14.169.14.248 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Honeypot attack, port: 81, PTR: static.vnpt.vn.	2020-05-11 04:23:47

相同子网IP讨论:

IP	类型	评论内容	时间
14.169.141.209	attack	xmlrpc attack	2020-07-25 02:55:55
14.169.144.50	attackbotsspam	(eximsyntax) Exim syntax errors from 14.169.144.50 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-06-18 05:11:07 SMTP call from [14.169.144.50] dropped: too many syntax or protocol errors (last command was "?\034?\032?\027?\031?\034?\033?\030?\032?\026?\016?\r?\v?\f? ?")	2020-06-18 08:49:09
14.169.144.182	attackbotsspam	Invalid user admin from 14.169.144.182 port 44767	2020-04-21 02:37:00
14.169.148.196	attack	Invalid user admin from 14.169.148.196 port 51159	2020-03-22 02:53:55
14.169.146.24	attackbotsspam	SpamScore above: 10.0	2020-03-17 13:24:44
14.169.140.253	attackbotsspam	2020-03-1304:46:391jCbHS-0002kW-27\<=info@whatsup2013.chH=$localhost$[171.4.0.237]:36179P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2313id=DFDA6C3F34E0CE7DA1A4ED55A1892042@whatsup2013.chT="fromDarya"forroxas023@gmail.combrockdurflinger@yahoo.com2020-03-1304:46:501jCbHd-0002lI-Mr\<=info@whatsup2013.chH=$localhost$[123.24.205.125]:36066P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2303id=D0D563303BEFC172AEABE25AAE9DEBDF@whatsup2013.chT="fromDarya"fordcitrano00@gmail.comroylind1967@gmail.com2020-03-1304:46:231jCbHC-0002jO-4p\<=info@whatsup2013.chH=$localhost$[14.169.140.253]:57374P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2341id=232690C3C81C32815D5811A95DAF0E43@whatsup2013.chT="fromDarya"forposliguarivaldo@gmail.coma.a.s.makita@gmail.com2020-03-1304:46:001jCbGq-0002gJ-1p\<=info@whatsup2013.chH=$localhost$[183.89.238.187]:48338P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-	2020-03-13 19:56:49
14.169.147.0	attackspambots	$f2bV_matches	2020-03-12 20:26:05
14.169.142.43	attackspam	Lines containing failures of 14.169.142.43 Mar 11 11:33:32 shared06 sshd[28296]: Invalid user admin from 14.169.142.43 port 47490 Mar 11 11:33:32 shared06 sshd[28296]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.169.142.43 Mar 11 11:33:34 shared06 sshd[28296]: Failed password for invalid user admin from 14.169.142.43 port 47490 ssh2 Mar 11 11:33:34 shared06 sshd[28296]: Connection closed by invalid user admin 14.169.142.43 port 47490 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.169.142.43	2020-03-12 00:34:03
14.169.144.193	attackbots	Unauthorized connection attempt from IP address 14.169.144.193 on Port 445(SMB)	2020-01-16 04:44:57
14.169.144.67	attack	Unauthorized connection attempt from IP address 14.169.144.67 on Port 445(SMB)	2019-10-10 02:09:14
14.169.144.80	attackspam	Autoban 14.169.144.80 AUTH/CONNECT	2019-09-24 05:02:08
14.169.142.118	attackspambots	Fail2Ban Ban Triggered	2019-09-06 21:53:02
14.169.146.195	attackbots	Aug 6 03:36:04 master sshd[13138]: Failed password for invalid user admin from 14.169.146.195 port 55260 ssh2	2019-08-06 16:22:20
14.169.148.33	attackspambots	Invalid user admin from 14.169.148.33 port 43034	2019-07-28 03:31:36
14.169.141.135	attackbotsspam	Jun 30 15:06:21 vps34202 sshd[8665]: Address 14.169.141.135 maps to static.vnpt.vn, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jun 30 15:06:21 vps34202 sshd[8665]: Invalid user admin from 14.169.141.135 Jun 30 15:06:21 vps34202 sshd[8665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.169.141.135 Jun 30 15:06:23 vps34202 sshd[8665]: Failed password for invalid user admin from 14.169.141.135 port 36330 ssh2 Jun 30 15:06:23 vps34202 sshd[8665]: Connection closed by 14.169.141.135 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.169.141.135	2019-07-01 00:59:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.169.14.248
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14644
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.169.14.248.			IN	A

;; AUTHORITY SECTION:
.			420	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051001 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon May 11 04:23:42 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

