211.195.159.149

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 211.195.159.149 to port 23	2020-05-12 23:53:16

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.195.159.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41201
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.195.159.149.		IN	A

;; AUTHORITY SECTION:
.			316	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051200 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 12 23:53:01 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 149.159.195.211.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.159.195.211.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
149.56.96.78	attack	Oct 9 09:15:10 game-panel sshd[18473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.96.78 Oct 9 09:15:12 game-panel sshd[18473]: Failed password for invalid user 123Talent from 149.56.96.78 port 15294 ssh2 Oct 9 09:19:08 game-panel sshd[18587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.96.78	2019-10-09 17:33:06
104.244.72.221	attackbots	Oct 9 09:55:48 rotator sshd\[19582\]: Failed password for root from 104.244.72.221 port 58466 ssh2Oct 9 09:55:51 rotator sshd\[19582\]: Failed password for root from 104.244.72.221 port 58466 ssh2Oct 9 09:55:54 rotator sshd\[19582\]: Failed password for root from 104.244.72.221 port 58466 ssh2Oct 9 09:55:57 rotator sshd\[19582\]: Failed password for root from 104.244.72.221 port 58466 ssh2Oct 9 09:56:00 rotator sshd\[19582\]: Failed password for root from 104.244.72.221 port 58466 ssh2Oct 9 09:56:03 rotator sshd\[19582\]: Failed password for root from 104.244.72.221 port 58466 ssh2 ...	2019-10-09 17:03:08
159.65.147.154	attack	Jun 16 22:37:37 server sshd\[48294\]: Invalid user lu from 159.65.147.154 Jun 16 22:37:37 server sshd\[48294\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.147.154 Jun 16 22:37:39 server sshd\[48294\]: Failed password for invalid user lu from 159.65.147.154 port 55800 ssh2 ...	2019-10-09 17:32:15
159.65.81.187	attackspam	Apr 10 00:54:14 server sshd\[52343\]: Invalid user vps from 159.65.81.187 Apr 10 00:54:14 server sshd\[52343\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.81.187 Apr 10 00:54:16 server sshd\[52343\]: Failed password for invalid user vps from 159.65.81.187 port 37676 ssh2 ...	2019-10-09 17:02:24
193.70.36.161	attackbotsspam	Oct 9 11:00:55 dedicated sshd[25005]: Invalid user TEST@2018 from 193.70.36.161 port 54808	2019-10-09 17:07:52
222.186.30.152	attackspambots	Oct 9 14:43:36 areeb-Workstation sshd[25911]: Failed password for root from 222.186.30.152 port 10220 ssh2 ...	2019-10-09 17:24:54
159.65.139.107	attackspam	Jul 2 21:15:32 server sshd\[121763\]: Invalid user rpcuser from 159.65.139.107 Jul 2 21:15:32 server sshd\[121763\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.139.107 Jul 2 21:15:34 server sshd\[121763\]: Failed password for invalid user rpcuser from 159.65.139.107 port 36104 ssh2 ...	2019-10-09 17:36:07
159.65.34.82	attackbotsspam	Jun 21 17:57:40 server sshd\[180825\]: Invalid user ku from 159.65.34.82 Jun 21 17:57:40 server sshd\[180825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.34.82 Jun 21 17:57:42 server sshd\[180825\]: Failed password for invalid user ku from 159.65.34.82 port 36836 ssh2 ...	2019-10-09 17:08:04
200.203.224.41	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/200.203.224.41/ BR - 1H : (294) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BR NAME ASN : ASN8167 IP : 200.203.224.41 CIDR : 200.203.192.0/18 PREFIX COUNT : 299 UNIQUE IP COUNT : 4493824 WYKRYTE ATAKI Z ASN8167 : 1H - 1 3H - 1 6H - 1 12H - 2 24H - 11 DateTime : 2019-10-09 05:52:39 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-09 17:25:55
159.65.239.104	attackspam	May 24 08:09:10 server sshd\[164877\]: Invalid user kj from 159.65.239.104 May 24 08:09:10 server sshd\[164877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.239.104 May 24 08:09:11 server sshd\[164877\]: Failed password for invalid user kj from 159.65.239.104 port 39204 ssh2 ...	2019-10-09 17:13:08
159.65.175.37	attackspam	Apr 18 01:44:56 server sshd\[130740\]: Invalid user test from 159.65.175.37 Apr 18 01:44:56 server sshd\[130740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.175.37 Apr 18 01:44:58 server sshd\[130740\]: Failed password for invalid user test from 159.65.175.37 port 39294 ssh2 ...	2019-10-09 17:19:39
159.65.162.182	attackspam	Jul 13 23:33:11 server sshd\[22187\]: Invalid user alumno from 159.65.162.182 Jul 13 23:33:11 server sshd\[22187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.162.182 Jul 13 23:33:12 server sshd\[22187\]: Failed password for invalid user alumno from 159.65.162.182 port 49944 ssh2 ...	2019-10-09 17:23:52
144.76.91.79	attackbotsspam	SQL Injection	2019-10-09 17:16:12
67.205.153.16	attackspam	Oct 9 10:57:12 lnxmail61 sshd[316]: Failed password for root from 67.205.153.16 port 44226 ssh2 Oct 9 11:00:46 lnxmail61 sshd[1888]: Failed password for root from 67.205.153.16 port 55734 ssh2	2019-10-09 17:38:24
198.108.67.16	attackbotsspam	198.108.67.16 - - [09/Oct/2019:03:52:59 +0000] "GET / HTTP/1.1" 403 153 "-" "Mozilla/5.0 zgrab/0.x"	2019-10-09 17:09:00

Recently Reported IPs

119.197.56.112	96.82.247.205	95.12.98.26	94.78.89.13
85.185.222.73	82.48.6.152	81.249.64.61	80.235.214.123
78.186.71.23	77.42.97.96	77.42.85.107	77.42.76.220
59.11.26.52	58.71.24.194	65.169.245.98	49.234.17.252
41.129.104.53	35.127.239.49	20.46.108.212	131.26.198.255