120.142.161.9 - IPInfo

Basic Info

City: Chinch'on

Region: North Chungcheong

Country: South Korea

Internet Service Provider: DLIVE

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Honeypot attack, port: 4567, PTR: PTR record not found	2020-02-21 05:09:24

Comments on same subnet:

IP	Type	Details	Datetime
120.142.161.81	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/120.142.161.81/ KR - 1H : (65) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : KR NAME ASN : ASN10036 IP : 120.142.161.81 CIDR : 120.142.160.0/21 PREFIX COUNT : 519 UNIQUE IP COUNT : 856064 WYKRYTE ATAKI Z ASN10036 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 2 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery	2019-09-17 01:01:29

Type

Details

Datetime

120.142.161.81

attackspam

IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/120.142.161.81/ 
 KR - 1H : (65)  
 Protection Against DDoS WordPress plugin :  
 "odzyskiwanie danych help-dysk" 
 IP Address Ranges by Country : KR 
 NAME ASN : ASN10036 
 
 IP : 120.142.161.81 
 
 CIDR : 120.142.160.0/21 
 
 PREFIX COUNT : 519 
 
 UNIQUE IP COUNT : 856064 
 
 
 WYKRYTE ATAKI Z ASN10036 :  
  1H - 1 
  3H - 1 
  6H - 1 
 12H - 1 
 24H - 2 
 
 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN  - data recovery

2019-09-17 01:01:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.142.161.9
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60721
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.142.161.9.			IN	A

;; AUTHORITY SECTION:
.			251	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022002 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 21 05:09:21 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 9.161.142.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 9.161.142.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.21.41.249	attack	Automatic report - Port Scan Attack	2020-10-09 16:34:25
86.61.66.59	attackspam	SSH login attempts.	2020-10-09 16:32:05
113.186.213.26	attack	20/10/8@16:44:48: FAIL: Alarm-Network address from=113.186.213.26 20/10/8@16:44:48: FAIL: Alarm-Network address from=113.186.213.26 ...	2020-10-09 17:02:01
46.35.19.18	attackbotsspam	Oct 9 06:59:21 mail sshd[11810]: Failed password for root from 46.35.19.18 port 41226 ssh2 ...	2020-10-09 16:29:06
66.37.110.238	attackbots	Unauthorized SSH login attempts	2020-10-09 16:48:17
23.99.130.19	attackbotsspam	Automatic report - XMLRPC Attack	2020-10-09 16:44:06
168.196.96.37	attackspam	Oct 9 10:40:20 ns382633 sshd\[28591\]: Invalid user vnc from 168.196.96.37 port 48646 Oct 9 10:40:20 ns382633 sshd\[28591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.96.37 Oct 9 10:40:21 ns382633 sshd\[28591\]: Failed password for invalid user vnc from 168.196.96.37 port 48646 ssh2 Oct 9 10:45:01 ns382633 sshd\[29227\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.196.96.37 user=root Oct 9 10:45:03 ns382633 sshd\[29227\]: Failed password for root from 168.196.96.37 port 57902 ssh2	2020-10-09 16:49:38
186.147.129.110	attackspambots	Bruteforce detected by fail2ban	2020-10-09 16:46:42
141.98.81.141	attackbots	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-10-09T08:01:18Z	2020-10-09 16:38:16
158.69.220.67	attackspambots	Oct 9 08:04:36 server sshd[32043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.67 user=root Oct 9 08:04:38 server sshd[32043]: Failed password for invalid user root from 158.69.220.67 port 50864 ssh2 Oct 9 08:09:49 server sshd[32565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.220.67 Oct 9 08:09:52 server sshd[32565]: Failed password for invalid user oracle from 158.69.220.67 port 33156 ssh2	2020-10-09 16:45:56
195.201.85.241	attack	Port Scan: TCP/80	2020-10-09 16:33:06
92.63.197.97	attack	TCP (SYN) 92.63.197.97:42030 -> port 5941, len 44	2020-10-09 16:43:09
79.170.185.190	attack	uvcm 79.170.185.190 [09/Oct/2020:03:40:15 "-" "GET /wp-login.php?redirect_to=https://www.rumah-desain-interior.com/blog/ 200 5710 79.170.185.190 [09/Oct/2020:03:40:48 "-" "GET /wp-login.php?redirect_to=https://www.rumah-desain-interior.com/blog/ 200 1850 79.170.185.190 [09/Oct/2020:03:40:50 "-" "GET /wp-login.php 200 1852	2020-10-09 16:36:36
184.168.46.190	attackbotsspam	"Restricted File Access Attempt - Matched Data: wp-config.php found within REQUEST_FILENAME: /wp-config.php.resetwp_bak"	2020-10-09 17:05:22
123.207.99.184	attack	Oct 9 08:49:48 ws26vmsma01 sshd[155034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.99.184 Oct 9 08:49:50 ws26vmsma01 sshd[155034]: Failed password for invalid user carol from 123.207.99.184 port 58057 ssh2 ...	2020-10-09 16:53:41

Recently Reported IPs

91.122.213.250	109.235.82.249	63.69.167.221	51.91.105.120
152.250.196.100	223.166.205.105	181.16.214.210	213.238.250.205
186.51.69.178	85.99.54.43	193.119.56.28	132.226.90.145
211.15.197.54	186.182.75.147	192.235.179.75	211.83.98.2
50.92.1.175	61.254.111.105	217.116.127.16	188.62.99.251