1.214.151.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: LG Dacom Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 1.214.151.94 to port 3389 [T]	2020-01-30 08:08:36

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.214.151.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41785
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.214.151.94.			IN	A

;; AUTHORITY SECTION:
.			338	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012901 1800 900 604800 86400

;; Query time: 125 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 08:08:33 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 94.151.214.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.151.214.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.136.2.53	attack	leo_www	2020-09-27 17:45:00
112.85.42.172	attack	Sep 27 12:01:34 router sshd[8333]: Failed password for root from 112.85.42.172 port 28129 ssh2 Sep 27 12:01:38 router sshd[8333]: Failed password for root from 112.85.42.172 port 28129 ssh2 Sep 27 12:01:42 router sshd[8333]: Failed password for root from 112.85.42.172 port 28129 ssh2 Sep 27 12:01:47 router sshd[8333]: Failed password for root from 112.85.42.172 port 28129 ssh2 ...	2020-09-27 18:03:38
103.233.1.167	attack	miraniessen.de 103.233.1.167 [20/Sep/2020:16:15:11 +0200] "POST /wp-login.php HTTP/1.1" 200 6888 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" miraniessen.de 103.233.1.167 [20/Sep/2020:16:15:13 +0200] "POST /wp-login.php HTTP/1.1" 200 6880 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-27 18:00:39
221.148.207.22	attackspam	2020-09-27T16:42:59.472783hostname sshd[18092]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.148.207.22 user=root 2020-09-27T16:43:01.563098hostname sshd[18092]: Failed password for root from 221.148.207.22 port 52024 ssh2 ...	2020-09-27 17:54:10
68.183.68.148	attackspam	www.goldgier.de 68.183.68.148 [21/Sep/2020:16:27:30 +0200] "POST /wp-login.php HTTP/1.1" 200 8761 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.goldgier.de 68.183.68.148 [21/Sep/2020:16:27:30 +0200] "POST /wp-login.php HTTP/1.1" 200 8761 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-27 17:52:06
139.162.122.110	attackspam	Sep 27 11:17:03 nopemail auth.info sshd[32459]: Invalid user from 139.162.122.110 port 42198 ...	2020-09-27 18:11:02
117.50.106.150	attackspambots	Sep 27 11:42:01 haigwepa sshd[14466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.106.150 Sep 27 11:42:03 haigwepa sshd[14466]: Failed password for invalid user admin from 117.50.106.150 port 45688 ssh2 ...	2020-09-27 17:57:08
193.112.1.26	attackspam	Sep 27 10:20:23 host1 sshd[518167]: Invalid user oracle from 193.112.1.26 port 34804 Sep 27 10:20:24 host1 sshd[518167]: Failed password for invalid user oracle from 193.112.1.26 port 34804 ssh2 Sep 27 10:20:23 host1 sshd[518167]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.1.26 Sep 27 10:20:23 host1 sshd[518167]: Invalid user oracle from 193.112.1.26 port 34804 Sep 27 10:20:24 host1 sshd[518167]: Failed password for invalid user oracle from 193.112.1.26 port 34804 ssh2 ...	2020-09-27 18:17:33
117.69.154.3	attackspambots	Sep 27 00:41:52 srv01 postfix/smtpd\[28509\]: warning: unknown\[117.69.154.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 00:45:19 srv01 postfix/smtpd\[28509\]: warning: unknown\[117.69.154.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 00:48:45 srv01 postfix/smtpd\[10593\]: warning: unknown\[117.69.154.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 00:55:37 srv01 postfix/smtpd\[31881\]: warning: unknown\[117.69.154.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 27 00:59:03 srv01 postfix/smtpd\[13351\]: warning: unknown\[117.69.154.3\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-27 17:53:27
218.92.0.223	attackspam	Sep 27 13:01:23 dignus sshd[8262]: Failed password for root from 218.92.0.223 port 24509 ssh2 Sep 27 13:01:33 dignus sshd[8262]: error: maximum authentication attempts exceeded for root from 218.92.0.223 port 24509 ssh2 [preauth] Sep 27 13:01:37 dignus sshd[8285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.223 user=root Sep 27 13:01:38 dignus sshd[8285]: Failed password for root from 218.92.0.223 port 51695 ssh2 Sep 27 13:01:48 dignus sshd[8285]: Failed password for root from 218.92.0.223 port 51695 ssh2 ...	2020-09-27 18:02:52
5.182.211.238	attackspam	5.182.211.238 - - [27/Sep/2020:11:09:32 +0200] "GET /wp-login.php HTTP/1.1" 200 8796 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.182.211.238 - - [27/Sep/2020:11:09:33 +0200] "POST /wp-login.php HTTP/1.1" 200 9047 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.182.211.238 - - [27/Sep/2020:11:09:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-27 18:18:19
119.28.21.55	attackbots	Failed password for root from 119.28.21.55 port 57774 ssh2 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.21.55 Failed password for invalid user shun from 119.28.21.55 port 37370 ssh2	2020-09-27 18:06:20
106.12.151.250	attackbotsspam	DATE:2020-09-27 08:56:27, IP:106.12.151.250, PORT:ssh SSH brute force auth (docker-dc)	2020-09-27 18:14:03
218.92.0.172	attackbotsspam	Sep 27 09:33:15 game-panel sshd[9069]: Failed password for root from 218.92.0.172 port 32995 ssh2 Sep 27 09:33:18 game-panel sshd[9069]: Failed password for root from 218.92.0.172 port 32995 ssh2 Sep 27 09:33:22 game-panel sshd[9069]: Failed password for root from 218.92.0.172 port 32995 ssh2 Sep 27 09:33:25 game-panel sshd[9069]: Failed password for root from 218.92.0.172 port 32995 ssh2	2020-09-27 18:14:17
128.199.249.19	attack	Time: Sun Sep 27 03:25:20 2020 +0000 IP: 128.199.249.19 (SG/Singapore/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 27 02:59:26 activeserver sshd[13736]: Invalid user ubuntu from 128.199.249.19 port 49436 Sep 27 02:59:28 activeserver sshd[13736]: Failed password for invalid user ubuntu from 128.199.249.19 port 49436 ssh2 Sep 27 03:14:04 activeserver sshd[16144]: Invalid user laravel from 128.199.249.19 port 56566 Sep 27 03:14:07 activeserver sshd[16144]: Failed password for invalid user laravel from 128.199.249.19 port 56566 ssh2 Sep 27 03:25:15 activeserver sshd[11130]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.249.19 user=root	2020-09-27 17:41:04

Recently Reported IPs

182.105.200.26	180.118.186.110	178.32.49.200	165.132.178.140
125.121.116.209	123.179.128.204	123.163.21.237	121.206.28.82
119.185.232.175	119.166.107.127	116.116.142.193	116.115.211.143
115.237.77.108	115.95.174.83	110.181.121.177	114.106.136.228
116.250.190.178	113.64.166.118	87.24.53.115	113.7.235.31