1.69.207.147 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanxi Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 1.69.207.147 to port 23 [J]	2020-01-20 23:43:46

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.69.207.147
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6615
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.69.207.147.			IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012000 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 20 23:43:42 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 147.207.69.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 147.207.69.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.85.75.118	attackspambots	20/9/24@16:39:11: FAIL: Alarm-Network address from=190.85.75.118 20/9/24@16:39:11: FAIL: Alarm-Network address from=190.85.75.118 ...	2020-09-26 05:17:35
95.60.155.188	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 95.60.155.188 (ES/Spain/static-188-155-60-95.ipcom.comunitel.net): 5 in the last 3600 secs - Wed Sep 5 21:04:54 2018	2020-09-26 05:03:27
94.199.198.137	attackbots	Sep 25 20:15:36 main sshd[20817]: Failed password for invalid user mg from 94.199.198.137 port 53764 ssh2 Sep 25 20:30:49 main sshd[20925]: Failed password for invalid user test from 94.199.198.137 port 38088 ssh2	2020-09-26 05:09:46
52.175.204.16	attackbots	Sep 25 20:42:50 ssh2 sshd[96908]: User root from 52.175.204.16 not allowed because not listed in AllowUsers Sep 25 20:42:50 ssh2 sshd[96908]: Failed password for invalid user root from 52.175.204.16 port 56458 ssh2 Sep 25 20:42:50 ssh2 sshd[96908]: Disconnected from invalid user root 52.175.204.16 port 56458 [preauth] ...	2020-09-26 04:58:41
181.52.249.213	attackspam	(sshd) Failed SSH login from 181.52.249.213 (CO/Colombia/static-ip-181520249213.cable.net.co): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 25 16:27:44 server sshd[24243]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.52.249.213 user=root Sep 25 16:27:46 server sshd[24243]: Failed password for root from 181.52.249.213 port 59256 ssh2 Sep 25 16:35:35 server sshd[26277]: Invalid user tsbot from 181.52.249.213 port 57082 Sep 25 16:35:37 server sshd[26277]: Failed password for invalid user tsbot from 181.52.249.213 port 57082 ssh2 Sep 25 16:37:26 server sshd[26780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.52.249.213 user=root	2020-09-26 05:21:19
188.234.247.110	attack	$f2bV_matches	2020-09-26 05:00:33
45.129.33.149	attackbotsspam	Sep 25 18:06:18 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=45.129.33.149 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=46998 PROTO=TCP SPT=42702 DPT=5401 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 25 18:06:24 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=45.129.33.149 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=5576 PROTO=TCP SPT=42702 DPT=4937 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 25 18:06:35 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=45.129.33.149 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=7963 PROTO=TCP SPT=42702 DPT=5095 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 25 18:06:48 hidden kernel: [UFW BLOCK] IN=ens192 OUT= MAC=00:50:56:bc:13:b8:30:e4:db:97:3e:3f:08:00 SRC=45.129.33.149 DST=217.198.117.163 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=50562 PROTO=TCP SPT=42702 DPT=4832 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 25 18: ...	2020-09-26 05:16:37
52.249.177.216	attack	Brute-force attempt banned	2020-09-26 05:04:10
13.90.112.129	attack	$f2bV_matches	2020-09-26 05:07:44
106.56.86.187	attack	Brute force blocker - service: proftpd1 - aantal: 30 - Thu Sep 6 05:55:13 2018	2020-09-26 05:23:16
106.12.206.3	attackbotsspam	Sep 25 20:30:24 XXX sshd[24263]: Invalid user user1 from 106.12.206.3 port 55334	2020-09-26 05:31:52
194.180.224.103	attackspambots	2020-09-25T20:53:00.872156abusebot-4.cloudsearch.cf sshd[10259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.103 user=root 2020-09-25T20:53:03.425815abusebot-4.cloudsearch.cf sshd[10259]: Failed password for root from 194.180.224.103 port 55578 ssh2 2020-09-25T20:53:16.347910abusebot-4.cloudsearch.cf sshd[10262]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.103 user=root 2020-09-25T20:53:18.765871abusebot-4.cloudsearch.cf sshd[10262]: Failed password for root from 194.180.224.103 port 49952 ssh2 2020-09-25T20:53:32.528337abusebot-4.cloudsearch.cf sshd[10267]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.103 user=root 2020-09-25T20:53:34.474778abusebot-4.cloudsearch.cf sshd[10267]: Failed password for root from 194.180.224.103 port 44068 ssh2 2020-09-25T20:53:48.057479abusebot-4.cloudsearch.cf sshd[10269]: pam_unix(sshd: ...	2020-09-26 05:20:03
189.46.244.240	attackbots	Honeypot attack, port: 81, PTR: 189-46-244-240.dsl.telesp.net.br.	2020-09-26 05:10:47
157.230.220.179	attackbots	Sep 25 19:13:17 serwer sshd\[21464\]: Invalid user teamspeak from 157.230.220.179 port 53758 Sep 25 19:13:17 serwer sshd\[21464\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.220.179 Sep 25 19:13:18 serwer sshd\[21464\]: Failed password for invalid user teamspeak from 157.230.220.179 port 53758 ssh2 ...	2020-09-26 04:59:35
193.35.51.23	attackspambots	Sep 25 23:18:53 galaxy event: galaxy/lswi: smtp: fritz.wiesner@wi.uni-potsdam.de [193.35.51.23] authentication failure using internet password Sep 25 23:18:55 galaxy event: galaxy/lswi: smtp: fritz.wiesner [193.35.51.23] authentication failure using internet password Sep 25 23:24:06 galaxy event: galaxy/lswi: smtp: eric.krause@wi.uni-potsdam.de [193.35.51.23] authentication failure using internet password Sep 25 23:24:07 galaxy event: galaxy/lswi: smtp: eric.krause [193.35.51.23] authentication failure using internet password Sep 25 23:27:59 galaxy event: galaxy/lswi: smtp: fachtagung@wi.uni-potsdam.de [193.35.51.23] authentication failure using internet password ...	2020-09-26 05:35:55

Recently Reported IPs

236.1.86.6	24.3.250.87	104.168.99.199	95.225.240.53
45.141.56.215	70.147.200.46	214.47.27.108	101.195.143.5
170.26.48.50	222.82.55.62	220.108.72.211	15.76.237.35
218.203.206.137	218.3.189.113	211.237.28.249	149.105.128.161
183.81.79.213	151.184.175.132	106.174.208.190	208.90.75.248