210.119.131.42

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: Konkuk University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Sep 15 07:46:36 OPSO sshd\[21725\]: Invalid user kvernevik from 210.119.131.42 port 34066 Sep 15 07:46:36 OPSO sshd\[21725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.119.131.42 Sep 15 07:46:38 OPSO sshd\[21725\]: Failed password for invalid user kvernevik from 210.119.131.42 port 34066 ssh2 Sep 15 07:51:09 OPSO sshd\[22558\]: Invalid user oracle from 210.119.131.42 port 47358 Sep 15 07:51:09 OPSO sshd\[22558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.119.131.42	2019-09-15 14:06:43
attackbotsspam	Sep 14 23:17:55 vps691689 sshd[18533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.119.131.42 Sep 14 23:17:57 vps691689 sshd[18533]: Failed password for invalid user xbot_premium from 210.119.131.42 port 41114 ssh2 ...	2019-09-15 05:29:15

Type

Details

Datetime

attackspambots

Sep 15 07:46:36 OPSO sshd\[21725\]: Invalid user kvernevik from 210.119.131.42 port 34066
Sep 15 07:46:36 OPSO sshd\[21725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.119.131.42
Sep 15 07:46:38 OPSO sshd\[21725\]: Failed password for invalid user kvernevik from 210.119.131.42 port 34066 ssh2
Sep 15 07:51:09 OPSO sshd\[22558\]: Invalid user oracle from 210.119.131.42 port 47358
Sep 15 07:51:09 OPSO sshd\[22558\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.119.131.42

2019-09-15 14:06:43

attackbotsspam

Sep 14 23:17:55 vps691689 sshd[18533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.119.131.42
Sep 14 23:17:57 vps691689 sshd[18533]: Failed password for invalid user xbot_premium from 210.119.131.42 port 41114 ssh2
...

