202.29.39.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Uninet

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SSH	2020-09-09 21:32:49
attackspam	SSH	2020-09-09 15:23:29
attack	SSH	2020-09-09 07:32:22
attackspam	(sshd) Failed SSH login from 202.29.39.1 (TH/Thailand/-): 5 in the last 3600 secs	2020-05-16 18:51:05
attackspam	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-03-18 06:21:40
attackbots	SSH invalid-user multiple login attempts	2020-02-24 18:01:27
attackbots	SSH invalid-user multiple login try	2020-02-24 06:11:34
attack	2020-02-15T08:00:00.996750abusebot-7.cloudsearch.cf sshd[16522]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 user=root 2020-02-15T08:00:02.394472abusebot-7.cloudsearch.cf sshd[16522]: Failed password for root from 202.29.39.1 port 40044 ssh2 2020-02-15T08:02:06.629376abusebot-7.cloudsearch.cf sshd[16638]: Invalid user admin from 202.29.39.1 port 54132 2020-02-15T08:02:06.856485abusebot-7.cloudsearch.cf sshd[16638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 2020-02-15T08:02:06.629376abusebot-7.cloudsearch.cf sshd[16638]: Invalid user admin from 202.29.39.1 port 54132 2020-02-15T08:02:08.550466abusebot-7.cloudsearch.cf sshd[16638]: Failed password for invalid user admin from 202.29.39.1 port 54132 ssh2 2020-02-15T08:04:16.166539abusebot-7.cloudsearch.cf sshd[16746]: Invalid user user from 202.29.39.1 port 39992 ...	2020-02-15 17:38:28
attackbotsspam	$f2bV_matches	2020-02-11 03:05:46
attackspambots	Feb 5 15:34:14 lock-38 sshd[32553]: Failed password for root from 202.29.39.1 port 50848 ssh2 Feb 5 15:36:17 lock-38 sshd[32563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 ...	2020-02-05 23:48:05
attack	Invalid user cacti from 202.29.39.1 port 54902	2020-01-15 04:23:45
attackbots	Jan 11 11:57:53 web1 sshd\[13304\]: Invalid user cacti from 202.29.39.1 Jan 11 11:57:53 web1 sshd\[13304\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 Jan 11 11:57:55 web1 sshd\[13304\]: Failed password for invalid user cacti from 202.29.39.1 port 48514 ssh2 Jan 11 12:00:04 web1 sshd\[13492\]: Invalid user jboss from 202.29.39.1 Jan 11 12:00:04 web1 sshd\[13492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1	2020-01-12 06:01:03
attack	Jan 11 09:54:48 srv01 sshd[28986]: Invalid user cacti from 202.29.39.1 port 35200 Jan 11 09:54:48 srv01 sshd[28986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 Jan 11 09:54:48 srv01 sshd[28986]: Invalid user cacti from 202.29.39.1 port 35200 Jan 11 09:54:51 srv01 sshd[28986]: Failed password for invalid user cacti from 202.29.39.1 port 35200 ssh2 Jan 11 09:56:58 srv01 sshd[29146]: Invalid user jboss from 202.29.39.1 port 55158 ...	2020-01-11 17:22:10
attackbotsspam	Jan 9 04:06:42 server sshd\[20834\]: Failed password for invalid user dummy from 202.29.39.1 port 37940 ssh2 Jan 9 17:31:00 server sshd\[19684\]: Invalid user cacti from 202.29.39.1 Jan 9 17:31:00 server sshd\[19684\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 Jan 9 17:31:02 server sshd\[19684\]: Failed password for invalid user cacti from 202.29.39.1 port 53596 ssh2 Jan 9 17:33:13 server sshd\[20013\]: Invalid user jboss from 202.29.39.1 Jan 9 17:33:13 server sshd\[20013\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 ...	2020-01-09 22:51:15
