1.1.214.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 1.1.214.80 on Port 445(SMB)	2020-05-06 00:29:33

Comments on same subnet:

IP	Type	Details	Datetime
1.1.214.95	attackspam	2020-05-21T13:57:22.777218suse-nuc sshd[6015]: Invalid user admin from 1.1.214.95 port 43183 ...	2020-09-27 05:58:43
1.1.214.95	attack	2020-05-21T13:57:22.777218suse-nuc sshd[6015]: Invalid user admin from 1.1.214.95 port 43183 ...	2020-09-26 22:18:37
1.1.214.95	attackbotsspam	2020-05-21T13:57:22.777218suse-nuc sshd[6015]: Invalid user admin from 1.1.214.95 port 43183 ...	2020-09-26 14:03:10
1.1.214.119	attackspam	1586231183 - 04/07/2020 05:46:23 Host: 1.1.214.119/1.1.214.119 Port: 445 TCP Blocked	2020-04-07 19:36:21
1.1.214.100	attackbotsspam	Unauthorized connection attempt from IP address 1.1.214.100 on Port 445(SMB)	2020-03-17 12:07:19
1.1.214.172	attack	Nov 24 17:13:08 mail sshd[31569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.1.214.172 Nov 24 17:13:10 mail sshd[31569]: Failed password for invalid user mpeg from 1.1.214.172 port 46524 ssh2 Nov 24 17:18:47 mail sshd[32371]: Failed password for root from 1.1.214.172 port 54550 ssh2	2019-11-25 00:43:50
1.1.214.172	attack	Nov 24 08:14:42 heissa sshd\[1603\]: Invalid user buster from 1.1.214.172 port 40912 Nov 24 08:14:42 heissa sshd\[1603\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.1.214.172 Nov 24 08:14:44 heissa sshd\[1603\]: Failed password for invalid user buster from 1.1.214.172 port 40912 ssh2 Nov 24 08:21:14 heissa sshd\[5401\]: Invalid user admin from 1.1.214.172 port 49416 Nov 24 08:21:14 heissa sshd\[5401\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.1.214.172	2019-11-24 17:22:26
1.1.214.212	attack	Sat, 20 Jul 2019 21:55:20 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 10:48:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.1.214.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53502
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.1.214.80.			IN	A

;; AUTHORITY SECTION:
.			586	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020050500 1800 900 604800 86400

;; Query time: 107 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 06 00:29:27 CST 2020
;; MSG SIZE  rcvd: 114

