121.154.93.135

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port probing on unauthorized port 23	2020-02-28 21:30:49

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.154.93.135
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38966
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.154.93.135.			IN	A

;; AUTHORITY SECTION:
.			483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022800 1800 900 604800 86400

;; Query time: 50 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 28 21:30:42 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 135.93.154.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 135.93.154.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
173.252.87.21	attackspambots	[Wed Apr 01 19:27:28.443531 2020] [:error] [pid 9221:tid 139641589266176] [client 173.252.87.21:44878] [client 173.252.87.21] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v1.js"] [unique_id "XoSIsJH0-yP5G065PankqQAAAAE"] ...	2020-04-02 04:41:12
176.31.182.79	attackbotsspam	Apr 1 22:00:04 sshd\[20969\]: User root from ns3326271.ip-176-31-182.eu not allowed because not listed in AllowUsersApr 1 22:00:06 sshd\[20969\]: Failed password for invalid user root from 176.31.182.79 port 56566 ssh2 ...	2020-04-02 04:45:24
102.23.232.194	attack	Port probing on unauthorized port 8080	2020-04-02 04:35:30
106.13.102.141	attack	Apr 2 02:56:16 webhost01 sshd[29541]: Failed password for root from 106.13.102.141 port 39966 ssh2 ...	2020-04-02 04:42:39
92.118.38.34	attackspambots	2020-04-01 22:10:24 dovecot_login authenticator failed for \(User\) \[92.118.38.34\]: 535 Incorrect authentication data \(set_id=xavier@no-server.de\) 2020-04-01 22:10:43 dovecot_login authenticator failed for \(User\) \[92.118.38.34\]: 535 Incorrect authentication data \(set_id=nenad@no-server.de\) 2020-04-01 22:10:53 dovecot_login authenticator failed for \(User\) \[92.118.38.34\]: 535 Incorrect authentication data \(set_id=nenad@no-server.de\) 2020-04-01 22:11:08 dovecot_login authenticator failed for \(User\) \[92.118.38.34\]: 535 Incorrect authentication data \(set_id=lesya@no-server.de\) 2020-04-01 22:11:18 dovecot_login authenticator failed for \(User\) \[92.118.38.34\]: 535 Incorrect authentication data \(set_id=lesya@no-server.de\) ...	2020-04-02 04:25:30
36.153.231.18	attack	Apr 1 20:36:19 [host] sshd[9375]: Invalid user hl Apr 1 20:36:19 [host] sshd[9375]: pam_unix(sshd:a Apr 1 20:36:20 [host] sshd[9375]: Failed password	2020-04-02 04:31:23
37.49.227.109	attackbots	37.49.227.109 was recorded 6 times by 6 hosts attempting to connect to the following ports: 41794. Incident counter (4h, 24h, all-time): 6, 44, 2976	2020-04-02 04:27:46
173.252.87.31	attackbotsspam	[Wed Apr 01 19:27:28.351271 2020] [:error] [pid 8793:tid 139641580873472] [client 173.252.87.31:57840] [client 173.252.87.31] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/system-v98.css"] [unique_id "XoSIsJ0uQIuM0RwO5n0YugAAAAE"] ...	2020-04-02 04:43:39
197.255.38.77	attackbotsspam	Telnet Server BruteForce Attack	2020-04-02 04:47:23
104.131.167.203	attack	Apr 1 22:29:17 ns381471 sshd[20489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.131.167.203 Apr 1 22:29:19 ns381471 sshd[20489]: Failed password for invalid user eunho from 104.131.167.203 port 53963 ssh2	2020-04-02 04:40:08
5.135.165.55	attackbotsspam	Apr 1 22:16:37 [HOSTNAME] sshd[6407]: Invalid user terminfo from 5.135.165.55 port 39038 Apr 1 22:16:37 [HOSTNAME] sshd[6407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.135.165.55 Apr 1 22:16:39 [HOSTNAME] sshd[6407]: Failed password for invalid user terminfo from 5.135.165.55 port 39038 ssh2 ...	2020-04-02 04:25:45
211.104.171.239	attackspam	2020-04-01T18:49:35.836360abusebot-6.cloudsearch.cf sshd[19301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.104.171.239 user=root 2020-04-01T18:49:38.056884abusebot-6.cloudsearch.cf sshd[19301]: Failed password for root from 211.104.171.239 port 60215 ssh2 2020-04-01T18:53:54.704709abusebot-6.cloudsearch.cf sshd[19533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.104.171.239 user=root 2020-04-01T18:53:56.814793abusebot-6.cloudsearch.cf sshd[19533]: Failed password for root from 211.104.171.239 port 37457 ssh2 2020-04-01T18:58:06.165761abusebot-6.cloudsearch.cf sshd[19801]: Invalid user soporte from 211.104.171.239 port 42939 2020-04-01T18:58:06.181258abusebot-6.cloudsearch.cf sshd[19801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.104.171.239 2020-04-01T18:58:06.165761abusebot-6.cloudsearch.cf sshd[19801]: Invalid user soporte from 211.104. ...	2020-04-02 04:19:11
23.106.219.160	attackbotsspam	(From wordpresswizardwes@yahoo.com) Hi there, I came across your website yesterday and ran into some missed opportunities I think you’ll want to take a look at! I own a digital marketing company in Kingston Ontario, and can already see several minor improvements that would be solved by a basic website management package. Although cheap, this can significantly improve your online presence and outreach. I know you’re probably very busy, but if you would like to learn more I'd be happy to send you a link with all the details. I look forward to your response, Wes	2020-04-02 04:51:38
23.80.97.160	attack	(From wordpresswizardwes@yahoo.com) Hi there, I came across your website yesterday and ran into some missed opportunities I think you’ll want to take a look at! I own a digital marketing company in Kingston Ontario, and can already see several minor improvements that would be solved by a basic website management package. Although cheap, this can significantly improve your online presence and outreach. I know you’re probably very busy, but if you would like to learn more I'd be happy to send you a link with all the details. I look forward to your response, Wes	2020-04-02 04:51:04
113.161.50.141	attack	Apr 1 18:01:39 cvbnet sshd[18606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.50.141 ...	2020-04-02 04:47:52

Recently Reported IPs

78.63.61.139	177.125.204.57	110.92.140.48	42.117.27.65
42.117.26.226	220.196.38.187	189.234.57.15	110.159.139.75
189.158.120.111	2.187.250.176	137.74.7.198	42.117.251.201
111.42.88.103	110.77.226.139	77.40.3.23	42.117.25.26
122.40.254.94	41.39.188.163	204.13.115.225	175.158.216.140