2019-09-15 05:29:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 210.119.131.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23620
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;210.119.131.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 15 05:29:09 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 42.131.119.210.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.131.119.210.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
110.19.70.33	attackbots	Lines containing failures of 110.19.70.33 /var/log/apache/pucorp.org.log:2019-08-31T10:24:50.607510+01:00 ticdesk sshd[31783]: Invalid user support from 110.19.70.33 port 45257 /var/log/apache/pucorp.org.log:2019-08-31T10:24:50.627396+01:00 ticdesk sshd[31783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.19.70.33 /var/log/apache/pucorp.org.log:2019-08-31T10:24:50.644120+01:00 ticdesk sshd[31783]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.19.70.33 user=support /var/log/apache/pucorp.org.log:2019-08-31T10:24:52.993640+01:00 ticdesk sshd[31783]: Failed password for invalid user support from 110.19.70.33 port 45257 ssh2 /var/log/apache/pucorp.org.log:2019-08-31T10:24:56.145574+01:00 ticdesk sshd[31783]: pam_sss(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.19.70.33 user=support /var/log/apache/pucorp.org.log:2019-08-31T10:24:58.318776+01:00 t........ ------------------------------	2019-09-01 20:12:56
121.184.64.15	attack	Sep 1 13:12:15 mail sshd\[31496\]: Failed password for man from 121.184.64.15 port 25509 ssh2 Sep 1 13:17:04 mail sshd\[32182\]: Invalid user arie from 121.184.64.15 port 32632 Sep 1 13:17:04 mail sshd\[32182\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.184.64.15 Sep 1 13:17:06 mail sshd\[32182\]: Failed password for invalid user arie from 121.184.64.15 port 32632 ssh2 Sep 1 13:21:56 mail sshd\[32686\]: Invalid user testuser5 from 121.184.64.15 port 17751 Sep 1 13:21:56 mail sshd\[32686\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.184.64.15	2019-09-01 20:21:57
63.143.35.50	attackbots	SIPVicious Scanner Detection, PTR: 50-35-143-63.static.reverse.lstn.net.	2019-09-01 20:58:49
159.65.96.102	attackbots	Sep 1 11:17:01 root sshd[30270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.96.102 Sep 1 11:17:03 root sshd[30270]: Failed password for invalid user qc from 159.65.96.102 port 38830 ssh2 Sep 1 11:21:11 root sshd[30310]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.96.102 ...	2019-09-01 20:52:13
114.67.90.149	attackbots	Sep 1 09:13:42 MK-Soft-VM6 sshd\[14724\]: Invalid user sit from 114.67.90.149 port 57689 Sep 1 09:13:42 MK-Soft-VM6 sshd\[14724\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.67.90.149 Sep 1 09:13:44 MK-Soft-VM6 sshd\[14724\]: Failed password for invalid user sit from 114.67.90.149 port 57689 ssh2 ...	2019-09-01 20:33:08
94.23.254.24	attackbots	Sep 1 01:56:14 kapalua sshd\[31582\]: Invalid user md from 94.23.254.24 Sep 1 01:56:14 kapalua sshd\[31582\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns341745.ip-94-23-254.eu Sep 1 01:56:16 kapalua sshd\[31582\]: Failed password for invalid user md from 94.23.254.24 port 32933 ssh2 Sep 1 02:05:14 kapalua sshd\[32414\]: Invalid user sharp from 94.23.254.24 Sep 1 02:05:14 kapalua sshd\[32414\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns341745.ip-94-23-254.eu	2019-09-01 20:18:33
191.241.225.238	attackspambots	Sep 1 12:48:37 dedicated sshd[15244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.241.225.238 user=root Sep 1 12:48:39 dedicated sshd[15244]: Failed password for root from 191.241.225.238 port 22546 ssh2	2019-09-01 20:23:32
37.59.38.137	attack	Sep 1 13:19:02 nextcloud sshd\[8534\]: Invalid user lire from 37.59.38.137 Sep 1 13:19:02 nextcloud sshd\[8534\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.38.137 Sep 1 13:19:04 nextcloud sshd\[8534\]: Failed password for invalid user lire from 37.59.38.137 port 36747 ssh2 ...	2019-09-01 20:15:05
203.222.25.74	attackbotsspam	Netgear DGN Device Remote Command Execution Vulnerability, PTR: 203-222-25-74.veetime.com.	2019-09-01 20:49:35
142.93.248.5	attackspambots	Sep 1 10:17:17 bouncer sshd\[8480\]: Invalid user vcsa from 142.93.248.5 port 58150 Sep 1 10:17:17 bouncer sshd\[8480\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.248.5 Sep 1 10:17:18 bouncer sshd\[8480\]: Failed password for invalid user vcsa from 142.93.248.5 port 58150 ssh2 ...	2019-09-01 20:12:35
49.88.112.80	attackbotsspam	2019-09-01T18:58:15.889952enmeeting.mahidol.ac.th sshd\[16204\]: User root from 49.88.112.80 not allowed because not listed in AllowUsers 2019-09-01T18:58:16.253881enmeeting.mahidol.ac.th sshd\[16204\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.80 user=root 2019-09-01T18:58:17.973448enmeeting.mahidol.ac.th sshd\[16204\]: Failed password for invalid user root from 49.88.112.80 port 15102 ssh2 ...	2019-09-01 20:11:48
158.69.110.31	attackbots	2019-09-01T12:35:58.023999abusebot-8.cloudsearch.cf sshd\[30632\]: Invalid user megashop from 158.69.110.31 port 53652	2019-09-01 20:37:28
177.126.188.2	attackbotsspam	Sep 1 02:20:35 web9 sshd\[32639\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.126.188.2 user=root Sep 1 02:20:37 web9 sshd\[32639\]: Failed password for root from 177.126.188.2 port 46081 ssh2 Sep 1 02:25:35 web9 sshd\[1286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.126.188.2 user=root Sep 1 02:25:37 web9 sshd\[1286\]: Failed password for root from 177.126.188.2 port 40390 ssh2 Sep 1 02:30:32 web9 sshd\[2468\]: Invalid user msql from 177.126.188.2	2019-09-01 20:51:49
210.196.163.38	attackspambots	Sep 1 06:35:40 xtremcommunity sshd\[24657\]: Invalid user ftp123 from 210.196.163.38 port 5066 Sep 1 06:35:40 xtremcommunity sshd\[24657\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.196.163.38 Sep 1 06:35:42 xtremcommunity sshd\[24657\]: Failed password for invalid user ftp123 from 210.196.163.38 port 5066 ssh2 Sep 1 06:40:16 xtremcommunity sshd\[24857\]: Invalid user asd from 210.196.163.38 port 47909 Sep 1 06:40:16 xtremcommunity sshd\[24857\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.196.163.38 ...	2019-09-01 20:28:18
51.77.244.196	attack	Sep 1 12:21:47 web8 sshd\[5057\]: Invalid user 1qaz2wsx3edc from 51.77.244.196 Sep 1 12:21:47 web8 sshd\[5057\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.244.196 Sep 1 12:21:49 web8 sshd\[5057\]: Failed password for invalid user 1qaz2wsx3edc from 51.77.244.196 port 51154 ssh2 Sep 1 12:25:32 web8 sshd\[7172\]: Invalid user psd from 51.77.244.196 Sep 1 12:25:32 web8 sshd\[7172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.77.244.196	2019-09-01 20:48:48

Recently Reported IPs

2.82.117.114	182.74.62.106	128.209.203.82	134.240.173.143
1.54.40.20	96.44.187.10	3.225.77.127	194.140.16.243
64.189.206.124	112.95.250.2	133.2.174.141	50.56.68.110
9.73.17.36	34.17.111.203	61.122.209.174	46.143.67.128
176.14.28.200	190.4.187.143	14.241.230.147	49.83.1.124