
91.191.41.234	attack	2019-07-06 23:34:56 1hjsKc-0004Pg-L2 SMTP connection from \(41.191.91.si234.zona.ba\) \[91.191.41.234\]:22282 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 23:35:00 1hjsKh-0004Pp-5J SMTP connection from \(41.191.91.si234.zona.ba\) \[91.191.41.234\]:22326 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-07-06 23:35:02 1hjsKj-0004Pq-P3 SMTP connection from \(41.191.91.si234.zona.ba\) \[91.191.41.234\]:22348 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-01-28 07:32:53
123.207.78.83	attack	Jan 27 14:05:07 : SSH login attempts with invalid user	2020-01-28 07:42:23
189.209.135.101	attackbotsspam	445/tcp [2020-01-27]1pkt	2020-01-28 07:22:15
176.113.115.50	attackbotsspam	firewall-block, port(s): 6500/tcp, 9300/tcp, 9400/tcp, 13390/tcp, 13391/tcp	2020-01-28 07:25:02

Recently Reported IPs

87.26.22.220	116.2.253.143	49.71.27.198	198.4.25.130
195.63.201.75	81.44.196.155	81.26.153.190	122.200.43.236
99.44.77.165	204.164.65.76	157.93.241.77	38.210.85.190
146.6.187.95	27.143.216.37	131.162.103.39	147.2.140.126
160.10.48.110	72.217.252.75	180.3.105.152	143.45.158.208