14.161.45.187 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	(sshd) Failed SSH login from 14.161.45.187 (VN/Vietnam/static.vnpt.vn): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 11 15:23:10 optimus sshd[3270]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 user=root Oct 11 15:23:11 optimus sshd[3270]: Failed password for root from 14.161.45.187 port 51020 ssh2 Oct 11 15:55:09 optimus sshd[31504]: Invalid user test123 from 14.161.45.187 Oct 11 15:55:09 optimus sshd[31504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 Oct 11 15:55:10 optimus sshd[31504]: Failed password for invalid user test123 from 14.161.45.187 port 35170 ssh2	2020-10-12 04:09:04
attackbots	Oct 11 16:13:39 mx sshd[1351830]: Failed password for root from 14.161.45.187 port 47020 ssh2 Oct 11 16:14:33 mx sshd[1351838]: Invalid user uu from 14.161.45.187 port 52915 Oct 11 16:14:33 mx sshd[1351838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 Oct 11 16:14:33 mx sshd[1351838]: Invalid user uu from 14.161.45.187 port 52915 Oct 11 16:14:35 mx sshd[1351838]: Failed password for invalid user uu from 14.161.45.187 port 52915 ssh2 ...	2020-10-11 20:07:57
attackspam	$f2bV_matches	2020-10-11 12:07:15
attack	2020-10-10 16:10:30.176107-0500 localhost sshd[48225]: Failed password for root from 14.161.45.187 port 36078 ssh2	2020-10-11 05:31:23
attackbots	Invalid user tester from 14.161.45.187 port 35104	2020-09-21 02:03:57
attackbots	Invalid user tester from 14.161.45.187 port 35104	2020-09-20 18:04:22
attackbotsspam	Aug 17 07:12:39 PorscheCustomer sshd[28388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 Aug 17 07:12:41 PorscheCustomer sshd[28388]: Failed password for invalid user lisa from 14.161.45.187 port 36779 ssh2 Aug 17 07:14:24 PorscheCustomer sshd[28481]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 ...	2020-08-17 13:29:25
attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-08-02 13:25:02
attackspam	Jul 23 16:54:26 Invalid user yxy from 14.161.45.187 port 40629	2020-07-23 23:09:34
attackspam	Jul 21 23:45:10 abendstille sshd\[7566\]: Invalid user mm from 14.161.45.187 Jul 21 23:45:10 abendstille sshd\[7566\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 Jul 21 23:45:12 abendstille sshd\[7566\]: Failed password for invalid user mm from 14.161.45.187 port 41466 ssh2 Jul 21 23:49:06 abendstille sshd\[11714\]: Invalid user sda from 14.161.45.187 Jul 21 23:49:06 abendstille sshd\[11714\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 ...	2020-07-22 06:38:30
attack	2020-07-21T09:08:01.919873afi-git.jinr.ru sshd[15602]: Invalid user gitolite from 14.161.45.187 port 57538 2020-07-21T09:08:01.923118afi-git.jinr.ru sshd[15602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 2020-07-21T09:08:01.919873afi-git.jinr.ru sshd[15602]: Invalid user gitolite from 14.161.45.187 port 57538 2020-07-21T09:08:03.706524afi-git.jinr.ru sshd[15602]: Failed password for invalid user gitolite from 14.161.45.187 port 57538 ssh2 2020-07-21T09:10:56.435301afi-git.jinr.ru sshd[16384]: Invalid user guest from 14.161.45.187 port 49604 ...	2020-07-21 14:28:04
attackspam	SSH Brute-Forcing (server1)	2020-06-28 15:50:13
attackspambots	Jun 19 12:41:20 vps639187 sshd\[26885\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 user=root Jun 19 12:41:21 vps639187 sshd\[26885\]: Failed password for root from 14.161.45.187 port 60281 ssh2 Jun 19 12:44:41 vps639187 sshd\[26937\]: Invalid user ustin from 14.161.45.187 port 60197 Jun 19 12:44:41 vps639187 sshd\[26937\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 ...	2020-06-19 18:58:42
attack	145. On Jun 7 2020 experienced a Brute Force SSH login attempt -> 80 unique times by 14.161.45.187.	2020-06-08 08:27:32
attackbots	(sshd) Failed SSH login from 14.161.45.187 (VN/Vietnam/static.vnpt.vn): 5 in the last 3600 secs	2020-05-23 01:15:27
attackspambots	May 10 15:18:13 sip sshd[199212]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 May 10 15:18:13 sip sshd[199212]: Invalid user restart from 14.161.45.187 port 47964 May 10 15:18:15 sip sshd[199212]: Failed password for invalid user restart from 14.161.45.187 port 47964 ssh2 ...	2020-05-11 00:49:10
attackspam	May 9 02:33:13 melroy-server sshd[31193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 May 9 02:33:15 melroy-server sshd[31193]: Failed password for invalid user www from 14.161.45.187 port 55785 ssh2 ...	2020-05-09 20:19:51
attack	$f2bV_matches	2020-04-08 08:56:39
attackbotsspam	invalid user	2020-04-07 15:47:52
attack	Apr 2 20:33:26 mout sshd[15383]: Failed password for root from 14.161.45.187 port 40555 ssh2 Apr 2 20:36:38 mout sshd[15640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 user=root Apr 2 20:36:40 mout sshd[15640]: Failed password for root from 14.161.45.187 port 39570 ssh2	2020-04-03 02:43:03
attack	Mar 27 07:32:30 ns3042688 sshd\[30230\]: Invalid user mmo from 14.161.45.187 Mar 27 07:32:30 ns3042688 sshd\[30230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 Mar 27 07:32:32 ns3042688 sshd\[30230\]: Failed password for invalid user mmo from 14.161.45.187 port 38291 ssh2 Mar 27 07:35:53 ns3042688 sshd\[32178\]: Invalid user zbi from 14.161.45.187 Mar 27 07:35:53 ns3042688 sshd\[32178\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 ...	2020-03-27 14:49:49
attackbotsspam	SSH brute-force attempt	2020-03-24 16:44:25
attackbotsspam	leo_www	2020-03-18 17:58:05
attack	Mar 16 15:46:18 host sshd[20163]: Invalid user list from 14.161.45.187 port 58949 ...	2020-03-17 00:55:52
attackbots	sshd jail - ssh hack attempt	2020-03-08 21:21:06
attack	Mar 6 23:29:39 srv01 sshd[25227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 user=root Mar 6 23:29:41 srv01 sshd[25227]: Failed password for root from 14.161.45.187 port 47193 ssh2 Mar 6 23:32:08 srv01 sshd[25468]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 user=root Mar 6 23:32:10 srv01 sshd[25468]: Failed password for root from 14.161.45.187 port 38584 ssh2 Mar 6 23:34:36 srv01 sshd[25606]: Invalid user amit from 14.161.45.187 port 58210 ...	2020-03-07 07:13:29
attackspambots	Feb 29 08:22:00 silence02 sshd[25976]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187 Feb 29 08:22:02 silence02 sshd[25976]: Failed password for invalid user guoyifan from 14.161.45.187 port 36942 ssh2 Feb 29 08:27:31 silence02 sshd[26219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.187	2020-02-29 15:28:57

