221.143.48.143

Basic Info

City: Dongdaemun-gu

Region: Seoul

Country: South Korea

Internet Service Provider: SK Broadband Co Ltd

Hostname: unknown

Organization: SK Broadband Co Ltd

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	2020-10-13T15:41:33.7716541495-001 sshd[31760]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 2020-10-13T15:41:33.7668311495-001 sshd[31760]: Invalid user schmidt from 221.143.48.143 port 53992 2020-10-13T15:41:36.3357861495-001 sshd[31760]: Failed password for invalid user schmidt from 221.143.48.143 port 53992 ssh2 2020-10-13T15:45:14.0709151495-001 sshd[31991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 user=root 2020-10-13T15:45:15.9728391495-001 sshd[31991]: Failed password for root from 221.143.48.143 port 65204 ssh2 2020-10-13T15:48:58.0320121495-001 sshd[32118]: Invalid user nextweb from 221.143.48.143 port 25874 ...	2020-10-14 04:23:48
attack	Brute%20Force%20SSH	2020-10-13 19:50:06
attackbotsspam	Sep 20 19:59:56 [host] sshd[21729]: pam_unix(sshd: Sep 20 19:59:59 [host] sshd[21729]: Failed passwor Sep 20 20:03:55 [host] sshd[21836]: pam_unix(sshd:	2020-09-21 02:24:32
attack	SSH Brute-Force reported by Fail2Ban	2020-09-20 18:25:06
attack	Sep 1 19:40:45 rotator sshd\[16792\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 1 19:40:48 rotator sshd\[16792\]: Failed password for root from 221.143.48.143 port 33726 ssh2Sep 1 19:44:19 rotator sshd\[16809\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 1 19:44:19 rotator sshd\[16809\]: Invalid user made from 221.143.48.143Sep 1 19:44:21 rotator sshd\[16809\]: Failed password for invalid user made from 221.143.48.143 port 41260 ssh2Sep 1 19:47:58 rotator sshd\[17571\]: Address 221.143.48.143 maps to mailfwd.mailplug.co.kr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 1 19:47:58 rotator sshd\[17571\]: Invalid user hadoop from 221.143.48.143 ...	2020-09-02 04:41:41
attack	Aug 29 07:58:00 dev0-dcde-rnet sshd[10818]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 Aug 29 07:58:02 dev0-dcde-rnet sshd[10818]: Failed password for invalid user play from 221.143.48.143 port 43952 ssh2 Aug 29 07:59:53 dev0-dcde-rnet sshd[10820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143	2020-08-29 14:46:52
attackbots	Aug 23 14:24:11 marvibiene sshd[3719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 Aug 23 14:24:13 marvibiene sshd[3719]: Failed password for invalid user marcia from 221.143.48.143 port 59514 ssh2	2020-08-23 21:51:48
attackspam	Aug 18 01:23:13 NG-HHDC-SVS-001 sshd[2151]: Invalid user kung from 221.143.48.143 ...	2020-08-18 01:28:13
attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-12T21:01:41Z and 2020-08-12T21:06:44Z	2020-08-13 06:14:19
attackspam	Aug 3 06:39:27 Host-KEWR-E sshd[11232]: Disconnected from invalid user root 221.143.48.143 port 59594 [preauth] ...	2020-08-03 19:11:35
attackspambots	SSH Login Bruteforce	2020-08-01 18:40:25
attack	Jul 21 19:17:00 wbs sshd\[7170\]: Invalid user restore from 221.143.48.143 Jul 21 19:17:00 wbs sshd\[7170\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 Jul 21 19:17:02 wbs sshd\[7170\]: Failed password for invalid user restore from 221.143.48.143 port 34754 ssh2 Jul 21 19:21:24 wbs sshd\[7522\]: Invalid user songhao from 221.143.48.143 Jul 21 19:21:24 wbs sshd\[7522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143	2020-07-22 14:13:57
attackbots	2020-07-09T13:46:19+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-07-09 22:15:30
attackspambots	Brute-force attempt banned	2020-07-08 04:32:09
attackbotsspam	Jul 4 09:18:11 vpn01 sshd[22250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 Jul 4 09:18:13 vpn01 sshd[22250]: Failed password for invalid user ep from 221.143.48.143 port 15246 ssh2 ...	2020-07-04 18:33:01
attackspambots	Jun 30 10:30:18 ajax sshd[4700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 Jun 30 10:30:20 ajax sshd[4700]: Failed password for invalid user solr from 221.143.48.143 port 47662 ssh2	2020-06-30 19:50:12
attack	Jun 25 17:39:26 plex sshd[3613]: Invalid user qno from 221.143.48.143 port 50166	2020-06-26 03:38:38
attackspambots	Invalid user untu from 221.143.48.143 port 20700 pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 Invalid user untu from 221.143.48.143 port 20700 Failed password for invalid user untu from 221.143.48.143 port 20700 ssh2 Invalid user steam from 221.143.48.143 port 28426	2020-06-17 05:15:20
attack	Jun 15 15:43:45 journals sshd\[101371\]: Invalid user emile from 221.143.48.143 Jun 15 15:43:45 journals sshd\[101371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 Jun 15 15:43:47 journals sshd\[101371\]: Failed password for invalid user emile from 221.143.48.143 port 61510 ssh2 Jun 15 15:46:20 journals sshd\[101710\]: Invalid user poc from 221.143.48.143 Jun 15 15:46:20 journals sshd\[101710\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 ...	2020-06-15 22:27:03
attack	reported through recidive - multiple failed attempts(SSH)	2020-06-07 06:55:29
attackspambots	Jun 4 16:16:51 mx sshd[8553]: Failed password for root from 221.143.48.143 port 35880 ssh2	2020-06-05 07:57:57
attackbotsspam	May 22 13:07:21 ns381471 sshd[5850]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 May 22 13:07:23 ns381471 sshd[5850]: Failed password for invalid user gogolcontent from 221.143.48.143 port 33090 ssh2	2020-05-22 19:32:33
attackbots	2020-05-13T05:15:38.844618shield sshd\[14822\]: Invalid user hostmaster from 221.143.48.143 port 49986 2020-05-13T05:15:38.855333shield sshd\[14822\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 2020-05-13T05:15:40.642310shield sshd\[14822\]: Failed password for invalid user hostmaster from 221.143.48.143 port 49986 ssh2 2020-05-13T05:19:32.222549shield sshd\[15620\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 user=root 2020-05-13T05:19:34.133876shield sshd\[15620\]: Failed password for root from 221.143.48.143 port 62682 ssh2	2020-05-13 15:15:49
attackbots	hit -> srv3:22	2020-05-01 16:40:51
attack	Invalid user zhangfei from 221.143.48.143 port 51074	2020-04-28 02:06:43
attack	2020-04-25T17:58:46.488194homeassistant sshd[8821]: Invalid user csserver from 221.143.48.143 port 30624 2020-04-25T17:58:46.500160homeassistant sshd[8821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=221.143.48.143 ...	2020-04-26 03:57:38
attackspam	Fail2Ban - SSH Bruteforce Attempt	2020-04-18 20:24:01
attackspambots	Brute-force attempt banned	2020-04-10 16:30:58
attackbotsspam	Apr 10 00:57:04 hosting sshd[5103]: Invalid user admin1 from 221.143.48.143 port 18262 ...	2020-04-10 06:30:03
attackspambots	Brute-force attempt banned	2020-04-08 22:48:59

