125.214.50.158

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Viettel Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt from IP address 125.214.50.158 on Port 445(SMB)	2020-06-14 20:21:28

Comments on same subnet:

IP	Type	Details	Datetime
125.214.50.243	attackbots	firewall-block, port(s): 445/tcp	2020-08-19 17:05:10
125.214.50.55	attackbotsspam	20/8/18@23:53:32: FAIL: Alarm-Network address from=125.214.50.55 20/8/18@23:53:32: FAIL: Alarm-Network address from=125.214.50.55 ...	2020-08-19 14:37:35
125.214.50.153	attack	445/tcp [2020-06-25]1pkt	2020-06-26 07:34:24
125.214.50.40	attack	Unauthorised access (Apr 25) SRC=125.214.50.40 LEN=52 TTL=45 ID=15526 DF TCP DPT=445 WINDOW=8192 SYN	2020-04-26 00:39:29
125.214.50.23	attack	1581774472 - 02/15/2020 14:47:52 Host: 125.214.50.23/125.214.50.23 Port: 445 TCP Blocked	2020-02-16 05:01:26
125.214.50.79	attackspambots	unauthorized connection attempt	2020-01-09 20:10:19
125.214.50.112	attack	Unauthorized connection attempt from IP address 125.214.50.112 on Port 445(SMB)	2020-01-08 00:32:32
125.214.50.27	attackbotsspam	Unauthorized connection attempt from IP address 125.214.50.27 on Port 445(SMB)	2020-01-02 03:37:18
125.214.50.151	attackspam	Unauthorized connection attempt from IP address 125.214.50.151 on Port 445(SMB)	2019-12-27 05:49:53
125.214.50.109	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 04:55:19.	2019-10-14 14:15:33
125.214.50.213	attackbots	WordPress wp-login brute force :: 125.214.50.213 0.124 BYPASS [06/Oct/2019:22:49:44 1100] [censored_1] "POST /wp-login.php HTTP/1.1" 200 3972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-10-06 20:04:52
125.214.50.155	attackbots	$f2bV_matches	2019-06-26 13:24:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.214.50.158
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6642
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.214.50.158.			IN	A