attackspam	2020-01-08T10:39:54.843628struts4.enskede.local sshd\[10344\]: Invalid user cacti from 202.29.39.1 port 34778 2020-01-08T10:39:54.851351struts4.enskede.local sshd\[10344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 2020-01-08T10:39:56.489044struts4.enskede.local sshd\[10344\]: Failed password for invalid user cacti from 202.29.39.1 port 34778 ssh2 2020-01-08T10:42:04.161607struts4.enskede.local sshd\[10346\]: Invalid user jboss from 202.29.39.1 port 54760 2020-01-08T10:42:04.171140struts4.enskede.local sshd\[10346\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 ...	2020-01-08 19:19:01
attackbots	Jan 7 18:56:04 rotator sshd\[13717\]: Invalid user cacti from 202.29.39.1Jan 7 18:56:06 rotator sshd\[13717\]: Failed password for invalid user cacti from 202.29.39.1 port 52924 ssh2Jan 7 18:58:10 rotator sshd\[13728\]: Invalid user jboss from 202.29.39.1Jan 7 18:58:12 rotator sshd\[13728\]: Failed password for invalid user jboss from 202.29.39.1 port 44680 ssh2Jan 7 19:00:26 rotator sshd\[14495\]: Invalid user dummy from 202.29.39.1Jan 7 19:00:28 rotator sshd\[14495\]: Failed password for invalid user dummy from 202.29.39.1 port 36442 ssh2 ...	2020-01-08 03:58:48
attackspambots	Jan 3 23:48:49 ns382633 sshd\[25131\]: Invalid user cacti from 202.29.39.1 port 39024 Jan 3 23:48:49 ns382633 sshd\[25131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 Jan 3 23:48:51 ns382633 sshd\[25131\]: Failed password for invalid user cacti from 202.29.39.1 port 39024 ssh2 Jan 3 23:50:51 ns382633 sshd\[25733\]: Invalid user jboss from 202.29.39.1 port 59180 Jan 3 23:50:51 ns382633 sshd\[25733\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1	2020-01-04 07:07:30
attackbots	Dec 10 14:29:15 vmd17057 sshd\[20506\]: Invalid user test7 from 202.29.39.1 port 53568 Dec 10 14:29:15 vmd17057 sshd\[20506\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 Dec 10 14:29:16 vmd17057 sshd\[20506\]: Failed password for invalid user test7 from 202.29.39.1 port 53568 ssh2 ...	2019-12-10 21:43:13
attackbots	Invalid user zimbra from 202.29.39.1 port 42748	2019-10-25 03:46:11
attack	$f2bV_matches_ltvn	2019-10-02 14:06:18
attackbots	Jul 18 18:13:48 srv-4 sshd\[21883\]: Invalid user hosting from 202.29.39.1 Jul 18 18:13:48 srv-4 sshd\[21883\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 Jul 18 18:13:50 srv-4 sshd\[21883\]: Failed password for invalid user hosting from 202.29.39.1 port 49826 ssh2 ...	2019-07-19 00:48:46
attackspam	Jul 18 03:41:00 nextcloud sshd\[4337\]: Invalid user chocolate from 202.29.39.1 Jul 18 03:41:00 nextcloud sshd\[4337\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.39.1 Jul 18 03:41:02 nextcloud sshd\[4337\]: Failed password for invalid user chocolate from 202.29.39.1 port 50438 ssh2 ...	2019-07-18 09:53:07
attack	Jul 17 02:37:26 *** sshd[8284]: Failed password for invalid user carshowguide from 202.29.39.1 port 33400 ssh2	2019-07-18 05:16:32
attackbots	IP attempted unauthorised action	2019-07-17 19:08:00
attack	2019-07-14T21:44:20.954804abusebot-7.cloudsearch.cf sshd\[1715\]: Invalid user ymchoi from 202.29.39.1 port 51994	2019-07-15 05:54:01
attackbotsspam	2019-07-13T03:12:18.611908abusebot-2.cloudsearch.cf sshd\[18533\]: Invalid user ahmed from 202.29.39.1 port 44618	2019-07-13 11:26:13

