1.2.147.214 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: TOT Public Company Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Unauthorized connection attempt from IP address 1.2.147.214 on Port 445(SMB)	2020-09-01 19:36:30

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.2.147.214
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64544
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.2.147.214.			IN	A

;; AUTHORITY SECTION:
.			497	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020090100 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Sep 01 19:36:24 CST 2020
;; MSG SIZE  rcvd: 115

Host info

214.147.2.1.in-addr.arpa domain name pointer node-3x2.pool-1-2.dynamic.totinternet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
214.147.2.1.in-addr.arpa	name = node-3x2.pool-1-2.dynamic.totinternet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
204.48.24.174	attackbots	2019-07-01T05:43:38.204620abusebot-6.cloudsearch.cf sshd\[19195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=204.48.24.174 user=root	2019-07-01 15:35:51
123.20.152.208	attack	Jul 1 05:54:37 vpn01 sshd\[24661\]: Invalid user admin from 123.20.152.208 Jul 1 05:54:37 vpn01 sshd\[24661\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.20.152.208 Jul 1 05:54:39 vpn01 sshd\[24661\]: Failed password for invalid user admin from 123.20.152.208 port 53921 ssh2	2019-07-01 15:08:34
76.79.74.58	attackspam	SSH bruteforce	2019-07-01 15:15:49
165.227.59.122	attackspambots	Automatic report - Web App Attack	2019-07-01 15:42:04
148.63.108.65	attack	Jul 1 05:17:58 localhost sshd\[25185\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.63.108.65 user=root Jul 1 05:18:00 localhost sshd\[25185\]: Failed password for root from 148.63.108.65 port 40910 ssh2 ...	2019-07-01 15:28:27
1.125.105.245	attackbotsspam	Telnet Server BruteForce Attack	2019-07-01 15:48:58
54.36.148.221	attack	Automatic report - Web App Attack	2019-07-01 15:12:07
201.144.84.93	attackspambots	Jul 1 05:52:57 localhost sshd\[2114\]: Invalid user jenkins from 201.144.84.93 Jul 1 05:52:57 localhost sshd\[2114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.144.84.93 Jul 1 05:52:59 localhost sshd\[2114\]: Failed password for invalid user jenkins from 201.144.84.93 port 39438 ssh2 Jul 1 05:54:34 localhost sshd\[2132\]: Invalid user yn from 201.144.84.93 Jul 1 05:54:34 localhost sshd\[2132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.144.84.93 ...	2019-07-01 15:10:35
13.94.43.10	attack	Tried sshing with brute force.	2019-07-01 15:59:34
218.208.191.166	attack	DATE:2019-07-01_05:54:37, IP:218.208.191.166, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2019-07-01 15:09:32
139.199.6.107	attackspambots	Triggered by Fail2Ban	2019-07-01 15:29:02
92.118.37.81	attackspam	01.07.2019 06:39:48 Connection to port 20773 blocked by firewall	2019-07-01 15:16:07
82.147.120.45	attack	Jul 1 07:08:54 our-server-hostname postfix/smtpd[29807]: connect from unknown[82.147.120.45] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 1 07:09:04 our-server-hostname postfix/smtpd[29807]: lost connection after RCPT from unknown[82.147.120.45] Jul 1 07:09:04 our-server-hostname postfix/smtpd[29807]: disconnect from unknown[82.147.120.45] Jul 1 07:13:26 our-server-hostname postfix/smtpd[32755]: connect from unknown[82.147.120.45] Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul x@x Jul 1 07:13:32 our-server-hostname postfix/smtpd[32755]: lost connection after RCPT from unknown[82.147.120.45] Jul 1 07:13:32 our-server-hostname postfix/smtpd[32755]: disconnect from unknown[82.147.120.45] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=82.147.120.45	2019-07-01 15:52:34
218.92.0.145	attack	2019-07-01T05:54:40.736927test01.cajus.name sshd\[32222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root 2019-07-01T05:54:43.056061test01.cajus.name sshd\[32222\]: Failed password for root from 218.92.0.145 port 41631 ssh2 2019-07-01T05:54:46.245434test01.cajus.name sshd\[32222\]: Failed password for root from 218.92.0.145 port 41631 ssh2	2019-07-01 15:05:33
177.154.234.152	attack	$f2bV_matches	2019-07-01 15:22:00

Recently Reported IPs

68.238.241.143	63.79.149.86	85.29.129.189	93.185.244.73
40.68.119.88	122.148.150.170	113.160.223.209	14.166.34.216
209.14.105.102	221.179.87.134	183.80.50.36	150.117.97.186
107.23.235.133	224.56.55.193	92.118.228.122	116.202.180.69
14.165.27.156	201.111.36.249	69.10.62.108	180.93.5.128