121.145.78.129

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	$f2bV_matches	2020-09-17 18:17:46
attackspam	Sep 16 23:47:07 gospond sshd[32535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 16 23:47:08 gospond sshd[32535]: Failed password for root from 121.145.78.129 port 57840 ssh2 ...	2020-09-17 09:30:20
attack	2020-09-08T19:55:46.178523ks3355764 sshd[5673]: Invalid user vnc from 121.145.78.129 port 43932 2020-09-08T19:55:47.559113ks3355764 sshd[5673]: Failed password for invalid user vnc from 121.145.78.129 port 43932 ssh2 ...	2020-09-09 03:13:08
attack	Time: Tue Sep 8 11:47:09 2020 +0200 IP: 121.145.78.129 (KR/South Korea/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 8 11:39:24 mail-03 sshd[23288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 8 11:39:26 mail-03 sshd[23288]: Failed password for root from 121.145.78.129 port 38522 ssh2 Sep 8 11:43:37 mail-03 sshd[23348]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Sep 8 11:43:39 mail-03 sshd[23348]: Failed password for root from 121.145.78.129 port 50396 ssh2 Sep 8 11:47:07 mail-03 sshd[23449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root	2020-09-08 18:47:03
attackbots	Jul 27 22:13:47 vmd26974 sshd[5726]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 Jul 27 22:13:49 vmd26974 sshd[5726]: Failed password for invalid user zhanggang from 121.145.78.129 port 40118 ssh2 ...	2020-07-28 04:25:15
attackspam	Wordpress malicious attack:[sshd]	2020-07-08 15:35:54
attack	(sshd) Failed SSH login from 121.145.78.129 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 17 23:21:56 amsweb01 sshd[20329]: Invalid user bserver from 121.145.78.129 port 42484 Jun 17 23:21:58 amsweb01 sshd[20329]: Failed password for invalid user bserver from 121.145.78.129 port 42484 ssh2 Jun 17 23:34:53 amsweb01 sshd[22090]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root Jun 17 23:34:54 amsweb01 sshd[22090]: Failed password for root from 121.145.78.129 port 38484 ssh2 Jun 17 23:40:56 amsweb01 sshd[22947]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root	2020-06-18 08:27:10
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2020-06-17 05:29:51
attack	May 31 22:50:35 vps687878 sshd\[13750\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root May 31 22:50:37 vps687878 sshd\[13750\]: Failed password for root from 121.145.78.129 port 56824 ssh2 May 31 22:53:53 vps687878 sshd\[13964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root May 31 22:53:55 vps687878 sshd\[13964\]: Failed password for root from 121.145.78.129 port 34066 ssh2 May 31 22:57:07 vps687878 sshd\[14344\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 user=root ...	2020-06-01 06:09:24
attackbots	(sshd) Failed SSH login from 121.145.78.129 (KR/South Korea/-): 5 in the last 3600 secs	2020-05-27 03:21:31
attackspambots	May 20 19:50:36 vpn01 sshd[21843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 May 20 19:50:38 vpn01 sshd[21843]: Failed password for invalid user fmc from 121.145.78.129 port 41586 ssh2 ...	2020-05-21 04:03:58
attackbotsspam	Invalid user production from 121.145.78.129 port 48990	2020-05-15 20:24:24
attackspam	Invalid user production from 121.145.78.129 port 48990	2020-05-13 16:29:17
attack	May 1 12:51:39 l02a sshd[5643]: Invalid user gustavo from 121.145.78.129 May 1 12:51:39 l02a sshd[5643]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 May 1 12:51:39 l02a sshd[5643]: Invalid user gustavo from 121.145.78.129 May 1 12:51:42 l02a sshd[5643]: Failed password for invalid user gustavo from 121.145.78.129 port 33118 ssh2	2020-05-01 21:54:51
attackbotsspam	Apr 27 16:03:21 nextcloud sshd\[3372\]: Invalid user steam from 121.145.78.129 Apr 27 16:03:21 nextcloud sshd\[3372\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.145.78.129 Apr 27 16:03:24 nextcloud sshd\[3372\]: Failed password for invalid user steam from 121.145.78.129 port 35218 ssh2	2020-04-27 22:29:04

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.145.78.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10427
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.145.78.129.			IN	A

;; AUTHORITY SECTION:
.			428	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020042700 1800 900 604800 86400

