1.2.205.42 - IPInfo

Basic Info

City: Tak

Region: Tak

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.2.205.20	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 20-12-2019 14:50:17.	2019-12-21 04:02:04

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.205.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52030
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.2.205.42.			IN	A

;; AUTHORITY SECTION:
.			434	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 09:11:31 CST 2022
;; MSG SIZE  rcvd: 103

Host info

42.205.2.1.in-addr.arpa domain name pointer node-f8q.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
42.205.2.1.in-addr.arpa	name = node-f8q.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
85.194.102.234	attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-07-06 07:56:28
5.132.115.161	attack	SSH Brute-Forcing (server2)	2020-07-06 07:45:08
92.246.84.185	attack	[2020-07-05 18:58:18] NOTICE[1197][C-00001eac] chan_sip.c: Call from '' (92.246.84.185:56192) to extension '701246812111513' rejected because extension not found in context 'public'. [2020-07-05 18:58:18] SECURITY[1214] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-05T18:58:18.835-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="701246812111513",SessionID="0x7f6d2806bc78",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/92.246.84.185/56192",ACLName="no_extension_match" [2020-07-05 19:01:05] NOTICE[1197][C-00001eb1] chan_sip.c: Call from '' (92.246.84.185:54049) to extension '801246462607509' rejected because extension not found in context 'public'. [2020-07-05 19:01:05] SECURITY[1214] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-07-05T19:01:05.434-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="801246462607509",SessionID="0x7f6d2833d578",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/ ...	2020-07-06 07:21:14
117.50.36.137	attackbots	Jul 6 02:39:23 journals sshd\[105067\]: Invalid user ftpuser from 117.50.36.137 Jul 6 02:39:23 journals sshd\[105067\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.36.137 Jul 6 02:39:26 journals sshd\[105067\]: Failed password for invalid user ftpuser from 117.50.36.137 port 56080 ssh2 Jul 6 02:43:25 journals sshd\[105656\]: Invalid user t7inst from 117.50.36.137 Jul 6 02:43:25 journals sshd\[105656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.36.137 ...	2020-07-06 07:57:11
157.230.61.132	attackbots	Invalid user demo from 157.230.61.132 port 33660	2020-07-06 07:18:05
106.54.222.51	attackbots	Lines containing failures of 106.54.222.51 Jun 29 05:25:33 viking sshd[2635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.222.51 user=r.r Jun 29 05:25:35 viking sshd[2635]: Failed password for r.r from 106.54.222.51 port 39374 ssh2 Jun 29 05:25:36 viking sshd[2635]: Received disconnect from 106.54.222.51 port 39374:11: Bye Bye [preauth] Jun 29 05:25:36 viking sshd[2635]: Disconnected from authenticating user r.r 106.54.222.51 port 39374 [preauth] Jun 29 07:14:22 viking sshd[520]: Invalid user matt from 106.54.222.51 port 44010 Jun 29 07:14:22 viking sshd[520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.222.51 Jun 29 07:14:24 viking sshd[520]: Failed password for invalid user matt from 106.54.222.51 port 44010 ssh2 Jun 29 07:14:25 viking sshd[520]: Received disconnect from 106.54.222.51 port 44010:11: Bye Bye [preauth] Jun 29 07:14:25 viking sshd[520]: Disconnected fro........ ------------------------------	2020-07-06 07:44:46
49.235.108.216	attack	Jul 5 23:45:42 sip sshd[2539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.108.216 Jul 5 23:45:44 sip sshd[2539]: Failed password for invalid user yanglin from 49.235.108.216 port 48686 ssh2 Jul 5 23:55:34 sip sshd[6216]: Failed password for root from 49.235.108.216 port 59690 ssh2	2020-07-06 07:18:44
122.51.18.119	attackbots	Jul 6 01:27:06 melroy-server sshd[23125]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.18.119 Jul 6 01:27:07 melroy-server sshd[23125]: Failed password for invalid user guest from 122.51.18.119 port 39278 ssh2 ...	2020-07-06 07:56:40
218.92.0.251	attackbots	Jul 5 23:31:01 scw-tender-jepsen sshd[7075]: Failed password for root from 218.92.0.251 port 14524 ssh2 Jul 5 23:31:04 scw-tender-jepsen sshd[7075]: Failed password for root from 218.92.0.251 port 14524 ssh2	2020-07-06 07:34:26
49.88.112.60	attack	Jul 6 01:33:28 server sshd[30491]: Failed password for root from 49.88.112.60 port 15585 ssh2 Jul 6 01:33:31 server sshd[30491]: Failed password for root from 49.88.112.60 port 15585 ssh2 Jul 6 01:33:33 server sshd[30491]: Failed password for root from 49.88.112.60 port 15585 ssh2	2020-07-06 07:48:55
61.177.172.128	attackbots	Jul 6 01:50:41 PorscheCustomer sshd[21547]: Failed password for root from 61.177.172.128 port 57892 ssh2 Jul 6 01:50:53 PorscheCustomer sshd[21547]: error: maximum authentication attempts exceeded for root from 61.177.172.128 port 57892 ssh2 [preauth] Jul 6 01:50:59 PorscheCustomer sshd[21552]: Failed password for root from 61.177.172.128 port 19789 ssh2 ...	2020-07-06 07:55:15
189.207.100.74	attack	Automatic report - Port Scan Attack	2020-07-06 07:14:16
193.228.91.109	attackbots	2020-07-06T01:38:19.389369mail.broermann.family sshd[32459]: Failed password for root from 193.228.91.109 port 39706 ssh2 2020-07-06T01:38:35.814819mail.broermann.family sshd[32478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.91.109 user=root 2020-07-06T01:38:37.288789mail.broermann.family sshd[32478]: Failed password for root from 193.228.91.109 port 47066 ssh2 2020-07-06T01:38:54.013571mail.broermann.family sshd[32496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.91.109 user=root 2020-07-06T01:38:55.627699mail.broermann.family sshd[32496]: Failed password for root from 193.228.91.109 port 54888 ssh2 ...	2020-07-06 07:39:00
141.98.81.208	attackspam	Jul 5 23:46:27 *** sshd[32075]: Invalid user Administrator from 141.98.81.208	2020-07-06 07:51:24
152.32.216.191	attackspambots	21 attempts against mh-ssh on grass	2020-07-06 07:50:52

Recently Reported IPs

1.2.205.41	1.2.205.46	1.2.205.48	1.2.205.5
88.42.235.198	1.2.205.50	1.2.205.58	1.2.205.60
1.2.205.62	1.2.205.66	1.2.205.69	1.2.205.7
1.2.205.71	1.2.205.74	1.2.205.8	106.46.126.119
1.2.205.80	1.2.205.85	1.2.205.93	1.2.205.94