14.239.20.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-19 04:14:59,066 INFO [amun_request_handler] PortScan Detected handler] PortScan Detected on Port: 445 (14.239.20.142)	2019-07-19 18:38:01

Type

Details

Datetime

attack

@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-19 04:14:59,066 INFO [amun_request_handler] PortScan Detected handler] PortScan Detected on Port: 445 (14.239.20.142)

2019-07-19 18:38:01

Comments on same subnet:

IP	Type	Details	Datetime
14.239.206.9	attackbots	445/tcp [2020-08-14]1pkt	2020-08-14 20:19:48
14.239.204.101	attackbots	firewall-block, port(s): 1433/tcp	2020-01-10 17:48:07
14.239.205.199	attack	Unauthorized connection attempt from IP address 14.239.205.199 on Port 445(SMB)	2019-10-21 00:16:25
14.239.209.146	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-13 14:42:44,260 INFO [shellcode_manager] (14.239.209.146) no match, writing hexdump (0f1bb043d02e77b5c89e3e010e145658 :2292485) - MS17010 (EternalBlue)	2019-07-14 09:18:05
14.239.209.146	attackbots	19/7/13@11:11:23: FAIL: Alarm-Intrusion address from=14.239.209.146 ...	2019-07-14 03:37:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.239.20.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30915
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.239.20.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 19 18:37:55 CST 2019
;; MSG SIZE  rcvd: 117

Host info

142.20.239.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
142.20.239.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.123.48	attackspambots	Fail2Ban Ban Triggered	2020-04-12 12:54:44
222.186.30.76	attack	Apr 12 10:03:11 gw1 sshd[26401]: Failed password for root from 222.186.30.76 port 52905 ssh2 Apr 12 10:03:13 gw1 sshd[26401]: Failed password for root from 222.186.30.76 port 52905 ssh2 ...	2020-04-12 13:05:19
80.211.230.27	attackspam	sshd jail - ssh hack attempt	2020-04-12 12:46:32
116.218.131.188	attackbotsspam	$f2bV_matches	2020-04-12 13:05:58
45.133.99.14	attack	Apr 12 07:54:06 takio postfix/smtpd[16197]: lost connection after AUTH from unknown[45.133.99.14] Apr 12 07:54:12 takio postfix/smtpd[16197]: lost connection after AUTH from unknown[45.133.99.14] Apr 12 07:54:18 takio postfix/smtpd[16201]: lost connection after AUTH from unknown[45.133.99.14]	2020-04-12 12:55:45
192.188.245.183	attackbots	Automatic report - XMLRPC Attack	2020-04-12 13:19:07
193.77.225.17	attackbots	2020-04-12T05:54:08.919451vps773228.ovh.net sshd[16881]: Failed password for invalid user oracle from 193.77.225.17 port 48500 ssh2 2020-04-12T05:57:47.909573vps773228.ovh.net sshd[18253]: Invalid user zabbix from 193.77.225.17 port 58252 2020-04-12T05:57:47.921698vps773228.ovh.net sshd[18253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.77.225.17 2020-04-12T05:57:47.909573vps773228.ovh.net sshd[18253]: Invalid user zabbix from 193.77.225.17 port 58252 2020-04-12T05:57:49.790415vps773228.ovh.net sshd[18253]: Failed password for invalid user zabbix from 193.77.225.17 port 58252 ssh2 ...	2020-04-12 12:53:44
222.186.180.6	attack	Apr 12 06:43:20 MainVPS sshd[8034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Apr 12 06:43:22 MainVPS sshd[8034]: Failed password for root from 222.186.180.6 port 5210 ssh2 Apr 12 06:43:34 MainVPS sshd[8223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Apr 12 06:43:36 MainVPS sshd[8223]: Failed password for root from 222.186.180.6 port 58374 ssh2 Apr 12 06:43:34 MainVPS sshd[8223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Apr 12 06:43:36 MainVPS sshd[8223]: Failed password for root from 222.186.180.6 port 58374 ssh2 Apr 12 06:43:52 MainVPS sshd[8223]: Failed password for root from 222.186.180.6 port 58374 ssh2 Apr 12 06:43:34 MainVPS sshd[8223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.6 user=root Apr 12 06:43:36 MainVPS sshd[8223]: Failed pa	2020-04-12 13:01:06
80.93.177.99	attackspambots	20 attempts against mh-ssh on echoip	2020-04-12 12:40:57
126.26.26.238	attackbots	20/4/11@23:57:40: FAIL: Alarm-Intrusion address from=126.26.26.238 ...	2020-04-12 12:59:32
83.97.20.175	attackbots	scan z	2020-04-12 13:01:59
70.45.133.188	attackspambots	2nd report Apr 6 23:05:23 * sshd[34071]: Invalid user invoices from 70.45.133.188 Apr 6 23:05:23 * sshd[34071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.45.133.188 Apr 6 23:05:25 * sshd[34071]: Failed password for invalid user invoices from 70.45.133.188 port 50052 ssh2 Apr 6 23:21:21 * sshd[36762]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.45.133.188 user=root Apr 6 23:21:23 * sshd[36762]: Failed password for root from 70.45.133.188 port 36968 ssh2 Mar 10 23:48:57 * sshd[34144]: Invalid user ts3 from 70.45.133.188 Mar 10 23:48:57 *** sshd[34144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=70.45.133.188	2020-04-12 13:15:29
106.12.183.209	attack	Apr 12 06:34:00 silence02 sshd[19101]: Failed password for root from 106.12.183.209 port 42214 ssh2 Apr 12 06:38:27 silence02 sshd[19542]: Failed password for root from 106.12.183.209 port 44462 ssh2	2020-04-12 12:45:41
122.228.208.113	attackbots	04/11/2020-23:57:23.492165 122.228.208.113 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-12 13:17:33
77.40.63.145	attack	Brute force attempt	2020-04-12 13:18:33

Recently Reported IPs

117.34.70.31	165.86.9.5	121.157.82.222	42.32.30.63
64.57.182.181	187.138.40.178	100.206.54.178	207.209.134.51
85.21.200.36	108.168.250.158	61.219.246.61	254.75.219.126
154.113.94.231	78.140.204.2	65.181.216.53	159.192.217.169
88.129.203.71	217.113.24.210	185.91.119.136	68.54.15.247