14.171.8.52 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	DATE:2020-04-07 05:49:22, IP:14.171.8.52, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-07 17:26:29

相同子网IP讨论:

IP	类型	评论内容	时间
14.171.83.152	attackspam	1593087741 - 06/25/2020 14:22:21 Host: 14.171.83.152/14.171.83.152 Port: 445 TCP Blocked	2020-06-26 02:55:58
14.171.88.75	attack	1589960729 - 05/20/2020 09:45:29 Host: 14.171.88.75/14.171.88.75 Port: 445 TCP Blocked	2020-05-20 23:00:25
14.171.89.115	attackspam	2019-09-16 09:51:29 1i9lnE-0004kc-MD SMTP connection from \(static.vnpt.vn\) \[14.171.89.115\]:26489 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 09:51:32 1i9lnH-0004kf-Q4 SMTP connection from \(static.vnpt.vn\) \[14.171.89.115\]:26511 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-09-16 09:51:35 1i9lnK-0004km-Ns SMTP connection from \(static.vnpt.vn\) \[14.171.89.115\]:26520 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-04 22:51:36

类型

评论内容

时间

14.171.83.152

attackspam

1593087741 - 06/25/2020 14:22:21 Host: 14.171.83.152/14.171.83.152 Port: 445 TCP Blocked

2020-06-26 02:55:58

14.171.88.75

attack

1589960729 - 05/20/2020 09:45:29 Host: 14.171.88.75/14.171.88.75 Port: 445 TCP Blocked

2020-05-20 23:00:25

14.171.89.115

attackspam

2019-09-16 09:51:29 1i9lnE-0004kc-MD SMTP connection from \(static.vnpt.vn\) \[14.171.89.115\]:26489 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-09-16 09:51:32 1i9lnH-0004kf-Q4 SMTP connection from \(static.vnpt.vn\) \[14.171.89.115\]:26511 I=\[193.107.88.166\]:25 closed by DROP in ACL
2019-09-16 09:51:35 1i9lnK-0004km-Ns SMTP connection from \(static.vnpt.vn\) \[14.171.89.115\]:26520 I=\[193.107.88.166\]:25 closed by DROP in ACL
...

2020-02-04 22:51:36

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.171.8.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63458
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.171.8.52.			IN	A

;; AUTHORITY SECTION:
.			574	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040700 1800 900 604800 86400

;; Query time: 119 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 07 17:26:24 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

52.8.171.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
52.8.171.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
203.230.6.175	attackspambots	detected by Fail2Ban	2019-11-25 01:16:23
223.240.84.196	attackbotsspam	Nov 24 16:56:02 work-partkepr sshd\[21843\]: Invalid user sme from 223.240.84.196 port 39656 Nov 24 16:56:02 work-partkepr sshd\[21843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.240.84.196 ...	2019-11-25 01:27:41
112.220.24.131	attack	Nov 24 09:00:52 mockhub sshd[21672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.220.24.131 Nov 24 09:00:54 mockhub sshd[21672]: Failed password for invalid user testuser from 112.220.24.131 port 40944 ssh2 ...	2019-11-25 01:17:27
92.53.90.132	attack	92.53.90.132 was recorded 73 times by 27 hosts attempting to connect to the following ports: 3368,3354,3329,3367,3345,3387,3388,3339,3392,3369,3335,3344,3307,3361,3343,3302,3336,3323,3381,3319,3327,3360,3303,3311,3332,3362,3364,3341,3312,3390,3326,3338,3363,3321,3309,3330,3340,3398,3394,3371,3385,3350,3353,3348,3395,3399,3376,3308,3386,3315,3356,3382,3334. Incident counter (4h, 24h, all-time): 73, 375, 2791	2019-11-25 01:10:33
95.227.95.233	attackspambots	Automatic report - SSH Brute-Force Attack	2019-11-25 01:31:48
80.211.31.147	attack	Nov 24 18:31:03 legacy sshd[20070]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.31.147 Nov 24 18:31:05 legacy sshd[20070]: Failed password for invalid user prueba from 80.211.31.147 port 46540 ssh2 Nov 24 18:32:15 legacy sshd[20097]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.31.147 ...	2019-11-25 01:33:16
52.32.113.1	attackbots	24.11.2019 15:52:42 - Bad Robot Ignore Robots.txt	2019-11-25 01:25:59
180.96.28.87	attackspambots	Nov 24 21:17:16 gw1 sshd[19140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.96.28.87 Nov 24 21:17:18 gw1 sshd[19140]: Failed password for invalid user authoriz from 180.96.28.87 port 44357 ssh2 ...	2019-11-25 01:06:10
114.97.219.117	attack	Telnet Server BruteForce Attack	2019-11-25 01:38:07
139.199.158.14	attackspam	Nov 24 16:36:25 localhost sshd\[28545\]: Invalid user mysql from 139.199.158.14 port 40602 Nov 24 16:36:25 localhost sshd\[28545\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.158.14 Nov 24 16:36:27 localhost sshd\[28545\]: Failed password for invalid user mysql from 139.199.158.14 port 40602 ssh2 Nov 24 17:09:14 localhost sshd\[28778\]: Invalid user wwwadmin from 139.199.158.14 port 56297	2019-11-25 01:14:30
202.72.243.198	attack	Nov 24 17:44:20 MK-Soft-Root1 sshd[19616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.72.243.198 Nov 24 17:44:22 MK-Soft-Root1 sshd[19616]: Failed password for invalid user ftp_test from 202.72.243.198 port 36408 ssh2 ...	2019-11-25 01:34:55
91.121.103.175	attack	Nov 24 17:54:23 meumeu sshd[2179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.103.175 Nov 24 17:54:26 meumeu sshd[2179]: Failed password for invalid user langdeau from 91.121.103.175 port 52342 ssh2 Nov 24 18:03:16 meumeu sshd[3584]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.121.103.175 ...	2019-11-25 01:13:10
218.241.236.108	attackbotsspam	Failed password for invalid user kk from 218.241.236.108 port 45363 ssh2 Invalid user guest from 218.241.236.108 port 46132 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.236.108 Failed password for invalid user guest from 218.241.236.108 port 46132 ssh2 Invalid user ksada from 218.241.236.108 port 33911 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.241.236.108	2019-11-25 01:39:57
185.16.206.91	attackbots	tried SQL-injection	2019-11-25 01:11:48
70.88.253.123	attackspam	Nov 24 17:10:54 vpn01 sshd[20208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.88.253.123 Nov 24 17:10:57 vpn01 sshd[20208]: Failed password for invalid user sr from 70.88.253.123 port 37447 ssh2 ...	2019-11-25 01:15:21

最近上报的IP列表

89.151.186.116	24.230.215.40	60.186.196.54	96.30.77.148
180.115.29.75	192.19.42.99	66.77.159.92	52.188.42.238
143.96.170.244	72.17.35.42	54.38.72.29	85.192.34.235
91.211.56.247	159.65.132.92	106.12.178.206	131.196.203.21
185.24.217.30	49.233.39.206	42.91.134.255	218.190.105.224