1.20.141.76 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.141.126	attack	Unauthorized connection attempt detected from IP address 1.20.141.126 to port 80 [T]	2020-03-24 20:31:25

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.141.76
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50392
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.141.76.			IN	A

;; AUTHORITY SECTION:
.			293	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022400 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 24 19:53:47 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 76.141.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 76.141.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.244.209.5	attack	2019-10-17T16:43:30.686891abusebot.cloudsearch.cf sshd\[27255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=slc-exit.privateinternetaccess.com user=root	2019-10-18 02:01:41
132.148.25.34	attackbots	WordPress wp-login brute force :: 132.148.25.34 0.040 BYPASS [18/Oct/2019:01:14:33 1100] [censored_2] "POST /wp-login.php HTTP/1.1" 200 4630 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-18 02:27:12
85.192.71.245	attackbots	Oct 17 16:41:45 icinga sshd[12361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.192.71.245 Oct 17 16:41:46 icinga sshd[12361]: Failed password for invalid user 12!@34#$ from 85.192.71.245 port 51276 ssh2 ...	2019-10-18 02:08:03
199.249.230.104	attack	GET (not exists) posting.php-spambot	2019-10-18 02:31:00
164.160.34.111	attackbotsspam	2019-10-17T14:20:56.815816abusebot-6.cloudsearch.cf sshd\[32101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.160.34.111 user=root	2019-10-18 02:05:23
171.67.70.144	attackspambots	22/tcp 22/tcp [2019-10-13/17]3pkt	2019-10-18 01:58:47
182.61.43.47	attackspambots	Jun 14 05:28:50 odroid64 sshd\[21091\]: Invalid user data from 182.61.43.47 Jun 14 05:28:50 odroid64 sshd\[21091\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.43.47 Jun 14 05:28:51 odroid64 sshd\[21091\]: Failed password for invalid user data from 182.61.43.47 port 47838 ssh2 ...	2019-10-18 02:22:20
157.245.103.15	attackbots	Oct 17 17:57:38 www sshd\[183850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.103.15 user=root Oct 17 17:57:39 www sshd\[183850\]: Failed password for root from 157.245.103.15 port 4972 ssh2 Oct 17 18:02:53 www sshd\[183875\]: Invalid user susan from 157.245.103.15 ...	2019-10-18 02:07:36
45.136.108.39	attackbots	WordPress XMLRPC scan :: 45.136.108.39 0.144 BYPASS [17/Oct/2019:23:39:45 1100] [censored_2] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36"	2019-10-18 02:23:35
218.92.0.191	attackspam	Oct 17 19:53:50 dcd-gentoo sshd[3801]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Oct 17 19:53:53 dcd-gentoo sshd[3801]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Oct 17 19:53:50 dcd-gentoo sshd[3801]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Oct 17 19:53:53 dcd-gentoo sshd[3801]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Oct 17 19:53:50 dcd-gentoo sshd[3801]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Oct 17 19:53:53 dcd-gentoo sshd[3801]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Oct 17 19:53:53 dcd-gentoo sshd[3801]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 32904 ssh2 ...	2019-10-18 02:01:14
178.62.11.27	attackbotsspam	Host: (null) Helo: www.fastcompany.com Sender: [xxx]@ebr-register.com	2019-10-18 02:07:08
217.182.74.125	attackspambots	Oct 17 20:05:43 ovpn sshd\[11053\]: Invalid user hw from 217.182.74.125 Oct 17 20:05:43 ovpn sshd\[11053\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.74.125 Oct 17 20:05:46 ovpn sshd\[11053\]: Failed password for invalid user hw from 217.182.74.125 port 46586 ssh2 Oct 17 20:19:26 ovpn sshd\[13674\]: Invalid user samson from 217.182.74.125 Oct 17 20:19:26 ovpn sshd\[13674\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.74.125	2019-10-18 02:25:58
190.13.129.34	attackspambots	Automatic report - Banned IP Access	2019-10-18 02:06:47
5.35.132.216	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/5.35.132.216/ RU - 1H : (181) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN43530 IP : 5.35.132.216 CIDR : 5.35.128.0/19 PREFIX COUNT : 6 UNIQUE IP COUNT : 21504 WYKRYTE ATAKI Z ASN43530 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-17 13:36:04 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-18 02:24:43
202.99.211.52	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-18 02:11:44

Recently Reported IPs

1.20.141.72	1.20.141.8	1.20.141.87	1.20.141.95
1.20.142.102	1.20.142.109	1.20.142.110	1.20.142.113
1.20.142.114	1.20.142.116	1.20.142.119	1.20.142.12
1.20.142.120	1.20.142.125	1.20.142.126	1.20.142.128
1.20.142.130	1.20.142.132	73.101.117.119	1.20.142.135