14.166.204.21 - IPInfo

Basic Info

City: Hanoi

Region: Hanoi

Country: Viet Nam

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.166.204.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39923
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.166.204.21.			IN	A

;; AUTHORITY SECTION:
.			255	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060101 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 12:43:54 CST 2020
;; MSG SIZE  rcvd: 117

Host info

21.204.166.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
21.204.166.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
51.83.2.148	attack	51.83.2.148 - - \[01/Apr/2020:04:10:11 +0200\] "POST /wp-login.php HTTP/1.1" 200 9691 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 51.83.2.148 - - \[01/Apr/2020:05:53:21 +0200\] "POST /wp-login.php HTTP/1.1" 200 9691 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2020-04-01 14:47:03
202.5.18.84	attackspam	SSH Authentication Attempts Exceeded	2020-04-01 14:31:55
195.154.170.245	attackspambots	(mod_security) mod_security (id:225170) triggered by 195.154.170.245 (FR/France/195-154-170-245.rev.poneytelecom.eu): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Mar 31 23:53:36.475554 2020] [:error] [pid 7312:tid 47018766657280] [client 195.154.170.245:52160] [client 195.154.170.245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cjthedj97.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cjthedj97.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "XoQQQDAU0kaR6cW5LXIU1AAAARg"]	2020-04-01 14:35:34
79.143.31.227	attack	3x Failed Password	2020-04-01 14:53:48
185.163.31.180	attackbots	Apr 1 08:13:12 host sshd[40323]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.163.31.180 user=root Apr 1 08:13:14 host sshd[40323]: Failed password for root from 185.163.31.180 port 53695 ssh2 ...	2020-04-01 14:55:13
94.19.29.200	attackspambots	DATE:2020-04-01 05:53:00, IP:94.19.29.200, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-04-01 15:02:30
129.211.49.227	attackspam	Apr 1 02:01:39 ws19vmsma01 sshd[234142]: Failed password for root from 129.211.49.227 port 38834 ssh2 ...	2020-04-01 14:36:31
123.1.174.156	attackbotsspam	Apr 1 05:25:14 *** sshd[10651]: User root from 123.1.174.156 not allowed because not listed in AllowUsers	2020-04-01 14:47:52
198.108.66.144	attackbots	198.108.66.144 - - - [01/Apr/2020:03:53:06 +0000] "GET / HTTP/1.1" 404 162 "-" "Mozilla/5.0 zgrab/0.x" "-" "-"	2020-04-01 14:54:37
182.53.96.206	attackbotsspam	20/3/31@23:53:49: FAIL: Alarm-Intrusion address from=182.53.96.206 ...	2020-04-01 14:25:35
187.95.124.230	attack	Invalid user aru from 187.95.124.230 port 47306	2020-04-01 14:41:48
49.233.202.62	attackspam	(sshd) Failed SSH login from 49.233.202.62 (CN/China/-): 5 in the last 3600 secs	2020-04-01 14:41:30
182.86.227.240	attackspambots	Apr 1 06:24:07 host proftpd[31133]: 0.0.0.0 (182.86.227.240[182.86.227.240]) - USER anonymous: no such user found from 182.86.227.240 [182.86.227.240] to 163.172.107.87:21 ...	2020-04-01 14:55:30
84.22.43.100	attackbotsspam	Apr 1 05:45:10 mail.srvfarm.net postfix/smtpd[1072815]: NOQUEUE: reject: RCPT from unknown[84.22.43.100]: 554 5.7.1 Service unavailable; Client host [84.22.43.100] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?84.22.43.100; from= to= proto=ESMTP helo= Apr 1 05:45:10 mail.srvfarm.net postfix/smtpd[1072815]: NOQUEUE: reject: RCPT from unknown[84.22.43.100]: 554 5.7.1 Service unavailable; Client host [84.22.43.100] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?84.22.43.100; from= to= proto=ESMTP helo= Apr 1 05:45:11 mail.srvfarm.net postfix/smtpd[1072815]: NOQUEUE: reject: RCPT from unknown[84.22.43.100]: 554 5.7.1 Service unavailable; Client host [84.22.43.100] blocked using bl.spamcop.net; Blocked - see https://www.spamcop.net/bl.shtml?84.22.43.100; from= to=	2020-04-01 14:27:47
195.54.167.58	attackbots	Apr 1 08:23:03 debian-2gb-nbg1-2 kernel: \[7981232.849177\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.58 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=35935 PROTO=TCP SPT=56666 DPT=6051 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-01 14:48:15

Recently Reported IPs

192.117.146.204	167.114.2.152	156.62.220.57	219.49.97.17
49.108.74.101	117.190.158.103	134.14.102.125	206.107.12.25
164.44.245.246	69.73.77.191	208.91.109.50	48.100.145.172
164.24.196.22	55.56.110.228	143.60.204.25	103.60.186.21
209.92.225.35	93.30.206.169	155.179.78.143	209.51.100.218