220.149.241.72

Basic Info

City: unknown

Region: unknown

Country: Korea, Republic of

Internet Service Provider: Dankook University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	2019-10-29T03:50:00.586738shield sshd\[27593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.72 user=root 2019-10-29T03:50:02.959389shield sshd\[27593\]: Failed password for root from 220.149.241.72 port 43632 ssh2 2019-10-29T03:54:41.278158shield sshd\[28662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.72 user=root 2019-10-29T03:54:43.892004shield sshd\[28662\]: Failed password for root from 220.149.241.72 port 58328 ssh2 2019-10-29T03:59:09.685412shield sshd\[29957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.72 user=root	2019-10-29 12:03:52

Type

Details

Datetime

attackbotsspam

2019-10-29T03:50:00.586738shield sshd\[27593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.72  user=root
2019-10-29T03:50:02.959389shield sshd\[27593\]: Failed password for root from 220.149.241.72 port 43632 ssh2
2019-10-29T03:54:41.278158shield sshd\[28662\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.72  user=root
2019-10-29T03:54:43.892004shield sshd\[28662\]: Failed password for root from 220.149.241.72 port 58328 ssh2
2019-10-29T03:59:09.685412shield sshd\[29957\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.72  user=root

2019-10-29 12:03:52

Comments on same subnet:

IP	Type	Details	Datetime
220.149.241.75	attackspambots	Oct 23 02:03:37 sachi sshd\[26049\]: Invalid user user6 from 220.149.241.75 Oct 23 02:03:38 sachi sshd\[26049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.75 Oct 23 02:03:39 sachi sshd\[26049\]: Failed password for invalid user user6 from 220.149.241.75 port 38192 ssh2 Oct 23 02:08:19 sachi sshd\[26389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.75 user=root Oct 23 02:08:20 sachi sshd\[26389\]: Failed password for root from 220.149.241.75 port 52706 ssh2	2019-10-23 20:31:45
220.149.241.71	attackbots	ssh intrusion attempt	2019-10-23 01:51:56
220.149.241.71	attackbots	Invalid user ard from 220.149.241.71 port 51340	2019-10-21 04:01:35

Type

Details

Datetime

220.149.241.75

attackspambots

Oct 23 02:03:37 sachi sshd\[26049\]: Invalid user user6 from 220.149.241.75
Oct 23 02:03:38 sachi sshd\[26049\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.75
Oct 23 02:03:39 sachi sshd\[26049\]: Failed password for invalid user user6 from 220.149.241.75 port 38192 ssh2
Oct 23 02:08:19 sachi sshd\[26389\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.241.75  user=root
Oct 23 02:08:20 sachi sshd\[26389\]: Failed password for root from 220.149.241.75 port 52706 ssh2

2019-10-23 20:31:45

220.149.241.71

attackbots

ssh intrusion attempt

2019-10-23 01:51:56

220.149.241.71

attackbots

Invalid user ard from 220.149.241.71 port 51340

2019-10-21 04:01:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.149.241.72
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6266
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.149.241.72.			IN	A

