1.20.189.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.189.111	attackspam	Unauthorized connection attempt detected from IP address 1.20.189.111 to port 445	2020-01-02 22:47:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.189.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4960
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.189.2.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 20:24:52 CST 2022
;; MSG SIZE  rcvd: 103

Host info

Host 2.189.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.189.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
69.94.151.27	attack	Jun 2 13:48:39 mail.srvfarm.net postfix/smtpd[1211324]: NOQUEUE: reject: RCPT from unknown[69.94.151.27]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 2 13:49:36 mail.srvfarm.net postfix/smtpd[1211325]: NOQUEUE: reject: RCPT from unknown[69.94.151.27]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 2 13:52:48 mail.srvfarm.net postfix/smtpd[1211324]: NOQUEUE: reject: RCPT from unknown[69.94.151.27]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 2 13:57:30 mail.srvfarm.net postfix/smtpd[1211323]: NOQUEUE: reject: RCPT from unknown[69.94.151.27]: 45	2020-06-02 23:42:59
193.112.163.159	attackbotsspam	Jun 2 16:23:49 sip sshd[509239]: Failed password for root from 193.112.163.159 port 49566 ssh2 Jun 2 16:28:30 sip sshd[509279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.163.159 user=root Jun 2 16:28:32 sip sshd[509279]: Failed password for root from 193.112.163.159 port 39336 ssh2 ...	2020-06-02 23:28:58
69.94.135.195	attackspam	Jun 2 13:46:57 mail.srvfarm.net postfix/smtpd[1211070]: NOQUEUE: reject: RCPT from unknown[69.94.135.195]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 2 13:46:58 mail.srvfarm.net postfix/smtpd[1209266]: NOQUEUE: reject: RCPT from unknown[69.94.135.195]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 2 13:47:19 mail.srvfarm.net postfix/smtpd[1203832]: NOQUEUE: reject: RCPT from unknown[69.94.135.195]: 450 4.1.8 : Sender address rejected: Domain not found; from= to= proto=ESMTP helo= Jun 2 13:48:06 mail.srvfarm.net postfix/smtpd[1211325]: NOQUEUE: reject: RCPT from unknown[69.94.135.195]: 450 4.1.8	2020-06-02 23:43:30
222.186.175.217	attackbots	Jun 2 17:46:01 ArkNodeAT sshd\[30517\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root Jun 2 17:46:03 ArkNodeAT sshd\[30517\]: Failed password for root from 222.186.175.217 port 55522 ssh2 Jun 2 17:46:16 ArkNodeAT sshd\[30517\]: Failed password for root from 222.186.175.217 port 55522 ssh2	2020-06-02 23:46:36
171.80.97.180	attackbotsspam	SASL broute force	2020-06-02 23:25:12
91.238.103.49	attack	Jun 2 07:31:45 mxgate1 sshd[22710]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.238.103.49 user=r.r Jun 2 07:31:47 mxgate1 sshd[22710]: Failed password for r.r from 91.238.103.49 port 44256 ssh2 Jun 2 07:31:47 mxgate1 sshd[22710]: Received disconnect from 91.238.103.49 port 44256:11: Bye Bye [preauth] Jun 2 07:31:47 mxgate1 sshd[22710]: Disconnected from 91.238.103.49 port 44256 [preauth] Jun 2 07:46:06 mxgate1 sshd[23214]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.238.103.49 user=r.r Jun 2 07:46:08 mxgate1 sshd[23214]: Failed password for r.r from 91.238.103.49 port 53900 ssh2 Jun 2 07:46:08 mxgate1 sshd[23214]: Received disconnect from 91.238.103.49 port 53900:11: Bye Bye [preauth] Jun 2 07:46:08 mxgate1 sshd[23214]: Disconnected from 91.238.103.49 port 53900 [preauth] Jun 2 07:49:41 mxgate1 sshd[23263]: pam_unix(sshd:auth): authentication failure; logname= uid=0........ -------------------------------	2020-06-02 23:21:35
128.199.133.143	attackspam	Jun 2 15:09:04 server sshd[646]: Failed password for root from 128.199.133.143 port 34306 ssh2 Jun 2 15:13:11 server sshd[4350]: Failed password for root from 128.199.133.143 port 38518 ssh2 Jun 2 15:17:30 server sshd[8059]: Failed password for root from 128.199.133.143 port 42730 ssh2	2020-06-02 23:55:26
206.189.87.108	attackspam	Jun 2 06:02:10 dignus sshd[3627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.87.108 user=root Jun 2 06:02:12 dignus sshd[3627]: Failed password for root from 206.189.87.108 port 38420 ssh2 Jun 2 06:05:55 dignus sshd[3951]: Invalid user tie from 206.189.87.108 port 36004 Jun 2 06:05:55 dignus sshd[3951]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.189.87.108 Jun 2 06:05:57 dignus sshd[3951]: Failed password for invalid user tie from 206.189.87.108 port 36004 ssh2 ...	2020-06-02 23:50:24
169.149.241.60	attack	Icarus honeypot on github	2020-06-02 23:26:46
201.235.19.122	attackspambots	Jun 2 12:50:14 localhost sshd[45253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122-19-235-201.fibertel.com.ar user=root Jun 2 12:50:16 localhost sshd[45253]: Failed password for root from 201.235.19.122 port 37031 ssh2 Jun 2 12:54:48 localhost sshd[45802]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122-19-235-201.fibertel.com.ar user=root Jun 2 12:54:50 localhost sshd[45802]: Failed password for root from 201.235.19.122 port 39534 ssh2 Jun 2 12:59:21 localhost sshd[46391]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122-19-235-201.fibertel.com.ar user=root Jun 2 12:59:23 localhost sshd[46391]: Failed password for root from 201.235.19.122 port 42028 ssh2 ...	2020-06-02 23:39:44
208.115.109.144	attackspambots	20 attempts against mh_ha-misbehave-ban on oak	2020-06-02 23:44:40
181.48.23.154	attackspambots	May 26 02:46:20 v2202003116398111542 sshd[11934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.48.23.154 user=root	2020-06-02 23:22:46
80.211.59.57	attackspam	Jun 2 13:48:28 ns382633 sshd\[8876\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.59.57 user=root Jun 2 13:48:30 ns382633 sshd\[8876\]: Failed password for root from 80.211.59.57 port 45770 ssh2 Jun 2 14:00:40 ns382633 sshd\[11583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.59.57 user=root Jun 2 14:00:42 ns382633 sshd\[11583\]: Failed password for root from 80.211.59.57 port 54406 ssh2 Jun 2 14:05:35 ns382633 sshd\[12555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.59.57 user=root	2020-06-02 23:30:36
61.132.226.140	attack	2020-06-01 20:09:03 server sshd[20528]: Failed password for invalid user root from 61.132.226.140 port 43254 ssh2	2020-06-02 23:33:44
40.127.176.175	attack	May 29 20:34:44 v2202003116398111542 sshd[19795]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.127.176.175 user=root	2020-06-02 23:22:06

Recently Reported IPs

225.229.39.28	1.20.189.222	1.20.189.226	1.20.189.31
1.20.189.42	1.20.189.6	1.20.189.63	1.20.189.67
1.20.189.74	1.20.189.76	1.20.189.82	101.12.106.76
1.20.190.157	1.20.190.207	1.20.190.26	1.20.191.101
1.20.191.105	1.20.191.106	1.20.191.110	1.20.191.115