1.214.241.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: LG Dacom Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 1.214.241.18 to port 22	2020-01-01 21:43:34
attackbotsspam	Dec 25 22:15:08 lnxweb61 sshd[18080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18 Dec 25 22:15:08 lnxweb61 sshd[18080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18	2019-12-26 05:46:59
attackspambots	Nov 25 09:34:43 markkoudstaal sshd[4651]: Failed password for root from 1.214.241.18 port 43304 ssh2 Nov 25 09:42:15 markkoudstaal sshd[5333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18 Nov 25 09:42:17 markkoudstaal sshd[5333]: Failed password for invalid user misha from 1.214.241.18 port 51090 ssh2	2019-11-25 16:54:50
attack	Nov 25 06:35:51 markkoudstaal sshd[21933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18 Nov 25 06:35:52 markkoudstaal sshd[21933]: Failed password for invalid user tsbot from 1.214.241.18 port 53816 ssh2 Nov 25 06:43:20 markkoudstaal sshd[22789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18	2019-11-25 13:47:37
attack	Nov 24 14:45:58 web8 sshd\[31277\]: Invalid user webadmin from 1.214.241.18 Nov 24 14:45:58 web8 sshd\[31277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18 Nov 24 14:46:00 web8 sshd\[31277\]: Failed password for invalid user webadmin from 1.214.241.18 port 57678 ssh2 Nov 24 14:55:18 web8 sshd\[3804\]: Invalid user ident from 1.214.241.18 Nov 24 14:55:18 web8 sshd\[3804\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18	2019-11-25 00:10:02
attackspam	Nov 22 07:31:03 web8 sshd\[4934\]: Invalid user !! from 1.214.241.18 Nov 22 07:31:03 web8 sshd\[4934\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18 Nov 22 07:31:05 web8 sshd\[4934\]: Failed password for invalid user !! from 1.214.241.18 port 36296 ssh2 Nov 22 07:35:38 web8 sshd\[7057\]: Invalid user hamlet from 1.214.241.18 Nov 22 07:35:38 web8 sshd\[7057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18	2019-11-22 15:44:23
attack	Nov 9 01:21:16 vps647732 sshd[8264]: Failed password for root from 1.214.241.18 port 60700 ssh2 Nov 9 01:25:48 vps647732 sshd[8313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.241.18 ...	2019-11-09 08:35:14
attackspambots	Automatic report - Banned IP Access	2019-10-30 12:03:52

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.214.241.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61817
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.214.241.18.			IN	A

;; AUTHORITY SECTION:
.			488	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102901 1800 900 604800 86400

