1.214.245.27 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: LG Dacom Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	(sshd) Failed SSH login from 1.214.245.27 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 13 18:02:03 jbs1 sshd[1818]: Invalid user seminar from 1.214.245.27 Oct 13 18:02:03 jbs1 sshd[1818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 Oct 13 18:02:06 jbs1 sshd[1818]: Failed password for invalid user seminar from 1.214.245.27 port 46804 ssh2 Oct 13 18:06:04 jbs1 sshd[3113]: Invalid user kim from 1.214.245.27 Oct 13 18:06:04 jbs1 sshd[3113]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27	2020-10-14 06:24:12
attackbotsspam	various type of attack	2020-10-14 01:52:01
attackspam	SSH login attempts.	2020-10-13 17:04:16
attackbots	Oct 12 08:40:50 Tower sshd[6971]: Connection from 1.214.245.27 port 46114 on 192.168.10.220 port 22 rdomain "" Oct 12 08:40:51 Tower sshd[6971]: Invalid user trac from 1.214.245.27 port 46114 Oct 12 08:40:51 Tower sshd[6971]: error: Could not get shadow information for NOUSER Oct 12 08:40:51 Tower sshd[6971]: Failed password for invalid user trac from 1.214.245.27 port 46114 ssh2 Oct 12 08:40:51 Tower sshd[6971]: Received disconnect from 1.214.245.27 port 46114:11: Bye Bye [preauth] Oct 12 08:40:51 Tower sshd[6971]: Disconnected from invalid user trac 1.214.245.27 port 46114 [preauth]	2020-10-12 20:44:31
attackspam	TCP (SYN) 1.214.245.27:50661 -> port 25647, len 44	2020-10-12 12:13:18
attack	Sep 26 20:06:16 scw-tender-jepsen sshd[31593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 Sep 26 20:06:18 scw-tender-jepsen sshd[31593]: Failed password for invalid user www from 1.214.245.27 port 35496 ssh2	2020-09-27 04:51:30
attackbots	$f2bV_matches	2020-09-26 21:03:18
attack	TCP (SYN) 1.214.245.27:42151 -> port 24647, len 44	2020-09-26 12:45:43
attack	2020-09-25T23:54:05.191107lavrinenko.info sshd[2198]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 2020-09-25T23:54:05.179818lavrinenko.info sshd[2198]: Invalid user dev from 1.214.245.27 port 40932 2020-09-25T23:54:07.667220lavrinenko.info sshd[2198]: Failed password for invalid user dev from 1.214.245.27 port 40932 ssh2 2020-09-25T23:58:14.744434lavrinenko.info sshd[2444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 user=root 2020-09-25T23:58:16.404625lavrinenko.info sshd[2444]: Failed password for root from 1.214.245.27 port 48866 ssh2 ...	2020-09-26 05:18:18
attackspam	Sep 25 05:37:16 host sshd[12310]: Invalid user sce from 1.214.245.27 port 34612 ...	2020-09-25 13:51:50
attackbotsspam	TCP ports : 4306 / 27142	2020-09-23 20:28:46
attack	2020-09-22T23:44:49.3336761495-001 sshd[12293]: Invalid user pi from 1.214.245.27 port 58178 2020-09-22T23:44:51.6934871495-001 sshd[12293]: Failed password for invalid user pi from 1.214.245.27 port 58178 ssh2 2020-09-22T23:47:05.2195591495-001 sshd[12440]: Invalid user bitcoin from 1.214.245.27 port 58858 2020-09-22T23:47:05.2224721495-001 sshd[12440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 2020-09-22T23:47:05.2195591495-001 sshd[12440]: Invalid user bitcoin from 1.214.245.27 port 58858 2020-09-22T23:47:07.2478741495-001 sshd[12440]: Failed password for invalid user bitcoin from 1.214.245.27 port 58858 ssh2 ...	2020-09-23 12:51:47
attack	2020-09-22T15:07:07.5406351495-001 sshd[49694]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 user=root 2020-09-22T15:07:09.2935121495-001 sshd[49694]: Failed password for root from 1.214.245.27 port 43078 ssh2 2020-09-22T15:10:51.6394271495-001 sshd[49873]: Invalid user local from 1.214.245.27 port 43174 2020-09-22T15:10:51.6423961495-001 sshd[49873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 2020-09-22T15:10:51.6394271495-001 sshd[49873]: Invalid user local from 1.214.245.27 port 43174 2020-09-22T15:10:53.8118811495-001 sshd[49873]: Failed password for invalid user local from 1.214.245.27 port 43174 ssh2 ...	2020-09-23 04:36:16
attack	Sep 19 17:37:41 ip-172-31-16-56 sshd\[4971\]: Invalid user test from 1.214.245.27\ Sep 19 17:37:43 ip-172-31-16-56 sshd\[4971\]: Failed password for invalid user test from 1.214.245.27 port 39890 ssh2\ Sep 19 17:42:12 ip-172-31-16-56 sshd\[5091\]: Failed password for root from 1.214.245.27 port 47504 ssh2\ Sep 19 17:46:32 ip-172-31-16-56 sshd\[5148\]: Invalid user admin from 1.214.245.27\ Sep 19 17:46:35 ip-172-31-16-56 sshd\[5148\]: Failed password for invalid user admin from 1.214.245.27 port 55136 ssh2\	2020-09-20 01:58:13
