14.160.52.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
14.160.52.130	attack	1602016722 - 10/06/2020 22:38:42 Host: 14.160.52.130/14.160.52.130 Port: 445 TCP Blocked ...	2020-10-08 02:34:02
14.160.52.130	attackspam	1602016722 - 10/06/2020 22:38:42 Host: 14.160.52.130/14.160.52.130 Port: 445 TCP Blocked ...	2020-10-07 18:46:54
14.160.52.58	attack	Dovecot Invalid User Login Attempt.	2020-09-06 21:56:13
14.160.52.58	attackspambots	Attempted Brute Force (dovecot)	2020-09-06 13:31:37
14.160.52.58	attackspam	Attempted Brute Force (dovecot)	2020-09-06 05:46:12
14.160.52.26	attackspam	Brute force attack to crack SMTP password (port 25 / 587)	2020-08-06 07:01:33
14.160.52.58	attackbotsspam	Unauthorized connection attempt from IP address 14.160.52.58	2020-07-28 00:53:59
14.160.52.26	attackbotsspam	Brute force attack to crack SMTP password (port 25 / 587)	2020-06-26 08:22:22
14.160.52.58	attackspam	...	2020-06-04 01:56:32
14.160.52.26	attackspambots	Dovecot Invalid User Login Attempt.	2020-05-29 01:38:47
14.160.52.26	attack	(imapd) Failed IMAP login from 14.160.52.26 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Apr 29 16:31:17 ir1 dovecot[264309]: imap-login: Disconnected (auth failed, 1 attempts in 7 secs): user=, method=PLAIN, rip=14.160.52.26, lip=5.63.12.44, session=<4VYztGykXkAOoDQa>	2020-04-30 03:46:08
14.160.52.54	attackbotsspam	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-03-05 19:34:24
14.160.52.54	attackbots	Nov 27 23:55:20 ns3042688 courier-imapd: LOGIN FAILED, method=PLAIN, ip=\[::ffff:14.160.52.54\] ...	2019-11-28 09:40:10
14.160.52.170	attack	Unauthorized connection attempt from IP address 14.160.52.170 on Port 445(SMB)	2019-11-17 04:42:08
14.160.52.170	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 10-10-2019 21:10:22.	2019-10-11 05:17:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.160.52.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41955
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;14.160.52.2.			IN	A

;; AUTHORITY SECTION:
.			189	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 23:27:34 CST 2022
;; MSG SIZE  rcvd: 104

