1.2.242.11 - IPInfo

Basic Info

City: Sam Ngam

Region: Phichit

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.2.242.0	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 24-02-2020 04:55:14.	2020-02-24 15:12:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.242.11
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43713
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.2.242.11.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 26 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 09:19:21 CST 2022
;; MSG SIZE  rcvd: 103

Host info

11.242.2.1.in-addr.arpa domain name pointer node-miz.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
11.242.2.1.in-addr.arpa	name = node-miz.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.236.160.25	attackspam	Sep 21 17:01:40 ssh2 sshd[36042]: User root from n119236160025.netvigator.com not allowed because not listed in AllowUsers Sep 21 17:01:40 ssh2 sshd[36042]: Failed password for invalid user root from 119.236.160.25 port 52207 ssh2 Sep 21 17:01:41 ssh2 sshd[36042]: Connection closed by invalid user root 119.236.160.25 port 52207 [preauth] ...	2020-09-22 12:40:06
116.59.25.190	attack	Time: Tue Sep 22 06:13:48 2020 +0200 IP: 116.59.25.190 (TW/Taiwan/116-59-25-190.emome-ip.hinet.net) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 22 06:10:38 3-1 sshd[56961]: Failed password for root from 116.59.25.190 port 36530 ssh2 Sep 22 06:12:26 3-1 sshd[57035]: Invalid user musicbot from 116.59.25.190 port 57912 Sep 22 06:12:29 3-1 sshd[57035]: Failed password for invalid user musicbot from 116.59.25.190 port 57912 ssh2 Sep 22 06:13:43 3-1 sshd[57138]: Invalid user jean from 116.59.25.190 port 47042 Sep 22 06:13:45 3-1 sshd[57138]: Failed password for invalid user jean from 116.59.25.190 port 47042 ssh2	2020-09-22 12:38:55
46.101.113.206	attack	(sshd) Failed SSH login from 46.101.113.206 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 21 22:10:54 elude sshd[14520]: Invalid user jay from 46.101.113.206 port 58246 Sep 21 22:10:56 elude sshd[14520]: Failed password for invalid user jay from 46.101.113.206 port 58246 ssh2 Sep 21 22:17:10 elude sshd[15430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.113.206 user=root Sep 21 22:17:12 elude sshd[15430]: Failed password for root from 46.101.113.206 port 41574 ssh2 Sep 21 22:24:58 elude sshd[16844]: Invalid user hassan from 46.101.113.206 port 51998	2020-09-22 08:25:07
103.147.184.131	attackspambots	Blocked by Sophos UTM Network Protection . / / proto=6 . srcport=48575 . dstport=3389 . (3214)	2020-09-22 08:28:43
128.199.66.223	attackbots	128.199.66.223 - - [21/Sep/2020:14:13:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.66.223 - - [21/Sep/2020:18:24:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 128.199.66.223 - - [21/Sep/2020:19:01:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-22 08:26:24
213.6.118.170	attackbots	Sep 21 23:19:15 hidden sshd[61520]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.6.118.170 Sep 21 23:19:17 hidden sshd[61520]: Failed password for invalid user speedtest from 213.6.118.170 port 48642 ssh2 Sep 21 23:23:15 hidden sshd[62428]: Invalid user admin3 from 213.6.118.170 port 59200	2020-09-22 08:30:52
165.22.82.120	attack	invalid user	2020-09-22 12:42:01
222.186.190.2	attack	Sep 22 04:40:46 localhost sshd[18816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Sep 22 04:40:48 localhost sshd[18816]: Failed password for root from 222.186.190.2 port 20612 ssh2 Sep 22 04:40:51 localhost sshd[18816]: Failed password for root from 222.186.190.2 port 20612 ssh2 Sep 22 04:40:46 localhost sshd[18816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Sep 22 04:40:48 localhost sshd[18816]: Failed password for root from 222.186.190.2 port 20612 ssh2 Sep 22 04:40:51 localhost sshd[18816]: Failed password for root from 222.186.190.2 port 20612 ssh2 Sep 22 04:40:46 localhost sshd[18816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Sep 22 04:40:48 localhost sshd[18816]: Failed password for root from 222.186.190.2 port 20612 ssh2 Sep 22 04:40:51 localhost sshd[18816]: Failed pas ...	2020-09-22 12:43:27
200.87.178.137	attackbots	Sep 21 20:39:43 pixelmemory sshd[1358966]: Invalid user report from 200.87.178.137 port 43208 Sep 21 20:39:43 pixelmemory sshd[1358966]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.87.178.137 Sep 21 20:39:43 pixelmemory sshd[1358966]: Invalid user report from 200.87.178.137 port 43208 Sep 21 20:39:46 pixelmemory sshd[1358966]: Failed password for invalid user report from 200.87.178.137 port 43208 ssh2 Sep 21 20:42:29 pixelmemory sshd[1362698]: Invalid user victor from 200.87.178.137 port 35802 ...	2020-09-22 12:15:09
51.210.107.15	attackbots	Sep 21 23:13:18 marvibiene sshd[35759]: Invalid user customer from 51.210.107.15 port 58764 Sep 21 23:13:18 marvibiene sshd[35759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.210.107.15 Sep 21 23:13:18 marvibiene sshd[35759]: Invalid user customer from 51.210.107.15 port 58764 Sep 21 23:13:20 marvibiene sshd[35759]: Failed password for invalid user customer from 51.210.107.15 port 58764 ssh2	2020-09-22 08:30:29
45.178.175.140	attackbotsspam	Unauthorized connection attempt from IP address 45.178.175.140 on Port 445(SMB)	2020-09-22 08:28:10
103.23.155.180	attackbotsspam	HTTP DDOS	2020-09-22 12:21:31
8.210.73.35	attackspam	8.210.73.35 - - [22/Sep/2020:01:10:54 +0100] "POST /wp-login.php HTTP/1.1" 200 2596 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 8.210.73.35 - - [22/Sep/2020:01:10:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 8.210.73.35 - - [22/Sep/2020:01:10:59 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-22 08:21:28
103.129.221.62	attackbotsspam	Sep 21 23:37:52 markkoudstaal sshd[13898]: Failed password for root from 103.129.221.62 port 49994 ssh2 Sep 21 23:42:20 markkoudstaal sshd[15242]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.129.221.62 Sep 21 23:42:23 markkoudstaal sshd[15242]: Failed password for invalid user test1 from 103.129.221.62 port 57982 ssh2 ...	2020-09-22 08:26:37
222.186.42.155	attackbots	2020-09-22T04:26:17.199302shield sshd\[30028\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root 2020-09-22T04:26:19.234872shield sshd\[30028\]: Failed password for root from 222.186.42.155 port 29726 ssh2 2020-09-22T04:26:21.659366shield sshd\[30028\]: Failed password for root from 222.186.42.155 port 29726 ssh2 2020-09-22T04:26:24.143228shield sshd\[30028\]: Failed password for root from 222.186.42.155 port 29726 ssh2 2020-09-22T04:26:27.401816shield sshd\[30037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.155 user=root	2020-09-22 12:27:47

Recently Reported IPs

1.2.242.108	1.2.246.69	1.2.246.9	1.2.246.97
1.2.246.99	1.2.247.111	1.2.247.119	1.2.247.137
1.2.247.150	159.202.175.28	1.2.247.154	1.2.247.19
1.2.247.235	1.2.247.6	109.176.156.8	1.2.247.79
1.2.248.108	1.2.248.114	1.2.248.14	1.2.248.145