14.48.157.245 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 14.48.157.245 to port 5555 [J]	2020-01-06 13:34:27
attackbots	Unauthorized connection attempt detected from IP address 14.48.157.245 to port 5555 [J]	2020-01-05 22:57:20

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.48.157.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22524
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.48.157.245.			IN	A

;; AUTHORITY SECTION:
.			590	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010500 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 05 22:57:15 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 245.157.48.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.157.48.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.137.234.25	attack	Port scan on 6 port(s): 2614 2842 3279 3301 3333 3386	2019-06-24 21:59:56
198.46.81.30	attack	Inmotion Hosting not keeping their house clean.	2019-06-24 21:40:23
191.53.222.178	attackbotsspam	Jun 24 08:08:21 web1 postfix/smtpd[26703]: warning: unknown[191.53.222.178]: SASL PLAIN authentication failed: authentication failure ...	2019-06-24 22:15:45
94.176.76.188	attack	Unauthorised access (Jun 24) SRC=94.176.76.188 LEN=40 TTL=245 ID=49994 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jun 24) SRC=94.176.76.188 LEN=40 TTL=245 ID=20303 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jun 24) SRC=94.176.76.188 LEN=40 TTL=245 ID=32746 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jun 24) SRC=94.176.76.188 LEN=40 TTL=245 ID=50053 DF TCP DPT=23 WINDOW=14600 SYN Unauthorised access (Jun 24) SRC=94.176.76.188 LEN=40 TTL=245 ID=44038 DF TCP DPT=23 WINDOW=14600 SYN	2019-06-24 21:55:43
200.76.56.35	attack	445/tcp 445/tcp 445/tcp... [2019-04-24/06-24]15pkt,1pt.(tcp)	2019-06-24 21:16:10
79.137.20.253	attack	C1,WP GET /manga/wp-login.php	2019-06-24 21:57:04
189.89.223.121	attackbots	SMTP-sasl brute force ...	2019-06-24 21:21:14
92.247.4.170	attack	NAME : SPNET CIDR : 92.247.0.0/21 \| STATUS : 200 ROBOT {Looking for resource vulnerabilities} DDoS Attack Bulgaria - block certain countries :) IP: 92.247.4.170 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-06-24 22:01:08
177.221.109.237	attackspam	SMTP-sasl brute force ...	2019-06-24 21:17:14
5.44.196.17	attackspambots	Jun 24 11:46:56 wildwolf ssh-honeypotd[26164]: Failed password for admin from 5.44.196.17 port 36130 ssh2 (target: 158.69.100.150:22, password: Symbol) Jun 24 11:46:57 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 5.44.196.17 port 36130 ssh2 (target: 158.69.100.150:22, password: iDirect) Jun 24 11:46:57 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 5.44.196.17 port 36130 ssh2 (target: 158.69.100.150:22, password: er2perp) Jun 24 11:46:57 wildwolf ssh-honeypotd[26164]: Failed password for r.r from 5.44.196.17 port 36130 ssh2 (target: 158.69.100.150:22, password: qwertyuiop) Jun 24 11:46:57 wildwolf ssh-honeypotd[26164]: Failed password for enablediag from 5.44.196.17 port 36130 ssh2 (target: 158.69.100.150:22, password: ironport) Jun 24 11:46:58 wildwolf ssh-honeypotd[26164]: Failed password for admin from 5.44.196.17 port 36130 ssh2 (target: 158.69.100.150:22, password: 1988) Jun 24 11:46:58 wildwolf ssh-honeypotd[26164]: Failed password for c........ ------------------------------	2019-06-24 22:05:27
218.102.211.235	attackbots	Jun 24 14:44:04 mail sshd\[6237\]: Invalid user developer from 218.102.211.235 Jun 24 14:44:04 mail sshd\[6237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.102.211.235 Jun 24 14:44:05 mail sshd\[6237\]: Failed password for invalid user developer from 218.102.211.235 port 14392 ssh2 ...	2019-06-24 22:14:03
81.192.8.14	attackbots	20 attempts against mh-ssh on steel.magehost.pro	2019-06-24 21:38:30
1.84.93.125	attack	Jun 24 14:01:33 venus sshd[19791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.84.93.125 user=r.r Jun 24 14:01:33 venus sshd[19794]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.84.93.125 user=r.r Jun 24 14:01:34 venus sshd[19791]: Failed password for r.r from 1.84.93.125 port 43324 ssh2 Jun 24 14:01:34 venus sshd[19794]: Failed password for r.r from 1.84.93.125 port 43335 ssh2 Jun 24 14:01:35 venus sshd[19788]: Invalid user admin from 1.84.93.125 port 43321 Jun 24 14:01:35 venus sshd[19788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.84.93.125 Jun 24 14:01:37 venus sshd[19791]: Failed password for r.r from 1.84.93.125 port 43324 ssh2 Jun 24 14:01:37 venus sshd[19794]: Failed password for r.r from 1.84.93.125 port 43335 ssh2 Jun 24 14:01:38 venus sshd[19788]: Failed password for invalid user admin from 1.84.93.125 port 43321 ssh2 Jun........ ------------------------------	2019-06-24 22:07:19
159.89.180.214	attackbots	Automatic report - Web App Attack	2019-06-24 21:32:53
114.4.131.227	attackspam	Automatic report - Web App Attack	2019-06-24 21:31:22

Recently Reported IPs

181.92.118.117	181.12.166.181	180.67.189.185	178.151.99.212
176.98.219.0	172.105.218.213	168.195.101.225	156.223.23.33
152.169.152.68	151.250.107.98	148.0.179.214	143.0.63.135
125.134.204.80	193.84.236.22	125.129.129.233	26.166.198.196
43.242.220.130	125.7.187.110	121.176.3.80	118.43.100.208