14.161.6.201 - IPInfo

基本信息:

城市(city): Ho Chi Minh City

省份(region): Ho Chi Minh

国家(country): Vietnam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): VNPT Corp

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	vps:sshd-InvalidUser	2020-10-07 05:58:15
attack	[SID1] Fail2ban detected 5 failed SSH login attempts within 30 minutes. This report was submitted automatically.	2020-10-06 22:11:26
attackbots	Automatic report - Banned IP Access	2020-10-06 13:54:48
attack	Sep 30 07:28:25 h2427292 sshd\[27336\]: Invalid user pi from 14.161.6.201 Sep 30 07:28:25 h2427292 sshd\[27339\]: Invalid user pi from 14.161.6.201 Sep 30 07:28:25 h2427292 sshd\[27336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Sep 30 07:28:25 h2427292 sshd\[27339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Sep 30 07:28:27 h2427292 sshd\[27336\]: Failed password for invalid user pi from 14.161.6.201 port 35436 ssh2 Sep 30 07:28:27 h2427292 sshd\[27339\]: Failed password for invalid user pi from 14.161.6.201 port 35440 ssh2 ...	2020-10-01 04:08:31
attackbotsspam	Sep 30 07:28:25 h2427292 sshd\[27336\]: Invalid user pi from 14.161.6.201 Sep 30 07:28:25 h2427292 sshd\[27339\]: Invalid user pi from 14.161.6.201 Sep 30 07:28:25 h2427292 sshd\[27336\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Sep 30 07:28:25 h2427292 sshd\[27339\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Sep 30 07:28:27 h2427292 sshd\[27336\]: Failed password for invalid user pi from 14.161.6.201 port 35436 ssh2 Sep 30 07:28:27 h2427292 sshd\[27339\]: Failed password for invalid user pi from 14.161.6.201 port 35440 ssh2 ...	2020-09-30 20:18:31
attackbots	Sep 29 22:41:09 ns1 sshd[78268]: Invalid user pi from 14.161.6.201 port 40492 Sep 29 22:41:09 ns1 sshd[78268]: Failed password for invalid user pi from 14.161.6.201 port 40492 ssh2 Sep 29 22:41:09 ns1 sshd[78269]: Invalid user pi from 14.161.6.201 port 40494 Sep 29 22:41:09 ns1 sshd[78269]: Failed password for invalid user pi from 14.161.6.201 port 40494 ssh2 Sep 29 22:41:10 ns1 sshd[78269]: Connection closed by invalid user pi 14.161.6.201 port 40494 [preauth] ...	2020-09-30 12:46:07
attackbots	Bruteforce detected by fail2ban	2020-09-14 03:50:04
attackspam	Bruteforce detected by fail2ban	2020-09-13 19:54:16
attackspambots	[portscan] tcp/22 [SSH] in blocklist.de:'listed [ssh]' in sorbs:'listed [web]' *(RWIN=65535)(08160949)	2020-08-16 17:08:33
attackbots	SSH Invalid Login	2020-07-24 08:21:28
attack	Jul 14 05:52:09 sip sshd[933059]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Jul 14 05:52:09 sip sshd[933059]: Invalid user pi from 14.161.6.201 port 60764 Jul 14 05:52:11 sip sshd[933059]: Failed password for invalid user pi from 14.161.6.201 port 60764 ssh2 ...	2020-07-14 15:51:38
attackspam	May 4 09:32:51 sd-126173 sshd[8987]: Invalid user pi from 14.161.6.201 port 47936 May 4 09:32:51 sd-126173 sshd[8989]: Invalid user pi from 14.161.6.201 port 47938	2020-05-04 19:25:49
attackbotsspam	Invalid user pi from 14.161.6.201 port 60546	2020-05-02 06:23:47
attackspam	Feb 29 05:55:47 ns382633 sshd\[13972\]: Invalid user pi from 14.161.6.201 port 45396 Feb 29 05:55:47 ns382633 sshd\[13974\]: Invalid user pi from 14.161.6.201 port 45398 Feb 29 05:55:47 ns382633 sshd\[13972\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Feb 29 05:55:47 ns382633 sshd\[13974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Feb 29 05:55:49 ns382633 sshd\[13972\]: Failed password for invalid user pi from 14.161.6.201 port 45396 ssh2 Feb 29 05:55:49 ns382633 sshd\[13974\]: Failed password for invalid user pi from 14.161.6.201 port 45398 ssh2	2020-02-29 13:20:51
