14.186.134.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	$f2bV_matches	2019-11-15 18:57:09

相同子网IP讨论:

IP	类型	评论内容	时间
14.186.134.159	attackspam	Attempts against SMTP/SSMTP	2020-05-22 14:51:58
14.186.134.160	attackbots	2020-02-1212:18:161j1q24-0006QF-Bf\<=verena@rs-solution.chH=$localhost$[37.41.182.16]:57117P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=3349id=CDC87E2D26F2DC6FB3B6FF47B34C6C52@rs-solution.chT="Iwouldbepleasedtoobtainyourmailandspeakwithyou\!"forhp.mahbodv@gmail.combigcgarage12@gmail.com2020-02-1212:19:031j1q2o-0006U9-7X\<=verena@rs-solution.chH=$localhost$[81.22.132.99]:47431P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2994id=A8AD1B484397B90AD6D39A22D63BB737@rs-solution.chT="\;DI'dbeveryhappytoobtainyouranswerorchatwithme\!"fordekwandekwan@gmail.comlildude2693@gmail.com2020-02-1212:17:591j1q1m-0006Nh-6w\<=verena@rs-solution.chH=$localhost$[14.186.134.160]:44439P=esmtpsaX=TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=3000id=252096C5CE1A34875B5E17AF5BD963D6@rs-solution.chT="\;DI'dbeveryhappytoreceiveyouranswerorchatwithme."forhajdarmiraka@hotmail.comburtonbrad30@gm	2020-02-12 20:57:36
14.186.134.131	attackspambots	Brute force attempt	2019-11-29 19:05:01
14.186.134.187	attackbots	2019-09-19T11:52:14.874023+01:00 suse sshd[19468]: Invalid user admin from 14.186.134.187 port 51257 2019-09-19T11:52:18.581750+01:00 suse sshd[19468]: error: PAM: User not known to the underlying authentication module for illegal user admin from 14.186.134.187 2019-09-19T11:52:14.874023+01:00 suse sshd[19468]: Invalid user admin from 14.186.134.187 port 51257 2019-09-19T11:52:18.581750+01:00 suse sshd[19468]: error: PAM: User not known to the underlying authentication module for illegal user admin from 14.186.134.187 2019-09-19T11:52:14.874023+01:00 suse sshd[19468]: Invalid user admin from 14.186.134.187 port 51257 2019-09-19T11:52:18.581750+01:00 suse sshd[19468]: error: PAM: User not known to the underlying authentication module for illegal user admin from 14.186.134.187 2019-09-19T11:52:18.582342+01:00 suse sshd[19468]: Failed keyboard-interactive/pam for invalid user admin from 14.186.134.187 port 51257 ssh2 ...	2019-09-19 23:27:31
14.186.134.233	attackspam	Automatic report - SSH Brute-Force Attack	2019-06-21 19:32:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.186.134.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27648
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.186.134.6.			IN	A

;; AUTHORITY SECTION:
.			181	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111500 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 15 18:57:05 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

