1.214.214.170 - IPInfo

Basic Info

City: Gangbuk-gu

Region: Seoul

Country: South Korea

Internet Service Provider: LG Dacom Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH Scan	2020-01-31 15:48:32
attackspambots	Unauthorized connection attempt detected from IP address 1.214.214.170 to port 80 [J]	2020-01-26 01:08:56
attack	Unauthorized connection attempt detected from IP address 1.214.214.170 to port 80	2020-01-04 08:16:13
attackbots	Unauthorized connection attempt detected from IP address 1.214.214.170 to port 80	2019-12-31 03:49:52

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.214.214.170
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7121
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.214.214.170.			IN	A

;; AUTHORITY SECTION:
.			562	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123001 1800 900 604800 86400

;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 03:49:50 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 170.214.214.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 170.214.214.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.149.99.199	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 18-10-2019 04:45:22.	2019-10-18 18:31:58
159.65.180.64	attack	Automatic report - Banned IP Access	2019-10-18 18:10:17
118.27.16.153	attack	Oct 17 17:41:15 hanapaa sshd\[1221\]: Invalid user zmss from 118.27.16.153 Oct 17 17:41:15 hanapaa sshd\[1221\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v118-27-16-153.985k.static.cnode.io Oct 17 17:41:16 hanapaa sshd\[1221\]: Failed password for invalid user zmss from 118.27.16.153 port 46346 ssh2 Oct 17 17:45:31 hanapaa sshd\[1567\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v118-27-16-153.985k.static.cnode.io user=root Oct 17 17:45:33 hanapaa sshd\[1567\]: Failed password for root from 118.27.16.153 port 57340 ssh2	2019-10-18 18:20:54
201.174.46.234	attack	Invalid user nagios from 201.174.46.234 port 21479	2019-10-18 18:26:05
79.137.35.70	attackspambots	2019-10-18 08:32:50,706 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 79.137.35.70 2019-10-18 09:02:59,894 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 79.137.35.70 2019-10-18 09:36:51,013 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 79.137.35.70 2019-10-18 10:10:59,871 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 79.137.35.70 2019-10-18 10:45:21,256 fail2ban.actions \[1778\]: NOTICE \[sshd\] Ban 79.137.35.70 ...	2019-10-18 18:08:12
80.211.129.34	attackspambots	Oct 18 08:55:07 MK-Soft-VM4 sshd[4634]: Failed password for root from 80.211.129.34 port 40682 ssh2 ...	2019-10-18 18:31:37
171.119.184.17	attackspam	Unauthorised access (Oct 18) SRC=171.119.184.17 LEN=40 TTL=49 ID=53348 TCP DPT=8080 WINDOW=25669 SYN Unauthorised access (Oct 17) SRC=171.119.184.17 LEN=40 TTL=49 ID=40633 TCP DPT=8080 WINDOW=25669 SYN Unauthorised access (Oct 16) SRC=171.119.184.17 LEN=40 TTL=49 ID=62491 TCP DPT=8080 WINDOW=46056 SYN Unauthorised access (Oct 15) SRC=171.119.184.17 LEN=40 TTL=49 ID=3643 TCP DPT=8080 WINDOW=25669 SYN Unauthorised access (Oct 15) SRC=171.119.184.17 LEN=40 TTL=49 ID=45878 TCP DPT=8080 WINDOW=25669 SYN	2019-10-18 17:56:20
222.91.151.24	attackspambots	$f2bV_matches	2019-10-18 17:54:38
201.16.246.71	attackbots	Oct 18 00:18:57 Tower sshd[38943]: Connection from 201.16.246.71 port 57764 on 192.168.10.220 port 22 Oct 18 00:18:58 Tower sshd[38943]: Failed password for root from 201.16.246.71 port 57764 ssh2 Oct 18 00:18:58 Tower sshd[38943]: Received disconnect from 201.16.246.71 port 57764:11: Bye Bye [preauth] Oct 18 00:18:58 Tower sshd[38943]: Disconnected from authenticating user root 201.16.246.71 port 57764 [preauth]	2019-10-18 17:53:59
188.80.34.22	attackspam	Automatic report - Port Scan Attack	2019-10-18 18:23:48
202.152.1.67	attackbotsspam	Unauthorized SSH login attempts	2019-10-18 18:30:12
218.87.168.175	attackbots	Telnetd brute force attack detected by fail2ban	2019-10-18 18:15:11
103.76.252.6	attackbots	Invalid user cuigj from 103.76.252.6 port 18146	2019-10-18 18:14:40
138.197.36.189	attackbots	SSH Brute-Force reported by Fail2Ban	2019-10-18 18:18:25
220.142.51.136	attack	Unauthorised access (Oct 18) SRC=220.142.51.136 LEN=40 PREC=0x20 TTL=51 ID=15306 TCP DPT=23 WINDOW=34725 SYN	2019-10-18 17:52:31

Recently Reported IPs

54.71.137.191	187.71.35.42	95.192.247.104	70.240.2.201
90.165.119.249	144.207.78.133	218.158.124.236	42.117.20.183
24.16.150.253	52.139.122.25	79.166.215.9	131.225.127.89
184.207.175.147	211.197.11.17	42.117.20.180	116.227.108.207
113.135.3.140	151.32.162.200	183.217.84.232	213.66.218.157