1.1.139.54 - IPInfo

Basic Info

City: Loei

Region: Loei

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	TCP (SYN) 1.1.139.54:58126 -> port 22, len 52	2020-05-20 07:41:38

Comments on same subnet:

IP	Type	Details	Datetime
1.1.139.223	attackspambots	Unauthorized connection attempt from IP address 1.1.139.223 on Port 445(SMB)	2020-04-30 20:17:07
1.1.139.112	attackbots	" "	2020-04-18 12:18:44
1.1.139.37	attack	Honeypot attack, port: 81, PTR: node-279.pool-1-1.dynamic.totinternet.net.	2020-02-11 08:08:53

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.139.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34531
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.1.139.54.			IN	A

;; AUTHORITY SECTION:
.			146	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051901 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 20 07:41:35 CST 2020
;; MSG SIZE  rcvd: 114

Host info

54.139.1.1.in-addr.arpa domain name pointer node-27q.pool-1-1.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
54.139.1.1.in-addr.arpa	name = node-27q.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.0.6.144	attackspam	Brute force SMTP login attempted. ...	2019-08-10 04:16:08
138.197.131.198	attackbots	Brute force SMTP login attempted. ...	2019-08-10 03:48:47
49.88.112.60	attackspambots	Aug 9 21:35:34 rpi sshd[5267]: Failed password for root from 49.88.112.60 port 62557 ssh2 Aug 9 21:35:38 rpi sshd[5267]: Failed password for root from 49.88.112.60 port 62557 ssh2	2019-08-10 04:03:14
138.197.129.38	attackspam	$f2bV_matches_ltvn	2019-08-10 03:57:40
212.224.108.130	attack	Aug 9 21:39:17 ArkNodeAT sshd\[5805\]: Invalid user gu from 212.224.108.130 Aug 9 21:39:17 ArkNodeAT sshd\[5805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.224.108.130 Aug 9 21:39:19 ArkNodeAT sshd\[5805\]: Failed password for invalid user gu from 212.224.108.130 port 50119 ssh2	2019-08-10 03:52:52
104.236.30.168	attack	Aug 9 15:57:20 TORMINT sshd\[19335\]: Invalid user geography from 104.236.30.168 Aug 9 15:57:20 TORMINT sshd\[19335\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.30.168 Aug 9 15:57:22 TORMINT sshd\[19335\]: Failed password for invalid user geography from 104.236.30.168 port 46938 ssh2 ...	2019-08-10 04:05:58
81.217.159.144	attackspambots	Sent deactivated form without recaaptcha response	2019-08-10 04:11:06
137.74.194.226	attackspam	Brute force SMTP login attempted. ...	2019-08-10 04:22:44
138.197.105.79	attackspam	Brute force SMTP login attempted. ...	2019-08-10 04:06:28
191.53.223.35	attack	Brute force SMTP login attempts.	2019-08-10 04:24:42
192.241.211.215	attackspam	2019-08-09T19:37:23.199050abusebot-8.cloudsearch.cf sshd\[18184\]: Invalid user jboss from 192.241.211.215 port 37597	2019-08-10 03:51:37
177.93.70.111	attackspambots	Aug 9 19:07:40 live sshd[25519]: reveeclipse mapping checking getaddrinfo for maxfibra-177-93-70-111.yune.com.br [177.93.70.111] failed - POSSIBLE BREAK-IN ATTEMPT! Aug 9 19:07:40 live sshd[25519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.93.70.111 Aug 9 19:07:41 live sshd[25519]: Failed password for invalid user admin from 177.93.70.111 port 50308 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=177.93.70.111	2019-08-10 04:29:37
41.138.88.3	attack	Aug 9 18:19:48 XXX sshd[50524]: Invalid user ricky from 41.138.88.3 port 41156	2019-08-10 03:52:37
137.74.26.179	attackbotsspam	Aug 9 22:21:17 v22018076622670303 sshd\[3789\]: Invalid user student03 from 137.74.26.179 port 37256 Aug 9 22:21:17 v22018076622670303 sshd\[3789\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.26.179 Aug 9 22:21:19 v22018076622670303 sshd\[3789\]: Failed password for invalid user student03 from 137.74.26.179 port 37256 ssh2 ...	2019-08-10 04:21:47
49.234.28.168	attackbotsspam	Aug 9 19:34:32 * sshd[4871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.28.168 Aug 9 19:34:34 * sshd[4871]: Failed password for invalid user Jordan from 49.234.28.168 port 50112 ssh2	2019-08-10 04:02:55

Recently Reported IPs

61.39.140.71	201.217.192.104	82.254.15.104	73.111.160.115
119.25.211.201	45.41.65.42	177.240.146.111	183.197.254.4
93.120.206.255	109.5.12.54	92.248.108.50	92.191.34.179
51.174.201.169	162.160.92.105	200.68.177.13	82.237.177.46
187.155.30.221	122.142.5.218	151.66.254.108	69.225.55.200