122.199.152.61

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: NexG Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-24T06:07:15Z and 2020-09-24T06:15:43Z	2020-09-24 20:55:13
attackbotsspam	s2.hscode.pl - SSH Attack	2020-09-24 12:51:30
attack	21 attempts against mh-ssh on river	2020-09-24 04:20:11

Comments on same subnet:

IP	Type	Details	Datetime
122.199.152.114	attack	(sshd) Failed SSH login from 122.199.152.114 (KR/South Korea/static.122-199-152-114.nexg.net): 5 in the last 3600 secs	2020-05-27 18:55:44
122.199.152.114	attackbots	May 21 22:58:49 abendstille sshd\[1413\]: Invalid user zhangchunxu2 from 122.199.152.114 May 21 22:58:49 abendstille sshd\[1413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114 May 21 22:58:52 abendstille sshd\[1413\]: Failed password for invalid user zhangchunxu2 from 122.199.152.114 port 62888 ssh2 May 21 23:02:45 abendstille sshd\[4933\]: Invalid user htjcadd from 122.199.152.114 May 21 23:02:45 abendstille sshd\[4933\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114 ...	2020-05-22 05:13:45
122.199.152.114	attackspam	Mar 13 08:07:58 haigwepa sshd[19376]: Failed password for root from 122.199.152.114 port 37970 ssh2 ...	2020-03-13 15:23:46
122.199.152.114	attackspambots	Feb 25 14:07:49 hpm sshd\[17300\]: Invalid user Ronald from 122.199.152.114 Feb 25 14:07:49 hpm sshd\[17300\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114 Feb 25 14:07:51 hpm sshd\[17300\]: Failed password for invalid user Ronald from 122.199.152.114 port 31336 ssh2 Feb 25 14:17:41 hpm sshd\[18042\]: Invalid user support from 122.199.152.114 Feb 25 14:17:41 hpm sshd\[18042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114	2020-02-26 08:37:25
122.199.152.114	attackspambots	ssh brute force	2020-02-25 13:46:49
122.199.152.114	attackspam	Feb 18 18:46:16 MK-Soft-VM4 sshd[23815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114 Feb 18 18:46:18 MK-Soft-VM4 sshd[23815]: Failed password for invalid user o2 from 122.199.152.114 port 35079 ssh2 ...	2020-02-19 04:33:38
122.199.152.114	attack	Port scan on 1 port(s): 22	2020-02-17 18:46:55
122.199.152.114	attackbotsspam	Feb 14 14:50:57 cp sshd[12791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114	2020-02-14 23:16:43
122.199.152.114	attackbots	Feb 11 14:29:08 web1 sshd\[14468\]: Invalid user eds from 122.199.152.114 Feb 11 14:29:08 web1 sshd\[14468\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114 Feb 11 14:29:10 web1 sshd\[14468\]: Failed password for invalid user eds from 122.199.152.114 port 48447 ssh2 Feb 11 14:34:13 web1 sshd\[14930\]: Invalid user hpsmh from 122.199.152.114 Feb 11 14:34:13 web1 sshd\[14930\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114	2020-02-12 08:50:48
122.199.152.114	attackspam	Automatic report - Banned IP Access	2019-12-26 22:44:00
122.199.152.114	attack	SSH Brute Force	2019-12-22 21:08:31
122.199.152.114	attack	Dec 21 17:32:28 hcbbdb sshd\[388\]: Invalid user gitolite2 from 122.199.152.114 Dec 21 17:32:28 hcbbdb sshd\[388\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114 Dec 21 17:32:30 hcbbdb sshd\[388\]: Failed password for invalid user gitolite2 from 122.199.152.114 port 34343 ssh2 Dec 21 17:39:35 hcbbdb sshd\[1231\]: Invalid user murgallis from 122.199.152.114 Dec 21 17:39:35 hcbbdb sshd\[1231\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.114	2019-12-22 01:58:11
122.199.152.157	attack	SSH Brute-Forcing (server2)	2019-12-14 04:55:23
122.199.152.157	attackbotsspam	Dec 12 08:41:10 ns381471 sshd[21560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.157 Dec 12 08:41:13 ns381471 sshd[21560]: Failed password for invalid user emowilliams from 122.199.152.157 port 63116 ssh2	2019-12-12 16:00:47
122.199.152.157	attackspambots	Dec 11 10:11:07 plusreed sshd[24608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.199.152.157 user=root Dec 11 10:11:09 plusreed sshd[24608]: Failed password for root from 122.199.152.157 port 59294 ssh2 ...	2019-12-11 23:23:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.199.152.61
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59099
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.199.152.61.			IN	A

