14.161.20.152 - IPInfo

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: VNPT Corp

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Excessive Port-Scanning	2019-08-07 02:22:20

Comments on same subnet:

IP	Type	Details	Datetime
14.161.20.223	attackspam	failed_logins	2020-04-26 05:04:15
14.161.20.223	attackbotsspam	Dovecot Invalid User Login Attempt.	2020-04-19 07:29:45
14.161.207.55	attackspambots	Automatic report - Port Scan Attack	2020-02-21 03:07:52
14.161.20.194	attackspambots	2019-07-07 04:51:53 H=$p-avr1j0ip.zaimvdolg.com$ \[14.161.20.194\]:40860 I=\[193.107.88.166\]:25 sender verify fail for \: Unrouteable address 2019-07-07 04:51:53 H=$p-avr1j0ip.zaimvdolg.com$ \[14.161.20.194\]:40860 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-07-07 04:51:53 H=$p-avr1j0ip.zaimvdolg.com$ \[14.161.20.194\]:40860 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-04 23:20:58
14.161.20.206	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 15-10-2019 04:50:20.	2019-10-15 14:58:57
14.161.20.105	attackbotsspam	Unauthorized connection attempt from IP address 14.161.20.105 on Port 445(SMB)	2019-10-03 00:49:33
14.161.20.40	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-06 02:55:25,383 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.161.20.40)	2019-07-06 12:55:47

