City: Ho Chi Minh City
Region: Ho Chi Minh
Country: Vietnam
Internet Service Provider: Vietnam Posts and Telecommunications Group
Hostname: unknown
Organization: VNPT Corp
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attack | Unauthorized connection attempt from IP address 14.161.2.246 on Port 445(SMB) |
2019-09-20 15:20:08 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 14.161.27.203 | attack | Dovecot Invalid User Login Attempt. |
2020-08-24 23:33:50 |
| 14.161.252.121 | attack | Unauthorized connection attempt detected from IP address 14.161.252.121 to port 445 [T] |
2020-08-16 03:21:10 |
| 14.161.27.203 | attackbots | (imapd) Failed IMAP login from 14.161.27.203 (VN/Vietnam/static.vnpt.vn): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 14 08:05:39 ir1 dovecot[3110802]: imap-login: Disconnected (auth failed, 1 attempts in 28 secs): user= |
2020-08-14 17:21:05 |
| 14.161.23.176 | attackspam | Unauthorized connection attempt from IP address 14.161.23.176 on Port 445(SMB) |
2020-08-11 20:03:19 |
| 14.161.224.177 | attack | " " |
2020-08-06 01:10:43 |
| 14.161.26.179 | attack | Unauthorized connection attempt from IP address 14.161.26.179 on Port 445(SMB) |
2020-08-02 04:09:55 |
| 14.161.27.203 | attack | Dovecot Invalid User Login Attempt. |
2020-07-26 07:04:07 |
| 14.161.2.124 | attack | Unauthorized connection attempt detected from IP address 14.161.2.124 to port 445 |
2020-07-22 16:53:52 |
| 14.161.28.19 | attack | Unauthorized connection attempt from IP address 14.161.28.19 on Port 445(SMB) |
2020-07-20 00:09:25 |
| 14.161.242.223 | attackspambots | Honeypot attack, port: 445, PTR: static.vnpt.vn. |
2020-07-15 08:23:26 |
| 14.161.25.55 | attackbotsspam | 20/7/7@23:42:51: FAIL: Alarm-Network address from=14.161.25.55 20/7/7@23:42:52: FAIL: Alarm-Network address from=14.161.25.55 ... |
2020-07-08 17:00:30 |
| 14.161.27.144 | attackspam | Failed password for invalid user from 14.161.27.144 port 46244 ssh2 |
2020-07-07 08:07:35 |
| 14.161.29.176 | attackspambots | 2020-07-0622:59:401jsYDE-0005Gh-EV\<=info@whatsup2013.chH=\(localhost\)[113.162.177.107]:59121P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2980id=0ebc5d444f64b142619f693a31e5dc7053b07f6808@whatsup2013.chT="Yourneighborhoodsweetheartsarecravingforsex"formanjunathprakruthi99@gmail.comrogerlyons3476@gmail.comtroubles92530@gmail.com2020-07-0623:02:091jsYFb-0005TR-Vk\<=info@whatsup2013.chH=\(localhost\)[14.161.29.176]:43808P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2997id=ae1becc6cde633c0e31debb8b3675ef2d132393b20@whatsup2013.chT="Wouldliketohumpsomewomennearyou\?"forescuejy@gmail.comhcwcallcott@hotmail.comjesusurbina071@gmail.com2020-07-0623:00:101jsYDh-0005Kx-NH\<=info@whatsup2013.chH=\(localhost\)[222.254.18.99]:57053P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=2991id=880dbbe8e3c8e2ea7673c5698efad0c59f79f5@whatsup2013.chT="Doyouwanttofuckcertainhottiesinyourneighborhoo |
2020-07-07 06:16:54 |
| 14.161.23.236 | attack | Dovecot Invalid User Login Attempt. |
2020-07-01 10:18:37 |
| 14.161.253.142 | attackspam | SMB Server BruteForce Attack |
2020-06-17 19:51:21 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.2.246
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27021
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.2.246. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019040701 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 06:17:35 +08 2019
;; MSG SIZE rcvd: 116
246.2.161.14.in-addr.arpa domain name pointer static.vnpt.vn.
Server: 67.207.67.3
Address: 67.207.67.3#53
Non-authoritative answer:
246.2.161.14.in-addr.arpa name = static.vnpt.vn.