attackbotsspam	Feb 18 14:37:36 localhost sshd\[23799\]: Invalid user pi from 14.161.6.201 Feb 18 14:37:37 localhost sshd\[23799\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Feb 18 14:37:37 localhost sshd\[23801\]: Invalid user pi from 14.161.6.201 Feb 18 14:37:37 localhost sshd\[23801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Feb 18 14:37:39 localhost sshd\[23799\]: Failed password for invalid user pi from 14.161.6.201 port 48708 ssh2 ...	2020-02-18 22:42:03
attackspambots	Feb 12 19:37:56 sigma sshd\[15226\]: Invalid user pi from 14.161.6.201Feb 12 19:37:56 sigma sshd\[15228\]: Invalid user pi from 14.161.6.201 ...	2020-02-13 05:38:58
attackbots	Unauthorized connection attempt detected from IP address 14.161.6.201 to port 22 [J]	2020-01-17 00:16:30
attack	Jan 7 11:30:45 MK-Soft-VM4 sshd[19465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 ...	2020-01-07 19:39:19
attackbots	SSH-bruteforce attempts	2020-01-03 08:34:01
attack	Dec 9 09:44:01 icecube sshd[22066]: Invalid user pi from 14.161.6.201 port 38856 Dec 9 09:44:01 icecube sshd[22066]: Failed password for invalid user pi from 14.161.6.201 port 38856 ssh2	2019-12-09 18:52:47
attack	Nov 24 20:30:40 sachi sshd\[26002\]: Invalid user pi from 14.161.6.201 Nov 24 20:30:41 sachi sshd\[26004\]: Invalid user pi from 14.161.6.201 Nov 24 20:30:41 sachi sshd\[26002\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Nov 24 20:30:41 sachi sshd\[26004\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Nov 24 20:30:43 sachi sshd\[26002\]: Failed password for invalid user pi from 14.161.6.201 port 53376 ssh2	2019-11-25 15:49:27
attackspam	$f2bV_matches	2019-11-20 02:53:27
attackbotsspam	Invalid user pi from 14.161.6.201 port 53750	2019-10-29 08:11:30
attackspam	Oct 22 03:50:05 venus sshd\[15402\]: Invalid user pi from 14.161.6.201 port 51802 Oct 22 03:50:06 venus sshd\[15404\]: Invalid user pi from 14.161.6.201 port 51806 Oct 22 03:50:06 venus sshd\[15402\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 ...	2019-10-22 18:15:49
attackbotsspam	Oct 9 21:42:17 MK-Soft-Root2 sshd[11974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Oct 9 21:42:17 MK-Soft-Root2 sshd[11972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 ...	2019-10-10 06:55:30
attackspambots	Aug 12 14:18:23 Ubuntu-1404-trusty-64-minimal sshd\[4456\]: Invalid user pi from 14.161.6.201 Aug 12 14:18:23 Ubuntu-1404-trusty-64-minimal sshd\[4458\]: Invalid user pi from 14.161.6.201 Aug 12 14:18:23 Ubuntu-1404-trusty-64-minimal sshd\[4458\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Aug 12 14:18:23 Ubuntu-1404-trusty-64-minimal sshd\[4456\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Aug 12 14:18:25 Ubuntu-1404-trusty-64-minimal sshd\[4458\]: Failed password for invalid user pi from 14.161.6.201 port 34858 ssh2 Aug 12 14:18:25 Ubuntu-1404-trusty-64-minimal sshd\[4456\]: Failed password for invalid user pi from 14.161.6.201 port 34856 ssh2	2019-08-13 02:25:57
attackbots	Aug 2 22:20:26 pkdns2 sshd\[26903\]: Address 14.161.6.201 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 2 22:20:26 pkdns2 sshd\[26903\]: Invalid user pi from 14.161.6.201Aug 2 22:20:26 pkdns2 sshd\[26905\]: Address 14.161.6.201 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 2 22:20:26 pkdns2 sshd\[26905\]: Invalid user pi from 14.161.6.201Aug 2 22:20:28 pkdns2 sshd\[26905\]: Failed password for invalid user pi from 14.161.6.201 port 43126 ssh2Aug 2 22:20:28 pkdns2 sshd\[26903\]: Failed password for invalid user pi from 14.161.6.201 port 43128 ssh2 ...	2019-08-03 10:50:31
attackspam	Attempted SSH login	2019-07-19 15:45:42
attackspambots	Jul 10 11:35:14 SilenceServices sshd[32765]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Jul 10 11:35:15 SilenceServices sshd[32767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.6.201 Jul 10 11:35:17 SilenceServices sshd[32765]: Failed password for invalid user pi from 14.161.6.201 port 35874 ssh2	2019-07-11 02:42:04
attackbots	Automatic report - Web App Attack	2019-07-01 02:41:19

