211.197.28.37 - IPInfo

Basic Info

City: Gwanak-gu

Region: Seoul Special City

Country: South Korea

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
211.197.28.252	attack	Aug 24 06:57:02 ip40 sshd[32614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.197.28.252 Aug 24 06:57:04 ip40 sshd[32614]: Failed password for invalid user icecast from 211.197.28.252 port 50336 ssh2 ...	2020-08-24 13:49:36
211.197.28.252	attack	Aug 23 07:27:43 mellenthin sshd[14500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.197.28.252 Aug 23 07:27:45 mellenthin sshd[14500]: Failed password for invalid user chris from 211.197.28.252 port 59336 ssh2	2020-08-23 16:47:39

Type

Details

Datetime

211.197.28.252

attack

Aug 24 06:57:02 ip40 sshd[32614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.197.28.252 
Aug 24 06:57:04 ip40 sshd[32614]: Failed password for invalid user icecast from 211.197.28.252 port 50336 ssh2
...

2020-08-24 13:49:36

211.197.28.252

attack

Aug 23 07:27:43 mellenthin sshd[14500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.197.28.252
Aug 23 07:27:45 mellenthin sshd[14500]: Failed password for invalid user chris from 211.197.28.252 port 59336 ssh2

2020-08-23 16:47:39

Whois info:

query : 211.197.28.37


# KOREAN(UTF8)

조회하신 IPv4주소는 한국인터넷진흥원으로부터 아래의 관리대행자에게 할당되었으며, 할당 정보는 다음과 같습니다.

[ 네트워크 할당 정보 ]
IPv4주소           : 211.196.0.0 - 211.199.255.255 (/14)
기관명             : 주식회사 케이티
서비스명           : KORNET
주소               : 경기도 성남시 분당구 불정로 90
우편번호           : 13606
할당일자           : 20000724

이름               : IP주소 담당자
전화번호           : +82-2-500-6630
전자우편           : kornet_ip@kt.com

조회하신 IPv4주소는 위의 관리대행자로부터 아래의 사용자에게 할당되었으며, 할당 정보는 다음과 같습니다.
--------------------------------------------------------------------------------


[ 네트워크 할당 정보 ]
IPv4주소           : 211.197.28.0 - 211.197.28.255 (/24)
기관명             : 수도권서부본부
네트워크 구분      : CUSTOMER
주소               : 서울특별시 관악구 조원동
우편번호           : 151018
할당내역 등록일    : 20170810

이름               : IP주소 담당자
전화번호           : +82-2-500-6631
전자우편           : kornet_ip@kt.com


# ENGLISH

KRNIC is not an ISP but a National Internet Registry similar to APNIC.

[ Network Information ]
IPv4 Address       : 211.196.0.0 - 211.199.255.255 (/14)
Organization Name  : Korea Telecom
Service Name       : KORNET
Address            : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90
Zip Code           : 13606
Registration Date  : 20000724

Name               : IP Manager
Phone              : +82-2-500-6630
E-Mail             : kornet_ip@kt.com

--------------------------------------------------------------------------------

More specific assignment information is as follows.

[ Network Information ]
IPv4 Address       : 211.197.28.0 - 211.197.28.255 (/24)
Organization Name  : Sudogwonseobubonbu
Network Type       : CUSTOMER
Address            : Jowon-Dong Gwanak-Gu Seoulteukbyeol-Si
Zip Code           : 151018
Registration Date  : 20170810

Name               : IP Manager
Phone              : +82-2-500-6631
E-Mail             : kornet_ip@kt.com


- KISA/KRNIC WHOIS Service -

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.197.28.37
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29629
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;211.197.28.37.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026032900 1800 900 604800 86400

;; Query time: 6 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 29 18:07:00 CST 2026
;; MSG SIZE  rcvd: 106