248.14.169.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
248.14.169.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
111.229.142.118	attack	Mar 27 05:23:23 eventyay sshd[6624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.142.118 Mar 27 05:23:25 eventyay sshd[6624]: Failed password for invalid user bod from 111.229.142.118 port 33678 ssh2 Mar 27 05:31:35 eventyay sshd[6891]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.142.118 ...	2020-03-27 12:55:56
188.131.233.36	attack	Mar 27 05:49:42 nextcloud sshd\[25153\]: Invalid user lzjian from 188.131.233.36 Mar 27 05:49:42 nextcloud sshd\[25153\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.233.36 Mar 27 05:49:44 nextcloud sshd\[25153\]: Failed password for invalid user lzjian from 188.131.233.36 port 55478 ssh2	2020-03-27 13:22:59
34.91.179.206	attackbots	Triggered: repeated knocking on closed ports.	2020-03-27 13:19:16
125.161.129.101	attackspam	SMB Server BruteForce Attack	2020-03-27 13:19:52
93.63.55.73	attackspambots	Mar 27 05:51:54 sso sshd[25197]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.63.55.73 Mar 27 05:51:55 sso sshd[25197]: Failed password for invalid user jdy from 93.63.55.73 port 59662 ssh2 ...	2020-03-27 13:12:59
222.186.15.158	attack	Mar 27 03:43:40 [HOSTNAME] sshd[26407]: User removed from 222.186.15.158 not allowed because not listed in AllowUsers Mar 27 04:02:59 [HOSTNAME] sshd[26538]: User removed from 222.186.15.158 not allowed because not listed in AllowUsers Mar 27 05:50:35 [HOSTNAME] sshd[27502]: User removed from 222.186.15.158 not allowed because not listed in AllowUsers ...	2020-03-27 12:50:46
36.153.93.250	attackbots	detected by Fail2Ban	2020-03-27 13:18:58
185.175.93.6	attack	03/26/2020-23:54:40.868096 185.175.93.6 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-03-27 12:48:35
106.13.169.210	attackbotsspam	20 attempts against mh-ssh on cloud	2020-03-27 13:01:13
185.37.211.222	attackbotsspam	Mar 27 04:43:57 mail.srvfarm.net postfix/smtpd[3702508]: NOQUEUE: reject: RCPT from 222.211.37.185.rev.vodafone.pt[185.37.211.222]: 554 5.7.1 Service unavailable; Client host [185.37.211.222] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?185.37.211.222; from= to= proto=ESMTP helo=<222.211.37.185.rev.vodafone.pt> Mar 27 04:44:03 mail.srvfarm.net postfix/smtpd[3702508]: NOQUEUE: reject: RCPT from 222.211.37.185.rev.vodafone.pt[185.37.211.222]: 554 5.7.1 Service unavailable; Client host [185.37.211.222] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?185.37.211.222; from= to= proto=ESMTP helo=<222.211.37.185.rev.vodafone.pt> Mar 27 04:44:09 mail.srvfarm.net postfix/smtpd[3702508]: NOQUEUE: reject: RCPT from 222.211.37.185.rev.vodafone.pt[185.37.211.222]: 554 5.7.1 Service unavailable; Client host [185.37.211.222] blocked using bl.spamcop.net; Blocked - se	2020-03-27 13:26:15
103.142.205.143	attack	(mod_security) mod_security (id:20000010) triggered by 103.142.205.143 (US/United States/-): 5 in the last 300 secs	2020-03-27 13:21:18
190.103.181.241	attackbots	Mar 27 04:53:57 vps647732 sshd[867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.103.181.241 Mar 27 04:53:59 vps647732 sshd[867]: Failed password for invalid user wlo from 190.103.181.241 port 55208 ssh2 ...	2020-03-27 13:17:47
222.186.30.57	attackspam	Mar 27 05:57:39 server sshd[32545]: Failed password for root from 222.186.30.57 port 36017 ssh2 Mar 27 05:57:42 server sshd[32545]: Failed password for root from 222.186.30.57 port 36017 ssh2 Mar 27 05:57:46 server sshd[32545]: Failed password for root from 222.186.30.57 port 36017 ssh2	2020-03-27 13:03:50
45.119.215.68	attack	(sshd) Failed SSH login from 45.119.215.68 (VN/Vietnam/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 27 05:53:44 srv sshd[2863]: Invalid user izg from 45.119.215.68 port 35064 Mar 27 05:53:45 srv sshd[2863]: Failed password for invalid user izg from 45.119.215.68 port 35064 ssh2 Mar 27 06:03:50 srv sshd[3150]: Invalid user myu from 45.119.215.68 port 42596 Mar 27 06:03:52 srv sshd[3150]: Failed password for invalid user myu from 45.119.215.68 port 42596 ssh2 Mar 27 06:06:56 srv sshd[3228]: Invalid user noj from 45.119.215.68 port 34030	2020-03-27 13:04:14
196.52.43.63	attackbotsspam	Mar 27 04:53:46 debian-2gb-nbg1-2 kernel: \[7540299.386023\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=196.52.43.63 DST=195.201.40.59 LEN=44 TOS=0x00 PREC=0x00 TTL=244 ID=2202 PROTO=TCP SPT=65119 DPT=9443 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-27 13:22:41

最近上报的IP列表

93.92.113.240	183.89.214.206	77.216.176.136	220.143.157.156
106.75.30.228	14.248.85.69	103.146.161.137	118.173.113.143
188.166.36.83	46.35.214.127	71.121.144.25	79.25.136.179
197.247.164.82	51.91.139.192	47.54.35.136	39.45.159.208
172.86.216.140	135.12.222.10	152.65.191.34	81.34.181.226