14.160.26.221 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 14.160.26.221 to port 445	2020-01-04 23:37:57

相同子网IP讨论:

IP	类型	评论内容	时间
14.160.26.103	attackbots	Port Scan ...	2020-08-11 17:06:24
14.160.26.153	attack	Unauthorized connection attempt from IP address 14.160.26.153 on Port 445(SMB)	2020-06-02 02:31:03
14.160.26.57	attack	Unauthorized connection attempt detected from IP address 14.160.26.57 to port 445	2019-12-17 22:46:18
14.160.26.57	attackspambots	Unauthorized connection attempt detected from IP address 14.160.26.57 to port 445	2019-12-16 22:08:42
14.160.26.61	attack	Dec 1 07:27:37 andromeda sshd\[37542\]: Invalid user admin from 14.160.26.61 port 59078 Dec 1 07:27:37 andromeda sshd\[37542\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.26.61 Dec 1 07:27:38 andromeda sshd\[37542\]: Failed password for invalid user admin from 14.160.26.61 port 59078 ssh2	2019-12-01 17:18:18
14.160.26.57	attackspam	445/tcp 445/tcp [2019-11-03/10]2pkt	2019-11-10 14:04:12
14.160.26.57	attackspam	Unauthorised access (Nov 1) SRC=14.160.26.57 LEN=52 TTL=116 ID=26688 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-01 19:18:47
14.160.26.57	attack	Unauthorised access (Oct 25) SRC=14.160.26.57 LEN=52 TTL=115 ID=2294 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-25 12:15:56
14.160.26.57	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 19-09-2019 11:51:42.	2019-09-20 00:00:46
14.160.26.178	attack	Sep 8 11:12:31 pkdns2 sshd\[28014\]: Address 14.160.26.178 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 8 11:12:31 pkdns2 sshd\[28014\]: Invalid user newuser from 14.160.26.178Sep 8 11:12:33 pkdns2 sshd\[28014\]: Failed password for invalid user newuser from 14.160.26.178 port 33062 ssh2Sep 8 11:17:50 pkdns2 sshd\[28235\]: Address 14.160.26.178 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 8 11:17:50 pkdns2 sshd\[28235\]: Invalid user radio from 14.160.26.178Sep 8 11:17:51 pkdns2 sshd\[28235\]: Failed password for invalid user radio from 14.160.26.178 port 55033 ssh2 ...	2019-09-08 16:33:34
14.160.26.178	attack	Sep 5 11:08:16 wbs sshd\[18371\]: Invalid user 123456789 from 14.160.26.178 Sep 5 11:08:16 wbs sshd\[18371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.26.178 Sep 5 11:08:17 wbs sshd\[18371\]: Failed password for invalid user 123456789 from 14.160.26.178 port 54391 ssh2 Sep 5 11:13:23 wbs sshd\[18919\]: Invalid user csczserver from 14.160.26.178 Sep 5 11:13:23 wbs sshd\[18919\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.26.178	2019-09-06 11:08:57
14.160.26.178	attackbots	Aug 31 20:55:50 xtremcommunity sshd\[3846\]: Invalid user mariadb from 14.160.26.178 port 49313 Aug 31 20:55:50 xtremcommunity sshd\[3846\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.26.178 Aug 31 20:55:51 xtremcommunity sshd\[3846\]: Failed password for invalid user mariadb from 14.160.26.178 port 49313 ssh2 Aug 31 21:00:33 xtremcommunity sshd\[4000\]: Invalid user guest3 from 14.160.26.178 port 43649 Aug 31 21:00:33 xtremcommunity sshd\[4000\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.26.178 ...	2019-09-01 09:20:44
14.160.26.178	attackspam	Aug 23 08:29:05 web8 sshd\[13671\]: Invalid user kinder from 14.160.26.178 Aug 23 08:29:05 web8 sshd\[13671\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.26.178 Aug 23 08:29:07 web8 sshd\[13671\]: Failed password for invalid user kinder from 14.160.26.178 port 42774 ssh2 Aug 23 08:34:02 web8 sshd\[15943\]: Invalid user denis from 14.160.26.178 Aug 23 08:34:02 web8 sshd\[15943\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.160.26.178	2019-08-23 16:53:18
14.160.26.57	attack	Unauthorized connection attempt from IP address 14.160.26.57 on Port 445(SMB)	2019-06-25 02:20:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.160.26.221
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22512
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.160.26.221.			IN	A

;; AUTHORITY SECTION:
.			305	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 23:37:48 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

