1.2.205.139 - IPInfo

Basic Info

City: Tak

Region: Tak

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.2.205.20	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 20-12-2019 14:50:17.	2019-12-21 04:02:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.205.139
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1763
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.2.205.139.			IN	A

;; AUTHORITY SECTION:
.			40	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 09:08:48 CST 2022
;; MSG SIZE  rcvd: 104

Host info

139.205.2.1.in-addr.arpa domain name pointer node-fbf.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
139.205.2.1.in-addr.arpa	name = node-fbf.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.144.127	attackbotsspam	" "	2020-06-08 17:15:18
128.201.235.28	attack	Brute force attempt	2020-06-08 17:42:09
167.71.91.159	attackbots	anthonynielsen@inbox.lt Received: from AM7EUR06HT012.eop-eur06.prod.protection.outlook.com (2603:10b6:208:23e::19) by MN2PR16MB2861.namprd16.prod.outlook.com with HTTPS via MN2PR14CA0014.NAMPRD14.PROD.OUTLOOK.COM; Fri, 5 Jun 2020 19:00:58 +0000 Received: from AM7EUR06FT053.eop-eur06.prod.protection.outlook.com (2a01:111:e400:fc36::41) by AM7EUR06HT012.eop-eur06.prod.protection.outlook.com (2a01:111:e400:fc36::180) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3066.18; Fri, 5 Jun 2020 19:00:57 +0000 Authentication-Results: spf=softfail (sender IP is 167.71.91.159)	2020-06-08 17:41:41
152.136.108.226	attackspambots	Jun 8 03:42:52 ns3033917 sshd[28737]: Failed password for root from 152.136.108.226 port 44068 ssh2 Jun 8 03:48:11 ns3033917 sshd[28794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.108.226 user=root Jun 8 03:48:13 ns3033917 sshd[28794]: Failed password for root from 152.136.108.226 port 46874 ssh2 ...	2020-06-08 17:43:34
54.37.136.213	attackbots	2020-06-08T08:33:58.822952struts4.enskede.local sshd\[26465\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.213 user=root 2020-06-08T08:34:01.737170struts4.enskede.local sshd\[26465\]: Failed password for root from 54.37.136.213 port 59462 ssh2 2020-06-08T08:38:14.740661struts4.enskede.local sshd\[26504\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.213 user=root 2020-06-08T08:38:18.376647struts4.enskede.local sshd\[26504\]: Failed password for root from 54.37.136.213 port 34030 ssh2 2020-06-08T08:42:22.480907struts4.enskede.local sshd\[26546\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.136.213 user=root ...	2020-06-08 17:23:02
93.70.165.245	attack	Unauthorized connection attempt detected from IP address 93.70.165.245 to port 80	2020-06-08 17:52:42
107.175.92.118	attack	7,32-07/07 [bc04/m105] PostRequest-Spammer scoring: essen	2020-06-08 17:18:46
98.220.134.161	attackbots	Jun 8 10:22:20 gestao sshd[12968]: Failed password for root from 98.220.134.161 port 39834 ssh2 Jun 8 10:25:55 gestao sshd[13056]: Failed password for root from 98.220.134.161 port 43312 ssh2 ...	2020-06-08 17:46:15
119.96.173.202	attackspambots	2020-06-08T06:09:00.858920randservbullet-proofcloud-66.localdomain sshd[19127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.173.202 user=root 2020-06-08T06:09:02.154296randservbullet-proofcloud-66.localdomain sshd[19127]: Failed password for root from 119.96.173.202 port 37064 ssh2 2020-06-08T06:14:59.343033randservbullet-proofcloud-66.localdomain sshd[19184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.173.202 user=root 2020-06-08T06:15:01.921796randservbullet-proofcloud-66.localdomain sshd[19184]: Failed password for root from 119.96.173.202 port 40410 ssh2 ...	2020-06-08 17:10:31
192.99.13.186	attackspam	20 attempts against mh-misbehave-ban on twig	2020-06-08 17:33:08
103.42.58.102	attackbots	"www/wp-includes/wlwmanifest.xml"_	2020-06-08 17:34:26
219.79.154.75	attack	Port Scan	2020-06-08 17:28:33
185.24.233.37	attackspambots	Jun 8 10:44:51 mail postfix/smtpd\[6267\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 8 10:46:14 mail postfix/smtpd\[6267\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 8 10:58:07 mail postfix/smtpd\[6692\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Jun 8 11:38:06 mail postfix/smtpd\[7857\]: warning: unknown\[185.24.233.37\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2020-06-08 17:47:53
195.54.167.120	attack	TCP (SYN) 195.54.167.120:43039 -> port 1070, len 44	2020-06-08 17:41:20
59.127.50.130	attackbots	TW_MAINT-TW-TWNIC_<177>1591588134 [1:2403402:57811] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 52 [Classification: Misc Attack] [Priority: 2]: {TCP} 59.127.50.130:15675	2020-06-08 17:16:30

Recently Reported IPs

1.2.205.137	1.2.205.14	1.2.205.143	1.2.205.144
1.2.205.155	1.2.205.159	1.2.205.17	1.2.205.174
1.2.205.176	1.2.205.183	1.2.205.186	1.2.205.188
1.2.205.190	1.2.205.192	1.2.205.195	1.2.205.196
1.2.205.198	1.2.205.201	1.2.205.203	1.2.205.208