Host info

2.52.160.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.52.160.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.128.194.116	attack	2019-08-26T21:55:34.371086hub.schaetter.us sshd\[21327\]: Invalid user zhong from 178.128.194.116 2019-08-26T21:55:34.402081hub.schaetter.us sshd\[21327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.194.116 2019-08-26T21:55:35.763992hub.schaetter.us sshd\[21327\]: Failed password for invalid user zhong from 178.128.194.116 port 36904 ssh2 2019-08-26T22:02:13.374843hub.schaetter.us sshd\[21375\]: Invalid user tv from 178.128.194.116 2019-08-26T22:02:13.403889hub.schaetter.us sshd\[21375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.194.116 ...	2019-08-27 06:17:51
123.21.157.137	attackbots	Lines containing failures of 123.21.157.137 Aug 26 12:37:39 hal postfix/smtpd[17894]: connect from unknown[123.21.157.137] Aug 26 12:37:51 hal postfix/policy-spf[21425]: Policy action=550 Please see hxxp://www.openspf.org/Why?s=mfrom;id=c.narducci%40intecvr.hostname;ip=123.21.157.137;r=hal.godelia.org Aug x@x Aug 26 12:37:56 hal postfix/smtpd[17894]: lost connection after DATA from unknown[123.21.157.137] Aug 26 12:37:56 hal postfix/smtpd[17894]: disconnect from unknown[123.21.157.137] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Aug 26 12:38:25 hal postfix/smtpd[17894]: connect from unknown[123.21.157.137] Aug 26 12:38:28 hal postfix/policy-spf[21425]: Policy action=550 Please see hxxp://www.openspf.org/Why?s=mfrom;id=c.narducci%40intecvr.hostname;ip=123.21.157.137;r=hal.godelia.org Aug x@x Aug 26 12:38:31 hal postfix/smtpd[17894]: lost connection after DATA from unknown[123.21.157.137] Aug 26 12:38:31 hal postfix/smtpd[17894]: disconnect from unknown[123.21.157.137] eh........ ------------------------------	2019-08-27 06:33:02
185.176.27.18	attack	08/26/2019-17:45:26.060034 185.176.27.18 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-27 06:16:17
59.16.10.243	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-08-27 06:36:04
79.12.140.32	attackbots	NAME : TELECOM-ADSL-POOL + e-mail abuse : abuse@retail.telecomitalia.it CIDR : 79.12.128.0/17 \| STATUS : 403 {Looking for resource vulnerabilities} DDoS Attack IT - block certain countries :) IP: 79.12.140.32 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-08-27 06:27:45
207.6.1.11	attackbots	Aug 26 16:50:18 legacy sshd[15494]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.6.1.11 Aug 26 16:50:19 legacy sshd[15494]: Failed password for invalid user jobs from 207.6.1.11 port 37312 ssh2 Aug 26 16:54:36 legacy sshd[15635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=207.6.1.11 ...	2019-08-27 06:39:09
89.248.172.85	attack	Excessive Port-Scanning	2019-08-27 05:58:30
177.220.177.79	attackspam	fraudulent SSH attempt	2019-08-27 06:08:32
27.122.59.86	attackspambots	Aug 26 18:35:14 raspberrypi sshd\[8874\]: Failed password for sshd from 27.122.59.86 port 38404 ssh2Aug 26 18:35:17 raspberrypi sshd\[8874\]: Failed password for sshd from 27.122.59.86 port 38404 ssh2Aug 26 18:35:20 raspberrypi sshd\[8874\]: Failed password for sshd from 27.122.59.86 port 38404 ssh2 ...	2019-08-27 06:01:43
89.25.80.202	attackspambots	firewall-block, port(s): 445/tcp	2019-08-27 06:27:06
138.186.7.185	attackbots	Unauthorised access (Aug 26) SRC=138.186.7.185 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=19984 TCP DPT=8080 WINDOW=18378 SYN Unauthorised access (Aug 26) SRC=138.186.7.185 LEN=40 TOS=0x10 PREC=0x40 TTL=51 ID=39228 TCP DPT=8080 WINDOW=18378 SYN	2019-08-27 05:57:10
193.90.12.117	attack	Aug 27 00:01:24 rpi sshd[5759]: Failed password for sshd from 193.90.12.117 port 58616 ssh2 Aug 27 00:01:28 rpi sshd[5759]: Failed password for sshd from 193.90.12.117 port 58616 ssh2	2019-08-27 06:40:11
196.1.99.12	attackspam	Invalid user sybase from 196.1.99.12 port 41166	2019-08-27 06:03:07
218.92.0.160	attackspam	Trying ports that it shouldn't be.	2019-08-27 06:21:23
142.93.15.1	attackbots	Aug 26 22:52:08 MainVPS sshd[19043]: Invalid user hdfs from 142.93.15.1 port 48786 Aug 26 22:52:08 MainVPS sshd[19043]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.15.1 Aug 26 22:52:08 MainVPS sshd[19043]: Invalid user hdfs from 142.93.15.1 port 48786 Aug 26 22:52:09 MainVPS sshd[19043]: Failed password for invalid user hdfs from 142.93.15.1 port 48786 ssh2 Aug 26 22:56:03 MainVPS sshd[19322]: Invalid user nrg from 142.93.15.1 port 36864 ...	2019-08-27 06:20:10

Recently Reported IPs

124.156.100.83	103.82.79.7	167.99.61.229	200.53.18.140
182.136.147.14	77.44.110.101	202.4.124.58	43.129.49.205
112.249.233.35	222.165.194.68	197.210.54.33	223.98.69.2
186.236.20.160	113.90.234.36	64.127.156.102	8.24.209.4
107.173.237.133	86.98.88.157	178.238.118.238	212.0.135.19