1.2.200.106 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.2.200.49	attack	2. On May 18 2020 experienced a Brute Force SSH login attempt -> 1 unique times by 1.2.200.49.	2020-05-20 18:40:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.200.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23993
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.2.200.106.			IN	A

;; AUTHORITY SECTION:
.			172	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 11:38:48 CST 2022
;; MSG SIZE  rcvd: 104

Host info

106.200.2.1.in-addr.arpa domain name pointer node-eay.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.200.2.1.in-addr.arpa	name = node-eay.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.220.102.4	attackspambots	Sep 6 10:05:38 nas sshd[28415]: Failed password for root from 185.220.102.4 port 41859 ssh2 Sep 6 10:05:43 nas sshd[28415]: Failed password for root from 185.220.102.4 port 41859 ssh2 Sep 6 10:05:47 nas sshd[28415]: Failed password for root from 185.220.102.4 port 41859 ssh2 Sep 6 10:05:50 nas sshd[28415]: Failed password for root from 185.220.102.4 port 41859 ssh2 ...	2020-09-06 17:22:08
190.145.78.212	attack	TCP (SYN) 190.145.78.212:7905 -> port 445, len 52	2020-09-06 16:58:19
190.107.22.162	attack	Unauthorised access (Sep 6) SRC=190.107.22.162 LEN=52 TTL=116 ID=29128 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Sep 5) SRC=190.107.22.162 LEN=52 TTL=116 ID=19589 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-06 16:48:20
115.79.62.162	attackspam	Honeypot attack, port: 445, PTR: adsl.viettel.vn.	2020-09-06 16:56:59
199.76.38.123	attack	$f2bV_matches	2020-09-06 17:16:57
111.40.91.117	attackspam	Auto Detect Rule! proto TCP (SYN), 111.40.91.117:25885->gjan.info:23, len 40	2020-09-06 17:11:45
218.92.0.246	attack	Sep 6 11:16:23 sso sshd[31116]: Failed password for root from 218.92.0.246 port 28725 ssh2 Sep 6 11:16:33 sso sshd[31116]: Failed password for root from 218.92.0.246 port 28725 ssh2 ...	2020-09-06 17:21:10
178.46.214.199	attackbots	23/tcp [2020-09-06]1pkt	2020-09-06 17:01:59
190.217.68.7	attack	Unauthorized connection attempt from IP address 190.217.68.7 on Port 445(SMB)	2020-09-06 17:10:45
194.26.25.108	attack	2020-09-05 17:50:10 Reject access to port(s):3389 1 times a day	2020-09-06 17:07:29
46.185.161.207	attackbotsspam	Unauthorized connection attempt from IP address 46.185.161.207 on Port 445(SMB)	2020-09-06 17:11:02
101.89.92.230	attackspambots	Lines containing failures of 101.89.92.230 Sep 3 04:00:56 shared01 sshd[11678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.92.230 user=r.r Sep 3 04:00:58 shared01 sshd[11678]: Failed password for r.r from 101.89.92.230 port 44058 ssh2 Sep 3 04:00:59 shared01 sshd[11678]: Received disconnect from 101.89.92.230 port 44058:11: Bye Bye [preauth] Sep 3 04:00:59 shared01 sshd[11678]: Disconnected from authenticating user r.r 101.89.92.230 port 44058 [preauth] Sep 3 04:17:14 shared01 sshd[16636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.89.92.230 user=r.r Sep 3 04:17:15 shared01 sshd[16636]: Failed password for r.r from 101.89.92.230 port 41728 ssh2 Sep 3 04:17:15 shared01 sshd[16636]: Received disconnect from 101.89.92.230 port 41728:11: Bye Bye [preauth] Sep 3 04:17:15 shared01 sshd[16636]: Disconnected from authenticating user r.r 101.89.92.230 port 41728 [preauth........ ------------------------------	2020-09-06 17:01:33
88.156.122.72	attackbots	2020-09-06T09:34:12.465069lavrinenko.info sshd[22148]: Failed password for invalid user msfadmin from 88.156.122.72 port 56546 ssh2 2020-09-06T09:38:12.572435lavrinenko.info sshd[22313]: Invalid user admin from 88.156.122.72 port 41726 2020-09-06T09:38:12.579544lavrinenko.info sshd[22313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.156.122.72 2020-09-06T09:38:12.572435lavrinenko.info sshd[22313]: Invalid user admin from 88.156.122.72 port 41726 2020-09-06T09:38:14.095975lavrinenko.info sshd[22313]: Failed password for invalid user admin from 88.156.122.72 port 41726 ssh2 ...	2020-09-06 16:59:45
36.92.81.189	attackbotsspam	Unauthorized connection attempt from IP address 36.92.81.189 on Port 445(SMB)	2020-09-06 17:18:17
128.14.133.58	attackbots	[-]:443 128.14.133.58 - - [06/Sep/2020:10:38:06 +0200] "GET /cgi-bin/config.exp HTTP/1.1" 404 15149 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"	2020-09-06 17:06:20

Recently Reported IPs

1.2.200.11	1.2.2.1	177.61.180.244	1.2.200.138
1.2.200.125	1.2.200.126	1.2.200.133	1.2.200.14
1.2.200.119	103.3.2.86	1.2.200.130	1.2.201.37
1.2.201.39	1.2.201.35	1.2.201.42	1.2.201.48
1.2.201.58	1.2.201.5	1.2.201.46	1.2.200.141