14.169.14.248 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 81, PTR: static.vnpt.vn.	2020-05-11 04:23:47

相同子网IP讨论:

IP	类型	评论内容	时间
14.169.141.209	attack	xmlrpc attack	2020-07-25 02:55:55
14.169.144.50	attackbotsspam	(eximsyntax) Exim syntax errors from 14.169.144.50 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-06-18 05:11:07 SMTP call from [14.169.144.50] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-06-18 08:49:09
14.169.144.182	attackbotsspam	Invalid user admin from 14.169.144.182 port 44767	2020-04-21 02:37:00
14.169.148.196	attack	Invalid user admin from 14.169.148.196 port 51159	2020-03-22 02:53:55
14.169.146.24	attackbotsspam	SpamScore above: 10.0	2020-03-17 13:24:44
14.169.140.253	attackbotsspam	2020-03-1304:46:391jCbHS-0002kW-27\<=info@whatsup2013.chH=$localhost$[171.4.0.237]:36179P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2313id=DFDA6C3F34E0CE7DA1A4ED55A1892042@whatsup2013.chT="fromDarya"forroxas023@gmail.combrockdurflinger@yahoo.com2020-03-1304:46:501jCbHd-0002lI-Mr\<=info@whatsup2013.chH=$localhost$[123.24.205.125]:36066P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2303id=D0D563303BEFC172AEABE25AAE9DEBDF@whatsup2013.chT="fromDarya"fordcitrano00@gmail.comroylind1967@gmail.com2020-03-1304:46:231jCbHC-0002jO-4p\<=info@whatsup2013.chH=$localhost$[14.169.140.253]:57374P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2341id=232690C3C81C32815D5811A95DAF0E43@whatsup2013.chT="fromDarya"forposliguarivaldo@gmail.coma.a.s.makita@gmail.com2020-03-1304:46:001jCbGq-0002gJ-1p\<=info@whatsup2013.chH=$localhost$[183.89.238.187]:48338P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-	2020-03-13 19:56:49
14.169.147.0	attackspambots	$f2bV_matches	2020-03-12 20:26:05
14.169.142.43	attackspam	Lines containing failures of 14.169.142.43 Mar 11 11:33:32 shared06 sshd[28296]: Invalid user admin from 14.169.142.43 port 47490 Mar 11 11:33:32 shared06 sshd[28296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.169.142.43 Mar 11 11:33:34 shared06 sshd[28296]: Failed password for invalid user admin from 14.169.142.43 port 47490 ssh2 Mar 11 11:33:34 shared06 sshd[28296]: Connection closed by invalid user admin 14.169.142.43 port 47490 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.169.142.43	2020-03-12 00:34:03
14.169.144.193	attackbots	Unauthorized connection attempt from IP address 14.169.144.193 on Port 445(SMB)	2020-01-16 04:44:57
14.169.144.67	attack	Unauthorized connection attempt from IP address 14.169.144.67 on Port 445(SMB)	2019-10-10 02:09:14
14.169.144.80	attackspam	Autoban 14.169.144.80 AUTH/CONNECT	2019-09-24 05:02:08
14.169.142.118	attackspambots	Fail2Ban Ban Triggered	2019-09-06 21:53:02
14.169.146.195	attackbots	Aug 6 03:36:04 master sshd[13138]: Failed password for invalid user admin from 14.169.146.195 port 55260 ssh2	2019-08-06 16:22:20
14.169.148.33	attackspambots	Invalid user admin from 14.169.148.33 port 43034	2019-07-28 03:31:36
14.169.141.135	attackbotsspam	Jun 30 15:06:21 vps34202 sshd[8665]: Address 14.169.141.135 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 30 15:06:21 vps34202 sshd[8665]: Invalid user admin from 14.169.141.135 Jun 30 15:06:21 vps34202 sshd[8665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.169.141.135 Jun 30 15:06:23 vps34202 sshd[8665]: Failed password for invalid user admin from 14.169.141.135 port 36330 ssh2 Jun 30 15:06:23 vps34202 sshd[8665]: Connection closed by 14.169.141.135 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.169.141.135	2019-07-01 00:59:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.169.14.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.169.14.248.			IN	A