相同子网IP讨论:

IP	类型	评论内容	时间
14.161.45.253	attack	Jul 5 17:26:58 Host-KLAX-C dovecot: imap-login: Disconnected (auth failed, 1 attempts in 9 secs): user=, method=PLAIN, rip=14.161.45.253, lip=185.198.26.142, TLS, session= ...	2020-07-06 08:07:12
14.161.45.179	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-06-10 02:40:23
14.161.45.92	attack	Dovecot Invalid User Login Attempt.	2020-05-16 16:58:55
14.161.45.83	attackspambots	This IP Address sent many spam to @bit.co.id mhamdanrifai@gmail.com is administrator	2019-12-26 16:32:50
14.161.45.78	attackspambots	"Fail2Ban detected SSH brute force attempt"	2019-11-02 04:33:28
14.161.45.253	attackspambots	Oct 7 13:42:52 dev sshd\[10939\]: Invalid user admin from 14.161.45.253 port 44058 Oct 7 13:42:52 dev sshd\[10939\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.45.253 Oct 7 13:42:54 dev sshd\[10939\]: Failed password for invalid user admin from 14.161.45.253 port 44058 ssh2	2019-10-07 23:54:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.45.187
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 51612
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.45.187.			IN	A

;; AUTHORITY SECTION:
.			314	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022900 1800 900 604800 86400

