1.0.143.109 - IPInfo

Basic Info

City: Chon Buri

Region: Changwat Chon Buri

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: TOT Public Company Limited

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.0.143.115	attack	2020-09-01T09:37:51.298032suse-nuc sshd[23521]: Invalid user linaro from 1.0.143.115 port 45922 ...	2020-09-27 06:01:30
1.0.143.115	attackspam	2020-09-01T09:37:51.298032suse-nuc sshd[23521]: Invalid user linaro from 1.0.143.115 port 45922 ...	2020-09-26 14:06:27
1.0.143.249	attack	Port probing on unauthorized port 9530	2020-09-13 22:14:40
1.0.143.249	attack	Port probing on unauthorized port 9530	2020-09-13 14:09:55
1.0.143.249	attackspambots	Port probing on unauthorized port 9530	2020-09-13 05:55:17
1.0.143.137	attack	Sep 7 12:33:34 mailserver sshd[6152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.0.143.137 user=r.r Sep 7 12:33:36 mailserver sshd[6152]: Failed password for r.r from 1.0.143.137 port 39820 ssh2 Sep 7 12:33:36 mailserver sshd[6152]: Received disconnect from 1.0.143.137 port 39820:11: Bye Bye [preauth] Sep 7 12:33:36 mailserver sshd[6152]: Disconnected from 1.0.143.137 port 39820 [preauth] Sep 7 12:47:38 mailserver sshd[7533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.0.143.137 user=r.r Sep 7 12:47:40 mailserver sshd[7533]: Failed password for r.r from 1.0.143.137 port 42706 ssh2 Sep 7 12:47:41 mailserver sshd[7533]: Received disconnect from 1.0.143.137 port 42706:11: Bye Bye [preauth] Sep 7 12:47:41 mailserver sshd[7533]: Disconnected from 1.0.143.137 port 42706 [preauth] Sep 7 13:10:04 mailserver sshd[9705]: pam_unix(sshd:auth): authentication failure; logname= uid........ -------------------------------	2020-09-13 03:46:50
1.0.143.137	attack	Sep 7 12:33:34 mailserver sshd[6152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.0.143.137 user=r.r Sep 7 12:33:36 mailserver sshd[6152]: Failed password for r.r from 1.0.143.137 port 39820 ssh2 Sep 7 12:33:36 mailserver sshd[6152]: Received disconnect from 1.0.143.137 port 39820:11: Bye Bye [preauth] Sep 7 12:33:36 mailserver sshd[6152]: Disconnected from 1.0.143.137 port 39820 [preauth] Sep 7 12:47:38 mailserver sshd[7533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.0.143.137 user=r.r Sep 7 12:47:40 mailserver sshd[7533]: Failed password for r.r from 1.0.143.137 port 42706 ssh2 Sep 7 12:47:41 mailserver sshd[7533]: Received disconnect from 1.0.143.137 port 42706:11: Bye Bye [preauth] Sep 7 12:47:41 mailserver sshd[7533]: Disconnected from 1.0.143.137 port 42706 [preauth] Sep 7 13:10:04 mailserver sshd[9705]: pam_unix(sshd:auth): authentication failure; logname= uid........ -------------------------------	2020-09-12 19:55:46
1.0.143.71	attackbots	Brute force attempt	2020-06-29 05:53:26

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.0.143.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16282
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.0.143.109.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 00:12:19 CST 2019
;; MSG SIZE  rcvd: 115

Host info

109.143.0.1.in-addr.arpa domain name pointer node-31p.pool-1-0.dynamic.totinternet.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
109.143.0.1.in-addr.arpa	name = node-31p.pool-1-0.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
81.15.239.53	attackbots	Automatic report - Port Scan Attack	2020-01-14 01:15:26
139.59.0.243	attackspambots	Unauthorized connection attempt detected from IP address 139.59.0.243 to port 2220 [J]	2020-01-14 01:29:00
182.61.176.105	attack	Unauthorized connection attempt detected from IP address 182.61.176.105 to port 2220 [J]	2020-01-14 01:20:10
222.128.13.94	attackspambots	SSHD brute force attack detected by fail2ban	2020-01-14 01:33:40
42.189.105.181	attackspambots	Honeypot attack, port: 81, PTR: PTR record not found	2020-01-14 01:10:26
177.185.129.214	attack	1578931182 - 01/13/2020 16:59:42 Host: 177.185.129.214/177.185.129.214 Port: 445 TCP Blocked	2020-01-14 01:13:57
182.253.60.98	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-14 01:15:46
200.174.240.18	attack	1578920755 - 01/13/2020 14:05:55 Host: 200.174.240.18/200.174.240.18 Port: 445 TCP Blocked	2020-01-14 01:21:51
91.195.98.178	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-14 01:02:08
190.149.61.230	attackbotsspam	Honeypot attack, port: 445, PTR: 230.61.149.190.dynamic.intelnet.net.gt.	2020-01-14 01:27:32
54.39.98.253	attackspam	Unauthorized connection attempt detected from IP address 54.39.98.253 to port 2220 [J]	2020-01-14 00:57:33
123.207.122.21	attackspambots	Jan 13 10:23:15 h1637304 sshd[15360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.122.21 user=r.r Jan 13 10:23:17 h1637304 sshd[15360]: Failed password for r.r from 123.207.122.21 port 54262 ssh2 Jan 13 10:23:18 h1637304 sshd[15360]: Received disconnect from 123.207.122.21: 11: Bye Bye [preauth] Jan 13 10:41:41 h1637304 sshd[2372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.122.21 Jan 13 10:41:43 h1637304 sshd[2372]: Failed password for invalid user kun from 123.207.122.21 port 36168 ssh2 Jan 13 10:41:44 h1637304 sshd[2372]: Received disconnect from 123.207.122.21: 11: Bye Bye [preauth] Jan 13 10:43:59 h1637304 sshd[2594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.122.21 Jan 13 10:44:01 h1637304 sshd[2594]: Failed password for invalid user sftp from 123.207.122.21 port 56382 ssh2 Jan 13 10:44:02 h1637304 sshd[2........ -------------------------------	2020-01-14 01:20:29
80.210.27.148	attack	Unauthorized connection attempt detected from IP address 80.210.27.148 to port 23 [J]	2020-01-14 01:06:25
182.253.119.50	attackspam	2020-01-13T16:54:50.284774shield sshd\[27111\]: Invalid user im from 182.253.119.50 port 47930 2020-01-13T16:54:50.291890shield sshd\[27111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.119.50 2020-01-13T16:54:52.987565shield sshd\[27111\]: Failed password for invalid user im from 182.253.119.50 port 47930 ssh2 2020-01-13T16:58:32.248117shield sshd\[28520\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.253.119.50 user=root 2020-01-13T16:58:34.086324shield sshd\[28520\]: Failed password for root from 182.253.119.50 port 48802 ssh2	2020-01-14 01:01:39
77.247.110.25	attackspambots	77.247.110.25 was recorded 8 times by 3 hosts attempting to connect to the following ports: 4000,5065,65477. Incident counter (4h, 24h, all-time): 8, 21, 83	2020-01-14 01:16:13

Recently Reported IPs

58.66.8.139	154.206.5.182	109.164.138.170	205.72.173.201
151.72.149.65	107.156.96.106	57.199.165.155	223.54.109.202
126.224.163.51	103.134.16.2	180.222.100.41	5.208.133.44
101.42.40.29	110.0.140.129	120.26.197.206	49.209.160.131
165.106.66.201	222.84.193.47	194.33.199.215	131.244.59.52