;; Query time: 73 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 27 22:28:56 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 129.78.145.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 129.78.145.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.69.226.48	attackbotsspam	SSH Bruteforce attempt	2019-11-12 01:18:19
128.199.216.250	attack	F2B jail: sshd. Time: 2019-11-11 17:34:23, Reported by: VKReport	2019-11-12 00:48:51
191.5.115.116	attackbotsspam	" "	2019-11-12 00:47:17
217.182.70.125	attack	Automatic report - Banned IP Access	2019-11-12 01:08:11
89.36.220.145	attack	Nov 11 17:27:04 MK-Soft-Root2 sshd[10854]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.36.220.145 Nov 11 17:27:06 MK-Soft-Root2 sshd[10854]: Failed password for invalid user pelseneer from 89.36.220.145 port 37920 ssh2 ...	2019-11-12 01:13:04
197.253.242.165	attack	Port 1433 Scan	2019-11-12 01:15:47
31.208.242.213	attack	Nov 11 17:14:37 nextcloud sshd\[25535\]: Invalid user pi from 31.208.242.213 Nov 11 17:14:37 nextcloud sshd\[25536\]: Invalid user pi from 31.208.242.213 Nov 11 17:14:37 nextcloud sshd\[25536\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.208.242.213 Nov 11 17:14:37 nextcloud sshd\[25535\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=31.208.242.213 ...	2019-11-12 01:21:32
202.179.43.27	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-12 00:48:17
35.223.234.185	attackbots	query: login'A=0	2019-11-12 01:24:23
45.227.253.141	attackbotsspam	Nov 11 17:26:50 relay postfix/smtpd\[7710\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 11 17:28:46 relay postfix/smtpd\[6753\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 11 17:28:53 relay postfix/smtpd\[7706\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 11 17:29:13 relay postfix/smtpd\[6753\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 11 17:29:20 relay postfix/smtpd\[7710\]: warning: unknown\[45.227.253.141\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-11-12 00:45:16
104.10.134.68	attackspam	Lines containing failures of 104.10.134.68 Nov 11 12:13:12 icinga sshd[18787]: Did not receive identification string from 104.10.134.68 port 35064 Nov 11 12:13:30 icinga sshd[18833]: Invalid user ryan from 104.10.134.68 port 37028 Nov 11 12:13:30 icinga sshd[18833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.10.134.68 Nov 11 12:13:32 icinga sshd[18833]: Failed password for invalid user ryan from 104.10.134.68 port 37028 ssh2 Nov 11 12:13:32 icinga sshd[18833]: Received disconnect from 104.10.134.68 port 37028:11: Bye Bye [preauth] Nov 11 12:13:32 icinga sshd[18833]: Disconnected from invalid user ryan 104.10.134.68 port 37028 [preauth] Nov 11 12:13:47 icinga sshd[18994]: Invalid user ftpuser from 104.10.134.68 port 38490 Nov 11 12:13:47 icinga sshd[18994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.10.134.68 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=104.10	2019-11-12 00:57:08
182.61.41.203	attackspambots	Nov 11 17:56:40 vps666546 sshd\[26759\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.41.203 user=root Nov 11 17:56:42 vps666546 sshd\[26759\]: Failed password for root from 182.61.41.203 port 35232 ssh2 Nov 11 18:01:36 vps666546 sshd\[26930\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.41.203 user=root Nov 11 18:01:38 vps666546 sshd\[26930\]: Failed password for root from 182.61.41.203 port 35258 ssh2 Nov 11 18:06:24 vps666546 sshd\[27095\]: Invalid user brusdal from 182.61.41.203 port 34874 Nov 11 18:06:24 vps666546 sshd\[27095\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.41.203 ...	2019-11-12 01:14:56
94.50.242.70	attackbots	Chat Spam	2019-11-12 01:20:36
94.143.193.56	attackbots	Brute force SMTP login attempts.	2019-11-12 01:17:46
146.88.240.4	attackbotsspam	11/11/2019-11:35:39.874417 146.88.240.4 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2019-11-12 01:16:06

Recently Reported IPs

150.109.117.118	183.89.238.167	77.42.76.253	66.181.160.49
188.226.197.249	51.106.121.78	10.129.175.0	213.132.219.175
189.208.189.22	80.82.64.242	220.168.22.51	203.205.250.33
187.84.146.190	63.143.99.52	36.90.208.243	132.232.40.131
192.99.247.102	132.145.187.94	92.222.79.157	79.142.76.210