;; Query time: 255 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 29 15:28:50 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

187.45.161.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
187.45.161.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

IP	类型	评论内容	时间
18.162.109.62	attackbotsspam	Lines containing failures of 18.162.109.62 Oct 5 11:51:47 www sshd[31558]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.162.109.62 user=r.r Oct 5 11:51:48 www sshd[31558]: Failed password for r.r from 18.162.109.62 port 53092 ssh2 Oct 5 11:51:49 www sshd[31558]: Received disconnect from 18.162.109.62 port 53092:11: Bye Bye [preauth] Oct 5 11:51:49 www sshd[31558]: Disconnected from authenticating user r.r 18.162.109.62 port 53092 [preauth] Oct 5 12:00:24 www sshd[1055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=18.162.109.62 user=r.r Oct 5 12:00:26 www sshd[1055]: Failed password for r.r from 18.162.109.62 port 51652 ssh2 Oct 5 12:00:26 www sshd[1055]: Received disconnect from 18.162.109.62 port 51652:11: Bye Bye [preauth] Oct 5 12:00:26 www sshd[1055]: Disconnected from authenticating user r.r 18.162.109.62 port 51652 [preauth] Oct 5 12:04:11 www sshd[1673]: pam_unix(s........ ------------------------------	2020-10-08 20:43:13
85.193.211.134	attack	SS5,Magento Bruteforce Login Attack POST /index.php/admin/	2020-10-08 20:32:04
218.92.0.249	attack	[MK-VM5] SSH login failed	2020-10-08 20:33:06
62.201.120.141	attack	Oct 8 10:12:32 mail sshd[5033]: Failed password for root from 62.201.120.141 port 36608 ssh2 ...	2020-10-08 20:45:42
189.7.81.29	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-08T11:38:42Z and 2020-10-08T11:49:26Z	2020-10-08 20:53:26
152.136.219.146	attack	2020-10-08T00:44:30.262404ks3355764 sshd[21606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.136.219.146 user=root 2020-10-08T00:44:32.487143ks3355764 sshd[21606]: Failed password for root from 152.136.219.146 port 52448 ssh2 ...	2020-10-08 21:03:59
180.167.240.210	attackbots	Brute-force attempt banned	2020-10-08 20:55:02
122.51.59.95	attack	Oct 8 12:34:46 *** sshd[32594]: User root from 122.51.59.95 not allowed because not listed in AllowUsers	2020-10-08 20:51:26
119.45.39.188	attackbotsspam	Oct 8 06:21:57 v2202009116398126984 sshd[2166273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.45.39.188 user=root Oct 8 06:22:00 v2202009116398126984 sshd[2166273]: Failed password for root from 119.45.39.188 port 48800 ssh2 ...	2020-10-08 21:06:57
61.177.172.107	attackspambots	Oct 8 09:44:49 vps46666688 sshd[19696]: Failed password for root from 61.177.172.107 port 54212 ssh2 Oct 8 09:45:03 vps46666688 sshd[19696]: error: maximum authentication attempts exceeded for root from 61.177.172.107 port 54212 ssh2 [preauth] ...	2020-10-08 20:46:12
210.12.130.161	attack	IP 210.12.130.161 attacked honeypot on port: 1433 at 10/7/2020 1:46:22 PM	2020-10-08 20:55:19
139.162.77.6	attack	TCP (SYN) 139.162.77.6:37494 -> port 3389, len 44	2020-10-08 20:59:00
101.89.143.15	attackbots	Oct 08 03:35:51 askasleikir sshd[14430]: Failed password for root from 101.89.143.15 port 35958 ssh2	2020-10-08 21:04:38
113.161.69.158	attackspambots	SSH login attempts.	2020-10-08 20:50:31
41.79.78.59	attack	Triggered by Fail2Ban at Ares web server	2020-10-08 20:46:39

最近上报的IP列表

113.182.227.20	34.232.168.126	176.52.97.73	113.182.180.87
113.182.151.185	46.77.76.156	113.181.171.123	213.238.250.246
185.191.254.76	39.98.212.165	190.72.173.111	220.132.57.92
113.178.232.65	113.178.106.203	52.163.220.158	44.88.95.54
113.177.80.220	66.118.172.187	112.133.54.19	232.189.23.6