121.149.112.58

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Port Scan	2020-09-29 03:59:48
attackspambots	Port Scan	2020-09-28 20:13:43
attackbotsspam	Sep 28 03:40:18 itv-usvr-02 sshd[14935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.149.112.58 user=root Sep 28 03:40:22 itv-usvr-02 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.149.112.58 user=root Sep 28 03:40:26 itv-usvr-02 sshd[14940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.149.112.58 user=root	2020-09-28 12:17:35

Type

Details

Datetime

attackbotsspam

Port Scan

2020-09-29 03:59:48

attackspambots

Port Scan

2020-09-28 20:13:43

attackbotsspam

Sep 28 03:40:18 itv-usvr-02 sshd[14935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.149.112.58  user=root
Sep 28 03:40:22 itv-usvr-02 sshd[14937]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.149.112.58  user=root
Sep 28 03:40:26 itv-usvr-02 sshd[14940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.149.112.58  user=root

2020-09-28 12:17:35

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.149.112.58
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55411
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.149.112.58.			IN	A

;; AUTHORITY SECTION:
.			126	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092701 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 28 12:17:30 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 58.112.149.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 58.112.149.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.76.107.186	attack	Oct 16 21:19:22 legacy sshd[23482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.107.186 Oct 16 21:19:24 legacy sshd[23482]: Failed password for invalid user Relationen2017 from 180.76.107.186 port 41627 ssh2 Oct 16 21:23:50 legacy sshd[23563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.107.186 ...	2019-10-17 07:06:17
46.38.144.146	attack	2019-10-17 01:50:48 login authenticator failed for (User) [46.38.144.146]: 535 Incorrect authentication data	2019-10-17 07:06:07
113.87.194.116	attack	(sshd) Failed SSH login from 113.87.194.116 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 16 23:38:29 server2 sshd[8086]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.87.194.116 user=root Oct 16 23:38:32 server2 sshd[8086]: Failed password for root from 113.87.194.116 port 58075 ssh2 Oct 16 23:55:16 server2 sshd[8569]: Invalid user test from 113.87.194.116 port 37276 Oct 16 23:55:18 server2 sshd[8569]: Failed password for invalid user test from 113.87.194.116 port 37276 ssh2 Oct 16 23:59:24 server2 sshd[8636]: Invalid user admin from 113.87.194.116 port 56836	2019-10-17 06:50:16
117.187.12.126	attack	Oct 16 21:33:40 unicornsoft sshd\[1502\]: Invalid user user from 117.187.12.126 Oct 16 21:33:40 unicornsoft sshd\[1502\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.187.12.126 Oct 16 21:33:42 unicornsoft sshd\[1502\]: Failed password for invalid user user from 117.187.12.126 port 40546 ssh2	2019-10-17 06:53:52
112.166.68.193	attackbotsspam	Oct 16 22:20:35 ip-172-31-62-245 sshd\[27429\]: Invalid user eq from 112.166.68.193\ Oct 16 22:20:37 ip-172-31-62-245 sshd\[27429\]: Failed password for invalid user eq from 112.166.68.193 port 38524 ssh2\ Oct 16 22:24:51 ip-172-31-62-245 sshd\[27445\]: Invalid user postdrop from 112.166.68.193\ Oct 16 22:24:53 ip-172-31-62-245 sshd\[27445\]: Failed password for invalid user postdrop from 112.166.68.193 port 48224 ssh2\ Oct 16 22:29:07 ip-172-31-62-245 sshd\[27465\]: Failed password for root from 112.166.68.193 port 57916 ssh2\	2019-10-17 06:38:51
41.180.68.214	attackbots	Unauthorized SSH login attempts	2019-10-17 07:15:55
81.22.45.107	attackbotsspam	Oct 17 00:51:55 mc1 kernel: \[2552684.998330\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=41077 PROTO=TCP SPT=48649 DPT=7470 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 00:58:39 mc1 kernel: \[2553088.896093\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=60866 PROTO=TCP SPT=48649 DPT=6705 WINDOW=1024 RES=0x00 SYN URGP=0 Oct 17 00:59:13 mc1 kernel: \[2553122.935381\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.107 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=859 PROTO=TCP SPT=48649 DPT=7333 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-10-17 07:01:26
221.131.68.210	attackspambots	$f2bV_matches	2019-10-17 07:11:48
77.233.4.133	attack	Invalid user lturpin from 77.233.4.133 port 40750	2019-10-17 06:40:59
77.220.133.164	attackspam	Port 1433 Scan	2019-10-17 06:48:53
49.234.224.245	attackbots	Oct 16 21:24:24 localhost sshd\[7296\]: Invalid user 12071207 from 49.234.224.245 port 33542 Oct 16 21:24:24 localhost sshd\[7296\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.224.245 Oct 16 21:24:26 localhost sshd\[7296\]: Failed password for invalid user 12071207 from 49.234.224.245 port 33542 ssh2	2019-10-17 06:45:09
106.12.85.76	attack	Oct 16 18:26:36 xtremcommunity sshd\[588313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.76 user=root Oct 16 18:26:39 xtremcommunity sshd\[588313\]: Failed password for root from 106.12.85.76 port 44134 ssh2 Oct 16 18:30:54 xtremcommunity sshd\[588371\]: Invalid user john from 106.12.85.76 port 57242 Oct 16 18:30:54 xtremcommunity sshd\[588371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.85.76 Oct 16 18:30:56 xtremcommunity sshd\[588371\]: Failed password for invalid user john from 106.12.85.76 port 57242 ssh2 ...	2019-10-17 06:46:49
171.67.70.155	attackbotsspam	SSH Scan	2019-10-17 06:43:15
49.88.112.72	attackbots	Oct 17 01:48:10 sauna sshd[5648]: Failed password for root from 49.88.112.72 port 27696 ssh2 ...	2019-10-17 06:54:25
54.37.156.188	attack	Oct 17 00:22:16 SilenceServices sshd[27967]: Failed password for root from 54.37.156.188 port 42689 ssh2 Oct 17 00:25:57 SilenceServices sshd[29558]: Failed password for root from 54.37.156.188 port 34590 ssh2	2019-10-17 06:47:16

Recently Reported IPs

112.85.42.183	87.26.68.104	186.77.247.15	192.241.237.249
183.232.228.66	246.49.1.10	250.79.146.212	200.68.142.225
51.158.21.116	165.22.61.112	85.104.18.166	9.83.130.176
178.42.1.113	162.142.125.29	106.52.22.129	168.195.252.188
162.142.125.28	116.85.71.133	115.165.211.139	112.85.42.96