14.160.38.34 - IPInfo

Basic Info

City: Hai Duong

Region: Tinh Hai Duong

Country: Vietnam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	'IP reached maximum auth failures for a one day block'	2020-07-10 15:59:13
attackspambots	(imapd) Failed IMAP login from 14.160.38.34 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 1 00:53:55 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=14.160.38.34, lip=5.63.12.44, TLS: Connection closed, session=	2020-06-01 07:05:15

Type

Details

Datetime

attackspam

'IP reached maximum auth failures for a one day block'

2020-07-10 15:59:13

attackspambots

(imapd) Failed IMAP login from 14.160.38.34 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun  1 00:53:55 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=14.160.38.34, lip=5.63.12.44, TLS: Connection closed, session=

2020-06-01 07:05:15

Comments on same subnet:

IP	Type	Details	Datetime
14.160.38.18	attack	...	2020-07-02 03:58:22
14.160.38.146	attackspambots	'IP reached maximum auth failures for a one day block'	2020-06-21 00:19:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.160.38.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34771
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.160.38.34.			IN	A

;; AUTHORITY SECTION:
.			567	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020053101 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 01 07:05:12 CST 2020
;; MSG SIZE  rcvd: 116

Host info

34.38.160.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.38.160.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
150.242.110.5	attackbotsspam	$f2bV_matches	2019-09-01 19:43:11
13.79.27.218	attack	Sep 1 11:53:36 meumeu sshd[806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.79.27.218 Sep 1 11:53:38 meumeu sshd[806]: Failed password for invalid user user0 from 13.79.27.218 port 46874 ssh2 Sep 1 11:58:16 meumeu sshd[1434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.79.27.218 ...	2019-09-01 19:38:53
51.75.126.115	attackbotsspam	Sep 1 13:14:18 legacy sshd[6263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.115 Sep 1 13:14:20 legacy sshd[6263]: Failed password for invalid user dev from 51.75.126.115 port 32954 ssh2 Sep 1 13:18:02 legacy sshd[6398]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.126.115 ...	2019-09-01 19:40:28
117.2.161.244	attack	Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445	2019-09-01 19:15:56
37.6.123.3	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 18:59:52
165.227.153.159	attack	Sep 1 08:41:15 mail sshd\[11625\]: Invalid user pi from 165.227.153.159 port 60256 Sep 1 08:41:15 mail sshd\[11625\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.153.159 ...	2019-09-01 19:33:58
107.174.101.102	attack	Honeypot attack, port: 23, PTR: 107-174-101-102-host.colocrossing.com.	2019-09-01 19:31:39
104.248.146.110	attackspam	2019-09-01T18:33:59.184414enmeeting.mahidol.ac.th sshd\[16015\]: Invalid user tally from 104.248.146.110 port 46262 2019-09-01T18:33:59.198261enmeeting.mahidol.ac.th sshd\[16015\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.146.110 2019-09-01T18:34:01.228816enmeeting.mahidol.ac.th sshd\[16015\]: Failed password for invalid user tally from 104.248.146.110 port 46262 ssh2 ...	2019-09-01 19:44:59
27.214.110.80	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 19:07:05
2.61.79.254	attack	Scanning random ports - tries to find possible vulnerable services	2019-09-01 19:25:19
171.234.106.114	attackbots	Trying to (more than 3 packets) bruteforce (not open) Samba/Microsoft-DS port 445	2019-09-01 19:13:26
37.75.12.1	attackspam	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(09011312)	2019-09-01 18:58:04
35.240.78.75	attackbots	Scanning random ports - tries to find possible vulnerable services	2019-09-01 19:03:57
142.93.1.100	attackbots	ssh failed login	2019-09-01 19:43:39
1.172.120.244	attackbotsspam	Scanning random ports - tries to find possible vulnerable services	2019-09-01 19:27:20

Recently Reported IPs

102.58.153.127	104.45.202.248	64.17.222.232	97.227.99.208
99.174.0.78	81.198.177.109	93.107.192.175	47.164.61.122
95.189.10.241	152.170.65.133	24.178.200.56	213.146.108.239
64.133.111.251	117.82.196.170	88.136.234.234	188.6.217.229
131.38.204.117	84.236.14.160	89.228.216.254	36.62.64.242