211.48.158.196

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 211.48.158.196 to port 5555	2020-01-05 07:21:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.48.158.196
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7141
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.48.158.196.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010402 1800 900 604800 86400

;; Query time: 111 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 05 07:21:22 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 196.158.48.211.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 196.158.48.211.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
121.30.226.25	attackspam	Tried sshing with brute force.	2019-08-15 04:23:54
41.224.59.78	attack	Automatic report - Banned IP Access	2019-08-15 04:31:48
182.162.141.78	attackbots	TCP src-port=41045 dst-port=25 dnsbl-sorbs abuseat-org barracuda (952)	2019-08-15 05:04:24
217.41.38.19	attackspambots	Aug 14 17:07:17 XXX sshd[15890]: Invalid user mona from 217.41.38.19 port 42724	2019-08-15 04:41:30
178.62.251.11	attack	Aug 14 18:16:33 Ubuntu-1404-trusty-64-minimal sshd\[10334\]: Invalid user mauro from 178.62.251.11 Aug 14 18:16:33 Ubuntu-1404-trusty-64-minimal sshd\[10334\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.251.11 Aug 14 18:16:35 Ubuntu-1404-trusty-64-minimal sshd\[10334\]: Failed password for invalid user mauro from 178.62.251.11 port 48436 ssh2 Aug 14 18:24:05 Ubuntu-1404-trusty-64-minimal sshd\[17421\]: Invalid user mfs from 178.62.251.11 Aug 14 18:24:05 Ubuntu-1404-trusty-64-minimal sshd\[17421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.251.11	2019-08-15 04:35:28
34.73.55.203	attackbots	Aug 14 19:03:01 thevastnessof sshd[7139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.73.55.203 ...	2019-08-15 04:54:03
66.8.205.220	attackspam	Aug 14 14:38:36 XXX sshd[6154]: Invalid user bcampion from 66.8.205.220 port 55674	2019-08-15 04:45:39
206.81.12.209	attack	Aug 14 16:45:56 plusreed sshd[16105]: Invalid user w from 206.81.12.209 Aug 14 16:45:56 plusreed sshd[16106]: Invalid user w from 206.81.12.209 Aug 14 16:45:56 plusreed sshd[16106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.12.209 Aug 14 16:45:56 plusreed sshd[16106]: Invalid user w from 206.81.12.209 Aug 14 16:45:57 plusreed sshd[16106]: Failed password for invalid user w from 206.81.12.209 port 34344 ssh2 Aug 14 16:45:56 plusreed sshd[16105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.81.12.209 Aug 14 16:45:56 plusreed sshd[16105]: Invalid user w from 206.81.12.209 Aug 14 16:45:57 plusreed sshd[16105]: Failed password for invalid user w from 206.81.12.209 port 34342 ssh2 ...	2019-08-15 04:55:00
43.227.68.27	attackspambots	Aug 14 19:20:27 dev0-dcde-rnet sshd[24632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.227.68.27 Aug 14 19:20:29 dev0-dcde-rnet sshd[24632]: Failed password for invalid user adalwolfa from 43.227.68.27 port 46540 ssh2 Aug 14 19:25:15 dev0-dcde-rnet sshd[24769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.227.68.27	2019-08-15 05:03:54
112.217.225.59	attackbotsspam	Aug 14 14:39:46 XXX sshd[6187]: Invalid user test from 112.217.225.59 port 14831	2019-08-15 04:30:45
181.49.150.45	attackbotsspam	Aug 14 20:55:36 server sshd[31355]: Failed password for invalid user raimundo from 181.49.150.45 port 54880 ssh2 Aug 14 21:05:59 server sshd[32288]: Failed password for invalid user snw from 181.49.150.45 port 37682 ssh2 Aug 14 21:13:39 server sshd[32982]: Failed password for invalid user cam from 181.49.150.45 port 58414 ssh2	2019-08-15 04:39:59
138.255.0.105	attackbots	Aug 14 14:40:05 XXX sshd[6212]: Invalid user oracle from 138.255.0.105 port 53862	2019-08-15 04:21:24
68.183.104.230	attack	Aug 14 20:49:10 XXX sshd[25561]: Invalid user oraprod from 68.183.104.230 port 46072	2019-08-15 04:33:37
159.65.158.164	attackbotsspam	Automatic report - Banned IP Access	2019-08-15 05:02:10
124.158.160.34	attackbotsspam	Unauthorised access (Aug 14) SRC=124.158.160.34 LEN=52 PREC=0x20 TTL=106 ID=2817 DF TCP DPT=445 WINDOW=8192 SYN	2019-08-15 04:21:46

Recently Reported IPs

189.134.136.224	189.133.5.102	187.172.190.214	187.109.119.106
186.68.1.36	185.84.220.210	177.184.192.138	177.158.179.37
152.172.24.172	141.226.5.238	121.134.219.207	148.216.143.176
121.130.178.189	26.95.193.112	113.45.85.253	118.47.250.11
0.105.31.205	112.162.30.38	104.205.224.22	104.59.109.116