6.134.186.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.134.186.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
49.235.93.87	attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-30T23:18:34Z and 2020-09-30T23:27:20Z	2020-10-01 08:48:04
142.93.213.91	attackspambots	142.93.213.91 - - [01/Oct/2020:01:09:45 +0100] "POST /wp-login.php HTTP/1.1" 200 2545 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.213.91 - - [01/Oct/2020:01:09:47 +0100] "POST /wp-login.php HTTP/1.1" 200 2584 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.93.213.91 - - [01/Oct/2020:01:09:49 +0100] "POST /wp-login.php HTTP/1.1" 200 2539 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-01 08:24:03
192.241.233.247	attackspam	IP 192.241.233.247 attacked honeypot on port: 8000 at 9/30/2020 5:08:54 PM	2020-10-01 08:25:42
51.79.111.220	attackbotsspam	51.79.111.220 - - [30/Sep/2020:16:16:12 +0200] "POST //xmlrpc.php HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" 51.79.111.220 - - [30/Sep/2020:16:20:25 +0200] "POST //xmlrpc.php HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" ...	2020-10-01 08:52:43
78.128.113.121	attack	Oct 1 02:36:23 galaxy event: galaxy/lswi: smtp: marcus.lindemann@wi.uni-potsdam.de [78.128.113.121] authentication failure using internet password Oct 1 02:36:25 galaxy event: galaxy/lswi: smtp: marcus.lindemann [78.128.113.121] authentication failure using internet password Oct 1 02:40:47 galaxy event: galaxy/lswi: smtp: lswi@wi.uni-potsdam.de [78.128.113.121] authentication failure using internet password Oct 1 02:40:49 galaxy event: galaxy/lswi: smtp: lswi [78.128.113.121] authentication failure using internet password Oct 1 02:46:21 galaxy event: galaxy/lswi: smtp: seggert@wi.uni-potsdam.de [78.128.113.121] authentication failure using internet password ...	2020-10-01 08:48:37
203.177.76.173	attackbotsspam	Unauthorized connection attempt from IP address 203.177.76.173 on Port 445(SMB)	2020-10-01 08:51:31
138.97.224.88	attack	Automatic report - Port Scan Attack	2020-10-01 08:47:47
141.98.10.136	attack	Oct 1 02:37:35 srv01 postfix/smtpd\[16066\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 02:37:35 srv01 postfix/smtpd\[23339\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 02:37:35 srv01 postfix/smtpd\[24180\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 02:37:35 srv01 postfix/smtpd\[24179\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 02:45:41 srv01 postfix/smtpd\[22940\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 02:45:41 srv01 postfix/smtpd\[22764\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 02:45:41 srv01 postfix/smtpd\[26886\]: warning: unknown\[141.98.10.136\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-01 08:56:02
222.186.31.83	attackbotsspam	Oct 1 02:24:03 vpn01 sshd[25157]: Failed password for root from 222.186.31.83 port 18128 ssh2 Oct 1 02:24:06 vpn01 sshd[25157]: Failed password for root from 222.186.31.83 port 18128 ssh2 ...	2020-10-01 08:25:21
45.156.84.56	attack	[2020-09-30 20:31:35] NOTICE[1159] chan_sip.c: Registration from '' failed for '45.156.84.56:57646' - Wrong password [2020-09-30 20:31:35] SECURITY[1198] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-30T20:31:35.179-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="Holly",SessionID="0x7fcaa02091e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.156.84.56/57646",Challenge="6fec026e",ReceivedChallenge="6fec026e",ReceivedHash="3fc72eb3b7a66386a4e7edd3f9cb1bf5" [2020-09-30 20:32:11] NOTICE[1159] chan_sip.c: Registration from '' failed for '45.156.84.56:61015' - Wrong password [2020-09-30 20:32:11] SECURITY[1198] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-09-30T20:32:11.294-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="Evan",SessionID="0x7fcaa02091e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.156.84.56/6 ...	2020-10-01 08:32:29
175.24.36.114	attack	Invalid user upload from 175.24.36.114 port 54428	2020-10-01 08:38:44
193.57.40.4	attack	RDPBruteCAu	2020-10-01 08:41:41
103.200.92.209	attack	polres 103.200.92.209 [30/Sep/2020:13:48:11 "-" "POST /wp-login.php 403 2024 103.200.92.209 [30/Sep/2020:13:48:18 "-" "GET /wp-login.php 403 2024 103.200.92.209 [30/Sep/2020:13:48:20 "-" "POST /wp-login.php 403 2024	2020-10-01 08:54:59
217.23.10.20	attackbots	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2020-09-30T23:07:27Z and 2020-09-30T23:44:31Z	2020-10-01 08:44:00
36.110.110.34	attackspam	Invalid user postgres from 36.110.110.34 port 41000	2020-10-01 08:40:13

最近上报的IP列表

112.179.62.220	225.76.216.204	37.160.96.45	204.55.53.129
85.23.82.249	13.108.153.219	66.165.216.214	109.213.40.31
76.219.46.5	35.153.182.226	123.136.21.110	193.126.136.144
45.180.73.143	113.167.210.219	54.36.150.174	14.185.176.36
51.15.27.2	14.177.130.94	118.89.39.81	79.42.239.23