attack	Found on CINS-badguys / proto=6 . srcport=49788 . dstport=4306 . (372)	2020-09-19 17:49:56
attackspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-08-25 16:14:35
attackbotsspam	[SID2] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-08-23 04:07:20
attackbotsspam	Aug 13 22:04:46 rocket sshd[3580]: Failed password for root from 1.214.245.27 port 50306 ssh2 Aug 13 22:08:43 rocket sshd[4197]: Failed password for root from 1.214.245.27 port 50012 ssh2 ...	2020-08-14 05:21:48
attackbots	$f2bV_matches	2020-08-13 07:08:00
attackbots	ET CINS Active Threat Intelligence Poor Reputation IP group 1 - port: 1517 proto: tcp cat: Misc Attackbytes: 60	2020-07-31 17:12:34
attackspam	k+ssh-bruteforce	2020-07-28 20:53:02
attackbots	Jul 13 17:05:17 localhost sshd[91893]: Invalid user jsw from 1.214.245.27 port 44754 Jul 13 17:05:17 localhost sshd[91893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 Jul 13 17:05:17 localhost sshd[91893]: Invalid user jsw from 1.214.245.27 port 44754 Jul 13 17:05:20 localhost sshd[91893]: Failed password for invalid user jsw from 1.214.245.27 port 44754 ssh2 Jul 13 17:09:02 localhost sshd[92390]: Invalid user abs from 1.214.245.27 port 55404 ...	2020-07-14 01:16:24
attack	TCP (SYN) 1.214.245.27:58306 -> port 24798, len 44	2020-07-11 16:14:49
attackspambots	<6 unauthorized SSH connections	2020-07-10 19:05:27
attackbots	3. On Jun 29 2020 experienced a Brute Force SSH login attempt -> 3 unique times by 1.214.245.27.	2020-06-30 07:57:13
attackspam	Invalid user jenkins from 1.214.245.27 port 52916	2020-06-25 18:55:09
attack	Jun 20 00:57:13 server sshd[22346]: Failed password for root from 1.214.245.27 port 58596 ssh2 Jun 20 01:00:17 server sshd[23356]: Failed password for root from 1.214.245.27 port 45986 ssh2 Jun 20 01:03:23 server sshd[23511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 ...	2020-06-20 08:03:50
attackspam	Jun 14 21:10:01 XXXXXX sshd[58997]: Invalid user fuhao from 1.214.245.27 port 56660	2020-06-15 10:05:20
attack	Jun 10 07:55:23 pve1 sshd[22848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.214.245.27 Jun 10 07:55:25 pve1 sshd[22848]: Failed password for invalid user admin from 1.214.245.27 port 56472 ssh2 ...	2020-06-10 13:59:17
attackbotsspam	2. On Jun 5 2020 experienced a Brute Force SSH login attempt -> 55 unique times by 1.214.245.27.	2020-06-06 09:57:41

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.214.245.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6517
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.214.245.27.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122600 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 17:29:42 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 27.245.214.1.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 27.245.214.1.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.6.113	attackbots	Dec 21 09:53:55 mail sshd\[44119\]: Invalid user test from 106.13.6.113 Dec 21 09:53:55 mail sshd\[44119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.6.113 ...	2019-12-22 01:38:39
113.203.233.65	attackbots	Unauthorized connection attempt detected from IP address 113.203.233.65 to port 445	2019-12-22 01:55:19
222.186.30.59	attack	Dec 21 22:27:43 gw1 sshd[8854]: Failed password for root from 222.186.30.59 port 43536 ssh2 Dec 21 22:27:45 gw1 sshd[8854]: Failed password for root from 222.186.30.59 port 43536 ssh2 ...	2019-12-22 01:31:36
203.113.25.6	attackbotsspam	Dec 21 19:44:03 server2 sshd\[17774\]: Invalid user rot from 203.113.25.6 Dec 21 19:44:03 server2 sshd\[17773\]: Invalid user rot from 203.113.25.6 Dec 21 19:44:03 server2 sshd\[17772\]: Invalid user rot from 203.113.25.6 Dec 21 19:44:03 server2 sshd\[17775\]: Invalid user rot from 203.113.25.6 Dec 21 19:44:03 server2 sshd\[17776\]: Invalid user rot from 203.113.25.6 Dec 21 19:44:04 server2 sshd\[17782\]: Invalid user DUP from 203.113.25.6	2019-12-22 01:49:56