相同子网IP讨论:

IP	类型	评论内容	时间
14.161.6.175	attackbotsspam	1597982315 - 08/21/2020 05:58:35 Host: 14.161.6.175/14.161.6.175 Port: 445 TCP Blocked	2020-08-21 13:15:18
14.161.6.220	attack	Email rejected due to spam filtering	2020-03-01 21:25:55
14.161.6.158	attack	Automatic report - Port Scan Attack	2020-02-15 19:07:49
14.161.68.46	attack	Jul 22 06:09:08 srv-4 sshd\[24362\]: Invalid user admin from 14.161.68.46 Jul 22 06:09:08 srv-4 sshd\[24362\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.68.46 Jul 22 06:09:11 srv-4 sshd\[24362\]: Failed password for invalid user admin from 14.161.68.46 port 54735 ssh2 ...	2019-07-22 14:41:07

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.6.201
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44605
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.6.201.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040101 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 02 03:51:44 +08 2019
;; MSG SIZE  rcvd: 116

HOST信息:

201.6.161.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
201.6.161.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
95.239.27.231	attackspam	Unauthorized connection attempt detected from IP address 95.239.27.231 to port 23	2020-07-16 12:54:09
150.109.151.206	attack	Jul 16 04:19:29 game-panel sshd[6610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.151.206 Jul 16 04:19:31 game-panel sshd[6610]: Failed password for invalid user sonar from 150.109.151.206 port 60548 ssh2 Jul 16 04:21:45 game-panel sshd[6758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.109.151.206	2020-07-16 12:45:44
185.165.190.34	attackbots	Jul 16 05:55:35 debian-2gb-nbg1-2 kernel: \[17130297.099216\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.165.190.34 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=116 ID=59568 PROTO=TCP SPT=29011 DPT=5900 WINDOW=35730 RES=0x00 SYN URGP=0	2020-07-16 12:23:55
167.99.123.34	attack	Jul 16 05:55:28 b-vps wordpress(rreb.cz)[19967]: Authentication attempt for unknown user barbora from 167.99.123.34 ...	2020-07-16 12:28:32
181.40.122.2	attackbots	Jul 15 23:50:11 NPSTNNYC01T sshd[16041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.122.2 Jul 15 23:50:12 NPSTNNYC01T sshd[16041]: Failed password for invalid user dasusr1 from 181.40.122.2 port 21768 ssh2 Jul 15 23:55:21 NPSTNNYC01T sshd[16319]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.40.122.2 ...	2020-07-16 12:39:57
185.234.217.184	attackbots	Jul 16 05:55:31 debian-2gb-nbg1-2 kernel: \[17130292.859464\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.234.217.184 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=54321 PROTO=TCP SPT=35445 DPT=5007 WINDOW=65535 RES=0x00 SYN URGP=0	2020-07-16 12:26:57
200.27.212.22	attack	fail2ban	2020-07-16 12:43:20
51.75.144.43	attackspambots	Automatic report - Banned IP Access	2020-07-16 12:43:51
216.126.58.139	attackbotsspam	Jul 16 06:28:54 haigwepa sshd[32256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=216.126.58.139 Jul 16 06:28:56 haigwepa sshd[32256]: Failed password for invalid user mike from 216.126.58.139 port 56346 ssh2 ...	2020-07-16 12:30:39
72.14.199.159	attackbotsspam	Fail2Ban Ban Triggered	2020-07-16 12:21:12
104.198.100.105	attack	Jul 16 05:55:27 vpn01 sshd[5759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.198.100.105 Jul 16 05:55:29 vpn01 sshd[5759]: Failed password for invalid user mail1 from 104.198.100.105 port 35490 ssh2 ...	2020-07-16 12:28:53
134.209.236.191	attack	Jul 16 06:07:46 meumeu sshd[752005]: Invalid user hlf from 134.209.236.191 port 36770 Jul 16 06:07:46 meumeu sshd[752005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.236.191 Jul 16 06:07:46 meumeu sshd[752005]: Invalid user hlf from 134.209.236.191 port 36770 Jul 16 06:07:48 meumeu sshd[752005]: Failed password for invalid user hlf from 134.209.236.191 port 36770 ssh2 Jul 16 06:12:06 meumeu sshd[752259]: Invalid user gitlab-runner from 134.209.236.191 port 53288 Jul 16 06:12:06 meumeu sshd[752259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.236.191 Jul 16 06:12:06 meumeu sshd[752259]: Invalid user gitlab-runner from 134.209.236.191 port 53288 Jul 16 06:12:08 meumeu sshd[752259]: Failed password for invalid user gitlab-runner from 134.209.236.191 port 53288 ssh2 Jul 16 06:16:21 meumeu sshd[752405]: Invalid user mano from 134.209.236.191 port 41566 ...	2020-07-16 12:36:16
124.207.221.66	attackspam	Jul 16 03:53:15 jumpserver sshd[79829]: Invalid user ya from 124.207.221.66 port 55228 Jul 16 03:53:17 jumpserver sshd[79829]: Failed password for invalid user ya from 124.207.221.66 port 55228 ssh2 Jul 16 03:55:11 jumpserver sshd[79851]: Invalid user yyh from 124.207.221.66 port 54466 ...	2020-07-16 12:50:57
167.71.86.88	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-07-16T03:41:17Z and 2020-07-16T03:55:20Z	2020-07-16 12:41:44
193.107.75.42	attackspam	Jul 16 05:47:43 rocket sshd[9881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.107.75.42 Jul 16 05:47:45 rocket sshd[9881]: Failed password for invalid user mars from 193.107.75.42 port 47246 ssh2 ...	2020-07-16 12:57:37

最近上报的IP列表

41.72.123.55	221.204.11.179	203.192.232.73	142.93.179.95
94.236.153.77	46.160.84.179	222.186.57.109	216.7.159.250
202.136.171.166	198.108.67.92	198.108.67.60	192.144.156.133
189.107.129.78	187.122.102.4	185.220.101.21	185.153.198.235
180.113.66.9	180.97.147.132	177.158.183.113	177.9.170.222