114.202.139.173

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: SK Broadband Co Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	(sshd) Failed SSH login from 114.202.139.173 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 09:00:51 server2 sshd[20244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 user=named Sep 16 09:00:53 server2 sshd[20244]: Failed password for named from 114.202.139.173 port 41530 ssh2 Sep 16 09:02:36 server2 sshd[22066]: Invalid user asterisk from 114.202.139.173 Sep 16 09:02:36 server2 sshd[22066]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Sep 16 09:02:38 server2 sshd[22066]: Failed password for invalid user asterisk from 114.202.139.173 port 57848 ssh2	2020-09-16 23:00:15
attackspam	Sep 15 18:56:18 ny01 sshd[4744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Sep 15 18:56:20 ny01 sshd[4744]: Failed password for invalid user qttbc from 114.202.139.173 port 37596 ssh2 Sep 15 19:01:06 ny01 sshd[5609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173	2020-09-16 07:18:14
attackbotsspam	Aug 11 06:37:49 piServer sshd[5530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Aug 11 06:37:52 piServer sshd[5530]: Failed password for invalid user m9ff from 114.202.139.173 port 58780 ssh2 Aug 11 06:43:05 piServer sshd[6122]: Failed password for root from 114.202.139.173 port 51792 ssh2 ...	2020-08-11 13:27:14
attackspambots	Jul 26 07:10:04 journals sshd\[20408\]: Invalid user git from 114.202.139.173 Jul 26 07:10:04 journals sshd\[20408\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Jul 26 07:10:06 journals sshd\[20408\]: Failed password for invalid user git from 114.202.139.173 port 53480 ssh2 Jul 26 07:12:31 journals sshd\[20697\]: Invalid user beth from 114.202.139.173 Jul 26 07:12:31 journals sshd\[20697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 ...	2020-07-26 12:19:30
attackbots	Jul 20 04:55:03 gospond sshd[32464]: Invalid user manager from 114.202.139.173 port 58698 ...	2020-07-20 14:31:35
attackbots	Jul 14 13:31:00 php1 sshd\[24419\]: Invalid user web from 114.202.139.173 Jul 14 13:31:00 php1 sshd\[24419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Jul 14 13:31:02 php1 sshd\[24419\]: Failed password for invalid user web from 114.202.139.173 port 36722 ssh2 Jul 14 13:33:13 php1 sshd\[24606\]: Invalid user mo from 114.202.139.173 Jul 14 13:33:13 php1 sshd\[24606\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173	2020-07-15 09:46:44
attack	Jul 9 15:23:06 pkdns2 sshd\[16636\]: Invalid user couchdb from 114.202.139.173Jul 9 15:23:08 pkdns2 sshd\[16636\]: Failed password for invalid user couchdb from 114.202.139.173 port 58802 ssh2Jul 9 15:23:42 pkdns2 sshd\[16641\]: Invalid user userftp from 114.202.139.173Jul 9 15:23:44 pkdns2 sshd\[16641\]: Failed password for invalid user userftp from 114.202.139.173 port 36130 ssh2Jul 9 15:24:18 pkdns2 sshd\[16671\]: Invalid user cadence from 114.202.139.173Jul 9 15:24:21 pkdns2 sshd\[16671\]: Failed password for invalid user cadence from 114.202.139.173 port 41708 ssh2 ...	2020-07-09 22:56:25
attack	Invalid user college from 114.202.139.173 port 49846	2020-06-14 13:27:48
attack	May 26 18:51:21 cdc sshd[27376]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 May 26 18:51:23 cdc sshd[27376]: Failed password for invalid user ggutierrez from 114.202.139.173 port 33200 ssh2	2020-05-27 06:38:18
