202.29.221.102

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Uninet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	[portscan] tcp/1433 [MsSQL] in sorbs:'listed [web], [http], [socks], [misc]' in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 01:20:15

Comments on same subnet:

IP	Type	Details	Datetime
202.29.221.202	attackspam	Dec 17 18:17:38 ns37 sshd[28362]: Failed password for root from 202.29.221.202 port 14357 ssh2 Dec 17 18:17:38 ns37 sshd[28362]: Failed password for root from 202.29.221.202 port 14357 ssh2 Dec 17 18:24:05 ns37 sshd[28715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.221.202	2019-12-18 01:27:16
202.29.221.202	attackspambots	Dec 12 03:04:45 kapalua sshd\[31545\]: Invalid user tamasuke from 202.29.221.202 Dec 12 03:04:45 kapalua sshd\[31545\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.221.202 Dec 12 03:04:46 kapalua sshd\[31545\]: Failed password for invalid user tamasuke from 202.29.221.202 port 53921 ssh2 Dec 12 03:12:51 kapalua sshd\[32534\]: Invalid user guest from 202.29.221.202 Dec 12 03:12:51 kapalua sshd\[32534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.221.202	2019-12-12 21:21:40
202.29.221.202	attackspam	Jul 25 14:04:10 areeb-Workstation sshd\[29558\]: Invalid user fork from 202.29.221.202 Jul 25 14:04:10 areeb-Workstation sshd\[29558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.221.202 Jul 25 14:04:12 areeb-Workstation sshd\[29558\]: Failed password for invalid user fork from 202.29.221.202 port 30877 ssh2 ...	2019-07-25 16:48:32
202.29.221.202	attack	2019-07-23T17:31:04.732130lon01.zurich-datacenter.net sshd\[10360\]: Invalid user sal from 202.29.221.202 port 11718 2019-07-23T17:31:04.738900lon01.zurich-datacenter.net sshd\[10360\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.221.202 2019-07-23T17:31:06.337744lon01.zurich-datacenter.net sshd\[10360\]: Failed password for invalid user sal from 202.29.221.202 port 11718 ssh2 2019-07-23T17:37:54.816561lon01.zurich-datacenter.net sshd\[10470\]: Invalid user upload from 202.29.221.202 port 42496 2019-07-23T17:37:54.822792lon01.zurich-datacenter.net sshd\[10470\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.221.202 ...	2019-07-24 01:10:44
202.29.221.202	attack	Jul 19 18:26:42 areeb-Workstation sshd\[13412\]: Invalid user backups from 202.29.221.202 Jul 19 18:26:42 areeb-Workstation sshd\[13412\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.221.202 Jul 19 18:26:44 areeb-Workstation sshd\[13412\]: Failed password for invalid user backups from 202.29.221.202 port 52748 ssh2 ...	2019-07-19 20:58:49
202.29.221.202	attackbots	Invalid user irc from 202.29.221.202 port 1642	2019-07-13 17:18:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.29.221.102
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33332
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.29.221.102.			IN	A

;; AUTHORITY SECTION:
.			372	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101500 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 16 01:20:11 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 102.221.29.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 102.221.29.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.118.37.53	attack	Apr 4 20:47:39 debian-2gb-nbg1-2 kernel: \[8285093.182407\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=92.118.37.53 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=5994 PROTO=TCP SPT=41650 DPT=54416 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-05 02:56:46
139.59.2.184	attackbotsspam	Apr 4 12:58:06 ws24vmsma01 sshd[29053]: Failed password for root from 139.59.2.184 port 37118 ssh2 Apr 4 13:07:04 ws24vmsma01 sshd[105495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.2.184 ...	2020-04-05 03:11:29
206.214.66.2	attack	Apr 4 15:35:56 debian-2gb-nbg1-2 kernel: \[8266391.222743\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=206.214.66.2 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=238 ID=54321 PROTO=UDP SPT=55843 DPT=30120 LEN=24	2020-04-05 03:27:03
159.203.83.217	attackbotsspam	Masscan Port Scanning Tool Detection, PTR: www.livecomm.com.br.	2020-04-05 03:15:41
185.192.69.101	attackspam	HTTP SQL Injection Attempt, PTR: PTR record not found	2020-04-05 03:00:19
192.34.57.113	attackbotsspam	Apr 4 18:20:05 vpn01 sshd[14892]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.34.57.113 Apr 4 18:20:08 vpn01 sshd[14892]: Failed password for invalid user ogp_bot from 192.34.57.113 port 40738 ssh2 ...	2020-04-05 03:25:31
106.13.37.170	attack	5x Failed Password	2020-04-05 03:19:11
107.179.65.90	attack	Amazon ID Phishing Email Return-Path: Received: from yusheng25.yushengserver02.top (yusheng25.yushengserver02.top [107.179.65.90]) From: "" Subject: Amazon. co. jp にご登録のアカウント（名前、パスワード、その他個人情報）の確認 Date: Sat, 4 Apr 2020 21:17:31 +0800 X-mailer: Lbb 1 http://flame.forshana2a.net.cn/ 103.44.28.186 301 server_redirect permanent https://forshana1a.top/ 89.35.39.6 302 server_redirect temporary https://forshana1a.top/pc/	2020-04-05 03:32:13
200.62.96.201	attack	Microsoft SQL Server User Authentication Brute Force Attempt, PTR: 201-96-62-200.enitel.net.ni.	2020-04-05 03:13:40
222.186.175.154	attack	Apr 4 15:28:15 plusreed sshd[3648]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Apr 4 15:28:17 plusreed sshd[3648]: Failed password for root from 222.186.175.154 port 4184 ssh2 ...	2020-04-05 03:30:38
50.57.165.121	attack	Unauthorized connection attempt detected from IP address 50.57.165.121 to port 445	2020-04-05 03:01:55
78.128.113.73	attackspam	2020-04-04 21:08:35 dovecot_login authenticator failed for $\[78.128.113.73\]$ \[78.128.113.73\]: 535 Incorrect authentication data $set_id=ms@opso.it$ 2020-04-04 21:08:48 dovecot_login authenticator failed for $\[78.128.113.73\]$ \[78.128.113.73\]: 535 Incorrect authentication data 2020-04-04 21:09:03 dovecot_login authenticator failed for $\[78.128.113.73\]$ \[78.128.113.73\]: 535 Incorrect authentication data 2020-04-04 21:09:19 dovecot_login authenticator failed for $\[78.128.113.73\]$ \[78.128.113.73\]: 535 Incorrect authentication data 2020-04-04 21:09:28 dovecot_login authenticator failed for $\[78.128.113.73\]$ \[78.128.113.73\]: 535 Incorrect authentication data	2020-04-05 03:09:39
51.75.123.107	attackspam	$f2bV_matches	2020-04-05 03:17:46
112.85.42.195	attackspambots	Apr 4 18:37:34 game-panel sshd[23796]: Failed password for root from 112.85.42.195 port 55379 ssh2 Apr 4 18:39:50 game-panel sshd[23952]: Failed password for root from 112.85.42.195 port 44241 ssh2	2020-04-05 02:52:02
222.186.42.155	attack	04.04.2020 18:57:27 SSH access blocked by firewall	2020-04-05 03:01:44

Recently Reported IPs

6.223.242.219	68.67.160.127	78.148.206.25	179.83.196.84
222.59.2.183	74.187.156.15	81.77.39.56	238.109.194.162
49.45.82.230	177.158.150.188	246.74.232.183	49.254.50.70
177.81.53.40	171.6.206.116	159.203.201.146	125.123.239.89
123.139.234.197	117.1.91.130	112.53.84.94	104.199.94.190