121.145.78.129

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	$f2bV_matches	2020-09-17 18:17:46
attackspam	Sep 16 23:47:07 gospond sshd[32535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 16 23:47:08 gospond sshd[32535]: Failed password for root from 121.145.78.129 port 57840 ssh2 ...	2020-09-17 09:30:20
attack	2020-09-08T19:55:46.178523ks3355764 sshd[5673]: Invalid user vnc from 121.145.78.129 port 43932 2020-09-08T19:55:47.559113ks3355764 sshd[5673]: Failed password for invalid user vnc from 121.145.78.129 port 43932 ssh2 ...	2020-09-09 03:13:08
attack	Time: Tue Sep 8 11:47:09 2020 +0200 IP: 121.145.78.129 (KR/South Korea/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 8 11:39:24 mail-03 sshd[23288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 8 11:39:26 mail-03 sshd[23288]: Failed password for root from 121.145.78.129 port 38522 ssh2 Sep 8 11:43:37 mail-03 sshd[23348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 8 11:43:39 mail-03 sshd[23348]: Failed password for root from 121.145.78.129 port 50396 ssh2 Sep 8 11:47:07 mail-03 sshd[23449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root	2020-09-08 18:47:03
attackbots	Jul 27 22:13:47 vmd26974 sshd[5726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 Jul 27 22:13:49 vmd26974 sshd[5726]: Failed password for invalid user zhanggang from 121.145.78.129 port 40118 ssh2 ...	2020-07-28 04:25:15
attackspam	Wordpress malicious attack:[sshd]	2020-07-08 15:35:54
attack	(sshd) Failed SSH login from 121.145.78.129 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 17 23:21:56 amsweb01 sshd[20329]: Invalid user bserver from 121.145.78.129 port 42484 Jun 17 23:21:58 amsweb01 sshd[20329]: Failed password for invalid user bserver from 121.145.78.129 port 42484 ssh2 Jun 17 23:34:53 amsweb01 sshd[22090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Jun 17 23:34:54 amsweb01 sshd[22090]: Failed password for root from 121.145.78.129 port 38484 ssh2 Jun 17 23:40:56 amsweb01 sshd[22947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root	2020-06-18 08:27:10
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-06-17 05:29:51
attack	May 31 22:50:35 vps687878 sshd\[13750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root May 31 22:50:37 vps687878 sshd\[13750\]: Failed password for root from 121.145.78.129 port 56824 ssh2 May 31 22:53:53 vps687878 sshd\[13964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root May 31 22:53:55 vps687878 sshd\[13964\]: Failed password for root from 121.145.78.129 port 34066 ssh2 May 31 22:57:07 vps687878 sshd\[14344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root ...	2020-06-01 06:09:24
attackbots	(sshd) Failed SSH login from 121.145.78.129 (KR/South Korea/-): 5 in the last 3600 secs	2020-05-27 03:21:31
attackspambots	May 20 19:50:36 vpn01 sshd[21843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 May 20 19:50:38 vpn01 sshd[21843]: Failed password for invalid user fmc from 121.145.78.129 port 41586 ssh2 ...	2020-05-21 04:03:58
attackbotsspam	Invalid user production from 121.145.78.129 port 48990	2020-05-15 20:24:24
attackspam	Invalid user production from 121.145.78.129 port 48990	2020-05-13 16:29:17
attack	May 1 12:51:39 l02a sshd[5643]: Invalid user gustavo from 121.145.78.129 May 1 12:51:39 l02a sshd[5643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 May 1 12:51:39 l02a sshd[5643]: Invalid user gustavo from 121.145.78.129 May 1 12:51:42 l02a sshd[5643]: Failed password for invalid user gustavo from 121.145.78.129 port 33118 ssh2	2020-05-01 21:54:51
attackbotsspam	Apr 27 16:03:21 nextcloud sshd\[3372\]: Invalid user steam from 121.145.78.129 Apr 27 16:03:21 nextcloud sshd\[3372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 Apr 27 16:03:24 nextcloud sshd\[3372\]: Failed password for invalid user steam from 121.145.78.129 port 35218 ssh2	2020-04-27 22:29:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.145.78.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10427
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.145.78.129.			IN	A

