14.161.49.80 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Unauthorized connection attempt from IP address 14.161.49.80 on Port 445(SMB)	2019-06-29 21:53:21

相同子网IP讨论:

IP	类型	评论内容	时间
14.161.49.29	attackbotsspam	Unauthorized connection attempt from IP address 14.161.49.29 on port 993	2020-08-06 18:53:31
14.161.49.29	attackspambots	Dovecot Invalid User Login Attempt.	2020-05-08 04:21:01
14.161.49.22	attackspambots	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-05-05 12:26:08
14.161.49.16	attack	445/tcp [2020-03-28]1pkt	2020-03-29 07:47:22
14.161.49.16	attackspambots	Unauthorized connection attempt from IP address 14.161.49.16 on Port 445(SMB)	2020-03-17 14:01:47
14.161.49.22	attackspambots	unauthorized connection attempt	2020-02-19 20:49:28
14.161.49.22	attack	1576334540 - 12/14/2019 15:42:20 Host: 14.161.49.22/14.161.49.22 Port: 445 TCP Blocked	2019-12-15 03:14:39
14.161.49.111	attackspam	Sun, 21 Jul 2019 07:37:06 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 19:50:00
14.161.49.137	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 02:57:46,404 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.161.49.137)	2019-07-02 12:24:44

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.49.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59232
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.49.80.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062900 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 21:53:12 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