221.26.160.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
221.26.160.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
91.106.199.101	attack	20 attempts against mh-ssh on echoip	2020-08-10 18:57:55
211.57.153.250	attackbots	Automatic report - Banned IP Access	2020-08-10 19:17:14
192.99.149.195	attackspam	192.99.149.195 - - [10/Aug/2020:12:15:02 +0100] "POST /wp-login.php HTTP/1.1" 200 1969 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [10/Aug/2020:12:15:03 +0100] "POST /wp-login.php HTTP/1.1" 200 1954 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 192.99.149.195 - - [10/Aug/2020:12:15:03 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 19:19:45
175.212.89.108	attackbots	Lines containing failures of 175.212.89.108 Aug 10 07:37:34 mc sshd[26100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.212.89.108 user=r.r Aug 10 07:37:37 mc sshd[26100]: Failed password for r.r from 175.212.89.108 port 55482 ssh2 Aug 10 07:37:37 mc sshd[26100]: Received disconnect from 175.212.89.108 port 55482:11: Bye Bye [preauth] Aug 10 07:37:37 mc sshd[26100]: Disconnected from authenticating user r.r 175.212.89.108 port 55482 [preauth] Aug 10 07:38:37 mc sshd[26107]: Invalid user 110120110120 from 175.212.89.108 port 62144 Aug 10 07:38:37 mc sshd[26107]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.212.89.108 Aug 10 07:38:39 mc sshd[26107]: Failed password for invalid user 110120110120 from 175.212.89.108 port 62144 ssh2 Aug 10 07:38:40 mc sshd[26107]: Received disconnect from 175.212.89.108 port 62144:11: Bye Bye [preauth] Aug 10 07:38:40 mc sshd[26107]: Disconnected f........ ------------------------------	2020-08-10 19:24:40
51.77.220.183	attackspam	Aug 10 11:40:29 master sshd[21798]: Failed password for root from 51.77.220.183 port 54940 ssh2 Aug 10 11:53:10 master sshd[22000]: Failed password for root from 51.77.220.183 port 39610 ssh2 Aug 10 11:57:09 master sshd[22077]: Failed password for root from 51.77.220.183 port 54740 ssh2 Aug 10 12:01:10 master sshd[22578]: Failed password for root from 51.77.220.183 port 41632 ssh2 Aug 10 12:05:17 master sshd[22657]: Failed password for root from 51.77.220.183 port 56796 ssh2 Aug 10 12:10:13 master sshd[22813]: Failed password for root from 51.77.220.183 port 43772 ssh2 Aug 10 12:14:00 master sshd[22837]: Failed password for root from 51.77.220.183 port 58840 ssh2 Aug 10 12:17:48 master sshd[22930]: Failed password for root from 51.77.220.183 port 45712 ssh2 Aug 10 12:21:50 master sshd[23051]: Failed password for root from 51.77.220.183 port 60824 ssh2 Aug 10 12:25:39 master sshd[23126]: Failed password for root from 51.77.220.183 port 47708 ssh2	2020-08-10 18:49:51
162.214.28.25	attackspambots	162.214.28.25 - - [10/Aug/2020:08:32:37 +0100] "POST /wp-login.php HTTP/1.1" 200 1968 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.214.28.25 - - [10/Aug/2020:08:32:40 +0100] "POST /wp-login.php HTTP/1.1" 200 1972 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 162.214.28.25 - - [10/Aug/2020:08:32:40 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-08-10 19:20:50
119.45.138.220	attackbots	...	2020-08-10 19:07:10
218.92.0.250	attack	Aug 10 13:16:21 santamaria sshd\[9286\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.250 user=root Aug 10 13:16:23 santamaria sshd\[9286\]: Failed password for root from 218.92.0.250 port 64817 ssh2 Aug 10 13:16:41 santamaria sshd\[9288\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.250 user=root ...	2020-08-10 19:21:18
112.85.42.72	attackbots	Aug 10 05:12:03 olgosrv01 sshd[11664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=r.r Aug 10 05:12:06 olgosrv01 sshd[11664]: Failed password for r.r from 112.85.42.72 port 11200 ssh2 Aug 10 05:12:08 olgosrv01 sshd[11664]: Failed password for r.r from 112.85.42.72 port 11200 ssh2 Aug 10 05:12:10 olgosrv01 sshd[11664]: Failed password for r.r from 112.85.42.72 port 11200 ssh2 Aug 10 05:12:10 olgosrv01 sshd[11664]: Received disconnect from 112.85.42.72: 11: [preauth] Aug 10 05:12:10 olgosrv01 sshd[11664]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=r.r Aug 10 05:13:33 olgosrv01 sshd[11737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.72 user=r.r Aug 10 05:13:35 olgosrv01 sshd[11737]: Failed password for r.r from 112.85.42.72 port 53316 ssh2 Aug 10 05:13:37 olgosrv01 sshd[11737]: Failed password for r.r........ -------------------------------	2020-08-10 18:48:24
72.167.224.135	attackbots	2020-08-10T12:19:01.242630centos sshd[22943]: Failed password for root from 72.167.224.135 port 49244 ssh2 2020-08-10T12:21:06.850286centos sshd[23325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=72.167.224.135 user=root 2020-08-10T12:21:08.572057centos sshd[23325]: Failed password for root from 72.167.224.135 port 35786 ssh2 ...	2020-08-10 19:15:00
61.76.169.138	attackspambots	prod11 ...	2020-08-10 18:42:28
188.246.224.140	attackspambots	Aug 10 11:22:20 mellenthin sshd[32374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.246.224.140 user=root Aug 10 11:22:22 mellenthin sshd[32374]: Failed password for invalid user root from 188.246.224.140 port 60820 ssh2	2020-08-10 19:22:54
142.4.22.236	attackbots	WordPress wp-login brute force :: 142.4.22.236 1.548 BYPASS [10/Aug/2020:10:21:48 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2003 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-08-10 19:06:47
223.223.194.101	attackbotsspam	(sshd) Failed SSH login from 223.223.194.101 (CN/China/-): 5 in the last 3600 secs	2020-08-10 18:54:00
195.3.146.114	attack	SIP/5060 Probe, BF, Hack -	2020-08-10 19:02:10

最近上报的IP列表

137.91.203.214	143.20.157.136	77.61.226.168	37.142.227.65
223.253.62.234	146.221.145.77	77.42.74.109	115.101.34.46
112.100.73.123	180.100.118.200	140.198.136.213	14.211.44.117
218.230.177.235	123.20.190.153	91.155.216.148	36.78.52.85
126.12.192.59	38.177.242.65	130.174.173.134	117.1.203.79