121.134.159.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	SSH login attempts with user root at 2020-01-02.	2020-01-03 03:00:54

Comments on same subnet:

IP	Type	Details	Datetime
121.134.159.21	attackbotsspam	Sep 25 01:57:54 v22019038103785759 sshd\[17034\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 user=root Sep 25 01:57:56 v22019038103785759 sshd\[17034\]: Failed password for root from 121.134.159.21 port 43850 ssh2 Sep 25 02:01:56 v22019038103785759 sshd\[17377\]: Invalid user princess from 121.134.159.21 port 51704 Sep 25 02:01:56 v22019038103785759 sshd\[17377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 Sep 25 02:01:58 v22019038103785759 sshd\[17377\]: Failed password for invalid user princess from 121.134.159.21 port 51704 ssh2 ...	2020-09-25 08:50:38
121.134.159.21	attackspambots	2020-08-29T08:46:15.393715lavrinenko.info sshd[4756]: Failed password for root from 121.134.159.21 port 58952 ssh2 2020-08-29T08:49:20.267410lavrinenko.info sshd[4906]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 user=root 2020-08-29T08:49:22.551211lavrinenko.info sshd[4906]: Failed password for root from 121.134.159.21 port 47558 ssh2 2020-08-29T08:52:22.663095lavrinenko.info sshd[5009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 user=root 2020-08-29T08:52:24.595999lavrinenko.info sshd[5009]: Failed password for root from 121.134.159.21 port 36154 ssh2 ...	2020-08-29 13:59:59
121.134.159.21	attackspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-28T04:58:49Z and 2020-08-28T05:06:29Z	2020-08-28 15:33:12
121.134.159.21	attack	Aug 3 22:32:36 kh-dev-server sshd[16951]: Failed password for root from 121.134.159.21 port 37308 ssh2 ...	2020-08-04 08:42:02
121.134.159.21	attack	Failed password for invalid user wangq from 121.134.159.21 port 44120 ssh2	2020-07-30 19:00:38
121.134.159.21	attackbots	Jul 24 00:13:47 ajax sshd[22291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 Jul 24 00:13:49 ajax sshd[22291]: Failed password for invalid user zli from 121.134.159.21 port 41674 ssh2	2020-07-24 07:15:02
121.134.159.21	attackbotsspam	invalid login attempt (staff)	2020-07-23 22:10:36
121.134.159.21	attack	Jul 23 05:58:59 hidden sshd[44568]: Invalid user nui from 121.134.159.21 port 59858 Jul 23 05:58:59 hidden sshd[44568]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 Jul 23 05:59:01 hidden sshd[44568]: Failed password for invalid user nui from 121.134.159.21 port 59858 ssh2	2020-07-23 12:36:58
121.134.159.21	attack	$f2bV_matches	2020-07-23 00:46:35
121.134.159.21	attackspam	Bruteforce detected by fail2ban	2020-07-22 00:09:42
121.134.159.21	attack	Jul 17 00:45:14 mockhub sshd[25153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 Jul 17 00:45:17 mockhub sshd[25153]: Failed password for invalid user postgres from 121.134.159.21 port 51558 ssh2 ...	2020-07-17 15:45:37
121.134.159.21	attack	Jul 16 11:45:56 ip-172-31-62-245 sshd\[17801\]: Invalid user danny from 121.134.159.21\ Jul 16 11:45:57 ip-172-31-62-245 sshd\[17801\]: Failed password for invalid user danny from 121.134.159.21 port 55842 ssh2\ Jul 16 11:50:02 ip-172-31-62-245 sshd\[17853\]: Invalid user malina from 121.134.159.21\ Jul 16 11:50:04 ip-172-31-62-245 sshd\[17853\]: Failed password for invalid user malina from 121.134.159.21 port 60106 ssh2\ Jul 16 11:54:06 ip-172-31-62-245 sshd\[17921\]: Invalid user rori from 121.134.159.21\	2020-07-16 21:04:32
121.134.159.21	attackspam	2020-07-08T13:29:10.252297ns386461 sshd\[20890\]: Invalid user ryc from 121.134.159.21 port 34208 2020-07-08T13:29:10.257046ns386461 sshd\[20890\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 2020-07-08T13:29:12.541969ns386461 sshd\[20890\]: Failed password for invalid user ryc from 121.134.159.21 port 34208 ssh2 2020-07-08T13:48:06.585995ns386461 sshd\[6125\]: Invalid user tanjunhui from 121.134.159.21 port 35390 2020-07-08T13:48:06.589768ns386461 sshd\[6125\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 ...	2020-07-08 21:10:57
121.134.159.21	attackbots	Jul 8 sshd[10934]: Invalid user sonya from 121.134.159.21 port 39248	2020-07-08 14:40:31
121.134.159.21	attackbots	Jul 7 14:44:54 ns382633 sshd\[30845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 user=root Jul 7 14:44:56 ns382633 sshd\[30845\]: Failed password for root from 121.134.159.21 port 44476 ssh2 Jul 7 14:49:37 ns382633 sshd\[31684\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 user=root Jul 7 14:49:39 ns382633 sshd\[31684\]: Failed password for root from 121.134.159.21 port 51754 ssh2 Jul 7 14:52:48 ns382633 sshd\[32449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.134.159.21 user=root	2020-07-07 21:11:59