80.49.161.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
80.49.161.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
139.59.36.23	attackspam	Apr 9 05:50:26 minden010 sshd[5012]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.36.23 Apr 9 05:50:28 minden010 sshd[5012]: Failed password for invalid user admin from 139.59.36.23 port 56406 ssh2 Apr 9 05:53:41 minden010 sshd[5407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.36.23 ...	2020-04-09 12:42:27
222.186.180.6	attackbotsspam	Apr 9 06:12:05 vps sshd[302607]: Failed password for root from 222.186.180.6 port 19810 ssh2 Apr 9 06:12:08 vps sshd[302607]: Failed password for root from 222.186.180.6 port 19810 ssh2 Apr 9 06:12:11 vps sshd[302607]: Failed password for root from 222.186.180.6 port 19810 ssh2 Apr 9 06:12:15 vps sshd[302607]: Failed password for root from 222.186.180.6 port 19810 ssh2 Apr 9 06:12:18 vps sshd[302607]: Failed password for root from 222.186.180.6 port 19810 ssh2 ...	2020-04-09 12:18:13
190.29.166.226	attackbots	Apr 9 05:53:40 plex sshd[29660]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.29.166.226 user=root Apr 9 05:53:42 plex sshd[29660]: Failed password for root from 190.29.166.226 port 53494 ssh2 Apr 9 05:56:33 plex sshd[29757]: Invalid user admin from 190.29.166.226 port 39096 Apr 9 05:56:33 plex sshd[29757]: Invalid user admin from 190.29.166.226 port 39096	2020-04-09 12:24:04
113.133.176.204	attack	Apr 9 01:14:52 firewall sshd[19466]: Invalid user ubuntu from 113.133.176.204 Apr 9 01:14:54 firewall sshd[19466]: Failed password for invalid user ubuntu from 113.133.176.204 port 52792 ssh2 Apr 9 01:20:12 firewall sshd[19692]: Invalid user informix from 113.133.176.204 ...	2020-04-09 12:20:26
222.186.190.2	attack	Apr 9 05:56:17 ns381471 sshd[8221]: Failed password for root from 222.186.190.2 port 32184 ssh2 Apr 9 05:56:29 ns381471 sshd[8221]: error: maximum authentication attempts exceeded for root from 222.186.190.2 port 32184 ssh2 [preauth]	2020-04-09 12:27:50
31.184.254.64	attack	Apr 9 06:49:42 www sshd\[54571\]: Invalid user linda from 31.184.254.64Apr 9 06:49:44 www sshd\[54571\]: Failed password for invalid user linda from 31.184.254.64 port 47180 ssh2Apr 9 06:56:30 www sshd\[54926\]: Invalid user atlas from 31.184.254.64 ...	2020-04-09 12:36:17
49.64.179.148	attackspambots	Apr 9 05:48:26 ns382633 sshd\[15725\]: Invalid user jsclient from 49.64.179.148 port 51158 Apr 9 05:48:26 ns382633 sshd\[15725\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.64.179.148 Apr 9 05:48:28 ns382633 sshd\[15725\]: Failed password for invalid user jsclient from 49.64.179.148 port 51158 ssh2 Apr 9 05:56:10 ns382633 sshd\[17410\]: Invalid user localhost from 49.64.179.148 port 56172 Apr 9 05:56:10 ns382633 sshd\[17410\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.64.179.148	2020-04-09 12:47:14
171.103.165.54	attackspambots	(imapd) Failed IMAP login from 171.103.165.54 (TH/Thailand/171-103-165-54.static.asianet.co.th): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 9 08:26:25 ir1 dovecot[566034]: imap-login: Disconnected (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=171.103.165.54, lip=5.63.12.44, session=	2020-04-09 12:29:49
51.77.150.203	attack	Apr 9 05:39:56 server sshd[19289]: Failed password for invalid user mining from 51.77.150.203 port 47358 ssh2 Apr 9 05:53:13 server sshd[23481]: Failed password for invalid user deploy from 51.77.150.203 port 37714 ssh2 Apr 9 05:56:42 server sshd[24489]: Failed password for invalid user osm from 51.77.150.203 port 47944 ssh2	2020-04-09 12:12:13
219.75.134.27	attack	Apr 9 06:39:24 tuxlinux sshd[26163]: Invalid user cron from 219.75.134.27 port 36417 Apr 9 06:39:24 tuxlinux sshd[26163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.75.134.27 Apr 9 06:39:24 tuxlinux sshd[26163]: Invalid user cron from 219.75.134.27 port 36417 Apr 9 06:39:24 tuxlinux sshd[26163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.75.134.27 Apr 9 06:39:24 tuxlinux sshd[26163]: Invalid user cron from 219.75.134.27 port 36417 Apr 9 06:39:24 tuxlinux sshd[26163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.75.134.27 Apr 9 06:39:26 tuxlinux sshd[26163]: Failed password for invalid user cron from 219.75.134.27 port 36417 ssh2 ...	2020-04-09 12:51:34
113.70.62.125	attack	[portscan] Port scan	2020-04-09 12:39:46
198.100.146.67	attack	Apr 9 06:22:42 sso sshd[29368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.100.146.67 Apr 9 06:22:44 sso sshd[29368]: Failed password for invalid user a1 from 198.100.146.67 port 60683 ssh2 ...	2020-04-09 12:42:07
185.175.93.14	attackbotsspam	Apr 9 06:37:07 debian-2gb-nbg1-2 kernel: \[8666040.918852\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.175.93.14 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=36532 PROTO=TCP SPT=59213 DPT=1400 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-09 12:37:32
129.211.70.33	attackbotsspam	Apr 9 05:56:33 vmd17057 sshd[6999]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.70.33 Apr 9 05:56:35 vmd17057 sshd[6999]: Failed password for invalid user admin from 129.211.70.33 port 41320 ssh2 ...	2020-04-09 12:22:35
218.159.28.217	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-04-09 12:44:59

最近上报的IP列表

218.158.172.176	63.221.85.75	240.166.163.209	177.130.137.174
167.114.144.159	161.94.200.169	79.126.13.63	30.107.3.130
62.116.202.237	182.232.140.167	176.39.87.0	211.148.201.227
116.107.88.139	62.16.167.22	79.194.90.67	186.199.127.65
244.148.180.139	142.0.70.36	239.79.11.177	107.70.64.205