125.214.60.149

Basic Info

City: unknown

Region: unknown

Country: Vietnam

Internet Service Provider: Viettel Corporation

Hostname: unknown

Organization: Viettel Corporation

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Feb 4 14:48:21 grey postfix/smtpd\[26474\]: NOQUEUE: reject: RCPT from unknown\[125.214.60.149\]: 554 5.7.1 Service unavailable\; Client host \[125.214.60.149\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[125.214.60.149\]\; from=\ to=\ proto=ESMTP helo=\<\[125.214.60.149\]\> ...	2020-02-05 03:34:28

Type

Details

Datetime

attackspam

Feb  4 14:48:21 grey postfix/smtpd\[26474\]: NOQUEUE: reject: RCPT from unknown\[125.214.60.149\]: 554 5.7.1 Service unavailable\; Client host \[125.214.60.149\] blocked using truncate.gbudb.net\; http://www.gbudb.com/truncate/ \[125.214.60.149\]\; from=\ to=\ proto=ESMTP helo=\<\[125.214.60.149\]\>
...

2020-02-05 03:34:28

Comments on same subnet:

IP	Type	Details	Datetime
125.214.60.119	attackspam	20/8/14@08:18:54: FAIL: Alarm-Intrusion address from=125.214.60.119 ...	2020-08-15 04:11:33
125.214.60.245	attack	[25/Jun/2020 x@x [25/Jun/2020 x@x [25/Jun/2020 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.214.60.245	2020-06-26 07:36:26
125.214.60.222	attackbotsspam	1591531497 - 06/07/2020 14:04:57 Host: 125.214.60.222/125.214.60.222 Port: 445 TCP Blocked	2020-06-08 01:29:51
125.214.60.142	attackbots	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-06-02 16:03:13
125.214.60.70	attackbots	DATE:2020-02-02 16:08:06, IP:125.214.60.70, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-03 02:43:59
125.214.60.222	attackspam	Unauthorized connection attempt detected from IP address 125.214.60.222 to port 445	2019-12-23 02:42:29
125.214.60.144	attackbots	2019-11-20 07:09:49 H=([125.214.60.144]) [125.214.60.144]:64653 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.214.60.144) 2019-11-20 07:09:49 unexpected disconnection while reading SMTP command from ([125.214.60.144]) [125.214.60.144]:64653 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 07:18:18 H=([125.214.60.144]) [125.214.60.144]:50125 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=125.214.60.144) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=125.214.60.144	2019-11-20 20:07:41
125.214.60.13	attackbots	B: Magento admin pass test (wrong country)	2019-10-02 17:49:02
125.214.60.17	attack	IP: 125.214.60.17 ASN: AS24086 Viettel Corporation Port: Simple Mail Transfer 25 Found in one or more Blacklists Date: 28/07/2019 1:13:36 AM UTC	2019-07-28 11:37:26

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 125.214.60.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24391
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;125.214.60.149.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042200 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 22 23:19:53 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 149.60.214.125.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 149.60.214.125.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.0.254.65	attackspam	138.0.254.65 (BR/Brazil/-), 10 distributed smtpauth attacks on account [info] in the last 3600 secs; ID: DAN	2020-07-08 02:01:53
139.59.61.103	attackspambots	$f2bV_matches	2020-07-08 02:18:26
14.167.53.140	attackspam	1594123018 - 07/07/2020 13:56:58 Host: 14.167.53.140/14.167.53.140 Port: 445 TCP Blocked	2020-07-08 02:35:50
139.59.254.93	attackbotsspam	Jul 7 20:13:19 mout sshd[11165]: Invalid user amie from 139.59.254.93 port 60657	2020-07-08 02:31:53
197.249.46.152	attackspam	Unknown connection out of country.	2020-07-08 02:30:51
103.10.198.194	attackspambots	Tried sshing with brute force.	2020-07-08 02:38:22
164.132.38.166	attack	164.132.38.166 - - [07/Jul/2020:19:01:39 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.38.166 - - [07/Jul/2020:19:01:40 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 164.132.38.166 - - [07/Jul/2020:19:01:40 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-08 02:04:05
46.101.172.97	attackspam	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-07-07T17:43:50Z and 2020-07-07T17:50:49Z	2020-07-08 02:32:56
47.190.81.83	attack	(sshd) Failed SSH login from 47.190.81.83 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD	2020-07-08 02:12:50
66.70.160.187	attackspam	66.70.160.187 - - [07/Jul/2020:15:45:09 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1865 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.70.160.187 - - [07/Jul/2020:15:45:10 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1857 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 66.70.160.187 - - [07/Jul/2020:15:45:10 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-08 02:32:24
39.34.149.73	attackbots	Fail2Ban - HTTP Auth Bruteforce Attempt	2020-07-08 02:15:27
94.102.51.58	attackspam	SmallBizIT.US 4 packets to tcp(55503,55589,55603,55606)	2020-07-08 02:10:03
94.130.57.176	attackbotsspam	RDP brute forcing (d)	2020-07-08 02:23:05
14.227.63.162	attackbots	1594123036 - 07/07/2020 13:57:16 Host: 14.227.63.162/14.227.63.162 Port: 445 TCP Blocked	2020-07-08 02:23:35
185.143.72.25	attackbots	Jul 7 20:27:51 relay postfix/smtpd\[3923\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 20:28:31 relay postfix/smtpd\[3922\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 20:29:09 relay postfix/smtpd\[3922\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 20:29:49 relay postfix/smtpd\[1530\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jul 7 20:30:28 relay postfix/smtpd\[8384\]: warning: unknown\[185.143.72.25\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-07-08 02:36:18

Recently Reported IPs

115.5.181.70	139.59.88.87	193.106.30.98	108.35.235.203
164.143.23.189	174.44.38.110	216.21.68.134	124.111.12.186
129.247.89.152	122.227.52.114	94.47.87.143	59.127.75.155
182.226.170.14	163.135.243.12	13.232.170.138	203.215.191.158
123.97.39.13	117.97.213.248	177.144.175.200	38.122.139.154