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.134.159.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3390
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.134.159.2.			IN	A

;; AUTHORITY SECTION:
.			387	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 879 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 03:00:51 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 2.159.134.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.159.134.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
113.20.98.228	attackbots	1593489220 - 06/30/2020 05:53:40 Host: 113.20.98.228/113.20.98.228 Port: 445 TCP Blocked	2020-06-30 15:08:17
119.45.119.141	attack	Jun 30 05:58:40 vps333114 sshd[21915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.119.141 Jun 30 05:58:42 vps333114 sshd[21915]: Failed password for invalid user nzb from 119.45.119.141 port 35074 ssh2 ...	2020-06-30 15:16:05
115.73.219.103	attackspambots	20/6/30@01:59:03: FAIL: Alarm-Network address from=115.73.219.103 ...	2020-06-30 14:48:36
138.204.123.30	attackbotsspam	DATE:2020-06-30 05:53:52, IP:138.204.123.30, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-30 14:49:56
210.12.168.79	attack	2020-06-30T03:53:43.586284server.espacesoutien.com sshd[7611]: Invalid user temp1 from 210.12.168.79 port 37991 2020-06-30T03:53:43.603592server.espacesoutien.com sshd[7611]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.12.168.79 2020-06-30T03:53:43.586284server.espacesoutien.com sshd[7611]: Invalid user temp1 from 210.12.168.79 port 37991 2020-06-30T03:53:45.977140server.espacesoutien.com sshd[7611]: Failed password for invalid user temp1 from 210.12.168.79 port 37991 ssh2 ...	2020-06-30 15:03:08
138.36.110.226	attackbots	Automatic report - Port Scan Attack	2020-06-30 14:51:56
93.174.93.195	attackbots	UDP 93.174.93.195:34225 -> port 20482, len 57	2020-06-30 14:50:27
185.176.27.202	attackspam	06/30/2020-02:45:33.151867 185.176.27.202 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-30 14:55:20
114.43.150.158	attack	Port scan on 1 port(s): 23	2020-06-30 14:57:03
187.189.107.242	attackbotsspam	[29.06.2020 14:12:02] Login failure for user dircreate from 187.189.107.242	2020-06-30 14:42:43
94.199.181.251	attackbots	94.199.181.251 - - \[30/Jun/2020:08:07:53 +0200\] "POST /wp-login.php HTTP/1.1" 200 9954 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" 94.199.181.251 - - \[30/Jun/2020:08:07:53 +0200\] "POST /wp-login.php HTTP/1.1" 200 9789 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" ...	2020-06-30 15:08:33
222.186.30.218	attackspam	Jun 30 06:50:39 marvibiene sshd[38936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.218 user=root Jun 30 06:50:40 marvibiene sshd[38936]: Failed password for root from 222.186.30.218 port 50605 ssh2 Jun 30 06:50:42 marvibiene sshd[38936]: Failed password for root from 222.186.30.218 port 50605 ssh2 Jun 30 06:50:39 marvibiene sshd[38936]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.218 user=root Jun 30 06:50:40 marvibiene sshd[38936]: Failed password for root from 222.186.30.218 port 50605 ssh2 Jun 30 06:50:42 marvibiene sshd[38936]: Failed password for root from 222.186.30.218 port 50605 ssh2 ...	2020-06-30 14:53:46
159.192.110.95	attackspambots	Jun 30 05:53:58 ncomp sshd[20762]: Invalid user nagesh from 159.192.110.95 Jun 30 05:53:59 ncomp sshd[20762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.192.110.95 Jun 30 05:53:58 ncomp sshd[20762]: Invalid user nagesh from 159.192.110.95 Jun 30 05:54:01 ncomp sshd[20762]: Failed password for invalid user nagesh from 159.192.110.95 port 9040 ssh2	2020-06-30 14:48:02
125.24.242.104	attackbots	1593489229 - 06/30/2020 05:53:49 Host: 125.24.242.104/125.24.242.104 Port: 445 TCP Blocked	2020-06-30 15:00:39
1.196.223.50	attack	Unauthorized connection attempt detected from IP address 1.196.223.50 to port 9200	2020-06-30 14:45:06

Recently Reported IPs

159.238.109.173	14.172.161.174	14.135.47.157	90.157.179.31
211.142.96.13	18.166.200.90	198.106.40.247	176.4.166.140
61.109.208.189	201.129.12.124	191.55.95.81	194.13.147.8
104.209.178.147	117.205.84.8	211.231.139.189	156.211.3.119
1.57.235.170	116.185.52.88	17.30.122.161	116.255.166.2