1.2.139.178 - IPInfo

Basic Info

City: Ban Phan Don

Region: Udon Thani

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.2.139.97	attackspambots	Icarus honeypot on github	2020-07-16 17:34:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.139.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.2.139.178.			IN	A

;; AUTHORITY SECTION:
.			104	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022401 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 08:41:06 CST 2022
;; MSG SIZE  rcvd: 104

Host info

178.139.2.1.in-addr.arpa domain name pointer node-2b6.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
178.139.2.1.in-addr.arpa	name = node-2b6.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
115.88.201.58	attack	Automatic report - Banned IP Access	2019-08-10 02:00:00
27.72.21.134	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-09 05:44:08,895 INFO [amun_request_handler] PortScan Detected on Port: 445 (27.72.21.134)	2019-08-10 01:22:12
50.116.70.207	attack	xmlrpc attack	2019-08-10 01:38:36
23.129.64.100	attackspam	Aug 9 19:37:22 km20725 sshd\[8231\]: Invalid user enisa from 23.129.64.100Aug 9 19:37:24 km20725 sshd\[8231\]: Failed password for invalid user enisa from 23.129.64.100 port 37926 ssh2Aug 9 19:37:29 km20725 sshd\[8233\]: Invalid user geosolutions from 23.129.64.100Aug 9 19:37:31 km20725 sshd\[8233\]: Failed password for invalid user geosolutions from 23.129.64.100 port 44767 ssh2 ...	2019-08-10 01:49:39
139.199.100.81	attack	Brute force SMTP login attempted. ...	2019-08-10 01:57:17
188.70.11.136	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-09 05:41:59,365 INFO [amun_request_handler] PortScan Detected on Port: 445 (188.70.11.136)	2019-08-10 01:28:02
81.155.96.76	attackspambots	Aug 9 20:33:22 server sshd\[32346\]: Invalid user uftp from 81.155.96.76 port 48970 Aug 9 20:33:22 server sshd\[32346\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.155.96.76 Aug 9 20:33:24 server sshd\[32346\]: Failed password for invalid user uftp from 81.155.96.76 port 48970 ssh2 Aug 9 20:37:31 server sshd\[23451\]: Invalid user global from 81.155.96.76 port 42470 Aug 9 20:37:31 server sshd\[23451\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.155.96.76	2019-08-10 01:50:40
106.243.162.3	attack	/var/log/messages:Aug 9 16:33:57 sanyalnet-cloud-vps fail2ban.filter[1550]: INFO [sshd] Found 106.243.162.3 /var/log/messages:Aug 9 16:33:57 sanyalnet-cloud-vps fail2ban.filter[1550]: INFO [pam-generic] Found 106.243.162.3 /var/log/messages:Aug 9 16:33:57 sanyalnet-cloud-vps fail2ban.filter[1550]: INFO [sshd] Found 106.243.162.3 /var/log/messages:Aug 9 16:33:59 sanyalnet-cloud-vps fail2ban.filter[1550]: INFO [sshd] Found 106.243.162.3 /var/log/messages:Aug 9 16:33:59 sanyalnet-cloud-vps fail2ban.actions[1550]: NOTICE [sshd] Ban 106.243.162.3 /var/log/messages:Aug 9 16:34:15 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1565368436.502:9689): pid=9190 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=9191 suid=74 rport=54337 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=106.243.162.3 terminal=? re........ -------------------------------	2019-08-10 02:09:08
171.101.103.154	attack	WordPress wp-login brute force :: 171.101.103.154 0.216 BYPASS [09/Aug/2019:16:51:50 1000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-08-10 01:33:38
2607:5300:203:125c::	attackbotsspam	xmlrpc attack	2019-08-10 01:18:23
198.108.67.87	attack	Portscan or hack attempt detected by psad/fwsnort	2019-08-10 01:29:14
132.148.203.157	attackbots	Fail2Ban Ban Triggered	2019-08-10 01:36:33
138.94.20.188	attackbots	Brute force SMTP login attempted. ...	2019-08-10 02:16:10
153.36.242.143	attackspambots	Aug 9 19:37:27 * sshd[5203]: Failed password for root from 153.36.242.143 port 16822 ssh2 Aug 9 19:37:29 * sshd[5203]: Failed password for root from 153.36.242.143 port 16822 ssh2	2019-08-10 01:52:43
43.225.180.227	attack	Caught in portsentry honeypot	2019-08-10 01:59:19

Recently Reported IPs

1.2.139.16	1.2.139.203	1.2.139.204	196.169.139.119
1.2.139.233	1.2.139.51	247.181.212.221	1.2.139.54
1.2.139.69	1.2.140.104	1.2.140.109	12.196.142.123
1.2.140.126	1.2.140.136	1.2.140.174	1.2.140.183
1.2.140.213	1.2.140.214	1.2.140.220	1.2.140.222