;; AUTHORITY SECTION:
.			358	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061400 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jun 14 20:21:23 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 158.50.214.125.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 158.50.214.125.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.217.58	attackspambots	Dec 15 20:26:21 wh01 sshd[1637]: Failed password for mail from 178.128.217.58 port 57544 ssh2 Dec 15 20:26:21 wh01 sshd[1637]: Received disconnect from 178.128.217.58 port 57544:11: Bye Bye [preauth] Dec 15 20:26:21 wh01 sshd[1637]: Disconnected from 178.128.217.58 port 57544 [preauth] Dec 15 20:33:55 wh01 sshd[2188]: Failed password for root from 178.128.217.58 port 55584 ssh2 Dec 15 20:33:56 wh01 sshd[2188]: Received disconnect from 178.128.217.58 port 55584:11: Bye Bye [preauth] Dec 15 20:33:56 wh01 sshd[2188]: Disconnected from 178.128.217.58 port 55584 [preauth] Dec 15 20:39:35 wh01 sshd[2766]: Invalid user admin from 178.128.217.58 port 34104 Dec 15 20:39:35 wh01 sshd[2766]: Failed password for invalid user admin from 178.128.217.58 port 34104 ssh2 Dec 15 20:39:35 wh01 sshd[2766]: Received disconnect from 178.128.217.58 port 34104:11: Bye Bye [preauth] Dec 15 20:39:35 wh01 sshd[2766]: Disconnected from 178.128.217.58 port 34104 [preauth] Dec 15 21:01:58 wh01 sshd[4754]: Failed pa	2019-12-16 04:31:22
14.243.44.42	attack	1576421290 - 12/15/2019 15:48:10 Host: 14.243.44.42/14.243.44.42 Port: 445 TCP Blocked	2019-12-16 04:23:17
115.231.231.3	attack	Dec 15 18:51:24 icinga sshd[57677]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.231.3 Dec 15 18:51:25 icinga sshd[57677]: Failed password for invalid user shan from 115.231.231.3 port 38254 ssh2 Dec 15 19:07:29 icinga sshd[7213]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.231.231.3 ...	2019-12-16 03:54:15
80.82.77.245	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-16 04:21:13
216.218.206.67	attackspambots	Unauthorized connection attempt detected from IP address 216.218.206.67 to port 873	2019-12-16 04:30:24
120.70.103.40	attackspam	Dec 15 21:11:27 server sshd\[21280\]: Invalid user hussain from 120.70.103.40 Dec 15 21:11:27 server sshd\[21280\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.40 Dec 15 21:11:29 server sshd\[21280\]: Failed password for invalid user hussain from 120.70.103.40 port 55085 ssh2 Dec 15 21:25:41 server sshd\[25511\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.40 user=sshd Dec 15 21:25:43 server sshd\[25511\]: Failed password for sshd from 120.70.103.40 port 45914 ssh2 ...	2019-12-16 04:25:20
185.175.93.105	attack	Fail2Ban Ban Triggered	2019-12-16 03:58:57
140.143.139.14	attack	Dec 15 20:46:48 gw1 sshd[23724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.139.14 Dec 15 20:46:50 gw1 sshd[23724]: Failed password for invalid user roebling from 140.143.139.14 port 55976 ssh2 ...	2019-12-16 04:19:09
46.23.144.248	attack	Automatic report - Port Scan Attack	2019-12-16 03:57:28
222.186.175.151	attackspam	Dec 15 20:51:00 loxhost sshd\[3474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.151 user=root Dec 15 20:51:02 loxhost sshd\[3474\]: Failed password for root from 222.186.175.151 port 10862 ssh2 Dec 15 20:51:05 loxhost sshd\[3474\]: Failed password for root from 222.186.175.151 port 10862 ssh2 Dec 15 20:51:08 loxhost sshd\[3474\]: Failed password for root from 222.186.175.151 port 10862 ssh2 Dec 15 20:51:11 loxhost sshd\[3474\]: Failed password for root from 222.186.175.151 port 10862 ssh2 ...	2019-12-16 03:59:14
68.5.101.90	attackspam	Web application attack detected by fail2ban	2019-12-16 04:06:59
189.165.26.13	attack	Telnet/23 MH Probe, BF, Hack -	2019-12-16 04:24:05
91.230.252.163	attack	Unauthorized connection attempt detected from IP address 91.230.252.163 to port 445	2019-12-16 04:25:44
106.75.10.4	attack	Dec 15 10:47:07 linuxvps sshd\[31111\]: Invalid user docker from 106.75.10.4 Dec 15 10:47:07 linuxvps sshd\[31111\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4 Dec 15 10:47:10 linuxvps sshd\[31111\]: Failed password for invalid user docker from 106.75.10.4 port 40901 ssh2 Dec 15 10:54:34 linuxvps sshd\[36101\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.10.4 user=ftp Dec 15 10:54:36 linuxvps sshd\[36101\]: Failed password for ftp from 106.75.10.4 port 38068 ssh2	2019-12-16 04:00:18
51.38.153.207	attackbots	Dec 15 18:23:17 vps691689 sshd[21085]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.153.207 Dec 15 18:23:20 vps691689 sshd[21085]: Failed password for invalid user webmaster2014 from 51.38.153.207 port 55040 ssh2 ...	2019-12-16 04:02:23

Recently Reported IPs

42.117.78.251	27.3.9.248	24.37.245.42	201.158.247.118
223.181.145.239	192.54.63.209	14.244.201.200	50.234.239.161
201.141.231.221	182.68.107.123	212.102.33.49	95.46.169.76
183.239.133.10	49.145.244.46	107.60.102.149	149.56.43.109
14.184.82.194	20.91.165.139	141.47.128.111	37.160.200.155