106.245.167.138

Basic Info

City: Seoul

Region: Seoul

Country: South Korea

Internet Service Provider: LG Dacom Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-28 03:49:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.245.167.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51622
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;106.245.167.138.		IN	A

;; AUTHORITY SECTION:
.			419	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122701 1800 900 604800 86400

;; Query time: 126 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Dec 28 03:49:56 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 138.167.245.106.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 138.167.245.106.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
58.213.116.170	attack	Sep 12 10:35:00 ns382633 sshd\[23666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.116.170 user=root Sep 12 10:35:03 ns382633 sshd\[23666\]: Failed password for root from 58.213.116.170 port 40756 ssh2 Sep 12 10:41:55 ns382633 sshd\[25236\]: Invalid user kelly from 58.213.116.170 port 50234 Sep 12 10:41:55 ns382633 sshd\[25236\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.213.116.170 Sep 12 10:41:56 ns382633 sshd\[25236\]: Failed password for invalid user kelly from 58.213.116.170 port 50234 ssh2	2020-09-13 03:22:05
157.245.172.192	attackbotsspam	Invalid user admin from 157.245.172.192 port 40198	2020-09-13 03:20:45
185.123.164.54	attackspam	Sep 12 22:22:49 root sshd[12493]: Invalid user Leo from 185.123.164.54 ...	2020-09-13 03:27:46
178.128.208.180	attackbotsspam	Sep 12 22:39:05 gw1 sshd[14355]: Failed password for root from 178.128.208.180 port 37310 ssh2 Sep 12 22:42:21 gw1 sshd[14442]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.208.180 ...	2020-09-13 03:42:51
139.59.208.39	attackbotsspam	TCP (SYN) 139.59.208.39:49233 -> port 80, len 40	2020-09-13 03:49:55
183.250.89.179	attackspambots	TCP (SYN) 183.250.89.179:59592 -> port 4785, len 44	2020-09-13 03:36:27
142.93.172.45	attackspam	142.93.172.45 - - [12/Sep/2020:12:44:23 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.172.45 - - [12/Sep/2020:12:44:24 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.172.45 - - [12/Sep/2020:12:44:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-13 03:47:21
165.227.101.226	attackspam	Sep 12 20:01:06 haigwepa sshd[9788]: Failed password for root from 165.227.101.226 port 44732 ssh2 ...	2020-09-13 03:47:55
203.95.212.41	attackbotsspam	$f2bV_matches	2020-09-13 03:24:27
192.241.175.48	attackbots	Sep 12 19:14:47 jumpserver sshd[29221]: Failed password for invalid user weblogic from 192.241.175.48 port 37966 ssh2 Sep 12 19:19:12 jumpserver sshd[29369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.241.175.48 user=root Sep 12 19:19:14 jumpserver sshd[29369]: Failed password for root from 192.241.175.48 port 38784 ssh2 ...	2020-09-13 03:22:35
208.187.163.227	attackspambots	2020-09-11 11:39:13.597606-0500 localhost smtpd[48243]: NOQUEUE: reject: RCPT from unknown[208.187.163.227]: 554 5.7.1 Service unavailable; Client host [208.187.163.227] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=	2020-09-13 03:39:45
124.156.55.107	attackspambots	firewall-block, port(s): 88/udp	2020-09-13 03:51:44
123.22.174.218	attackbotsspam	Automatic report - Port Scan Attack	2020-09-13 03:26:04
101.230.193.62	attackspam	Sep 12 19:33:57 piServer sshd[26772]: Failed password for root from 101.230.193.62 port 39606 ssh2 Sep 12 19:35:25 piServer sshd[26947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.230.193.62 Sep 12 19:35:27 piServer sshd[26947]: Failed password for invalid user imultack from 101.230.193.62 port 33980 ssh2 ...	2020-09-13 03:41:22
91.219.239.62	attackspam	$f2bV_matches	2020-09-13 03:23:21

Recently Reported IPs

60.115.19.148	114.33.80.51	83.70.180.174	139.193.175.79
78.178.26.107	76.80.83.226	69.141.44.16	176.211.212.51
46.7.167.217	90.150.122.148	219.133.171.77	184.153.87.31
212.33.108.149	114.26.69.216	54.175.250.207	92.6.6.201
176.35.94.88	207.15.78.117	118.168.209.104	35.15.57.108