14.167.220.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 31-03-2020 04:55:17.	2020-03-31 12:45:05

Comments on same subnet:

IP	Type	Details	Datetime
14.167.220.25	attack	Unauthorized connection attempt from IP address 14.167.220.25 on Port 445(SMB)	2019-09-24 04:53:39
14.167.220.157	attack	Unauthorized connection attempt from IP address 14.167.220.157 on Port 445(SMB)	2019-08-14 11:53:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.167.220.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45480
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.167.220.91.			IN	A

;; AUTHORITY SECTION:
.			487	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033001 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 12:44:53 CST 2020
;; MSG SIZE  rcvd: 117

Host info

91.220.167.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
91.220.167.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.162.11.254	attackbots	MX - 1H : (19) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MX NAME ASN : ASN6503 IP : 187.162.11.254 CIDR : 187.162.10.0/23 PREFIX COUNT : 2074 UNIQUE IP COUNT : 1522176 WYKRYTE ATAKI Z ASN6503 : 1H - 2 3H - 3 6H - 4 12H - 6 24H - 8 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-15 08:07:40
106.12.30.229	attackspambots	Sep 14 22:19:13 nextcloud sshd\[4548\]: Invalid user doudou from 106.12.30.229 Sep 14 22:19:13 nextcloud sshd\[4548\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.30.229 Sep 14 22:19:16 nextcloud sshd\[4548\]: Failed password for invalid user doudou from 106.12.30.229 port 58264 ssh2 ...	2019-09-15 08:12:16
49.235.76.84	attack	Automatic report - Banned IP Access	2019-09-15 07:56:48
159.203.169.16	attackspambots	2019-09-15T00:09:53.263756abusebot-5.cloudsearch.cf sshd\[20385\]: Invalid user avahi-autoipd from 159.203.169.16 port 35084	2019-09-15 08:12:56
220.177.50.195	attackspam	IMAP brute force ...	2019-09-15 08:26:12
187.191.99.44	attack	Lines containing failures of 187.191.99.44 Sep 14 20:56:48 shared04 sshd[725]: Invalid user cvs from 187.191.99.44 port 60872 Sep 14 20:56:48 shared04 sshd[725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.191.99.44 Sep 14 20:56:49 shared04 sshd[725]: Failed password for invalid user cvs from 187.191.99.44 port 60872 ssh2 Sep 14 20:56:49 shared04 sshd[725]: Received disconnect from 187.191.99.44 port 60872:11: Bye Bye [preauth] Sep 14 20:56:49 shared04 sshd[725]: Disconnected from invalid user cvs 187.191.99.44 port 60872 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=187.191.99.44	2019-09-15 08:07:21
103.3.61.139	attackspambots	Sep 14 23:48:19 www sshd\[42366\]: Invalid user test from 103.3.61.139Sep 14 23:48:21 www sshd\[42366\]: Failed password for invalid user test from 103.3.61.139 port 33870 ssh2Sep 14 23:53:52 www sshd\[42402\]: Invalid user 2 from 103.3.61.139 ...	2019-09-15 07:47:17
152.242.14.150	attackspam	Sep 14 20:04:45 nxxxxxxx sshd[8724]: reveeclipse mapping checking getaddrinfo for 152-242-14-150.user.vivozap.com.br [152.242.14.150] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 14 20:04:46 nxxxxxxx sshd[8724]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.242.14.150 user=r.r Sep 14 20:04:48 nxxxxxxx sshd[8724]: Failed password for r.r from 152.242.14.150 port 45813 ssh2 Sep 14 20:04:48 nxxxxxxx sshd[8724]: Received disconnect from 152.242.14.150: 11: Bye Bye [preauth] Sep 14 20:04:50 nxxxxxxx sshd[8749]: reveeclipse mapping checking getaddrinfo for 152-242-14-150.user.vivozap.com.br [152.242.14.150] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 14 20:04:50 nxxxxxxx sshd[8749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=152.242.14.150 user=r.r Sep 14 20:04:52 nxxxxxxx sshd[8749]: Failed password for r.r from 152.242.14.150 port 45814 ssh2 Sep 14 20:04:53 nxxxxxxx sshd[8749]: Received disc........ -------------------------------	2019-09-15 08:22:14
31.13.34.202	attack	proto=tcp . spt=47353 . dpt=25 . (listed on Blocklist de Sep 14) (791)	2019-09-15 07:45:49
123.206.88.24	attack	Sep 14 22:41:14 sshgateway sshd\[5437\]: Invalid user spotlight from 123.206.88.24 Sep 14 22:41:14 sshgateway sshd\[5437\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.88.24 Sep 14 22:41:15 sshgateway sshd\[5437\]: Failed password for invalid user spotlight from 123.206.88.24 port 59694 ssh2	2019-09-15 07:51:34
68.151.199.105	attackbots	[portscan] Port scan	2019-09-15 08:04:03
51.79.71.142	attack	Sep 15 01:45:31 SilenceServices sshd[25157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.71.142 Sep 15 01:45:32 SilenceServices sshd[25157]: Failed password for invalid user training from 51.79.71.142 port 37044 ssh2 Sep 15 01:50:33 SilenceServices sshd[27011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.79.71.142	2019-09-15 07:57:43
120.52.121.86	attack	Sep 14 13:48:01 wbs sshd\[600\]: Invalid user emserver from 120.52.121.86 Sep 14 13:48:01 wbs sshd\[600\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.121.86 Sep 14 13:48:02 wbs sshd\[600\]: Failed password for invalid user emserver from 120.52.121.86 port 43723 ssh2 Sep 14 13:52:28 wbs sshd\[995\]: Invalid user adt from 120.52.121.86 Sep 14 13:52:28 wbs sshd\[995\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.121.86	2019-09-15 08:26:32
5.45.6.66	attack	Sep 15 01:34:39 rpi sshd[5163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.45.6.66 Sep 15 01:34:41 rpi sshd[5163]: Failed password for invalid user gitblit from 5.45.6.66 port 39126 ssh2	2019-09-15 08:06:55
89.33.8.34	attackbots	14.09.2019 19:51:22 Recursive DNS scan	2019-09-15 07:53:37

Recently Reported IPs

189.62.136.109	114.67.76.166	125.191.31.67	178.142.123.100
117.87.26.26	15.164.7.242	116.97.204.126	121.227.110.212
2001:558:5014:80:4c84:9c95:1dba:bb6f	113.167.96.249	189.39.153.161	1.52.154.199
45.12.161.31	217.112.142.173	146.50.253.187	134.73.51.168
237.136.208.236	250.52.96.56	54.195.16.219	155.131.208.176