1.20.189.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.189.111	attackspam	Unauthorized connection attempt detected from IP address 1.20.189.111 to port 445	2020-01-02 22:47:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.189.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4960
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.189.2.			IN	A

;; AUTHORITY SECTION:
.			341	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 20:24:52 CST 2022
;; MSG SIZE  rcvd: 103

Host info

Host 2.189.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.189.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.245.36.189	attackbotsspam	Jun 4 16:37:07 journals sshd\[42023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.36.189 user=root Jun 4 16:37:09 journals sshd\[42023\]: Failed password for root from 157.245.36.189 port 41430 ssh2 Jun 4 16:40:50 journals sshd\[42442\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.36.189 user=root Jun 4 16:40:51 journals sshd\[42442\]: Failed password for root from 157.245.36.189 port 44744 ssh2 Jun 4 16:44:23 journals sshd\[42780\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.36.189 user=root ...	2020-06-05 00:39:18
178.159.129.33	attackspam	Jun 4 14:00:44 mail.srvfarm.net postfix/smtpd[2502819]: warning: unknown[178.159.129.33]: SASL PLAIN authentication failed: Jun 4 14:00:44 mail.srvfarm.net postfix/smtpd[2502819]: lost connection after AUTH from unknown[178.159.129.33] Jun 4 14:05:03 mail.srvfarm.net postfix/smtpd[2504252]: warning: unknown[178.159.129.33]: SASL PLAIN authentication failed: Jun 4 14:05:03 mail.srvfarm.net postfix/smtpd[2504252]: lost connection after AUTH from unknown[178.159.129.33] Jun 4 14:05:11 mail.srvfarm.net postfix/smtps/smtpd[2515948]: warning: unknown[178.159.129.33]: SASL PLAIN authentication failed:	2020-06-05 00:10:03
122.99.52.64	attackspam	Port probing on unauthorized port 9000	2020-06-05 00:04:30
221.158.249.147	attack	Unauthorized connection attempt detected from IP address 221.158.249.147 to port 23	2020-06-05 00:11:40
79.124.62.55	attackspam	Port Scan detected from 79.124.62.55 (BG/Bulgaria/Sofia-grad/Sofia/ip-62-55.fiberinternet.bg). 4 hits in the last 216 seconds	2020-06-05 00:38:00
185.153.196.126	attack	firewall-block, port(s): 3398/tcp	2020-06-05 00:32:35
112.85.42.174	attackbots	2020-06-04T18:34:32.014029vps751288.ovh.net sshd\[14979\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.174 user=root 2020-06-04T18:34:33.939324vps751288.ovh.net sshd\[14979\]: Failed password for root from 112.85.42.174 port 61058 ssh2 2020-06-04T18:34:37.045610vps751288.ovh.net sshd\[14979\]: Failed password for root from 112.85.42.174 port 61058 ssh2 2020-06-04T18:34:39.898854vps751288.ovh.net sshd\[14979\]: Failed password for root from 112.85.42.174 port 61058 ssh2 2020-06-04T18:34:43.822052vps751288.ovh.net sshd\[14979\]: Failed password for root from 112.85.42.174 port 61058 ssh2	2020-06-05 00:45:35
5.188.87.58	attackbotsspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-06-04T12:54:06Z and 2020-06-04T14:16:59Z	2020-06-05 00:31:05
167.114.152.249	attackspambots	Lines containing failures of 167.114.152.249 Jun 4 12:08:11 zabbix sshd[54270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.152.249 user=r.r Jun 4 12:08:12 zabbix sshd[54270]: Failed password for r.r from 167.114.152.249 port 57302 ssh2 Jun 4 12:08:12 zabbix sshd[54270]: Received disconnect from 167.114.152.249 port 57302:11: Bye Bye [preauth] Jun 4 12:08:12 zabbix sshd[54270]: Disconnected from authenticating user r.r 167.114.152.249 port 57302 [preauth] Jun 4 12:19:16 zabbix sshd[55119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.152.249 user=r.r Jun 4 12:19:18 zabbix sshd[55119]: Failed password for r.r from 167.114.152.249 port 33472 ssh2 Jun 4 12:19:18 zabbix sshd[55119]: Received disconnect from 167.114.152.249 port 33472:11: Bye Bye [preauth] Jun 4 12:19:18 zabbix sshd[55119]: Disconnected from authenticating user r.r 167.114.152.249 port 33472 [preau........ ------------------------------	2020-06-05 00:40:21
139.199.45.89	attack	Jun 4 13:55:16 ourumov-web sshd\[677\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root Jun 4 13:55:18 ourumov-web sshd\[677\]: Failed password for root from 139.199.45.89 port 45332 ssh2 Jun 4 14:05:43 ourumov-web sshd\[1389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.45.89 user=root ...	2020-06-05 00:05:33
157.245.240.102	attackbotsspam	157.245.240.102 - - [04/Jun/2020:13:04:42 +0100] "POST /wp-login.php HTTP/1.1" 200 2046 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.240.102 - - [04/Jun/2020:13:04:48 +0100] "POST /wp-login.php HTTP/1.1" 200 2020 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 157.245.240.102 - - [04/Jun/2020:13:04:51 +0100] "POST /wp-login.php HTTP/1.1" 200 2019 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-05 00:51:22
189.181.91.123	attackspam	1591272301 - 06/04/2020 14:05:01 Host: 189.181.91.123/189.181.91.123 Port: 445 TCP Blocked	2020-06-05 00:44:21
59.188.2.19	attack	Jun 4 11:30:21 r.ca sshd[24351]: Failed password for root from 59.188.2.19 port 59362 ssh2	2020-06-05 00:33:47
192.151.152.178	attackbots	192.151.152.178 - - [04/Jun/2020:10:31:35 -0500] "HEAD /cnf/spa$MA.cfg HTTP/1.1" 192.151.152.178 - - [04/Jun/2020:10:31:38 -0500] "HEAD /accounts/SIPDefault.cnf 192.151.152.178 - - [04/Jun/2020:10:31:51 -0500] "HEAD /cnf/SIPDefault.cnf HTTP/ 192.151.152.178 - - [04/Jun/2020:10:31:55 -0500] "HEAD /accounts/IPDefault.cnf H	2020-06-05 00:52:00
82.65.29.31	attackspam	prod11 ...	2020-06-05 00:48:00

Recently Reported IPs

225.229.39.28	1.20.189.222	1.20.189.226	1.20.189.31
1.20.189.42	1.20.189.6	1.20.189.63	1.20.189.67
1.20.189.74	1.20.189.76	1.20.189.82	101.12.106.76
1.20.190.157	1.20.190.207	1.20.190.26	1.20.191.101
1.20.191.105	1.20.191.106	1.20.191.110	1.20.191.115