attackbotsspam	May 22 22:13:46 rotator sshd\[15904\]: Invalid user ytb from 114.202.139.173May 22 22:13:49 rotator sshd\[15904\]: Failed password for invalid user ytb from 114.202.139.173 port 36268 ssh2May 22 22:16:34 rotator sshd\[16660\]: Invalid user hvg from 114.202.139.173May 22 22:16:36 rotator sshd\[16660\]: Failed password for invalid user hvg from 114.202.139.173 port 35840 ssh2May 22 22:19:29 rotator sshd\[16676\]: Invalid user xtr from 114.202.139.173May 22 22:19:31 rotator sshd\[16676\]: Failed password for invalid user xtr from 114.202.139.173 port 35444 ssh2 ...	2020-05-23 04:36:32
attack	May 15 01:58:58 NPSTNNYC01T sshd[22456]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 May 15 01:59:00 NPSTNNYC01T sshd[22456]: Failed password for invalid user office from 114.202.139.173 port 49544 ssh2 May 15 02:01:47 NPSTNNYC01T sshd[22801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 ...	2020-05-15 14:22:26
attackbotsspam	$f2bV_matches	2020-05-01 17:10:04
attackbotsspam	2020-04-30T05:05:26.698023shield sshd\[32445\]: Invalid user look from 114.202.139.173 port 36312 2020-04-30T05:05:26.702668shield sshd\[32445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 2020-04-30T05:05:29.007966shield sshd\[32445\]: Failed password for invalid user look from 114.202.139.173 port 36312 ssh2 2020-04-30T05:07:47.063216shield sshd\[350\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 user=root 2020-04-30T05:07:49.062728shield sshd\[350\]: Failed password for root from 114.202.139.173 port 58152 ssh2	2020-04-30 17:25:11
attackspam	Apr 27 14:46:00 srv-ubuntu-dev3 sshd[125029]: Invalid user eth from 114.202.139.173 Apr 27 14:46:00 srv-ubuntu-dev3 sshd[125029]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Apr 27 14:46:00 srv-ubuntu-dev3 sshd[125029]: Invalid user eth from 114.202.139.173 Apr 27 14:46:02 srv-ubuntu-dev3 sshd[125029]: Failed password for invalid user eth from 114.202.139.173 port 52490 ssh2 Apr 27 14:49:43 srv-ubuntu-dev3 sshd[126436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 user=root Apr 27 14:49:45 srv-ubuntu-dev3 sshd[126436]: Failed password for root from 114.202.139.173 port 60494 ssh2 Apr 27 14:54:08 srv-ubuntu-dev3 sshd[127159]: Invalid user 126 from 114.202.139.173 Apr 27 14:54:08 srv-ubuntu-dev3 sshd[127159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Apr 27 14:54:08 srv-ubuntu-dev3 sshd[127159]: Invalid user ...	2020-04-27 23:18:33
attackbots	Invalid user up from 114.202.139.173 port 42050	2020-04-21 20:55:54
attack	Feb 29 06:42:57 MK-Soft-Root1 sshd[4738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Feb 29 06:42:58 MK-Soft-Root1 sshd[4738]: Failed password for invalid user Michelle from 114.202.139.173 port 59340 ssh2 ...	2020-02-29 16:39:17
attack	Feb 9 04:59:43 firewall sshd[5116]: Invalid user vpn from 114.202.139.173 Feb 9 04:59:45 firewall sshd[5116]: Failed password for invalid user vpn from 114.202.139.173 port 38888 ssh2 Feb 9 05:02:54 firewall sshd[5238]: Invalid user fsq from 114.202.139.173 ...	2020-02-09 21:09:32
attack	Unauthorized connection attempt detected from IP address 114.202.139.173 to port 2220 [J]	2020-01-29 14:03:42
attack	Jan 27 06:01:45 [host] sshd[7465]: Invalid user deploy from 114.202.139.173 Jan 27 06:01:45 [host] sshd[7465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Jan 27 06:01:47 [host] sshd[7465]: Failed password for invalid user deploy from 114.202.139.173 port 38428 ssh2	2020-01-27 13:24:32
