210.100.142.172

Basic Info

City: unknown

Region: unknown

Country: Korea Republic of

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt detected from IP address 210.100.142.172 to port 23	2020-06-22 08:18:10
attack	Unauthorized connection attempt detected from IP address 210.100.142.172 to port 23 [T]	2020-05-30 03:23:18
attackbots	May 27 05:56:50 debian-2gb-nbg1-2 kernel: \[12810606.675952\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=210.100.142.172 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=7546 PROTO=TCP SPT=10847 DPT=23 WINDOW=17983 RES=0x00 SYN URGP=0	2020-05-27 13:09:27
attackspam	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-13 02:13:10
attackspam	Unauthorized connection attempt detected from IP address 210.100.142.172 to port 23 [J]	2020-02-04 17:08:13
attack	Unauthorized connection attempt detected from IP address 210.100.142.172 to port 23 [J]	2020-01-18 14:12:39
attackbots	Unauthorized connection attempt detected from IP address 210.100.142.172 to port 23	2019-12-29 01:17:49
attackspam	Automatic report - Port Scan	2019-10-13 23:03:47

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 210.100.142.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27517
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;210.100.142.172.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019060101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jun 02 06:48:38 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 172.142.100.210.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 172.142.100.210.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.241.21.82	attack	Sep 8 21:24:19 tdfoods sshd\[10903\]: Invalid user user02 from 173.241.21.82 Sep 8 21:24:19 tdfoods sshd\[10903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.241.21.82 Sep 8 21:24:21 tdfoods sshd\[10903\]: Failed password for invalid user user02 from 173.241.21.82 port 36662 ssh2 Sep 8 21:30:08 tdfoods sshd\[11474\]: Invalid user admin from 173.241.21.82 Sep 8 21:30:08 tdfoods sshd\[11474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.241.21.82	2019-09-09 15:33:29
177.220.210.2	attackspam	Sep 9 03:26:46 xtremcommunity sshd\[125514\]: Invalid user test1 from 177.220.210.2 port 65082 Sep 9 03:26:46 xtremcommunity sshd\[125514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.210.2 Sep 9 03:26:48 xtremcommunity sshd\[125514\]: Failed password for invalid user test1 from 177.220.210.2 port 65082 ssh2 Sep 9 03:34:25 xtremcommunity sshd\[125748\]: Invalid user postgres from 177.220.210.2 port 9865 Sep 9 03:34:25 xtremcommunity sshd\[125748\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.210.2 ...	2019-09-09 15:41:48
49.234.46.125	attack	2019-09-09T07:53:35.098085abusebot.cloudsearch.cf sshd\[891\]: Invalid user arkserver from 49.234.46.125 port 58990	2019-09-09 15:54:14
89.231.11.25	attack	Sep 9 14:14:09 webhost01 sshd[23252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.231.11.25 Sep 9 14:14:11 webhost01 sshd[23252]: Failed password for invalid user user7 from 89.231.11.25 port 37042 ssh2 ...	2019-09-09 15:23:26
222.212.90.32	attack	Sep 9 09:19:43 vps01 sshd[26594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.212.90.32 Sep 9 09:19:45 vps01 sshd[26594]: Failed password for invalid user deploy from 222.212.90.32 port 63159 ssh2	2019-09-09 15:45:55
134.209.40.67	attackbotsspam	F2B jail: sshd. Time: 2019-09-09 09:35:04, Reported by: VKReport	2019-09-09 15:40:06
138.255.252.209	attackspam	Sep 9 06:37:50 ns3110291 sshd\[1358\]: Invalid user admin from 138.255.252.209 Sep 9 06:37:50 ns3110291 sshd\[1358\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.252.209 Sep 9 06:37:52 ns3110291 sshd\[1358\]: Failed password for invalid user admin from 138.255.252.209 port 58150 ssh2 Sep 9 06:37:54 ns3110291 sshd\[1362\]: Invalid user ubuntu from 138.255.252.209 Sep 9 06:37:55 ns3110291 sshd\[1362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.255.252.209 ...	2019-09-09 15:59:31