Authoritative answers can be found from:
| IP | Type | Details | Datetime |
|---|---|---|---|
| 80.211.240.50 | attack | ET CINS Active Threat Intelligence Poor Reputation IP group 69 - port: 5060 proto: UDP cat: Misc Attack |
2020-03-03 09:58:54 |
| 94.102.53.10 | attack | Mar 3 03:05:21 debian-2gb-nbg1-2 kernel: \[5460302.353087\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.53.10 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=55328 PROTO=TCP SPT=40817 DPT=4153 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-03 10:06:01 |
| 191.102.83.164 | attack | 2020-03-03T02:42:54.137707vps751288.ovh.net sshd\[2253\]: Invalid user get from 191.102.83.164 port 51713 2020-03-03T02:42:54.149767vps751288.ovh.net sshd\[2253\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.102.83.164 2020-03-03T02:42:56.384116vps751288.ovh.net sshd\[2253\]: Failed password for invalid user get from 191.102.83.164 port 51713 ssh2 2020-03-03T02:50:07.044017vps751288.ovh.net sshd\[2292\]: Invalid user cpanellogin from 191.102.83.164 port 14977 2020-03-03T02:50:07.054392vps751288.ovh.net sshd\[2292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.102.83.164 |
2020-03-03 10:11:47 |
| 222.186.15.10 | attack | Mar 3 03:05:32 vps691689 sshd[30457]: Failed password for root from 222.186.15.10 port 17230 ssh2 Mar 3 03:05:34 vps691689 sshd[30457]: Failed password for root from 222.186.15.10 port 17230 ssh2 Mar 3 03:05:36 vps691689 sshd[30457]: Failed password for root from 222.186.15.10 port 17230 ssh2 ... |
2020-03-03 10:08:44 |
| 114.33.220.246 | attackbots | " " |
2020-03-03 09:55:34 |
| 185.137.233.125 | attack | Mar 3 05:59:38 debian-2gb-nbg1-2 kernel: \[5470758.400138\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.137.233.125 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=29397 PROTO=TCP SPT=41717 DPT=4005 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-03-03 13:00:16 |
| 45.143.223.175 | spamattack | [2020/03/03 09:13:32] [45.143.223.175:11953] User administrator@luxnetcorp.com.tw login failed. [2020/03/03 09:13:32] [45.143.223.175:11954] User user06@luxnetcorp.com.tw login failed. [2020/03/03 09:13:32] [45.143.223.175:11955] User office@luxnetcorp.com.tw login failed. [2020/03/03 09:13:32] [45.143.223.175:11958] User host@luxnetcorp.com.tw login failed. [2020/03/03 09:13:32] [45.143.223.175:11959] User guest@luxnetcorp.com.tw login failed. [2020/03/03 09:13:33] [45.143.223.175:11962] User user05@luxnetcorp.com.tw login failed. [2020/03/03 09:13:33] [45.143.223.175:11963] User user@luxnetcorp.com.tw login failed. |
2020-03-03 10:19:16 |
| 187.18.110.31 | attackspambots | Honeypot attack, port: 81, PTR: r239-pw-combate.ibys.com.br. |
2020-03-03 09:42:23 |
| 183.89.235.234 | attack | Unauthorized IMAP connection attempt |
2020-03-03 09:51:27 |
| 209.60.28.246 | attackspam | Unauthorized connection attempt detected from IP address 209.60.28.246 to port 4567 [J] |
2020-03-03 10:01:06 |
| 94.191.120.164 | attackbotsspam | Mar 3 05:52:31 sd-53420 sshd\[10158\]: Invalid user tom from 94.191.120.164 Mar 3 05:52:31 sd-53420 sshd\[10158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.120.164 Mar 3 05:52:33 sd-53420 sshd\[10158\]: Failed password for invalid user tom from 94.191.120.164 port 48724 ssh2 Mar 3 05:59:34 sd-53420 sshd\[10782\]: Invalid user aero-stoked from 94.191.120.164 Mar 3 05:59:34 sd-53420 sshd\[10782\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.120.164 ... |
2020-03-03 13:02:24 |
| 80.71.39.213 | attack | Unauthorized connection attempt detected from IP address 80.71.39.213 to port 5555 [J] |
2020-03-03 10:14:49 |
| 192.241.183.220 | spamattack | [2020/03/03 07:06:53] [192.241.183.220:2098-0] User jeff@luxnetcorp.com.tw AUTH fails. [2020/03/03 07:08:24] [192.241.183.220:2103-0] User jessie@luxnetcorp.com.tw AUTH fails. [2020/03/03 08:39:50] [192.241.183.220:2097-0] User yhwang@luxnetcorp.com.tw AUTH fails. [2020/03/03 09:13:22] [192.241.183.220:2105-0] User cthuang@luxnetcorp.com.tw AUTH fails. [2020/03/03 09:53:19] [192.241.183.220:2097-0] User james_chang@luxnetcorp.com.tw AUTH fails. |
2020-03-03 10:22:24 |
| 122.160.5.205 | attackbots | Honeypot attack, port: 445, PTR: abts-north-static-205.5.160.122.airtelbroadband.in. |
2020-03-03 10:09:35 |
| 89.47.39.52 | attackbots | Unauthorized connection attempt detected from IP address 89.47.39.52 to port 4567 [J] |
2020-03-03 09:48:16 |