14.50.103.121 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	DATE:2020-03-02 22:58:51, IP:14.50.103.121, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-03-03 07:22:26

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.50.103.121
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14557
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.50.103.121.			IN	A

;; AUTHORITY SECTION:
.			407	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020030201 1800 900 604800 86400

;; Query time: 65 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 03 07:22:23 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 121.103.50.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 121.103.50.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.112.115.160	attack	Aug 17 03:19:20 lcprod sshd\[6383\]: Invalid user admin from 142.112.115.160 Aug 17 03:19:20 lcprod sshd\[6383\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ipagstaticip-f6ffd4e0-f46a-b142-b2ad-b6c2b58e2418.sdsl.bell.ca Aug 17 03:19:23 lcprod sshd\[6383\]: Failed password for invalid user admin from 142.112.115.160 port 59493 ssh2 Aug 17 03:23:47 lcprod sshd\[6786\]: Invalid user math from 142.112.115.160 Aug 17 03:23:47 lcprod sshd\[6786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ipagstaticip-f6ffd4e0-f46a-b142-b2ad-b6c2b58e2418.sdsl.bell.ca	2019-08-17 21:24:23
165.227.93.58	attack	Invalid user ircd from 165.227.93.58 port 35334	2019-08-17 20:52:14
118.24.102.70	attackspambots	Aug 17 09:17:55 rpi sshd[20303]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.102.70 Aug 17 09:17:57 rpi sshd[20303]: Failed password for invalid user alix from 118.24.102.70 port 34918 ssh2	2019-08-17 21:27:50
1.9.78.242	attack	" "	2019-08-17 21:45:44
109.175.36.170	attack	Automatic report - Port Scan Attack	2019-08-17 21:28:52
68.64.61.11	attackspam	'Fail2Ban'	2019-08-17 21:08:15
151.80.37.18	attackspambots	Aug 17 15:16:23 SilenceServices sshd[27942]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.37.18 Aug 17 15:16:25 SilenceServices sshd[27942]: Failed password for invalid user ubuntu from 151.80.37.18 port 43658 ssh2 Aug 17 15:21:06 SilenceServices sshd[31457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.37.18	2019-08-17 21:23:21
119.139.199.173	attackspam	Aug 16 21:10:31 tdfoods sshd\[3976\]: Invalid user aok from 119.139.199.173 Aug 16 21:10:31 tdfoods sshd\[3976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173 Aug 16 21:10:33 tdfoods sshd\[3976\]: Failed password for invalid user aok from 119.139.199.173 port 51018 ssh2 Aug 16 21:17:45 tdfoods sshd\[4615\]: Invalid user kafka from 119.139.199.173 Aug 16 21:17:45 tdfoods sshd\[4615\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.139.199.173	2019-08-17 21:51:50
36.156.24.78	attackbotsspam	Aug 17 15:32:31 legacy sshd[26172]: Failed password for root from 36.156.24.78 port 34928 ssh2 Aug 17 15:32:42 legacy sshd[26176]: Failed password for root from 36.156.24.78 port 45478 ssh2 Aug 17 15:32:45 legacy sshd[26176]: Failed password for root from 36.156.24.78 port 45478 ssh2 ...	2019-08-17 21:41:35
43.246.242.40	attack	Automatic report - Port Scan Attack	2019-08-17 20:59:30
212.92.112.131	attackspam	scan z	2019-08-17 21:11:42
78.8.238.86	attackbots	Telnet/23 MH Probe, BF, Hack -	2019-08-17 20:48:34
27.111.83.239	attack	Aug 17 06:16:59 xtremcommunity sshd\[28303\]: Invalid user stan from 27.111.83.239 port 57264 Aug 17 06:16:59 xtremcommunity sshd\[28303\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.111.83.239 Aug 17 06:17:02 xtremcommunity sshd\[28303\]: Failed password for invalid user stan from 27.111.83.239 port 57264 ssh2 Aug 17 06:21:39 xtremcommunity sshd\[28468\]: Invalid user virginia from 27.111.83.239 port 52574 Aug 17 06:21:39 xtremcommunity sshd\[28468\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.111.83.239 ...	2019-08-17 21:53:08
202.131.237.182	attackbotsspam	Aug 17 14:47:25 ncomp sshd[24670]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.237.182 user=root Aug 17 14:47:27 ncomp sshd[24670]: Failed password for root from 202.131.237.182 port 59618 ssh2 Aug 17 14:47:29 ncomp sshd[24672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.131.237.182 user=root Aug 17 14:47:32 ncomp sshd[24672]: Failed password for root from 202.131.237.182 port 63426 ssh2	2019-08-17 21:12:35
178.170.180.146	attack	$f2bV_matches	2019-08-17 21:16:44

Recently Reported IPs

78.149.38.34	142.113.238.83	220.42.2.54	102.40.69.2
95.185.176.164	11.12.148.211	159.49.238.222	93.95.160.213
14.132.226.228	23.233.140.227	142.58.138.161	123.194.172.241
114.199.185.180	34.88.143.61	108.219.178.242	204.172.203.153
157.230.102.68	138.116.164.250	61.5.60.20	121.211.26.217