14.161.7.137 - IPInfo

Basic Info

City: Ho Chi Minh City

Region: Ho Chi Minh

Country: Vietnam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: VNPT Corp

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-07 21:30:24,893 INFO [amun_request_handler] PortScan Detected on Port: 445 (14.161.7.137)	2019-09-08 08:31:16

Comments on same subnet:

IP	Type	Details	Datetime
14.161.70.165	attack	2020-03-1322:13:561jCrcx-00084g-K0\<=info@whatsup2013.chH=\(localhost\)[14.161.70.165]:56819P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3719id=999C2A7972A6883BE7E2AB13E75189AD@whatsup2013.chT="iamChristina"forkenyattawilliams4810@gmail.comzanderanderson2004@yahoo.com2020-03-1322:13:561jCrcx-00084c-Vm\<=info@whatsup2013.chH=\(localhost\)[42.55.164.124]:59371P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3684id=4B4EF8ABA0745AE9353079C135E1C5C8@whatsup2013.chT="iamChristina"forgeoffreywhittles@hotmail.comdeepak.singh12671@gmail.com2020-03-1322:12:421jCrbl-0007vY-4j\<=info@whatsup2013.chH=\(localhost\)[113.22.4.10]:43594P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3600id=1217A1F2F92D03B06C6920986CC530D9@whatsup2013.chT="iamChristina"fortundeemmanuel717@gmail.comskhirtladze7@mail.ru2020-03-1322:13:061jCrcA-0007yL-2J\<=info@whatsup2013.chH=mx-ll-183.89.229-114.dynamic.3bb.co	2020-03-14 08:16:41
14.161.71.131	attack	Brute force attempt	2020-03-10 17:04:52
14.161.70.18	attackbotsspam	Feb 24 05:51:03 odroid64 sshd\[24417\]: Invalid user admin from 14.161.70.18 Feb 24 05:51:03 odroid64 sshd\[24417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.70.18 ...	2020-02-24 16:54:55
14.161.7.225	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 25-12-2019 14:55:09.	2019-12-26 00:37:22
14.161.71.0	attackspambots	"SMTP brute force auth login attempt."	2019-12-22 13:43:47
14.161.71.10	attackbotsspam	Unauthorized connection attempt from IP address 14.161.71.10 on Port 445(SMB)	2019-12-13 19:15:03
14.161.71.103	attack	Invalid user admin from 14.161.71.103 port 54912	2019-10-27 04:00:53
14.161.7.97	attack	Aug 16 22:01:55 bouncer sshd\[4832\]: Invalid user admin from 14.161.7.97 port 12450 Aug 16 22:01:55 bouncer sshd\[4832\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.161.7.97 Aug 16 22:01:58 bouncer sshd\[4832\]: Failed password for invalid user admin from 14.161.7.97 port 12450 ssh2 ...	2019-08-17 09:02:52
14.161.7.208	attackspam	Unauthorized connection attempt from IP address 14.161.7.208 on Port 445(SMB)	2019-07-09 13:46:31
14.161.70.25	attack	SMTP Fraud Orders	2019-07-02 12:10:15

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.161.7.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7586
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.161.7.137.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042500 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Thu Apr 25 21:48:49 +08 2019
;; MSG SIZE  rcvd: 116

Host info

137.7.161.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
137.7.161.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.32.160.140	attackspambots	SSH/SMTP Brute Force	2019-10-05 04:17:21
222.186.175.216	attackspambots	Automated report - ssh fail2ban: Oct 4 22:01:36 wrong password, user=root, port=45458, ssh2 Oct 4 22:01:42 wrong password, user=root, port=45458, ssh2 Oct 4 22:01:47 wrong password, user=root, port=45458, ssh2 Oct 4 22:01:53 wrong password, user=root, port=45458, ssh2	2019-10-05 04:01:57
176.215.255.234	attackspambots	Automatic report - Banned IP Access	2019-10-05 04:18:25
185.44.231.63	attackbotsspam	SPF Fail sender not permitted to send mail for @ucom.am / Sent mail to target address hacked/leaked from abandonia in 2016	2019-10-05 04:17:56
71.6.232.4	attackspambots	Scanning random ports - tries to find possible vulnerable services	2019-10-05 04:05:51
159.203.193.41	attackbotsspam	110/tcp 1023/tcp 5672/tcp... [2019-09-12/10-03]20pkt,19pt.(tcp),1pt.(udp)	2019-10-05 03:53:47
122.117.102.115	attack	81/tcp 23/tcp [2019-09-11/10-04]2pkt	2019-10-05 04:24:21
169.255.7.94	attack	445/tcp 445/tcp 445/tcp... [2019-08-12/10-04]8pkt,1pt.(tcp)	2019-10-05 04:02:23
176.67.57.203	attackbots	445/tcp 445/tcp 445/tcp... [2019-08-07/10-04]15pkt,1pt.(tcp)	2019-10-05 03:59:54
42.5.155.149	attackbotsspam	Unauthorised access (Oct 4) SRC=42.5.155.149 LEN=40 TTL=49 ID=52252 TCP DPT=8080 WINDOW=13951 SYN Unauthorised access (Oct 3) SRC=42.5.155.149 LEN=40 TTL=49 ID=64986 TCP DPT=8080 WINDOW=37071 SYN Unauthorised access (Oct 3) SRC=42.5.155.149 LEN=40 TTL=49 ID=3348 TCP DPT=8080 WINDOW=50791 SYN Unauthorised access (Oct 3) SRC=42.5.155.149 LEN=40 TTL=49 ID=15882 TCP DPT=8080 WINDOW=41479 SYN	2019-10-05 04:25:15
69.17.158.101	attackbots	Oct 4 21:51:52 dev0-dcfr-rnet sshd[970]: Failed password for root from 69.17.158.101 port 59462 ssh2 Oct 4 22:04:15 dev0-dcfr-rnet sshd[984]: Failed password for root from 69.17.158.101 port 59748 ssh2	2019-10-05 04:13:03
185.81.157.136	attack	445/tcp 445/tcp 445/tcp... [2019-08-08/10-04]13pkt,1pt.(tcp)	2019-10-05 04:15:09
187.12.181.106	attack	2019-10-04T20:19:35.975897abusebot-8.cloudsearch.cf sshd\[29800\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.181.106 user=root	2019-10-05 04:26:40
62.122.201.241	attackbotsspam	Sent mail to address hacked/leaked from Dailymotion	2019-10-05 04:19:22
115.231.222.131	attackspambots	445/tcp 445/tcp [2019-09-25/10-04]2pkt	2019-10-05 03:52:37

Recently Reported IPs

92.114.40.165	17.244.144.153	190.108.45.188	197.44.136.114
111.134.25.156	84.2.228.152	32.47.242.140	89.162.143.170
212.26.247.7	13.225.168.90	1.46.237.12	183.35.60.162
217.189.190.172	162.244.83.249	46.42.145.184	177.204.87.87
23.88.224.179	160.212.232.250	31.150.172.238	14.248.111.99