;; Query time: 115 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 30 12:03:49 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 18.241.214.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 18.241.214.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
167.71.4.98	attackspambots	23/tcp [2019-06-22]1pkt	2019-06-23 15:26:01
118.24.121.240	attackbotsspam	Jun 23 00:05:34 ip-172-31-1-72 sshd\[29774\]: Invalid user bronze from 118.24.121.240 Jun 23 00:05:34 ip-172-31-1-72 sshd\[29774\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.121.240 Jun 23 00:05:36 ip-172-31-1-72 sshd\[29774\]: Failed password for invalid user bronze from 118.24.121.240 port 23884 ssh2 Jun 23 00:09:35 ip-172-31-1-72 sshd\[29952\]: Invalid user kristine from 118.24.121.240 Jun 23 00:09:35 ip-172-31-1-72 sshd\[29952\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.121.240	2019-06-23 16:00:15
84.241.0.8	attack	firewall-block, port(s): 3389/tcp	2019-06-23 15:39:03
46.101.115.65	attackspambots	ft-1848-basketball.de 46.101.115.65 \[23/Jun/2019:02:09:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 2171 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ft-1848-basketball.de 46.101.115.65 \[23/Jun/2019:02:09:21 +0200\] "POST /wp-login.php HTTP/1.1" 200 2143 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-06-23 16:14:41
180.124.66.45	attackbotsspam	Jun 22 20:09:03 localhost kernel: [12492736.387138] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.124.66.45 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=18155 DF PROTO=TCP SPT=53179 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0 Jun 22 20:09:03 localhost kernel: [12492736.387160] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.124.66.45 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=18155 DF PROTO=TCP SPT=53179 DPT=4899 SEQ=1132662806 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405A00103030801010402) Jun 22 20:09:06 localhost kernel: [12492739.379611] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.124.66.45 DST=[mungedIP2] LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=18462 DF PROTO=TCP SPT=53179 DPT=4899 WINDOW=8192 RES=0x00 SYN URGP=0 Jun 22 20:09:06 localhost kernel: [12492739.379638] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:aa:c1:08:00 SRC=180.124.6	2019-06-23 16:22:19
220.134.138.111	attackspam	SSH Brute Force	2019-06-23 16:22:55
193.112.251.73	attackbotsspam	Automatic report - Web App Attack	2019-06-23 15:39:41
171.13.14.40	attackbotsspam	¯\_(ツ)_/¯	2019-06-23 16:15:04
205.204.85.29	attackbots	Jun 23 03:38:55 atlassian sshd[22674]: Invalid user helpdesk from 205.204.85.29 port 45888 Jun 23 03:38:56 atlassian sshd[22674]: Failed password for invalid user helpdesk from 205.204.85.29 port 45888 ssh2 Jun 23 03:38:55 atlassian sshd[22674]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.204.85.29 Jun 23 03:38:55 atlassian sshd[22674]: Invalid user helpdesk from 205.204.85.29 port 45888 Jun 23 03:38:56 atlassian sshd[22674]: Failed password for invalid user helpdesk from 205.204.85.29 port 45888 ssh2	2019-06-23 15:27:17
157.122.116.160	attackspambots	SSH-BRUTEFORCE	2019-06-23 15:58:34
27.126.222.178	attackbots	27.126.222.178 - - \[23/Jun/2019:08:40:59 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 27.126.222.178 - - \[23/Jun/2019:08:41:00 +0200\] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 27.126.222.178 - - \[23/Jun/2019:08:41:01 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 27.126.222.178 - - \[23/Jun/2019:08:41:01 +0200\] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 27.126.222.178 - - \[23/Jun/2019:08:41:02 +0200\] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 27.126.222.178 - - \[23/Jun/2019:08:41:03 +0200\] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:6	2019-06-23 16:05:31
148.63.18.12	attack	Unauthorised access (Jun 23) SRC=148.63.18.12 LEN=40 TTL=53 ID=60717 TCP DPT=8080 WINDOW=19986 SYN	2019-06-23 15:59:05
177.130.139.235	attackspambots	SMTP-sasl brute force ...	2019-06-23 15:55:04
79.137.87.44	attackbots	Jun 23 00:05:29 ip-172-31-1-72 sshd\[29772\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.87.44 user=root Jun 23 00:05:31 ip-172-31-1-72 sshd\[29772\]: Failed password for root from 79.137.87.44 port 50721 ssh2 Jun 23 00:09:14 ip-172-31-1-72 sshd\[29925\]: Invalid user history from 79.137.87.44 Jun 23 00:09:14 ip-172-31-1-72 sshd\[29925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.137.87.44 Jun 23 00:09:16 ip-172-31-1-72 sshd\[29925\]: Failed password for invalid user history from 79.137.87.44 port 42015 ssh2	2019-06-23 16:11:35
58.144.150.233	attackspambots	Reported by AbuseIPDB proxy server.	2019-06-23 16:16:40

Recently Reported IPs

239.202.217.116	191.32.59.119	130.92.99.193	28.0.96.103
221.82.109.78	230.90.36.1	16.170.75.120	135.105.176.218
104.206.200.107	119.73.11.199	87.133.55.74	158.91.156.69
102.154.138.8	222.2.244.105	45.150.94.135	224.106.106.117
93.87.2.102	33.93.183.161	48.235.116.96	168.242.37.132