14.190.152.162

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Viet Nam

运营商(isp): Vietnam Posts and Telecommunications Group

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Attempt to attack host OS, exploiting network vulnerabilities, on 20-01-2020 04:55:09.	2020-01-20 15:53:55

相同子网IP讨论:

IP	类型	评论内容	时间
14.190.152.16	attack	Port probing on unauthorized port 23	2020-05-16 04:08:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.190.152.162
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.190.152.162.			IN	A

;; AUTHORITY SECTION:
.			409	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012000 1800 900 604800 86400

;; Query time: 40 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jan 20 15:53:52 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

162.152.190.14.in-addr.arpa domain name pointer static.vnpt.vn.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
162.152.190.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
165.227.15.124	attack	165.227.15.124 - - [01/Jun/2020:05:54:02 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [01/Jun/2020:05:54:03 +0200] "POST /wp-login.php HTTP/1.1" 200 2031 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [01/Jun/2020:05:54:03 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [01/Jun/2020:05:54:04 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [01/Jun/2020:05:54:04 +0200] "GET /wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 165.227.15.124 - - [01/Jun/2020:05:54:05 +0200] "POST /wp-login.php HTTP/1.1" 200 2030 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/201001 ...	2020-06-01 13:05:06
111.231.54.28	attack	prod6 ...	2020-06-01 12:54:08
125.91.111.247	attackspam	Lines containing failures of 125.91.111.247 (max 1000) Jun 1 04:56:52 localhost sshd[32356]: User r.r from 125.91.111.247 not allowed because listed in DenyUsers Jun 1 04:56:52 localhost sshd[32356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.91.111.247 user=r.r Jun 1 04:56:54 localhost sshd[32356]: Failed password for invalid user r.r from 125.91.111.247 port 49715 ssh2 Jun 1 04:56:54 localhost sshd[32356]: Received disconnect from 125.91.111.247 port 49715:11: Bye Bye [preauth] Jun 1 04:56:54 localhost sshd[32356]: Disconnected from invalid user r.r 125.91.111.247 port 49715 [preauth] Jun 1 05:22:48 localhost sshd[26015]: Did not receive identification string from 125.91.111.247 port 46810 Jun 1 05:27:03 localhost sshd[4869]: User r.r from 125.91.111.247 not allowed because listed in DenyUsers Jun 1 05:27:03 localhost sshd[4869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= r........ ------------------------------	2020-06-01 13:41:10
222.186.175.183	attack	Jun 1 07:05:23 vps sshd[281226]: Failed password for root from 222.186.175.183 port 61438 ssh2 Jun 1 07:05:27 vps sshd[281226]: Failed password for root from 222.186.175.183 port 61438 ssh2 Jun 1 07:05:32 vps sshd[281226]: Failed password for root from 222.186.175.183 port 61438 ssh2 Jun 1 07:05:35 vps sshd[281226]: Failed password for root from 222.186.175.183 port 61438 ssh2 Jun 1 07:05:38 vps sshd[281226]: Failed password for root from 222.186.175.183 port 61438 ssh2 ...	2020-06-01 13:07:02
65.95.165.12	attack	May 31 19:08:47 web9 sshd\[26098\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.95.165.12 user=root May 31 19:08:49 web9 sshd\[26098\]: Failed password for root from 65.95.165.12 port 33726 ssh2 May 31 19:11:33 web9 sshd\[26454\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.95.165.12 user=root May 31 19:11:35 web9 sshd\[26454\]: Failed password for root from 65.95.165.12 port 53860 ssh2 May 31 19:14:08 web9 sshd\[26764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.95.165.12 user=root	2020-06-01 13:14:15
94.61.210.184	attackspam	$f2bV_matches	2020-06-01 13:11:24
159.65.142.103	attackbotsspam	Jun 1 05:57:04 sso sshd[22169]: Failed password for root from 159.65.142.103 port 56212 ssh2 ...	2020-06-01 13:01:56
184.105.139.92	attackbots	srv02 Mass scanning activity detected Target: 123(ntp) ..	2020-06-01 13:42:20
106.13.44.83	attack	Jun 1 09:23:08 gw1 sshd[22306]: Failed password for root from 106.13.44.83 port 57664 ssh2 ...	2020-06-01 12:54:29
211.144.69.249	attackspambots	SSH Login Bruteforce	2020-06-01 13:02:46
101.91.160.243	attackbotsspam	Jun 1 05:45:46 h2779839 sshd[1990]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.160.243 user=root Jun 1 05:45:48 h2779839 sshd[1990]: Failed password for root from 101.91.160.243 port 51114 ssh2 Jun 1 05:47:50 h2779839 sshd[5605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.160.243 user=root Jun 1 05:47:52 h2779839 sshd[5605]: Failed password for root from 101.91.160.243 port 45594 ssh2 Jun 1 05:49:58 h2779839 sshd[7967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.160.243 user=root Jun 1 05:49:59 h2779839 sshd[7967]: Failed password for root from 101.91.160.243 port 40074 ssh2 Jun 1 05:52:06 h2779839 sshd[9342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.91.160.243 user=root Jun 1 05:52:08 h2779839 sshd[9342]: Failed password for root from 101.91.160.243 port 34554 ssh2 Jun ...	2020-06-01 12:58:09
110.74.179.132	attack	Invalid user ncmdbuser from 110.74.179.132 port 57384	2020-06-01 13:21:49
211.72.23.94	attack	IP 211.72.23.94 attacked honeypot on port: 1433 at 6/1/2020 4:53:32 AM	2020-06-01 13:17:12
118.25.188.118	attack	no	2020-06-01 13:05:34
103.130.192.135	attack	2020-06-01T13:05:36.685566vivaldi2.tree2.info sshd[12552]: Failed password for root from 103.130.192.135 port 39958 ssh2 2020-06-01T13:06:53.866623vivaldi2.tree2.info sshd[12626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.192.135 user=root 2020-06-01T13:06:56.120564vivaldi2.tree2.info sshd[12626]: Failed password for root from 103.130.192.135 port 55138 ssh2 2020-06-01T13:08:07.949972vivaldi2.tree2.info sshd[12671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.130.192.135 user=root 2020-06-01T13:08:10.363293vivaldi2.tree2.info sshd[12671]: Failed password for root from 103.130.192.135 port 42084 ssh2 ...	2020-06-01 13:44:32

最近上报的IP列表

25.158.64.27	157.234.107.34	251.254.94.90	177.201.16.227
251.65.143.246	198.41.232.85	48.121.36.123	72.41.88.124
224.210.41.208	90.252.3.59	87.145.94.128	162.183.141.34
110.108.235.196	93.112.17.103	171.229.228.53	245.194.120.97
141.210.55.69	122.51.45.200	59.153.87.166	23.17.119.92