0.0.0.67	attackbots	miraniessen.de 2a02:408:7722:1:77:222:62:67 \[09/Sep/2019:06:38:19 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 2a02:408:7722:1:77:222:62:67 \[09/Sep/2019:06:38:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-09-09 15:36:08
111.62.12.170	attack	Sep 8 21:08:39 php1 sshd\[26111\]: Invalid user t0mc4t from 111.62.12.170 Sep 8 21:08:39 php1 sshd\[26111\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.62.12.170 Sep 8 21:08:41 php1 sshd\[26111\]: Failed password for invalid user t0mc4t from 111.62.12.170 port 55380 ssh2 Sep 8 21:15:45 php1 sshd\[27189\]: Invalid user ubuntu12345 from 111.62.12.170 Sep 8 21:15:45 php1 sshd\[27189\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.62.12.170	2019-09-09 15:22:32
159.65.8.65	attackspam	Sep 8 21:20:23 hiderm sshd\[5903\]: Invalid user odoo from 159.65.8.65 Sep 8 21:20:23 hiderm sshd\[5903\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.8.65 Sep 8 21:20:25 hiderm sshd\[5903\]: Failed password for invalid user odoo from 159.65.8.65 port 49364 ssh2 Sep 8 21:26:57 hiderm sshd\[6529\]: Invalid user deploy from 159.65.8.65 Sep 8 21:26:57 hiderm sshd\[6529\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.8.65	2019-09-09 15:28:26
121.21.251.32	attackspambots	Unauthorised access (Sep 9) SRC=121.21.251.32 LEN=40 TTL=114 ID=44544 TCP DPT=8080 WINDOW=21126 SYN Unauthorised access (Sep 9) SRC=121.21.251.32 LEN=40 TTL=114 ID=29313 TCP DPT=8080 WINDOW=17433 SYN	2019-09-09 15:40:37
118.24.157.127	attackbotsspam	Sep 9 08:58:47 mail sshd[19852]: Invalid user user from 118.24.157.127 Sep 9 08:58:47 mail sshd[19852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.157.127 Sep 9 08:58:47 mail sshd[19852]: Invalid user user from 118.24.157.127 Sep 9 08:58:48 mail sshd[19852]: Failed password for invalid user user from 118.24.157.127 port 60864 ssh2 Sep 9 09:14:17 mail sshd[9672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.157.127 user=mysql Sep 9 09:14:19 mail sshd[9672]: Failed password for mysql from 118.24.157.127 port 53800 ssh2 ...	2019-09-09 15:23:49
49.88.112.114	attack	2019-09-09T14:28:21.282868enmeeting.mahidol.ac.th sshd\[14256\]: User root from 49.88.112.114 not allowed because not listed in AllowUsers 2019-09-09T14:28:21.653528enmeeting.mahidol.ac.th sshd\[14256\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.114 user=root 2019-09-09T14:28:23.801682enmeeting.mahidol.ac.th sshd\[14256\]: Failed password for invalid user root from 49.88.112.114 port 15507 ssh2 ...	2019-09-09 15:53:22
218.98.26.185	attackspambots	Sep 9 07:59:56 host sshd\[65187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.98.26.185 user=root Sep 9 07:59:57 host sshd\[65187\]: Failed password for root from 218.98.26.185 port 47398 ssh2 ...	2019-09-09 15:28:03
137.74.26.179	attackspam	2019-09-09T09:20:26.008452lon01.zurich-datacenter.net sshd\[21216\]: Invalid user gitlab from 137.74.26.179 port 46712 2019-09-09T09:20:26.012905lon01.zurich-datacenter.net sshd\[21216\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.26.179 2019-09-09T09:20:27.950566lon01.zurich-datacenter.net sshd\[21216\]: Failed password for invalid user gitlab from 137.74.26.179 port 46712 ssh2 2019-09-09T09:26:11.076287lon01.zurich-datacenter.net sshd\[21323\]: Invalid user temp from 137.74.26.179 port 49600 2019-09-09T09:26:11.085863lon01.zurich-datacenter.net sshd\[21323\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.26.179 ...	2019-09-09 15:39:33

Recently Reported IPs

218.64.216.82	71.6.233.46	185.10.68.195	71.6.233.8
195.149.247.204	77.245.149.12	3.250.62.223	87.245.170.34
77.27.80.222	41.78.76.214	209.92.132.35	63.44.83.250
37.49.230.218	85.71.119.193	178.93.229.26	176.113.57.153
36.99.4.20	40.161.125.42	225.203.235.51	133.149.93.5