14.161.37.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 17:15:53,849 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.161.37.94)	2019-09-17 09:15:30

相同子网IP讨论:

IP	类型	评论内容	时间
14.161.37.185	attackbots	IMAP brute force ...	2020-04-22 22:31:33
14.161.37.242	attackbots	1584335301 - 03/16/2020 06:08:21 Host: 14.161.37.242/14.161.37.242 Port: 445 TCP Blocked	2020-03-16 22:13:25
14.161.37.35	attack	port scan and connect, tcp 23 (telnet)	2019-12-01 04:28:53
14.161.37.250	attackspam	Chat Spam	2019-09-17 03:14:49
14.161.37.140	attack	Unauthorized connection attempt from IP address 14.161.37.140 on Port 445(SMB)	2019-08-28 00:51:35
14.161.37.213	attackbotsspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=8192)(08041230)	2019-08-05 02:49:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.37.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8046
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.37.94.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Sep 17 09:15:25 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

94.37.161.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
94.37.161.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
118.254.141.210	attackbotsspam	Brute force blocker - service: proftpd1 - aantal: 98 - Sat Aug 25 03:50:14 2018	2020-09-26 02:59:47
91.240.193.56	attackbotsspam	Invalid user ubuntu from 91.240.193.56 port 39054	2020-09-26 03:13:38
138.68.71.18	attackbots	5x Failed Password	2020-09-26 03:09:10
139.59.10.27	attackspam	Sep 25 19:54:02 ns382633 sshd\[3427\]: Invalid user user from 139.59.10.27 port 51256 Sep 25 19:54:02 ns382633 sshd\[3427\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.27 Sep 25 19:54:04 ns382633 sshd\[3427\]: Failed password for invalid user user from 139.59.10.27 port 51256 ssh2 Sep 25 20:02:23 ns382633 sshd\[5336\]: Invalid user oper from 139.59.10.27 port 46106 Sep 25 20:02:23 ns382633 sshd\[5336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.10.27	2020-09-26 03:12:55
35.247.205.152	attack	2020-09-25T18:30:37.776042cyberdyne sshd[1197720]: Invalid user ed from 35.247.205.152 port 48426 2020-09-25T18:30:37.778893cyberdyne sshd[1197720]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.247.205.152 2020-09-25T18:30:37.776042cyberdyne sshd[1197720]: Invalid user ed from 35.247.205.152 port 48426 2020-09-25T18:30:39.426278cyberdyne sshd[1197720]: Failed password for invalid user ed from 35.247.205.152 port 48426 ssh2 ...	2020-09-26 03:12:25
52.170.248.124	attack	(sshd) Failed SSH login from 52.170.248.124 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 25 11:02:16 optimus sshd[22377]: Invalid user kube from 52.170.248.124 Sep 25 11:02:16 optimus sshd[22377]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.170.248.124 Sep 25 11:02:18 optimus sshd[22377]: Failed password for invalid user kube from 52.170.248.124 port 42364 ssh2 Sep 25 11:06:59 optimus sshd[26624]: Invalid user rob from 52.170.248.124 Sep 25 11:06:59 optimus sshd[26624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.170.248.124	2020-09-26 02:54:42
51.254.205.6	attack	Sep 25 20:47:07 h1745522 sshd[1598]: Invalid user reynaldo from 51.254.205.6 port 38930 Sep 25 20:47:07 h1745522 sshd[1598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.205.6 Sep 25 20:47:07 h1745522 sshd[1598]: Invalid user reynaldo from 51.254.205.6 port 38930 Sep 25 20:47:10 h1745522 sshd[1598]: Failed password for invalid user reynaldo from 51.254.205.6 port 38930 ssh2 Sep 25 20:50:54 h1745522 sshd[1764]: Invalid user odoo10 from 51.254.205.6 port 60760 Sep 25 20:50:54 h1745522 sshd[1764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.205.6 Sep 25 20:50:54 h1745522 sshd[1764]: Invalid user odoo10 from 51.254.205.6 port 60760 Sep 25 20:50:55 h1745522 sshd[1764]: Failed password for invalid user odoo10 from 51.254.205.6 port 60760 ssh2 Sep 25 20:54:34 h1745522 sshd[1874]: Invalid user ubuntu from 51.254.205.6 port 54356 ...	2020-09-26 03:13:51
42.194.168.89	attackbots	Sep 25 19:07:15 ns382633 sshd\[23408\]: Invalid user ts3srv from 42.194.168.89 port 49162 Sep 25 19:07:15 ns382633 sshd\[23408\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.194.168.89 Sep 25 19:07:17 ns382633 sshd\[23408\]: Failed password for invalid user ts3srv from 42.194.168.89 port 49162 ssh2 Sep 25 19:17:45 ns382633 sshd\[25533\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.194.168.89 user=root Sep 25 19:17:47 ns382633 sshd\[25533\]: Failed password for root from 42.194.168.89 port 36624 ssh2	2020-09-26 03:10:31
51.79.54.234	attack	prod8 ...	2020-09-26 02:57:06
62.234.146.42	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-25T18:45:56Z and 2020-09-25T18:52:13Z	2020-09-26 03:21:51
179.191.200.215	attackspambots	Honeypot attack, port: 445, PTR: 179-191-200-215.static.sumicity.net.br.	2020-09-26 03:24:50
159.65.9.229	attackspambots	Sep 25 19:28:17 meumeu sshd[614632]: Invalid user lin from 159.65.9.229 port 42620 Sep 25 19:28:17 meumeu sshd[614632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.9.229 Sep 25 19:28:17 meumeu sshd[614632]: Invalid user lin from 159.65.9.229 port 42620 Sep 25 19:28:19 meumeu sshd[614632]: Failed password for invalid user lin from 159.65.9.229 port 42620 ssh2 Sep 25 19:32:33 meumeu sshd[614823]: Invalid user Administrator from 159.65.9.229 port 50776 Sep 25 19:32:33 meumeu sshd[614823]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.9.229 Sep 25 19:32:33 meumeu sshd[614823]: Invalid user Administrator from 159.65.9.229 port 50776 Sep 25 19:32:35 meumeu sshd[614823]: Failed password for invalid user Administrator from 159.65.9.229 port 50776 ssh2 Sep 25 19:36:56 meumeu sshd[615034]: Invalid user manager from 159.65.9.229 port 59304 ...	2020-09-26 03:15:21
200.199.227.195	attackspambots	prod6 ...	2020-09-26 02:56:51
101.69.240.94	attackbotsspam	Invalid user mcguitaruser from 101.69.240.94 port 37782	2020-09-26 03:19:08
142.0.38.58	attackspambots	lfd: (smtpauth) Failed SMTP AUTH login from 142.0.38.58 (samego.modestionsm.net): 5 in the last 3600 secs - Thu Aug 23 07:42:56 2018	2020-09-26 03:05:10

最近上报的IP列表

185.17.149.197	30.124.39.134	180.232.127.166	153.117.164.106
210.8.11.163	79.241.200.116	205.177.156.41	181.7.237.243
110.144.78.105	126.65.91.131	175.63.194.111	152.246.2.247
52.35.32.17	75.95.191.116	163.35.133.92	207.65.233.62
96.152.57.248	109.177.245.102	186.237.45.207	122.253.187.211