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.20.152
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33557
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.20.152.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Aug 07 02:22:09 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 152.20.161.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 152.20.161.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.146.145.104	attack	Sep 16 05:00:47 OPSO sshd\[18305\]: Invalid user csgoserver from 119.146.145.104 port 7399 Sep 16 05:00:47 OPSO sshd\[18305\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.146.145.104 Sep 16 05:00:49 OPSO sshd\[18305\]: Failed password for invalid user csgoserver from 119.146.145.104 port 7399 ssh2 Sep 16 05:03:42 OPSO sshd\[18699\]: Invalid user bm from 119.146.145.104 port 7400 Sep 16 05:03:42 OPSO sshd\[18699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.146.145.104	2019-09-16 11:57:17
85.113.210.58	attack	Sep 15 23:16:51 xtremcommunity sshd\[130730\]: Invalid user mailnull from 85.113.210.58 port 39233 Sep 15 23:16:51 xtremcommunity sshd\[130730\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.113.210.58 Sep 15 23:16:53 xtremcommunity sshd\[130730\]: Failed password for invalid user mailnull from 85.113.210.58 port 39233 ssh2 Sep 15 23:20:46 xtremcommunity sshd\[130825\]: Invalid user admin1 from 85.113.210.58 port 28321 Sep 15 23:20:46 xtremcommunity sshd\[130825\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.113.210.58 ...	2019-09-16 11:31:47
92.46.239.2	attackspambots	Sep 16 03:43:56 dax sshd[28287]: warning: /etc/hosts.deny, line 15136: host name/address mismatch: 92.46.239.2 != zinc.kz Sep 16 03:43:56 dax sshd[28287]: Address 92.46.239.2 maps to zinc.kz, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 16 03:43:56 dax sshd[28287]: Invalid user agosti from 92.46.239.2 Sep 16 03:43:56 dax sshd[28287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.46.239.2 Sep 16 03:43:58 dax sshd[28287]: Failed password for invalid user agosti from 92.46.239.2 port 43451 ssh2 Sep 16 03:43:58 dax sshd[28287]: Received disconnect from 92.46.239.2: 11: Bye Bye [preauth] Sep 16 03:50:00 dax sshd[29132]: warning: /etc/hosts.deny, line 15136: host name/address mismatch: 92.46.239.2 != zinc.kz Sep 16 03:50:00 dax sshd[29132]: Address 92.46.239.2 maps to zinc.kz, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Sep 16 03:50:00 dax sshd[29132]: Invalid user test from........ -------------------------------	2019-09-16 11:26:13
159.203.197.167	attackbots	scan z	2019-09-16 11:13:24
113.31.111.147	attackspam	2019-09-16T03:10:43.830551abusebot-3.cloudsearch.cf sshd\[23882\]: Invalid user 123 from 113.31.111.147 port 36094	2019-09-16 11:30:51
185.234.219.62	attackspambots	Sep 16 00:44:03 imap dovecot[39560]: auth: ldap(teacher@scream.dnet.hu,185.234.219.62): unknown user Sep 16 00:52:17 imap dovecot[39560]: auth: ldap(tv@scream.dnet.hu,185.234.219.62): unknown user Sep 16 01:00:44 imap dovecot[39560]: auth: ldap(user2@scream.dnet.hu,185.234.219.62): unknown user Sep 16 01:08:59 imap dovecot[39560]: auth: ldap(victor@scream.dnet.hu,185.234.219.62): unknown user Sep 16 01:16:57 imap dovecot[39560]: auth: ldap(visitante@scream.dnet.hu,185.234.219.62): unknown user ...	2019-09-16 11:18:41
193.32.160.143	attackspambots	Sep 16 04:11:28 server postfix/smtpd[32249]: NOQUEUE: reject: RCPT from unknown[193.32.160.143]: 554 5.7.1 Service unavailable; Client host [193.32.160.143] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from=<7ql90zneddu9@basis-system.ru> to= proto=ESMTP helo=<[193.32.160.145]> Sep 16 04:11:28 server postfix/smtpd[32249]: NOQUEUE: reject: RCPT from unknown[193.32.160.143]: 554 5.7.1 Service unavailable; Client host [193.32.160.143] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS; from=<7ql90zneddu9@basis-system.ru> to= proto=ESMTP helo=<[193.32.160.145]>	2019-09-16 11:40:05
167.71.43.127	attackbots	2019-09-16T01:13:45.663176 sshd[25912]: Invalid user camera from 167.71.43.127 port 53548 2019-09-16T01:13:45.676937 sshd[25912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.43.127 2019-09-16T01:13:45.663176 sshd[25912]: Invalid user camera from 167.71.43.127 port 53548 2019-09-16T01:13:47.331880 sshd[25912]: Failed password for invalid user camera from 167.71.43.127 port 53548 ssh2 2019-09-16T01:17:30.172136 sshd[25979]: Invalid user bosstt from 167.71.43.127 port 39080 ...	2019-09-16 11:21:09
200.54.255.253	attackspam	Sep 16 05:28:44 lnxmysql61 sshd[498]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.255.253 Sep 16 05:28:45 lnxmysql61 sshd[498]: Failed password for invalid user weblogic from 200.54.255.253 port 52218 ssh2 Sep 16 05:33:18 lnxmysql61 sshd[1144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.54.255.253	2019-09-16 11:53:55
170.106.84.83	attackbots	CN - 1H : (344) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN132203 IP : 170.106.84.83 CIDR : 170.106.84.0/23 PREFIX COUNT : 595 UNIQUE IP COUNT : 481792 WYKRYTE ATAKI Z ASN132203 : 1H - 4 3H - 7 6H - 11 12H - 14 24H - 22 INFO : Best E-Mail Spam Filter Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-16 11:20:46
37.187.22.227	attackspambots	Sep 15 17:22:37 web9 sshd\[26609\]: Invalid user rd from 37.187.22.227 Sep 15 17:22:37 web9 sshd\[26609\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.22.227 Sep 15 17:22:39 web9 sshd\[26609\]: Failed password for invalid user rd from 37.187.22.227 port 54018 ssh2 Sep 15 17:26:51 web9 sshd\[27407\]: Invalid user wifi from 37.187.22.227 Sep 15 17:26:51 web9 sshd\[27407\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.187.22.227	2019-09-16 11:39:19
200.211.250.195	attackspam	$f2bV_matches	2019-09-16 11:31:06
200.117.185.230	attackspambots	Sep 16 01:16:22 www sshd\[17488\]: Invalid user yana from 200.117.185.230 port 48929 ...	2019-09-16 11:36:06
93.241.199.210	attackspam	Sep 16 06:10:24 www5 sshd\[59201\]: Invalid user jahangir from 93.241.199.210 Sep 16 06:10:24 www5 sshd\[59201\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.241.199.210 Sep 16 06:10:27 www5 sshd\[59201\]: Failed password for invalid user jahangir from 93.241.199.210 port 45308 ssh2 ...	2019-09-16 11:29:38
222.186.30.59	attackbotsspam	Sep 16 05:18:17 rotator sshd\[24838\]: Failed password for root from 222.186.30.59 port 47916 ssh2Sep 16 05:18:19 rotator sshd\[24838\]: Failed password for root from 222.186.30.59 port 47916 ssh2Sep 16 05:18:21 rotator sshd\[24838\]: Failed password for root from 222.186.30.59 port 47916 ssh2Sep 16 05:24:03 rotator sshd\[25672\]: Failed password for root from 222.186.30.59 port 19893 ssh2Sep 16 05:24:06 rotator sshd\[25672\]: Failed password for root from 222.186.30.59 port 19893 ssh2Sep 16 05:24:08 rotator sshd\[25672\]: Failed password for root from 222.186.30.59 port 19893 ssh2 ...	2019-09-16 11:36:56

Recently Reported IPs

83.241.12.64	49.194.51.10	37.112.4.243	142.113.220.224
156.220.12.35	101.31.139.91	177.112.178.105	103.246.100.122
212.5.232.186	51.38.238.22	41.58.80.249	121.30.226.25
144.40.113.245	82.93.238.183	177.21.115.1	81.96.72.201
111.253.222.15	31.32.46.165	134.209.43.119	208.178.46.107