159.89.139.228	attack	Dec 21 07:24:26 eddieflores sshd\[21347\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.139.228 user=root Dec 21 07:24:27 eddieflores sshd\[21347\]: Failed password for root from 159.89.139.228 port 60968 ssh2 Dec 21 07:29:59 eddieflores sshd\[21890\]: Invalid user operator from 159.89.139.228 Dec 21 07:29:59 eddieflores sshd\[21890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.139.228 Dec 21 07:30:01 eddieflores sshd\[21890\]: Failed password for invalid user operator from 159.89.139.228 port 37002 ssh2	2019-12-22 01:42:44
202.131.126.142	attackbots	Dec 21 22:41:01 gw1 sshd[9572]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.126.142 Dec 21 22:41:03 gw1 sshd[9572]: Failed password for invalid user makinze from 202.131.126.142 port 52430 ssh2 ...	2019-12-22 01:41:51
192.248.21.148	attack	Dec 21 15:46:27 srv01 sshd[20553]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.248.21.148 user=backup Dec 21 15:46:29 srv01 sshd[20553]: Failed password for backup from 192.248.21.148 port 33348 ssh2 Dec 21 15:53:23 srv01 sshd[21022]: Invalid user test from 192.248.21.148 port 41970 Dec 21 15:53:23 srv01 sshd[21022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.248.21.148 Dec 21 15:53:23 srv01 sshd[21022]: Invalid user test from 192.248.21.148 port 41970 Dec 21 15:53:25 srv01 sshd[21022]: Failed password for invalid user test from 192.248.21.148 port 41970 ssh2 ...	2019-12-22 01:59:11
172.93.4.78	attack	Dec 21 18:11:05 DAAP sshd[12820]: Invalid user cun from 172.93.4.78 port 34198 Dec 21 18:11:05 DAAP sshd[12820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.93.4.78 Dec 21 18:11:05 DAAP sshd[12820]: Invalid user cun from 172.93.4.78 port 34198 Dec 21 18:11:07 DAAP sshd[12820]: Failed password for invalid user cun from 172.93.4.78 port 34198 ssh2 Dec 21 18:17:06 DAAP sshd[12903]: Invalid user www from 172.93.4.78 port 48880 ...	2019-12-22 01:30:09
218.59.129.110	attack	Dec 21 18:42:39 eventyay sshd[13548]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.59.129.110 Dec 21 18:42:42 eventyay sshd[13548]: Failed password for invalid user chium from 218.59.129.110 port 37720 ssh2 Dec 21 18:47:31 eventyay sshd[13639]: Failed password for root from 218.59.129.110 port 37741 ssh2 ...	2019-12-22 01:54:05
128.199.142.0	attackbots	$f2bV_matches	2019-12-22 02:04:57
149.202.218.8	attackbotsspam	Dec 21 12:23:33 TORMINT sshd\[2320\]: Invalid user izak from 149.202.218.8 Dec 21 12:23:33 TORMINT sshd\[2320\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.218.8 Dec 21 12:23:36 TORMINT sshd\[2320\]: Failed password for invalid user izak from 149.202.218.8 port 50500 ssh2 ...	2019-12-22 01:28:32
51.89.68.141	attackbotsspam	Dec 21 07:15:22 kapalua sshd\[23569\]: Invalid user vcsa from 51.89.68.141 Dec 21 07:15:23 kapalua sshd\[23569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip141.ip-51-89-68.eu Dec 21 07:15:25 kapalua sshd\[23569\]: Failed password for invalid user vcsa from 51.89.68.141 port 37810 ssh2 Dec 21 07:20:18 kapalua sshd\[24077\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip141.ip-51-89-68.eu user=root Dec 21 07:20:20 kapalua sshd\[24077\]: Failed password for root from 51.89.68.141 port 42400 ssh2	2019-12-22 01:44:43
139.59.7.76	attackspambots	Dec 21 10:44:49 ny01 sshd[30016]: Failed password for root from 139.59.7.76 port 41744 ssh2 Dec 21 10:51:18 ny01 sshd[30650]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.7.76 Dec 21 10:51:21 ny01 sshd[30650]: Failed password for invalid user cc from 139.59.7.76 port 46904 ssh2	2019-12-22 01:34:25
147.83.192.152	attackbotsspam	Dec 21 15:37:15 localhost sshd\[122071\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.83.192.152 user=root Dec 21 15:37:16 localhost sshd\[122071\]: Failed password for root from 147.83.192.152 port 49960 ssh2 Dec 21 15:43:36 localhost sshd\[122277\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=147.83.192.152 user=root Dec 21 15:43:38 localhost sshd\[122277\]: Failed password for root from 147.83.192.152 port 57462 ssh2 Dec 21 15:49:55 localhost sshd\[122473\]: Invalid user gdm from 147.83.192.152 port 36724 ...	2019-12-22 02:00:47
217.182.79.118	attackspambots	detected by Fail2Ban	2019-12-22 01:32:58

Recently Reported IPs

126.47.72.193	178.33.34.78	11.203.239.136	219.193.142.42
255.174.160.76	52.42.3.207	4.115.46.85	65.103.23.221
102.113.40.163	83.239.175.154	183.83.66.156	74.124.183.198
144.58.52.103	113.136.247.233	14.226.47.73	30.209.147.52
114.40.178.240	14.252.22.126	111.95.141.34	106.13.180.245