1.2.143.249 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.2.143.171	attack	Telnet/23 MH Probe, BF, Hack -	2020-02-13 08:30:22
1.2.143.176	attackspam	Automatic report - Port Scan Attack	2019-09-05 04:54:25
1.2.143.212	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 21:49:23,250 INFO [shellcode_manager] (1.2.143.212) no match, writing hexdump (6fedc213f6fe6009abe68fd93a9b3572 :1851776) - MS17010 (EternalBlue)	2019-08-09 09:25:48

Type

Details

Datetime

1.2.143.171

attack

Telnet/23 MH Probe, BF, Hack -

2020-02-13 08:30:22

1.2.143.176

attackspam

Automatic report - Port Scan Attack

2019-09-05 04:54:25

1.2.143.212

attackspambots

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-08 21:49:23,250 INFO [shellcode_manager] (1.2.143.212) no match, writing hexdump (6fedc213f6fe6009abe68fd93a9b3572 :1851776) - MS17010 (EternalBlue)

2019-08-09 09:25:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.143.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25371
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.2.143.249.			IN	A

;; AUTHORITY SECTION:
.			294	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 18:16:56 CST 2022
;; MSG SIZE  rcvd: 104

Host info

249.143.2.1.in-addr.arpa domain name pointer node-35l.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
249.143.2.1.in-addr.arpa	name = node-35l.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
78.189.139.129	attack	1433/tcp [2019-11-16]1pkt	2019-11-17 01:50:59
218.90.212.130	attackspam	Nov 16 19:00:48 MK-Soft-VM3 sshd[17813]: Failed password for root from 218.90.212.130 port 15784 ssh2 Nov 16 19:05:11 MK-Soft-VM3 sshd[17994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.90.212.130 ...	2019-11-17 02:06:03
222.186.173.215	attackbots	Nov 16 18:55:54 sd-53420 sshd\[29805\]: User root from 222.186.173.215 not allowed because none of user's groups are listed in AllowGroups Nov 16 18:55:54 sd-53420 sshd\[29805\]: Failed none for invalid user root from 222.186.173.215 port 18916 ssh2 Nov 16 18:55:54 sd-53420 sshd\[29805\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.215 user=root Nov 16 18:55:55 sd-53420 sshd\[29805\]: Failed password for invalid user root from 222.186.173.215 port 18916 ssh2 Nov 16 18:56:12 sd-53420 sshd\[29882\]: User root from 222.186.173.215 not allowed because none of user's groups are listed in AllowGroups ...	2019-11-17 01:57:12
182.254.227.147	attack	Nov 16 18:47:26 minden010 sshd[23135]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.227.147 Nov 16 18:47:28 minden010 sshd[23135]: Failed password for invalid user lturpin from 182.254.227.147 port 27077 ssh2 Nov 16 18:52:09 minden010 sshd[24691]: Failed password for root from 182.254.227.147 port 60373 ssh2 ...	2019-11-17 02:07:36
106.13.56.45	attack	2019-11-16T16:10:56.589519scmdmz1 sshd\[19942\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.56.45 user=root 2019-11-16T16:10:58.650308scmdmz1 sshd\[19942\]: Failed password for root from 106.13.56.45 port 41430 ssh2 2019-11-16T16:16:07.822276scmdmz1 sshd\[20420\]: Invalid user army from 106.13.56.45 port 47532 ...	2019-11-17 02:20:12
193.31.195.14	attackspambots	11/16/2019-15:50:08.410381 193.31.195.14 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-11-17 02:28:38
178.128.216.127	attack	Automatic report - Banned IP Access	2019-11-17 02:15:56
107.6.183.226	attackspam	fire	2019-11-17 02:05:44
101.108.188.220	attackbots	12345/tcp [2019-11-16]1pkt	2019-11-17 01:52:05
139.227.144.42	attackbotsspam	8082/udp [2019-11-16]1pkt	2019-11-17 02:24:58
104.236.122.193	attackspambots	fire	2019-11-17 02:26:58
185.176.221.147	attackbots	firewall-block, port(s): 3390/tcp	2019-11-17 02:02:50
79.129.113.159	attack	9000/tcp [2019-11-16]1pkt	2019-11-17 02:27:29
60.250.125.151	attackbots	Unauthorised access (Nov 16) SRC=60.250.125.151 LEN=52 PREC=0x20 TTL=115 ID=3894 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-17 01:56:48
109.124.176.138	attackbots	fire	2019-11-17 02:01:11

Recently Reported IPs

1.2.143.236	1.2.143.38	1.2.143.66	1.2.143.84
1.2.144.140	1.2.144.145	1.2.144.174	1.2.144.249
1.2.144.253	1.2.144.61	1.2.144.96	1.2.145.167
40.138.180.45	1.2.145.221	1.2.145.23	1.2.145.39
1.2.145.41	1.2.145.51	1.2.145.66	1.2.146.101