1.20.147.107 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
1.20.147.23	attackbotsspam	Lines containing failures of 1.20.147.23 (max 1000) Feb 7 14:41:38 HOSTNAME sshd[30749]: Did not receive identification string from 1.20.147.23 port 9891 Feb 7 14:41:42 HOSTNAME sshd[30750]: Invalid user user from 1.20.147.23 port 55761 Feb 7 14:41:43 HOSTNAME sshd[30750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.20.147.23 Feb 7 14:41:45 HOSTNAME sshd[30750]: Failed password for invalid user user from 1.20.147.23 port 55761 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=1.20.147.23	2020-02-08 04:27:31

Type

Details

Datetime

1.20.147.23

attackbotsspam

Lines containing failures of 1.20.147.23 (max 1000)
Feb  7 14:41:38 HOSTNAME sshd[30749]: Did not receive identification string from 1.20.147.23 port 9891
Feb  7 14:41:42 HOSTNAME sshd[30750]: Invalid user user from 1.20.147.23 port 55761
Feb  7 14:41:43 HOSTNAME sshd[30750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.20.147.23
Feb  7 14:41:45 HOSTNAME sshd[30750]: Failed password for invalid user user from 1.20.147.23 port 55761 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=1.20.147.23

2020-02-08 04:27:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.20.147.107
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 26985
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.20.147.107.			IN	A

;; AUTHORITY SECTION:
.			325	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 25 16:36:50 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 107.147.20.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 107.147.20.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.228.8.254	attackbotsspam	0,58-01/01 [bc01/m16] PostRequest-Spammer scoring: Durban01	2020-05-28 21:11:31
51.77.188.158	attackbots	51.77.188.158 - - [28/May/2020:14:03:27 +0200] "GET /wp-login.php HTTP/1.1" 200 5865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.188.158 - - [28/May/2020:14:03:28 +0200] "POST /wp-login.php HTTP/1.1" 200 6116 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 51.77.188.158 - - [28/May/2020:14:03:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-05-28 20:44:56
185.175.93.14	attack	scans 17 times in preceeding hours on the ports (in chronological order) 1395 3393 5033 4646 2015 3522 7112 4422 33852 4100 20066 4044 9898 3555 33891 20333 4246 resulting in total of 42 scans from 185.175.93.0/24 block.	2020-05-28 20:30:11
27.3.73.237	attack	1590667400 - 05/28/2020 14:03:20 Host: 27.3.73.237/27.3.73.237 Port: 445 TCP Blocked	2020-05-28 20:53:34
156.223.38.63	attackspam	Lines containing failures of 156.223.38.63 May 28 13:58:52 own sshd[20281]: Invalid user admin from 156.223.38.63 port 42614 May 28 13:58:52 own sshd[20281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.223.38.63 May 28 13:58:54 own sshd[20281]: Failed password for invalid user admin from 156.223.38.63 port 42614 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=156.223.38.63	2020-05-28 20:40:35
162.241.155.84	attackspam	email spam www.techgyd.com	2020-05-28 20:28:59
198.71.235.21	attackspam	Trolling for resource vulnerabilities	2020-05-28 20:48:54
185.234.216.206	attackbots	2020-05-28 14:03:15 login authenticator failed for \(zg1LBCFcda\) \[185.234.216.206\]:52946 I=\[193.107.90.29\]:25: 535 Incorrect authentication data \(set_id=test\) 2020-05-28 14:03:16 login authenticator failed for \(kALLP8g99M\) \[185.234.216.206\]:64403 I=\[193.107.90.29\]:25: 535 Incorrect authentication data \(set_id=test\) 2020-05-28 14:03:17 login authenticator failed for \(AC2sPg\) \[185.234.216.206\]:52840 I=\[193.107.90.29\]:25: 535 Incorrect authentication data \(set_id=test\) ...	2020-05-28 20:53:13
200.41.188.82	attackspambots	20/5/28@08:03:41: FAIL: Alarm-Network address from=200.41.188.82 ...	2020-05-28 20:35:34
95.255.14.141	attackbotsspam	May 28 13:59:48 jane sshd[19642]: Failed password for root from 95.255.14.141 port 41208 ssh2 ...	2020-05-28 20:50:28
191.162.218.41	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-05-28 21:09:15
210.212.237.67	attack	May 28 13:03:20 cdc sshd[28006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.212.237.67 May 28 13:03:22 cdc sshd[28006]: Failed password for invalid user rpm from 210.212.237.67 port 50044 ssh2	2020-05-28 20:51:20
156.96.155.239	attack	Port Scan detected! ...	2020-05-28 20:32:01
150.242.213.189	attackbots	May 28 17:27:26 gw1 sshd[18624]: Failed password for root from 150.242.213.189 port 41536 ssh2 ...	2020-05-28 20:49:24
222.186.173.226	attackbotsspam	May 28 14:32:17 vmd48417 sshd[10977]: Failed password for root from 222.186.173.226 port 38920 ssh2	2020-05-28 20:43:29

Recently Reported IPs

242.200.29.101	1.20.147.136	103.137.184.99	103.137.185.76
103.137.19.62	1.20.147.54	103.137.185.247	103.137.185.133
103.137.186.59	103.137.192.101	103.137.192.105	103.137.185.79
103.137.192.113	103.137.192.117	103.137.192.109	1.20.147.60
103.137.192.125	103.137.192.133	103.137.192.17	103.137.192.137