;; AUTHORITY SECTION:
.			428	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042700 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 22:28:56 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 129.78.145.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 129.78.145.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.230.148.82	attack	Dec 12 01:20:12 vps691689 sshd[11410]: Failed password for root from 111.230.148.82 port 46868 ssh2 Dec 12 01:26:43 vps691689 sshd[11598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.148.82 ...	2019-12-12 08:33:27
51.75.52.127	attack	Portscan or hack attempt detected by psad/fwsnort	2019-12-12 08:08:43
106.12.28.124	attack	Dec 12 01:13:17 meumeu sshd[9186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.124 Dec 12 01:13:19 meumeu sshd[9186]: Failed password for invalid user com from 106.12.28.124 port 54230 ssh2 Dec 12 01:19:25 meumeu sshd[9962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.124 ...	2019-12-12 08:27:34
129.204.11.162	attackbots	Dec 11 13:41:48 hanapaa sshd\[15461\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.11.162 user=root Dec 11 13:41:50 hanapaa sshd\[15461\]: Failed password for root from 129.204.11.162 port 38390 ssh2 Dec 11 13:48:08 hanapaa sshd\[16103\]: Invalid user bali from 129.204.11.162 Dec 11 13:48:08 hanapaa sshd\[16103\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.11.162 Dec 11 13:48:10 hanapaa sshd\[16103\]: Failed password for invalid user bali from 129.204.11.162 port 47058 ssh2	2019-12-12 08:18:39
45.227.255.48	attack	Dec 11 02:36:05 XXX sshd[48322]: Invalid user admin from 45.227.255.48 port 46508	2019-12-12 08:07:54
91.121.116.65	attack	Dec 11 18:48:16 TORMINT sshd\[22327\]: Invalid user avant from 91.121.116.65 Dec 11 18:48:16 TORMINT sshd\[22327\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.116.65 Dec 11 18:48:18 TORMINT sshd\[22327\]: Failed password for invalid user avant from 91.121.116.65 port 60198 ssh2 ...	2019-12-12 08:11:32
5.188.210.226	attack	Brute force attack stopped by firewall	2019-12-12 08:42:16
201.1.9.74	attackspam	Telnet/23 MH Probe, BF, Hack -	2019-12-12 08:06:35
67.160.238.143	attackbotsspam	Dec 12 06:49:10 itv-usvr-01 sshd[21184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.160.238.143 user=root Dec 12 06:49:12 itv-usvr-01 sshd[21184]: Failed password for root from 67.160.238.143 port 48744 ssh2 Dec 12 06:56:52 itv-usvr-01 sshd[21443]: Invalid user spot from 67.160.238.143 Dec 12 06:56:52 itv-usvr-01 sshd[21443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.160.238.143 Dec 12 06:56:52 itv-usvr-01 sshd[21443]: Invalid user spot from 67.160.238.143 Dec 12 06:56:54 itv-usvr-01 sshd[21443]: Failed password for invalid user spot from 67.160.238.143 port 42852 ssh2	2019-12-12 08:30:27
60.191.38.77	attackspambots	Brute force attack stopped by firewall	2019-12-12 08:43:50
107.6.183.230	attack	Brute force attack stopped by firewall	2019-12-12 08:43:21
222.186.175.147	attackbotsspam	Dec 12 01:26:07 fr01 sshd[14137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.147 user=root Dec 12 01:26:08 fr01 sshd[14137]: Failed password for root from 222.186.175.147 port 57382 ssh2 ...	2019-12-12 08:31:54
138.68.82.220	attack	Dec 12 00:42:55 tux-35-217 sshd\[1396\]: Invalid user natan from 138.68.82.220 port 33366 Dec 12 00:42:55 tux-35-217 sshd\[1396\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.82.220 Dec 12 00:42:57 tux-35-217 sshd\[1396\]: Failed password for invalid user natan from 138.68.82.220 port 33366 ssh2 Dec 12 00:48:11 tux-35-217 sshd\[1440\]: Invalid user lacramioara from 138.68.82.220 port 41110 Dec 12 00:48:11 tux-35-217 sshd\[1440\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.82.220 ...	2019-12-12 08:17:34
150.161.8.120	attackbotsspam	Dec 12 01:00:02 markkoudstaal sshd[21345]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.161.8.120 Dec 12 01:00:04 markkoudstaal sshd[21345]: Failed password for invalid user chester from 150.161.8.120 port 38174 ssh2 Dec 12 01:06:04 markkoudstaal sshd[22009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.161.8.120	2019-12-12 08:14:39
209.17.97.98	attackspambots	209.17.97.98 was recorded 13 times by 10 hosts attempting to connect to the following ports: 5632,1434,47808,6379,2121,2001,5443,5222,9200,8530,4786,401. Incident counter (4h, 24h, all-time): 13, 39, 1353	2019-12-12 08:35:21

Recently Reported IPs

150.109.117.118	183.89.238.167	77.42.76.253	66.181.160.49
188.226.197.249	51.106.121.78	10.129.175.0	213.132.219.175
189.208.189.22	80.82.64.242	220.168.22.51	203.205.250.33
187.84.146.190	63.143.99.52	36.90.208.243	132.232.40.131
192.99.247.102	132.145.187.94	92.222.79.157	79.142.76.210