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.29.39.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18998
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.29.39.1.			IN	A

;; AUTHORITY SECTION:
.			586	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019032802 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Fri Mar 29 07:33:47 +08 2019
;; MSG SIZE  rcvd: 115

Host info

Host 1.39.29.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 1.39.29.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
210.245.26.142	attack	Dec 14 07:48:12 mc1 kernel: \[464922.099121\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=53137 PROTO=TCP SPT=56123 DPT=7809 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 14 07:51:58 mc1 kernel: \[465148.240033\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=21853 PROTO=TCP SPT=56123 DPT=7332 WINDOW=1024 RES=0x00 SYN URGP=0 Dec 14 07:53:29 mc1 kernel: \[465239.068502\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=210.245.26.142 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=46527 PROTO=TCP SPT=56123 DPT=7572 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-12-14 14:58:29
170.79.221.246	attackspambots	Unauthorized IMAP connection attempt	2019-12-14 15:19:15
51.83.73.160	attackspambots	Dec 14 07:29:35 lnxweb62 sshd[28235]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.83.73.160	2019-12-14 15:08:50
132.232.29.49	attackspambots	Dec 14 07:29:05 vtv3 sshd[12620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.29.49 Dec 14 07:29:08 vtv3 sshd[12620]: Failed password for invalid user nasa from 132.232.29.49 port 43310 ssh2 Dec 14 07:38:03 vtv3 sshd[16775]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.29.49 Dec 14 07:52:25 vtv3 sshd[23831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.29.49 Dec 14 07:52:28 vtv3 sshd[23831]: Failed password for invalid user choan from 132.232.29.49 port 57100 ssh2 Dec 14 08:00:03 vtv3 sshd[27290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.29.49 Dec 14 08:14:52 vtv3 sshd[2149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.29.49 Dec 14 08:14:53 vtv3 sshd[2149]: Failed password for invalid user bonnye from 132.232.29.49 port 53710 ssh2 Dec 14 08:22:09 v	2019-12-14 14:50:20
64.74.161.57	attackbots	Triggered by Fail2Ban at Vostok web server	2019-12-14 15:15:18
132.232.74.106	attack	Dec 14 01:52:12 plusreed sshd[9927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.74.106 user=root Dec 14 01:52:14 plusreed sshd[9927]: Failed password for root from 132.232.74.106 port 51744 ssh2 ...	2019-12-14 14:59:46
176.27.231.1	attackspambots	Dec 14 01:41:36 ny01 sshd[6108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.27.231.1 Dec 14 01:41:38 ny01 sshd[6108]: Failed password for invalid user jerome from 176.27.231.1 port 24460 ssh2 Dec 14 01:47:34 ny01 sshd[6769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.27.231.1	2019-12-14 14:54:08
222.186.175.154	attackspambots	Dec 13 20:48:11 hpm sshd\[3153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root Dec 13 20:48:13 hpm sshd\[3153\]: Failed password for root from 222.186.175.154 port 27716 ssh2 Dec 13 20:48:22 hpm sshd\[3153\]: Failed password for root from 222.186.175.154 port 27716 ssh2 Dec 13 20:48:25 hpm sshd\[3153\]: Failed password for root from 222.186.175.154 port 27716 ssh2 Dec 13 20:48:30 hpm sshd\[3181\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.154 user=root	2019-12-14 14:51:28
182.232.39.111	attack	1576304991 - 12/14/2019 07:29:51 Host: 182.232.39.111/182.232.39.111 Port: 445 TCP Blocked	2019-12-14 14:54:42
52.187.181.133	attackbots	Automatic report - XMLRPC Attack	2019-12-14 15:07:48
107.170.235.19	attackspam	Triggered by Fail2Ban at Ares web server	2019-12-14 15:10:53
5.135.121.238	attack	Dec 14 07:29:24 nextcloud sshd\[16991\]: Invalid user suporte from 5.135.121.238 Dec 14 07:29:24 nextcloud sshd\[16991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.121.238 Dec 14 07:29:26 nextcloud sshd\[16991\]: Failed password for invalid user suporte from 5.135.121.238 port 51174 ssh2 ...	2019-12-14 15:17:16
81.183.222.181	attackbotsspam	Dec 14 06:45:39 thevastnessof sshd[16921]: Failed password for invalid user hindagolla from 81.183.222.181 port 59878 ssh2 Dec 14 07:02:09 thevastnessof sshd[17303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.183.222.181 ...	2019-12-14 15:11:37
104.131.14.14	attack	Dec 14 07:16:43 xeon sshd[56111]: Failed password for invalid user squid from 104.131.14.14 port 45780 ssh2	2019-12-14 14:43:11
185.156.175.93	attack	SS5,DEF GET /admin/	2019-12-14 15:00:43

Recently Reported IPs

66.181.167.115	213.158.29.179	201.17.24.195	196.250.1.154
182.254.227.147	182.61.21.197	168.227.99.10	167.99.202.143
157.230.40.76	142.93.240.79	142.93.174.47	128.199.143.163
118.187.5.29	118.163.71.101	112.170.78.118	104.248.83.49
104.236.142.200	104.236.72.187	89.133.62.227	81.133.12.221