;; AUTHORITY SECTION:
.			420	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051001 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 11 04:23:42 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

248.14.169.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.14.169.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
175.24.4.13	attack	175.24.4.13 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 10 08:44:29 jbs1 sshd[5164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.104.235.8 user=root Sep 10 08:44:31 jbs1 sshd[5164]: Failed password for root from 190.104.235.8 port 39200 ssh2 Sep 10 08:48:31 jbs1 sshd[7019]: Failed password for root from 51.91.96.96 port 58966 ssh2 Sep 10 08:50:58 jbs1 sshd[8351]: Failed password for root from 171.25.193.25 port 46948 ssh2 Sep 10 08:47:12 jbs1 sshd[6511]: Failed password for root from 175.24.4.13 port 60692 ssh2 Sep 10 08:47:10 jbs1 sshd[6511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.4.13 user=root IP Addresses Blocked: 190.104.235.8 (AR/Argentina/-) 51.91.96.96 (FR/France/-) 171.25.193.25 (SE/Sweden/-)	2020-09-10 21:44:59
222.186.175.148	attackbots	Sep 10 13:21:00 marvibiene sshd[21095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Sep 10 13:21:02 marvibiene sshd[21095]: Failed password for root from 222.186.175.148 port 57138 ssh2 Sep 10 13:21:05 marvibiene sshd[21095]: Failed password for root from 222.186.175.148 port 57138 ssh2 Sep 10 13:21:00 marvibiene sshd[21095]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Sep 10 13:21:02 marvibiene sshd[21095]: Failed password for root from 222.186.175.148 port 57138 ssh2 Sep 10 13:21:05 marvibiene sshd[21095]: Failed password for root from 222.186.175.148 port 57138 ssh2	2020-09-10 21:26:07
193.228.91.11	attackspambots	2020-09-10T12:30:11.682950abusebot-2.cloudsearch.cf sshd[29649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.91.11 user=root 2020-09-10T12:30:13.330181abusebot-2.cloudsearch.cf sshd[29649]: Failed password for root from 193.228.91.11 port 34314 ssh2 2020-09-10T12:30:38.401947abusebot-2.cloudsearch.cf sshd[29654]: Invalid user oracle from 193.228.91.11 port 52646 2020-09-10T12:30:38.408468abusebot-2.cloudsearch.cf sshd[29654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228.91.11 2020-09-10T12:30:38.401947abusebot-2.cloudsearch.cf sshd[29654]: Invalid user oracle from 193.228.91.11 port 52646 2020-09-10T12:30:40.763122abusebot-2.cloudsearch.cf sshd[29654]: Failed password for invalid user oracle from 193.228.91.11 port 52646 ssh2 2020-09-10T12:31:06.117256abusebot-2.cloudsearch.cf sshd[29658]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.228 ...	2020-09-10 21:20:35
128.14.226.107	attackspam	...	2020-09-10 21:20:56
104.140.188.22	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-09-10 21:25:43
84.243.21.114	attackbots	Sep 9 12:57:29 aragorn sshd[16333]: Invalid user admin from 84.243.21.114 Sep 9 12:57:30 aragorn sshd[16335]: Invalid user admin from 84.243.21.114 Sep 9 12:57:33 aragorn sshd[16337]: Invalid user admin from 84.243.21.114 Sep 9 12:57:34 aragorn sshd[16339]: Invalid user admin from 84.243.21.114 ...	2020-09-10 21:22:35
63.83.76.32	attackbots	E-Mail Spam (RBL) [REJECTED]	2020-09-10 21:47:33