Host info

80.214.1.1.in-addr.arpa domain name pointer node-h1s.pool-1-1.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
80.214.1.1.in-addr.arpa	name = node-h1s.pool-1-1.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.169.194	attackspam	2020-09-08T03:44:45.055820snf-827550 sshd[23959]: Failed password for root from 222.186.169.194 port 22276 ssh2 2020-09-08T03:44:47.782539snf-827550 sshd[23959]: Failed password for root from 222.186.169.194 port 22276 ssh2 2020-09-08T03:44:51.580986snf-827550 sshd[23959]: Failed password for root from 222.186.169.194 port 22276 ssh2 ...	2020-09-08 08:47:38
189.59.5.49	attackbotsspam	(imapd) Failed IMAP login from 189.59.5.49 (BR/Brazil/orthosaude.static.gvt.net.br): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 8 01:50:27 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=189.59.5.49, lip=5.63.12.44, session=	2020-09-08 08:57:14
218.92.0.173	attackbotsspam	2020-09-08T03:42:39.963600shield sshd\[5297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.173 user=root 2020-09-08T03:42:42.578633shield sshd\[5297\]: Failed password for root from 218.92.0.173 port 37216 ssh2 2020-09-08T03:42:45.643537shield sshd\[5297\]: Failed password for root from 218.92.0.173 port 37216 ssh2 2020-09-08T03:42:49.120810shield sshd\[5297\]: Failed password for root from 218.92.0.173 port 37216 ssh2 2020-09-08T03:42:52.814057shield sshd\[5297\]: Failed password for root from 218.92.0.173 port 37216 ssh2	2020-09-08 12:01:36
129.226.185.201	attackbotsspam	Sep 7 23:52:33 mellenthin sshd[23832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.185.201 Sep 7 23:52:34 mellenthin sshd[23832]: Failed password for invalid user test from 129.226.185.201 port 53444 ssh2	2020-09-08 08:49:37
80.4.110.71	attackspam	Sep 7 18:19:15 mx sshd[11941]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.4.110.71 Sep 7 18:19:17 mx sshd[11941]: Failed password for invalid user pi from 80.4.110.71 port 52002 ssh2	2020-09-08 09:07:06
79.37.114.185	attackspambots	Sep 7 18:46:31 nextcloud sshd\[1941\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.37.114.185 user=root Sep 7 18:46:34 nextcloud sshd\[1941\]: Failed password for root from 79.37.114.185 port 51316 ssh2 Sep 7 18:50:39 nextcloud sshd\[7576\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.37.114.185 user=root	2020-09-08 08:44:42
218.92.0.133	attackbotsspam	Sep 8 02:51:01 vps1 sshd[11091]: Failed none for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:01 vps1 sshd[11091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.133 user=root Sep 8 02:51:03 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:07 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:11 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:15 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:18 vps1 sshd[11091]: Failed password for invalid user root from 218.92.0.133 port 44447 ssh2 Sep 8 02:51:19 vps1 sshd[11091]: error: maximum authentication attempts exceeded for invalid user root from 218.92.0.133 port 44447 ssh2 [preauth] ...	2020-09-08 08:53:38
167.99.93.5	attack	reported through recidive - multiple failed attempts(SSH)	2020-09-08 08:51:22
68.204.88.29	attack	Honeypot attack, port: 81, PTR: 68-204-88-29.res.bhn.net.	2020-09-08 08:48:37
185.191.171.10	attack	07.09.2020 21:35:25 - Bad Robot Ignore Robots.txt	2020-09-08 08:36:08
145.239.19.186	attack	Sep 7 22:44:11 ns308116 sshd[19840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.19.186 user=root Sep 7 22:44:13 ns308116 sshd[19840]: Failed password for root from 145.239.19.186 port 33732 ssh2 Sep 7 22:47:53 ns308116 sshd[21162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.19.186 user=root Sep 7 22:47:55 ns308116 sshd[21162]: Failed password for root from 145.239.19.186 port 47630 ssh2 Sep 7 22:51:38 ns308116 sshd[22582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.19.186 user=root ...	2020-09-08 12:02:59
51.210.97.29	attackspambots	51.210.97.29 - - [07/Sep/2020:18:50:34 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.210.97.29 - - [07/Sep/2020:18:50:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2698 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.210.97.29 - - [07/Sep/2020:18:50:34 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.210.97.29 - - [07/Sep/2020:18:50:34 +0200] "POST /wp-login.php HTTP/1.1" 200 2672 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.210.97.29 - - [07/Sep/2020:18:50:35 +0200] "GET /wp-login.php HTTP/1.1" 200 2566 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.210.97.29 - - [07/Sep/2020:18:50:35 +0200] "POST /wp-login.php HTTP/1.1" 200 2673 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/6 ...	2020-09-08 08:49:17
187.10.231.238	attackbots	2020-09-08T05:40:14.809093billing sshd[6568]: Failed password for root from 187.10.231.238 port 52154 ssh2 2020-09-08T05:44:24.710773billing sshd[16001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.10.231.238 user=root 2020-09-08T05:44:26.319921billing sshd[16001]: Failed password for root from 187.10.231.238 port 54886 ssh2 ...	2020-09-08 08:37:46
191.252.116.200	attackspam	Automatic report - XMLRPC Attack	2020-09-08 12:00:51
91.134.185.80	attackspam	" "	2020-09-08 09:11:31

Recently Reported IPs

192.185.131.136	171.100.157.26	223.17.178.148	113.175.80.3
103.99.17.56	51.81.254.24	43.251.97.99	157.44.118.16
129.154.66.222	64.227.117.19	49.233.50.16	113.161.162.63
101.24.116.149	34.80.252.217	125.161.129.247	60.189.139.202
45.76.183.235	59.153.237.174	49.228.50.94	45.117.169.152