14.226.54.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	1593230117 - 06/27/2020 05:55:17 Host: 14.226.54.149/14.226.54.149 Port: 445 TCP Blocked	2020-06-27 13:35:23

Comments on same subnet:

IP	Type	Details	Datetime
14.226.54.223	attackspambots	Icarus honeypot on github	2020-08-21 13:09:45
14.226.54.182	attack	20/8/15@10:43:48: FAIL: Alarm-Network address from=14.226.54.182 ...	2020-08-16 00:05:16
14.226.54.140	attackspambots	1594352993 - 07/10/2020 05:49:53 Host: 14.226.54.140/14.226.54.140 Port: 445 TCP Blocked	2020-07-10 19:06:40
14.226.54.2	attackspam	2019-03-11 09:44:55 H=$static.vnpt.vn$ \[14.226.54.2\]:20207 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-11 09:45:09 H=$static.vnpt.vn$ \[14.226.54.2\]:20333 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed 2019-03-11 09:45:14 H=$static.vnpt.vn$ \[14.226.54.2\]:20390 I=\[193.107.88.166\]:25 F=\ rejected RCPT \: Sender verify failed ...	2020-02-04 22:00:19
14.226.54.122	attackspam	1579064116 - 01/15/2020 05:55:16 Host: 14.226.54.122/14.226.54.122 Port: 445 TCP Blocked	2020-01-15 13:54:15
14.226.54.197	attackbots	Unauthorized connection attempt detected from IP address 14.226.54.197 to port 445	2019-12-15 15:51:17
14.226.54.35	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/14.226.54.35/ VN - 1H : (38) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : VN NAME ASN : ASN45899 IP : 14.226.54.35 CIDR : 14.226.48.0/21 PREFIX COUNT : 2411 UNIQUE IP COUNT : 7209216 ATTACKS DETECTED ASN45899 : 1H - 1 3H - 1 6H - 2 12H - 4 24H - 7 DateTime : 2019-10-21 05:56:10 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-21 12:01:08
14.226.54.241	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 14-10-2019 04:55:19.	2019-10-14 14:16:32

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.226.54.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7802
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.226.54.149.			IN	A

;; AUTHORITY SECTION:
.			428	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062700 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 27 13:35:13 CST 2020
;; MSG SIZE  rcvd: 117

Host info

149.54.226.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		100.100.2.138
Address:	100.100.2.138#53

Non-authoritative answer:
149.54.226.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.216.140.252	attackspam	08/15/2019-14:00:43.325015 185.216.140.252 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-16 02:43:47
140.246.191.130	attackbotsspam	Aug 15 20:47:59 srv-4 sshd\[20549\]: Invalid user qhsupport from 140.246.191.130 Aug 15 20:47:59 srv-4 sshd\[20549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.191.130 Aug 15 20:48:01 srv-4 sshd\[20549\]: Failed password for invalid user qhsupport from 140.246.191.130 port 9375 ssh2 ...	2019-08-16 02:32:59
189.176.22.57	attack	$f2bV_matches	2019-08-16 02:43:12
106.12.107.225	attackspam	Aug 15 05:37:39 php1 sshd\[3418\]: Invalid user sameer from 106.12.107.225 Aug 15 05:37:39 php1 sshd\[3418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.107.225 Aug 15 05:37:41 php1 sshd\[3418\]: Failed password for invalid user sameer from 106.12.107.225 port 37816 ssh2 Aug 15 05:44:19 php1 sshd\[4707\]: Invalid user palonso from 106.12.107.225 Aug 15 05:44:19 php1 sshd\[4707\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.107.225	2019-08-16 02:27:15
203.220.102.194	attackspambots	" "	2019-08-16 02:18:06
123.12.87.238	attackspam	Telnet Server BruteForce Attack	2019-08-16 02:30:27
81.171.81.230	attackbotsspam	RDP brute forcing (d)	2019-08-16 02:19:29
58.218.66.10	attackspam	Aug 15 05:20:26 localhost kernel: [17105019.467402] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=58.218.66.10 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x20 TTL=104 ID=5047 DF PROTO=TCP SPT=27812 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 15 05:20:26 localhost kernel: [17105019.467427] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=58.218.66.10 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x20 TTL=104 ID=5047 DF PROTO=TCP SPT=27812 DPT=1433 SEQ=1593247962 ACK=0 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B40103030201010402) Aug 15 05:20:29 localhost kernel: [17105022.497405] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=58.218.66.10 DST=[mungedIP2] LEN=52 TOS=0x08 PREC=0x20 TTL=104 ID=6810 DF PROTO=TCP SPT=27812 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0 Aug 15 05:20:29 localhost kernel: [17105022.497414] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:84:78:ac:57:a8:41:08:00 SRC=58.218.66.10	2019-08-16 02:40:55
132.232.108.143	attack	SSH Brute Force	2019-08-16 02:33:17
201.17.133.23	attackbots	firewall-block, port(s): 3389/tcp	2019-08-16 02:39:37
148.70.226.250	attackspam	2019-08-15T09:51:39.662484abusebot-5.cloudsearch.cf sshd\[8971\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.226.250 user=root	2019-08-16 02:32:26
101.71.51.192	attackbotsspam	$f2bV_matches	2019-08-16 02:31:05
195.31.160.74	attackspam	Aug 15 17:17:04 XXXXXX sshd[19612]: Invalid user rsyncd from 195.31.160.74 port 33752	2019-08-16 02:08:27
92.114.194.160	attackspambots	445/tcp 445/tcp 445/tcp... [2019-06-23/08-15]15pkt,1pt.(tcp)	2019-08-16 02:03:57
187.87.104.62	attackspam	Reported by AbuseIPDB proxy server.	2019-08-16 01:57:22

Recently Reported IPs

111.250.182.74	42.115.123.80	111.229.3.119	91.98.106.155
18.156.153.38	180.152.18.65	172.86.126.190	13.82.169.159
125.44.119.172	47.74.88.193	47.240.248.155	70.145.240.34
31.62.141.45	88.101.231.115	134.122.81.136	95.182.122.131
113.116.48.191	114.119.166.10	45.9.250.5	117.32.107.101