219.248.247.66

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: SK Broadband Co Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized access on Port 22 [ssh]	2019-08-09 19:31:37

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.248.247.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59407
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.248.247.66.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 09 19:31:30 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 66.247.248.219.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 66.247.248.219.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
101.51.130.129	attack	1592223666 - 06/15/2020 14:21:06 Host: 101.51.130.129/101.51.130.129 Port: 445 TCP Blocked	2020-06-15 21:33:21
183.47.50.8	attackspam	Jun 15 06:10:44 server1 sshd\[8534\]: Invalid user jordan from 183.47.50.8 Jun 15 06:10:45 server1 sshd\[8534\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.47.50.8 Jun 15 06:10:50 server1 sshd\[8534\]: Failed password for invalid user jordan from 183.47.50.8 port 48580 ssh2 Jun 15 06:11:57 server1 sshd\[8754\]: Invalid user dong from 183.47.50.8 Jun 15 06:12:00 server1 sshd\[8754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.47.50.8 Jun 15 06:12:02 server1 sshd\[8754\]: Failed password for invalid user dong from 183.47.50.8 port 54960 ssh2 Jun 15 06:13:14 server1 sshd\[9019\]: Invalid user ftpuser2 from 183.47.50.8 Jun 15 06:13:16 server1 sshd\[9019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.47.50.8 Jun 15 06:13:18 server1 sshd\[9019\]: Failed password for invalid user ftpuser2 from 183.47.50.8 port 61339 ssh2 Jun 15 06:14:26 server1 sshd\[9527\]: In	2020-06-15 21:17:25
27.22.127.95	attack	Jun 15 08:12:30 esmtp postfix/smtpd[28187]: lost connection after AUTH from unknown[27.22.127.95] Jun 15 08:12:38 esmtp postfix/smtpd[28163]: lost connection after AUTH from unknown[27.22.127.95] Jun 15 08:12:39 esmtp postfix/smtpd[28187]: lost connection after AUTH from unknown[27.22.127.95] Jun 15 08:12:42 esmtp postfix/smtpd[28163]: lost connection after AUTH from unknown[27.22.127.95] Jun 15 08:12:53 esmtp postfix/smtpd[28162]: lost connection after EHLO from unknown[27.22.127.95] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=27.22.127.95	2020-06-15 21:08:02
194.26.29.31	attack	Jun 15 15:16:10 debian-2gb-nbg1-2 kernel: \[14485677.976918\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.31 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=34936 PROTO=TCP SPT=47648 DPT=200 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-15 21:32:56
150.109.99.243	attackbotsspam	Jun 15 14:21:12 jane sshd[28668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.99.243 Jun 15 14:21:14 jane sshd[28668]: Failed password for invalid user natural from 150.109.99.243 port 55586 ssh2 ...	2020-06-15 21:27:23
111.231.93.242	attackspambots	$f2bV_matches	2020-06-15 21:42:25
180.76.232.66	attack	Jun 15 13:22:14 ip-172-31-61-156 sshd[31587]: Failed password for invalid user internet from 180.76.232.66 port 37232 ssh2 Jun 15 13:22:13 ip-172-31-61-156 sshd[31587]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.232.66 Jun 15 13:22:13 ip-172-31-61-156 sshd[31587]: Invalid user internet from 180.76.232.66 Jun 15 13:22:14 ip-172-31-61-156 sshd[31587]: Failed password for invalid user internet from 180.76.232.66 port 37232 ssh2 Jun 15 13:24:32 ip-172-31-61-156 sshd[31664]: Invalid user test2 from 180.76.232.66 ...	2020-06-15 21:44:14
116.110.220.55	attackbotsspam	20/6/15@08:20:54: FAIL: Alarm-Network address from=116.110.220.55 ...	2020-06-15 21:49:51
106.12.24.225	attackbotsspam	Jun 15 12:54:19 rush sshd[31254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.225 Jun 15 12:54:22 rush sshd[31254]: Failed password for invalid user cy from 106.12.24.225 port 39798 ssh2 Jun 15 12:58:22 rush sshd[31357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.24.225 ...	2020-06-15 21:32:33
125.124.70.22	attack	Jun 15 14:18:41 server sshd[32618]: Failed password for root from 125.124.70.22 port 47284 ssh2 Jun 15 14:21:18 server sshd[2981]: Failed password for invalid user db2fenc1 from 125.124.70.22 port 49688 ssh2 Jun 15 14:24:08 server sshd[6131]: Failed password for invalid user hello from 125.124.70.22 port 52104 ssh2	2020-06-15 21:25:08
201.122.102.21	attack	Jun 15 15:04:15 cosmoit sshd[21160]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.122.102.21	2020-06-15 21:46:59
222.186.31.166	attackspam	$f2bV_matches	2020-06-15 21:41:34
59.27.124.26	attackspam	2020-06-15T15:09:06.601236vps773228.ovh.net sshd[15368]: Failed password for root from 59.27.124.26 port 58976 ssh2 2020-06-15T15:11:19.504889vps773228.ovh.net sshd[15408]: Invalid user sky from 59.27.124.26 port 37462 2020-06-15T15:11:19.522426vps773228.ovh.net sshd[15408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.27.124.26 2020-06-15T15:11:19.504889vps773228.ovh.net sshd[15408]: Invalid user sky from 59.27.124.26 port 37462 2020-06-15T15:11:21.262464vps773228.ovh.net sshd[15408]: Failed password for invalid user sky from 59.27.124.26 port 37462 ssh2 ...	2020-06-15 21:33:38
172.104.109.88	attackbots	Jun 15 14:21:23 debian-2gb-nbg1-2 kernel: \[14482390.971666\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=172.104.109.88 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=52505 DPT=8181 WINDOW=65535 RES=0x00 SYN URGP=0	2020-06-15 21:15:16
173.245.202.110	attack	Fail2Ban Ban Triggered	2020-06-15 21:37:11

Recently Reported IPs

103.129.222.132	149.51.253.29	43.227.66.153	2002:42d4:1fc6::42d4:1fc6
13.75.95.112	183.89.10.26	14.185.224.44	5.54.174.44
125.167.241.8	96.44.141.102	77.42.126.53	173.254.24.16
61.247.238.70	95.10.27.239	180.183.61.127	156.218.198.3
87.107.143.192	213.227.154.95	186.235.63.249	115.54.241.97