51.254.0.99	attackspam	Sep 9 21:42:17 php1 sshd\[23794\]: Invalid user med from 51.254.0.99 Sep 9 21:42:17 php1 sshd\[23794\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.0.99 Sep 9 21:42:19 php1 sshd\[23794\]: Failed password for invalid user med from 51.254.0.99 port 58826 ssh2 Sep 9 21:48:42 php1 sshd\[24281\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.0.99 user=root Sep 9 21:48:45 php1 sshd\[24281\]: Failed password for root from 51.254.0.99 port 37550 ssh2	2020-09-10 21:12:08
118.188.20.5	attack	2020-09-10T04:23:10.433746morrigan.ad5gb.com sshd[377696]: Invalid user libuuid from 118.188.20.5 port 60766	2020-09-10 21:48:09
58.23.16.254	attackbotsspam	(sshd) Failed SSH login from 58.23.16.254 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 10 07:30:13 server sshd[4777]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.23.16.254 user=root Sep 10 07:30:16 server sshd[4777]: Failed password for root from 58.23.16.254 port 63117 ssh2 Sep 10 07:52:35 server sshd[10222]: Invalid user webadmin from 58.23.16.254 port 50296 Sep 10 07:52:36 server sshd[10222]: Failed password for invalid user webadmin from 58.23.16.254 port 50296 ssh2 Sep 10 07:56:33 server sshd[11105]: Invalid user aplusbiz from 58.23.16.254 port 37952	2020-09-10 21:33:18
222.186.169.194	attack	Sep 10 13:52:11 instance-2 sshd[14814]: Failed password for root from 222.186.169.194 port 27930 ssh2 Sep 10 13:52:16 instance-2 sshd[14814]: Failed password for root from 222.186.169.194 port 27930 ssh2 Sep 10 13:52:19 instance-2 sshd[14814]: Failed password for root from 222.186.169.194 port 27930 ssh2 Sep 10 13:52:24 instance-2 sshd[14814]: Failed password for root from 222.186.169.194 port 27930 ssh2	2020-09-10 21:53:15
106.13.215.94	attackspambots	firewall-block, port(s): 24374/tcp	2020-09-10 21:22:12
34.70.217.179	attackspambots	2020-09-10T08:53:17.047463vps773228.ovh.net sshd[6771]: Failed password for root from 34.70.217.179 port 12241 ssh2 2020-09-10T08:56:59.618329vps773228.ovh.net sshd[6789]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.217.70.34.bc.googleusercontent.com user=root 2020-09-10T08:57:01.797154vps773228.ovh.net sshd[6789]: Failed password for root from 34.70.217.179 port 12254 ssh2 2020-09-10T09:00:38.434036vps773228.ovh.net sshd[6803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.217.70.34.bc.googleusercontent.com user=root 2020-09-10T09:00:40.321584vps773228.ovh.net sshd[6803]: Failed password for root from 34.70.217.179 port 12246 ssh2 ...	2020-09-10 21:27:01
94.25.181.20	attackspambots	Brute force attempt	2020-09-10 21:19:21
222.186.42.57	attackspambots	Sep 10 09:00:03 NPSTNNYC01T sshd[25416]: Failed password for root from 222.186.42.57 port 27696 ssh2 Sep 10 09:00:11 NPSTNNYC01T sshd[25463]: Failed password for root from 222.186.42.57 port 40735 ssh2 Sep 10 09:00:14 NPSTNNYC01T sshd[25463]: Failed password for root from 222.186.42.57 port 40735 ssh2 ...	2020-09-10 21:17:30

最近上报的IP列表

93.92.113.240	183.89.214.206	77.216.176.136	220.143.157.156
106.75.30.228	14.248.85.69	103.146.161.137	118.173.113.143
188.166.36.83	46.35.214.127	71.121.144.25	79.25.136.179
197.247.164.82	51.91.139.192	47.54.35.136	39.45.159.208
172.86.216.140	135.12.222.10	152.65.191.34	81.34.181.226