121.141.148.158

Basic Info

City: Seoul

Region: Seoul

Country: South Korea

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: Korea Telecom

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Dec 27 07:20:38 vpn01 sshd[9823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.141.148.158 Dec 27 07:20:39 vpn01 sshd[9823]: Failed password for invalid user admin from 121.141.148.158 port 34507 ssh2 ...	2019-12-27 21:40:08
attack	SSH Brute Force	2019-08-08 11:32:48
attack	May 6 07:04:57 server sshd\[143949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.141.148.158 user=root May 6 07:04:59 server sshd\[143949\]: Failed password for root from 121.141.148.158 port 53499 ssh2 May 6 07:05:00 server sshd\[143949\]: Failed password for root from 121.141.148.158 port 53499 ssh2 ...	2019-07-17 07:12:36

Type

Details

Datetime

attack

Dec 27 07:20:38 vpn01 sshd[9823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.141.148.158
Dec 27 07:20:39 vpn01 sshd[9823]: Failed password for invalid user admin from 121.141.148.158 port 34507 ssh2
...

2019-12-27 21:40:08

attack

SSH Brute Force

2019-08-08 11:32:48

attack

May  6 07:04:57 server sshd\[143949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.141.148.158  user=root
May  6 07:04:59 server sshd\[143949\]: Failed password for root from 121.141.148.158 port 53499 ssh2
May  6 07:05:00 server sshd\[143949\]: Failed password for root from 121.141.148.158 port 53499 ssh2
...

2019-07-17 07:12:36

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.141.148.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22092
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.141.148.158.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040903 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed Apr 10 12:07:01 +08 2019
;; MSG SIZE  rcvd: 119

Host info

Host 158.148.141.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 158.148.141.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.147	attack	Triggered by Fail2Ban at Vostok web server	2019-12-26 05:36:59
128.199.226.10	attackspam	Dec 25 17:23:34 sshgateway sshd\[10725\]: Invalid user server from 128.199.226.10 Dec 25 17:23:34 sshgateway sshd\[10725\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.226.10 Dec 25 17:23:37 sshgateway sshd\[10725\]: Failed password for invalid user server from 128.199.226.10 port 45592 ssh2	2019-12-26 05:49:51
222.186.175.217	attack	SSH Brute Force, server-1 sshd[12819]: Failed password for root from 222.186.175.217 port 31462 ssh2	2019-12-26 05:33:28
188.113.183.12	attackbotsspam	Honeypot attack, port: 445, PTR: ip-188-113-183-12.z55.ysk.scts.tv.	2019-12-26 05:46:45
185.52.117.126	attackbots	Dec 25 19:05:45 marvibiene sshd[41868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.52.117.126 user=root Dec 25 19:05:47 marvibiene sshd[41868]: Failed password for root from 185.52.117.126 port 41678 ssh2 Dec 25 19:28:03 marvibiene sshd[42183]: Invalid user webadmin from 185.52.117.126 port 53786 ...	2019-12-26 05:49:25
23.244.76.138	attackspambots	Brute forcing RDP port 3389	2019-12-26 05:58:25
106.14.202.26	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 05:37:21
139.199.74.92	attack	Dec 25 21:57:24 zeus sshd[31888]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.74.92 Dec 25 21:57:26 zeus sshd[31888]: Failed password for invalid user bymaster from 139.199.74.92 port 32876 ssh2 Dec 25 22:02:01 zeus sshd[31970]: Failed password for uucp from 139.199.74.92 port 58148 ssh2	2019-12-26 06:07:35
104.199.35.89	attack	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 05:44:23
119.27.177.251	attackspambots	$f2bV_matches	2019-12-26 05:42:32
89.154.4.249	attack	SSH Login Bruteforce	2019-12-26 05:59:56
218.92.0.156	attackspambots	Dec 25 22:37:57 root sshd[6159]: Failed password for root from 218.92.0.156 port 48423 ssh2 Dec 25 22:38:00 root sshd[6159]: Failed password for root from 218.92.0.156 port 48423 ssh2 Dec 25 22:38:04 root sshd[6159]: Failed password for root from 218.92.0.156 port 48423 ssh2 Dec 25 22:38:08 root sshd[6159]: Failed password for root from 218.92.0.156 port 48423 ssh2 ...	2019-12-26 05:40:02
51.38.232.93	attack	Dec 25 22:35:07 dev0-dcde-rnet sshd[31121]: Failed password for lp from 51.38.232.93 port 47386 ssh2 Dec 25 22:40:59 dev0-dcde-rnet sshd[31246]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.232.93 Dec 25 22:41:00 dev0-dcde-rnet sshd[31246]: Failed password for invalid user csp from 51.38.232.93 port 36850 ssh2	2019-12-26 06:09:42
172.81.215.106	attackspam	SSH authentication failure x 6 reported by Fail2Ban ...	2019-12-26 05:52:55
104.199.82.38	attackbotsspam	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 05:41:10

Recently Reported IPs

79.24.25.77	209.97.143.4	94.176.141.94	89.232.34.161
186.136.80.82	129.204.119.178	82.137.201.87	213.25.74.81
36.66.55.5	124.6.188.23	82.81.228.182	88.100.120.84
81.120.65.55	223.241.100.16	197.224.52.94	98.128.129.176
185.132.242.242	118.24.5.135	80.191.237.169	106.13.48.20