;; AUTHORITY SECTION:
.			332	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102801 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 12:03:49 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 72.241.149.220.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 72.241.149.220.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.93.232.193	attackspam	2019-11-15T14:42:30.308047shield sshd\[29151\]: Invalid user ubuntu from 142.93.232.193 port 51488 2019-11-15T14:42:30.312510shield sshd\[29151\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.232.193 2019-11-15T14:42:32.621019shield sshd\[29151\]: Failed password for invalid user ubuntu from 142.93.232.193 port 51488 ssh2 2019-11-15T14:42:55.111170shield sshd\[29284\]: Invalid user ubuntu from 142.93.232.193 port 50082 2019-11-15T14:42:55.115582shield sshd\[29284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.232.193	2019-11-16 01:28:58
218.92.0.145	attackbots	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.145 user=root Failed password for root from 218.92.0.145 port 37605 ssh2 Failed password for root from 218.92.0.145 port 37605 ssh2 Failed password for root from 218.92.0.145 port 37605 ssh2 Failed password for root from 218.92.0.145 port 37605 ssh2	2019-11-16 01:19:34
118.25.111.153	attackbots	Nov 15 10:44:14 TORMINT sshd\[22197\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.111.153 user=games Nov 15 10:44:16 TORMINT sshd\[22197\]: Failed password for games from 118.25.111.153 port 35566 ssh2 Nov 15 10:49:02 TORMINT sshd\[22427\]: Invalid user Jaakko from 118.25.111.153 Nov 15 10:49:02 TORMINT sshd\[22427\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.111.153 ...	2019-11-16 01:06:35
193.70.43.220	attackspambots	2019-11-15T17:31:58.628300abusebot.cloudsearch.cf sshd\[30815\]: Invalid user havyn from 193.70.43.220 port 60808	2019-11-16 01:37:41
92.118.38.38	attack	Nov 15 17:51:55 andromeda postfix/smtpd\[34004\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Nov 15 17:52:15 andromeda postfix/smtpd\[30270\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Nov 15 17:52:19 andromeda postfix/smtpd\[34702\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Nov 15 17:52:31 andromeda postfix/smtpd\[30270\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure Nov 15 17:52:51 andromeda postfix/smtpd\[34702\]: warning: unknown\[92.118.38.38\]: SASL LOGIN authentication failed: authentication failure	2019-11-16 01:07:13
222.186.173.238	attack	Nov 15 12:24:59 xentho sshd[15681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Nov 15 12:25:01 xentho sshd[15681]: Failed password for root from 222.186.173.238 port 56586 ssh2 Nov 15 12:25:05 xentho sshd[15681]: Failed password for root from 222.186.173.238 port 56586 ssh2 Nov 15 12:24:59 xentho sshd[15681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Nov 15 12:25:01 xentho sshd[15681]: Failed password for root from 222.186.173.238 port 56586 ssh2 Nov 15 12:25:05 xentho sshd[15681]: Failed password for root from 222.186.173.238 port 56586 ssh2 Nov 15 12:24:59 xentho sshd[15681]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.238 user=root Nov 15 12:25:01 xentho sshd[15681]: Failed password for root from 222.186.173.238 port 56586 ssh2 Nov 15 12:25:05 xentho sshd[15681]: Failed password for r ...	2019-11-16 01:25:58
41.207.182.133	attackbots	2019-11-15T16:45:58.378870abusebot-2.cloudsearch.cf sshd\[10099\]: Invalid user test from 41.207.182.133 port 39582	2019-11-16 01:07:36
118.24.54.178	attackbotsspam	Aug 1 12:47:17 microserver sshd[28293]: Invalid user jmail from 118.24.54.178 port 56512 Aug 1 12:47:17 microserver sshd[28293]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.54.178 Aug 1 12:47:19 microserver sshd[28293]: Failed password for invalid user jmail from 118.24.54.178 port 56512 ssh2 Aug 1 12:51:13 microserver sshd[28915]: Invalid user vmail from 118.24.54.178 port 45412 Aug 1 12:51:13 microserver sshd[28915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.54.178 Aug 1 13:03:02 microserver sshd[30403]: Invalid user hhhh from 118.24.54.178 port 40344 Aug 1 13:03:02 microserver sshd[30403]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.54.178 Aug 1 13:03:04 microserver sshd[30403]: Failed password for invalid user hhhh from 118.24.54.178 port 40344 ssh2 Aug 1 13:06:54 microserver sshd[31022]: Invalid user ftpadmin from 118.24.54.178 port 57458 Aug	2019-11-16 01:09:16
178.128.207.29	attackspam	$f2bV_matches	2019-11-16 01:33:50
185.176.27.2	attackbots	11/15/2019-18:06:46.462714 185.176.27.2 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-11-16 01:22:58
83.93.53.220	attackbots	Scanning	2019-11-16 01:14:57
208.68.39.164	attack	2019-11-15T08:28:40.4785051495-001 sshd\[12226\]: Failed password for invalid user vcsa from 208.68.39.164 port 34726 ssh2 2019-11-15T09:28:44.0957461495-001 sshd\[14362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.68.39.164 user=mysql 2019-11-15T09:28:46.6756501495-001 sshd\[14362\]: Failed password for mysql from 208.68.39.164 port 54194 ssh2 2019-11-15T09:32:42.2038331495-001 sshd\[14518\]: Invalid user shimokawa from 208.68.39.164 port 35402 2019-11-15T09:32:42.2116651495-001 sshd\[14518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.68.39.164 2019-11-15T09:32:43.7982521495-001 sshd\[14518\]: Failed password for invalid user shimokawa from 208.68.39.164 port 35402 ssh2 ...	2019-11-16 01:08:12
104.244.72.98	attack	Port scan	2019-11-16 01:25:17
220.92.16.66	attackspambots	Nov 15 14:58:47 XXXXXX sshd[33829]: Invalid user incoming from 220.92.16.66 port 39414	2019-11-16 01:29:43
89.248.168.217	attack	11/15/2019-18:11:44.965775 89.248.168.217 Protocol: 17 ET DROP Dshield Block Listed Source group 1	2019-11-16 01:16:53

Recently Reported IPs

78.96.17.169	189.59.36.131	177.136.34.161	193.93.192.204
251.228.162.121	185.89.100.187	111.76.66.83	83.171.253.168
193.218.113.10	37.115.218.208	5.9.77.62	2408:8214:7a01:9368:b4be:29cf:89eb:79f8
193.188.22.62	185.125.23.49	191.254.66.166	188.213.161.105
163.172.84.50	80.94.243.216	185.220.68.232	106.13.198.32