;; AUTHORITY SECTION:
.			478	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020092301 1800 900 604800 86400

;; Query time: 64 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Sep 24 04:20:08 CST 2020
;; MSG SIZE  rcvd: 118

Host info

61.152.199.122.in-addr.arpa domain name pointer static.122-199-152-61.nexg.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
61.152.199.122.in-addr.arpa	name = static.122-199-152-61.nexg.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.75.208.178	attack	SSH login attempts.	2020-03-07 19:49:02
27.78.36.91	attackspambots	unauthorized connection attempt	2020-03-07 19:23:21
211.35.251.29	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-07 19:51:09
36.56.57.221	attackspambots	Email rejected due to spam filtering	2020-03-07 20:05:56
117.4.137.72	attackbotsspam	Honeypot attack, port: 445, PTR: localhost.	2020-03-07 19:44:34
190.190.103.11	attack	unauthorized connection attempt	2020-03-07 20:05:03
117.242.138.26	attackspambots	" "	2020-03-07 19:57:19
217.133.205.220	attack	Honeypot attack, port: 445, PTR: 217-133-205-220.static.clienti.tiscali.it.	2020-03-07 19:39:54
140.143.236.197	attackbotsspam	Mar 7 10:14:22 mail sshd[14073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.236.197 user=root Mar 7 10:14:24 mail sshd[14073]: Failed password for root from 140.143.236.197 port 46762 ssh2 Mar 7 10:26:11 mail sshd[15536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.236.197 user=root Mar 7 10:26:13 mail sshd[15536]: Failed password for root from 140.143.236.197 port 50018 ssh2 Mar 7 10:29:51 mail sshd[15859]: Invalid user liyujiang from 140.143.236.197 ...	2020-03-07 20:00:49
51.75.30.238	attackspam	Mar 7 07:30:07 vps46666688 sshd[14917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.30.238 Mar 7 07:30:09 vps46666688 sshd[14917]: Failed password for invalid user postgres from 51.75.30.238 port 47498 ssh2 ...	2020-03-07 19:30:38
163.204.11.227	attackbots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-07 19:38:26
59.36.139.145	attackspambots	Mar 7 15:44:21 gw1 sshd[17714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.36.139.145 Mar 7 15:44:23 gw1 sshd[17714]: Failed password for invalid user docker from 59.36.139.145 port 60485 ssh2 ...	2020-03-07 19:52:41
185.47.65.30	attackbots	Tried sshing with brute force.	2020-03-07 19:43:34
61.95.233.61	attackbotsspam	2020-03-06 UTC: (102x) - HTTP,adela,admin,ali,angel,anonymous,applmgr,asterisk,aws,beach,billy,bin,bot,cactiuser,cms,cpanelcabcache,daniel(2x),debian-spamd,deploy,des,dev(2x),ekp,ftp,ftpsecure,ftpuser,gameserver,git,guest,gzw,hadoop,hosting,irc,itsupport,jose,loyal,lp,luis,mailnull,mapred,maria,minecraft(2x),mq,nas,neutron,newadmin,news,nfsnobody,nicolas,nobody,nproc(2x),odoo,openvpn,oscar,php,postgres,rabbitmq,radio,root(15x),rootalias,rr,sb,sdco,solr,sybase,sysop,tanwei,teamspeak3-server(2x),test(2x),testuser,tmpu1,tom,tsbot,ubuntu(3x),user,user03,vendeg,w,wangmeng,wangq,xyp	2020-03-07 19:21:13
192.241.205.159	attack	smtp	2020-03-07 20:04:16

Recently Reported IPs

42.3.48.212	101.243.138.104	245.115.48.116	241.188.254.97
200.73.129.6	183.153.217.208	171.15.158.28	57.40.217.119
39.243.245.131	99.203.83.230	131.233.126.37	222.181.206.183
216.171.226.166	40.68.90.206	40.88.132.9	189.114.67.133
68.230.127.2	108.238.133.214	128.229.77.142	185.192.209.143