attackbots	Unauthorized connection attempt detected from IP address 114.202.139.173 to port 2220 [J]	2020-01-25 15:24:08
attack	Unauthorized connection attempt detected from IP address 114.202.139.173 to port 2220 [J]	2020-01-06 07:43:38
attackspam	$f2bV_matches	2020-01-04 14:27:20
attack	ssh failed login	2019-12-31 16:45:13
attackspambots	Dec 18 07:14:06 localhost sshd[51345]: Failed password for invalid user server from 114.202.139.173 port 41490 ssh2 Dec 18 07:28:10 localhost sshd[51707]: User smmsp from 114.202.139.173 not allowed because not listed in AllowUsers Dec 18 07:28:11 localhost sshd[51707]: Failed password for invalid user smmsp from 114.202.139.173 port 40516 ssh2	2019-12-18 17:37:52
attackspambots	Dec 14 14:52:39 ns381471 sshd[1337]: Failed password for root from 114.202.139.173 port 56230 ssh2	2019-12-14 22:37:03
attackspam	Dec 4 01:34:43 php1 sshd\[22752\]: Invalid user host from 114.202.139.173 Dec 4 01:34:43 php1 sshd\[22752\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 Dec 4 01:34:44 php1 sshd\[22752\]: Failed password for invalid user host from 114.202.139.173 port 44900 ssh2 Dec 4 01:42:10 php1 sshd\[23710\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.202.139.173 user=root Dec 4 01:42:12 php1 sshd\[23710\]: Failed password for root from 114.202.139.173 port 57632 ssh2	2019-12-04 20:04:57
attack	Repeated brute force against a port	2019-11-14 21:04:15
attackspambots	Unauthorized SSH login attempts	2019-11-14 05:20:28
attackbotsspam	Tried sshing with brute force.	2019-11-13 15:58:49
attackbotsspam	SSH brutforce	2019-11-05 05:56:18

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.202.139.173
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50143
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.202.139.173.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082000 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 20 14:15:30 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 173.139.202.114.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 173.139.202.114.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.49.213	attackbots	2020-04-11T04:12:57.924601shield sshd\[11514\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.49.213 user=root 2020-04-11T04:12:59.840031shield sshd\[11514\]: Failed password for root from 106.13.49.213 port 50002 ssh2 2020-04-11T04:17:15.636195shield sshd\[11986\]: Invalid user ben from 106.13.49.213 port 52898 2020-04-11T04:17:15.638828shield sshd\[11986\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.49.213 2020-04-11T04:17:17.639484shield sshd\[11986\]: Failed password for invalid user ben from 106.13.49.213 port 52898 ssh2	2020-04-11 13:43:02
115.198.139.152	attackbots	115.198.139.152 - - \[11/Apr/2020:07:39:23 +0200\] "GET http://api.gxout.com/proxy/check.aspx HTTP/1.1" 400 666 "http://api.gxout.com/proxy/check.aspx" "Mozilla/4.0 $compatible\; MSIE 6.0\; Windows NT 5.1$" ...	2020-04-11 13:49:00
116.196.89.78	attackspam	Apr 11 05:51:20 markkoudstaal sshd[22789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.89.78 Apr 11 05:51:22 markkoudstaal sshd[22789]: Failed password for invalid user sara from 116.196.89.78 port 59902 ssh2 Apr 11 05:54:26 markkoudstaal sshd[23282]: Failed password for root from 116.196.89.78 port 41248 ssh2	2020-04-11 13:53:50
223.197.151.55	attack	$f2bV_matches	2020-04-11 14:23:01