Host info

Host 37.28.197.211.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 37.28.197.211.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.78.188.194	attackbotsspam	Invalid user ashish from 112.78.188.194 port 47810	2020-07-19 01:15:57
181.55.188.218	attack	Jul 18 17:25:42 ncomp sshd[31916]: Invalid user test from 181.55.188.218 Jul 18 17:25:42 ncomp sshd[31916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.55.188.218 Jul 18 17:25:42 ncomp sshd[31916]: Invalid user test from 181.55.188.218 Jul 18 17:25:45 ncomp sshd[31916]: Failed password for invalid user test from 181.55.188.218 port 41384 ssh2	2020-07-19 01:04:34
51.79.68.147	attack	Jul 18 14:20:12 vmd26974 sshd[24954]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.68.147 Jul 18 14:20:14 vmd26974 sshd[24954]: Failed password for invalid user pxl from 51.79.68.147 port 41840 ssh2 ...	2020-07-19 00:47:02
34.82.254.168	attackspam	Jul 18 16:25:47 serwer sshd\[18410\]: Invalid user blumberg from 34.82.254.168 port 41974 Jul 18 16:25:47 serwer sshd\[18410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.82.254.168 Jul 18 16:25:48 serwer sshd\[18410\]: Failed password for invalid user blumberg from 34.82.254.168 port 41974 ssh2 ...	2020-07-19 00:50:31
51.75.66.92	attackbots	2020-07-18T16:31:22.093746shield sshd\[32707\]: Invalid user james from 51.75.66.92 port 36152 2020-07-18T16:31:22.104782shield sshd\[32707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.ip-51-75-66.eu 2020-07-18T16:31:23.758263shield sshd\[32707\]: Failed password for invalid user james from 51.75.66.92 port 36152 ssh2 2020-07-18T16:36:52.196905shield sshd\[2157\]: Invalid user frank from 51.75.66.92 port 54582 2020-07-18T16:36:52.205388shield sshd\[2157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.ip-51-75-66.eu	2020-07-19 00:47:18
165.227.214.37	attackbotsspam	Jul 18 09:27:46 Host-KLAX-C sshd[506]: Invalid user service from 165.227.214.37 port 49582 ...	2020-07-19 01:05:58
35.195.238.142	attackspambots	Jul 18 18:34:30 srv-ubuntu-dev3 sshd[35726]: Invalid user inv from 35.195.238.142 Jul 18 18:34:30 srv-ubuntu-dev3 sshd[35726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.195.238.142 Jul 18 18:34:30 srv-ubuntu-dev3 sshd[35726]: Invalid user inv from 35.195.238.142 Jul 18 18:34:31 srv-ubuntu-dev3 sshd[35726]: Failed password for invalid user inv from 35.195.238.142 port 53142 ssh2 Jul 18 18:38:20 srv-ubuntu-dev3 sshd[36225]: Invalid user cloud from 35.195.238.142 Jul 18 18:38:20 srv-ubuntu-dev3 sshd[36225]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.195.238.142 Jul 18 18:38:20 srv-ubuntu-dev3 sshd[36225]: Invalid user cloud from 35.195.238.142 Jul 18 18:38:22 srv-ubuntu-dev3 sshd[36225]: Failed password for invalid user cloud from 35.195.238.142 port 32872 ssh2 Jul 18 18:42:12 srv-ubuntu-dev3 sshd[36656]: Invalid user edencraft from 35.195.238.142 ...	2020-07-19 00:50:12
3.19.56.243	attack	Invalid user maluks from 3.19.56.243 port 35438	2020-07-19 00:51:51
106.52.251.24	attackspambots	Invalid user students from 106.52.251.24 port 46848	2020-07-19 01:17:35
116.236.251.214	attack	Jul 18 18:26:25 hidden sshd[27430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.236.251.214 Jul 18 18:26:27 hidden sshd[27430]: Failed password for invalid user ye from 116.236.251.214 port 26535 ssh2	2020-07-19 01:12:53
106.13.173.137	attack	Invalid user ken from 106.13.173.137 port 47592	2020-07-19 01:18:00
60.250.244.210	attackspambots	Invalid user lfq from 60.250.244.210 port 34790	2020-07-19 00:44:57
185.220.102.249	attack	prod8 ...	2020-07-19 01:01:29
37.187.113.229	attack	Automatic Fail2ban report - Trying login SSH	2020-07-19 00:49:25
5.94.203.205	attack	Jul 18 14:34:50 mellenthin sshd[10505]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.94.203.205 Jul 18 14:34:53 mellenthin sshd[10505]: Failed password for invalid user cyrus from 5.94.203.205 port 34002 ssh2	2020-07-19 00:51:27

Recently Reported IPs

2606:4700:10::ac43:2223	150.250.210.226	62.197.169.166	66.132.195.102
39.184.9.198	39.172.27.56	36.143.128.128	223.91.179.91
183.212.221.76	183.199.26.183	160.119.76.20	120.239.27.85
112.32.125.227	111.17.104.101	152.178.1.244	2606:4700:10::6816:1082
2606:4700:10::6814:5777	2606:4700:10::6814:8009	2606:4700:10::6816:3879	2606:4700:10::6814:9772