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.143.48.143
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46590
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.143.48.143.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019050800 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Wed May 08 23:18:07 +08 2019
;; MSG SIZE  rcvd: 118

Host info

143.48.143.221.in-addr.arpa domain name pointer mailfwd.mailplug.co.kr.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
143.48.143.221.in-addr.arpa	name = mailfwd.mailplug.co.kr.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.111.214.68	attack	scan z	2020-02-18 00:37:38
27.219.119.52	attackspam	23/tcp [2020-02-17]1pkt	2020-02-18 00:42:57
210.212.29.209	attackspambots	1581946650 - 02/17/2020 14:37:30 Host: 210.212.29.209/210.212.29.209 Port: 445 TCP Blocked	2020-02-18 00:36:57
178.186.1.1	attackbots	445/tcp [2020-02-17]1pkt	2020-02-18 00:50:08
49.249.245.218	attack	1581946647 - 02/17/2020 14:37:27 Host: 49.249.245.218/49.249.245.218 Port: 445 TCP Blocked	2020-02-18 00:42:42
114.69.249.194	attackspam	Feb 17 03:50:18 hpm sshd\[14876\]: Invalid user ircd from 114.69.249.194 Feb 17 03:50:18 hpm sshd\[14876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.69.249.194 Feb 17 03:50:20 hpm sshd\[14876\]: Failed password for invalid user ircd from 114.69.249.194 port 51098 ssh2 Feb 17 03:54:35 hpm sshd\[15239\]: Invalid user sftp from 114.69.249.194 Feb 17 03:54:35 hpm sshd\[15239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=114.69.249.194	2020-02-18 00:41:48
213.57.166.168	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-18 00:38:09
89.44.177.15	attackbotsspam	8080/tcp [2020-02-17]1pkt	2020-02-18 00:38:27
88.200.214.82	attackspambots	23/tcp [2020-02-17]1pkt	2020-02-18 00:52:33
94.206.203.173	attackspam	Feb 17 15:12:49 server sshd[820700]: Failed password for invalid user zhaowei from 94.206.203.173 port 40340 ssh2 Feb 17 15:15:05 server sshd[821402]: Failed password for invalid user minecraftserver from 94.206.203.173 port 59410 ssh2 Feb 17 15:19:15 server sshd[822664]: Failed password for invalid user member from 94.206.203.173 port 50352 ssh2	2020-02-18 00:36:23
54.39.163.64	attackbotsspam	Feb 17 14:34:38 markkoudstaal sshd[26290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.163.64 Feb 17 14:34:40 markkoudstaal sshd[26290]: Failed password for invalid user bf2 from 54.39.163.64 port 52562 ssh2 Feb 17 14:37:12 markkoudstaal sshd[26715]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.163.64	2020-02-18 01:04:43
109.231.32.174	attackbots	1433/tcp [2020-02-17]1pkt	2020-02-18 01:02:08
222.186.190.92	attackspam	$f2bV_matches	2020-02-18 00:53:11
46.242.61.184	attackspambots	Unauthorized connection attempt from IP address 46.242.61.184 on Port 445(SMB)	2020-02-18 00:35:33
110.49.71.246	attackspam	Feb 17 14:37:35 sshd\[14435\]: Invalid user git from 110.49.71.246Feb 17 14:37:37 sshd\[14435\]: Failed password for invalid user git from 110.49.71.246 port 52194 ssh2 ...	2020-02-18 00:24:34

Recently Reported IPs

174.58.250.38	201.13.183.208	182.191.6.2	123.16.245.238
67.207.67.2	134.209.229.6	115.45.7.68	119.214.31.185
61.52.61.109	154.170.29.241	179.52.106.71	69.12.72.170
206.124.4.165	207.2.58.239	177.165.125.75	188.27.117.239
36.162.24.44	181.52.3.23	113.18.23.37	106.71.72.225