92.63.194.91	attackspam	Apr 10 19:28:46 hanapaa sshd\[1234\]: Invalid user admin from 92.63.194.91 Apr 10 19:28:46 hanapaa sshd\[1234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.91 Apr 10 19:28:48 hanapaa sshd\[1234\]: Failed password for invalid user admin from 92.63.194.91 port 35545 ssh2 Apr 10 19:29:04 hanapaa sshd\[1267\]: Invalid user test from 92.63.194.91 Apr 10 19:29:04 hanapaa sshd\[1267\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.91	2020-04-11 13:40:41
132.148.28.20	attack	WordPress wp-login brute force :: 132.148.28.20 0.092 BYPASS [11/Apr/2020:03:53:46 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-11 14:25:26
185.234.218.222	attack	Apr 10 11:16:36 mail postfix/smtpd[9782]: warning: unknown[185.234.218.222]: SASL LOGIN authentication failed: authentication failure Apr 10 11:16:36 mail postfix/smtpd[9782]: warning: unknown[185.234.218.222]: SASL LOGIN authentication failed: authentication failure Apr 10 11:38:13 mail postfix/smtpd[10211]: warning: unknown[185.234.218.222]: SASL LOGIN authentication failed: authentication failure Apr 10 11:38:13 mail postfix/smtpd[10211]: warning: unknown[185.234.218.222]: SASL LOGIN authentication failed: authentication failure	2020-04-11 13:51:00
39.104.138.246	attack	39.104.138.246 - - [11/Apr/2020:05:54:33 +0200] "GET /wp-login.php HTTP/1.1" 200 5879 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.104.138.246 - - [11/Apr/2020:05:54:36 +0200] "POST /wp-login.php HTTP/1.1" 200 6778 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 39.104.138.246 - - [11/Apr/2020:05:54:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-04-11 13:42:42
51.77.151.175	attackbots	Apr 11 07:54:30 minden010 sshd[18491]: Failed password for root from 51.77.151.175 port 50614 ssh2 Apr 11 07:57:13 minden010 sshd[19414]: Failed password for root from 51.77.151.175 port 42708 ssh2 Apr 11 08:00:02 minden010 sshd[20053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.151.175 ...	2020-04-11 14:09:15
222.186.169.192	attack	Apr 11 07:59:10 vps sshd[857993]: Failed password for root from 222.186.169.192 port 34112 ssh2 Apr 11 07:59:13 vps sshd[857993]: Failed password for root from 222.186.169.192 port 34112 ssh2 Apr 11 07:59:16 vps sshd[857993]: Failed password for root from 222.186.169.192 port 34112 ssh2 Apr 11 07:59:20 vps sshd[857993]: Failed password for root from 222.186.169.192 port 34112 ssh2 Apr 11 07:59:24 vps sshd[857993]: Failed password for root from 222.186.169.192 port 34112 ssh2 ...	2020-04-11 14:03:54
222.186.180.142	attackbots	Apr 11 07:38:56 * sshd[25568]: Failed password for root from 222.186.180.142 port 11684 ssh2 Apr 11 07:38:58 * sshd[25568]: Failed password for root from 222.186.180.142 port 11684 ssh2	2020-04-11 13:43:33
222.186.175.151	attackbots	$f2bV_matches	2020-04-11 13:49:49
95.110.248.243	attackbots	Apr 11 07:40:21 vps647732 sshd[32223]: Failed password for root from 95.110.248.243 port 59247 ssh2 ...	2020-04-11 14:06:00
120.210.134.49	attackbotsspam	DATE:2020-04-11 05:54:10, IP:120.210.134.49, PORT:ssh SSH brute force auth (docker-dc)	2020-04-11 14:07:20
211.35.76.241	attackbotsspam	SSH Login Bruteforce	2020-04-11 14:25:49

Recently Reported IPs

93.39.112.252	46.166.171.186	114.231.12.242	199.71.228.57
180.122.242.62	81.169.171.57	123.128.77.42	194.226.222.166
27.124.11.135	35.199.99.19	165.22.20.80	79.187.150.54
49.67.111.147	182.253.14.6	171.38.221.16	165.22.58.37
114.232.193.248	187.94.112.146	61.135.216.66	23.225.166.80