221.143.47.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea Republic of

Internet Service Provider: SK Broadband Co Ltd

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Port Scan: TCP/445	2019-08-05 10:27:01
attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(06211034)	2019-06-22 02:58:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.143.47.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45267
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.143.47.48.			IN	A

;; AUTHORITY SECTION:
.			2522	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019052500 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun May 26 03:43:33 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 48.47.143.221.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 48.47.143.221.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.251.73.231	attack	08/05/2020-11:20:27.424002 87.251.73.231 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-08-05 23:26:36
113.89.246.142	attackbots	Aug 5 14:09:01 plg sshd[10691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.246.142 user=root Aug 5 14:09:03 plg sshd[10691]: Failed password for invalid user root from 113.89.246.142 port 49620 ssh2 Aug 5 14:11:49 plg sshd[10762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.246.142 user=root Aug 5 14:11:51 plg sshd[10762]: Failed password for invalid user root from 113.89.246.142 port 52440 ssh2 Aug 5 14:14:41 plg sshd[10789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.246.142 user=root Aug 5 14:14:42 plg sshd[10789]: Failed password for invalid user root from 113.89.246.142 port 55258 ssh2 Aug 5 14:17:26 plg sshd[10813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.89.246.142 user=root ...	2020-08-05 23:14:54
148.0.61.7	attackbotsspam	Unauthorized connection attempt from IP address 148.0.61.7 on Port 445(SMB)	2020-08-05 23:56:12
45.134.179.243	attackspam	TCP (SYN) 45.134.179.243:50433 -> port 3391, len 44	2020-08-05 23:55:25
27.115.117.6	attack	Aug 5 08:40:11 ny01 sshd[772]: Failed password for root from 27.115.117.6 port 37864 ssh2 Aug 5 08:45:06 ny01 sshd[1462]: Failed password for root from 27.115.117.6 port 47518 ssh2	2020-08-05 23:48:26
189.90.14.101	attack	$f2bV_matches	2020-08-05 23:36:59
213.137.179.203	attackspambots	Aug 5 17:10:33 sip sshd[1201942]: Failed password for root from 213.137.179.203 port 49082 ssh2 Aug 5 17:14:36 sip sshd[1201962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.137.179.203 user=root Aug 5 17:14:38 sip sshd[1201962]: Failed password for root from 213.137.179.203 port 26573 ssh2 ...	2020-08-05 23:23:38
117.50.110.19	attackspam	$f2bV_matches	2020-08-05 23:43:24
112.85.42.104	attack	Aug 5 17:51:28 minden010 sshd[12429]: Failed password for root from 112.85.42.104 port 33528 ssh2 Aug 5 17:51:30 minden010 sshd[12429]: Failed password for root from 112.85.42.104 port 33528 ssh2 Aug 5 17:51:32 minden010 sshd[12429]: Failed password for root from 112.85.42.104 port 33528 ssh2 ...	2020-08-05 23:52:04
5.9.177.157	attackspam	Aug 4 17:03:53 h2040555 sshd[2918]: Failed password for r.r from 5.9.177.157 port 50900 ssh2 Aug 4 17:03:53 h2040555 sshd[2918]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:11:38 h2040555 sshd[3088]: Failed password for r.r from 5.9.177.157 port 45988 ssh2 Aug 4 17:11:38 h2040555 sshd[3088]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:16:35 h2040555 sshd[3129]: Failed password for r.r from 5.9.177.157 port 34268 ssh2 Aug 4 17:16:35 h2040555 sshd[3129]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:20:54 h2040555 sshd[3370]: Failed password for r.r from 5.9.177.157 port 50444 ssh2 Aug 4 17:20:54 h2040555 sshd[3370]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] Aug 4 17:25:04 h2040555 sshd[3422]: Failed password for r.r from 5.9.177.157 port 38366 ssh2 Aug 4 17:25:04 h2040555 sshd[3422]: Received disconnect from 5.9.177.157: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://ww	2020-08-05 23:40:36
81.159.105.17	attackspam	SSH/22 MH Probe, BF, Hack -	2020-08-05 23:23:19
106.13.133.190	attackbotsspam	(sshd) Failed SSH login from 106.13.133.190 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 5 14:09:51 amsweb01 sshd[19384]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.133.190 user=root Aug 5 14:09:52 amsweb01 sshd[19384]: Failed password for root from 106.13.133.190 port 35206 ssh2 Aug 5 14:14:33 amsweb01 sshd[20206]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.133.190 user=root Aug 5 14:14:34 amsweb01 sshd[20206]: Failed password for root from 106.13.133.190 port 52644 ssh2 Aug 5 14:16:56 amsweb01 sshd[20453]: Invalid user server#2008 from 106.13.133.190 port 50308	2020-08-05 23:36:10
125.19.48.66	attackspam	Unauthorized connection attempt from IP address 125.19.48.66 on Port 445(SMB)	2020-08-06 00:01:34
49.88.112.111	attackbots	Aug 5 08:39:35 dignus sshd[15595]: Failed password for root from 49.88.112.111 port 21105 ssh2 Aug 5 08:39:37 dignus sshd[15595]: Failed password for root from 49.88.112.111 port 21105 ssh2 Aug 5 08:39:39 dignus sshd[15595]: Failed password for root from 49.88.112.111 port 21105 ssh2 Aug 5 08:40:24 dignus sshd[15734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.111 user=root Aug 5 08:40:26 dignus sshd[15734]: Failed password for root from 49.88.112.111 port 53157 ssh2 ...	2020-08-05 23:59:28
118.89.88.221	attack	Aug 5 16:29:25 server sshd[41810]: Failed password for root from 118.89.88.221 port 59504 ssh2 Aug 5 16:33:56 server sshd[43258]: Failed password for root from 118.89.88.221 port 51366 ssh2 Aug 5 16:38:34 server sshd[44771]: Failed password for root from 118.89.88.221 port 43230 ssh2	2020-08-05 23:31:53

Recently Reported IPs

211.233.56.132	211.230.110.156	211.23.234.90	211.22.209.93
210.212.136.97	210.1.56.24	208.87.0.245	232.255.111.247
203.176.135.2	202.4.186.6	201.244.104.146	201.236.195.58
201.174.34.196	201.54.254.161	201.31.190.66	200.210.70.174
200.186.235.146	200.174.145.210	200.119.215.69	110.169.127.253