14.245.16.130 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 23-09-2019 04:55:24.	2019-09-23 14:47:19

Comments on same subnet:

IP	Type	Details	Datetime
14.245.164.173	attack	Unauthorized connection attempt from IP address 14.245.164.173 on Port 445(SMB)	2020-05-10 02:01:50
14.245.164.227	attackspambots	1578977931 - 01/14/2020 05:58:51 Host: 14.245.164.227/14.245.164.227 Port: 445 TCP Blocked	2020-01-14 13:15:47
14.245.167.206	attackspambots	Aug 10 22:29:59 Server10 sshd[2758]: Invalid user user from 14.245.167.206 port 46508 Aug 10 22:30:00 Server10 sshd[2758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.245.167.206 Aug 10 22:30:02 Server10 sshd[2758]: Failed password for invalid user user from 14.245.167.206 port 46508 ssh2	2019-09-02 17:44:00
14.245.167.95	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-05 06:58:40,706 INFO [shellcode_manager] (14.245.167.95) no match, writing hexdump (4e37474768e1fe3643c06b87ef6af6d0 :2360467) - MS17010 (EternalBlue)	2019-07-05 20:02:45
14.245.163.138	attackspambots	Unauthorized connection attempt from IP address 14.245.163.138 on Port 445(SMB)	2019-07-02 05:14:37

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.245.16.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35291
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.245.16.130.			IN	A

;; AUTHORITY SECTION:
.			562	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092300 1800 900 604800 86400

;; Query time: 242 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 23 14:47:10 CST 2019
;; MSG SIZE  rcvd: 117

Host info

130.16.245.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
130.16.245.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.32.93.237	attackbotsspam	2020-07-23T08:49:03.271109mail.standpoint.com.ua sshd[30626]: Invalid user debian from 213.32.93.237 port 37308 2020-07-23T08:49:03.273972mail.standpoint.com.ua sshd[30626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=judge.sdslab.cat 2020-07-23T08:49:03.271109mail.standpoint.com.ua sshd[30626]: Invalid user debian from 213.32.93.237 port 37308 2020-07-23T08:49:04.956112mail.standpoint.com.ua sshd[30626]: Failed password for invalid user debian from 213.32.93.237 port 37308 ssh2 2020-07-23T08:53:14.299954mail.standpoint.com.ua sshd[31159]: Invalid user naman from 213.32.93.237 port 51392 ...	2020-07-23 18:36:34
47.190.132.213	attackspam	$f2bV_matches	2020-07-23 18:08:40
106.13.37.170	attackbots	Jul 23 10:24:02 vps-51d81928 sshd[57252]: Invalid user carine from 106.13.37.170 port 40744 Jul 23 10:24:02 vps-51d81928 sshd[57252]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.37.170 Jul 23 10:24:02 vps-51d81928 sshd[57252]: Invalid user carine from 106.13.37.170 port 40744 Jul 23 10:24:04 vps-51d81928 sshd[57252]: Failed password for invalid user carine from 106.13.37.170 port 40744 ssh2 Jul 23 10:26:54 vps-51d81928 sshd[57326]: Invalid user szw from 106.13.37.170 port 49596 ...	2020-07-23 18:34:52
218.92.0.184	attack	$f2bV_matches	2020-07-23 18:28:22
202.137.155.171	attack	Dovecot Invalid User Login Attempt.	2020-07-23 18:12:17
157.55.39.16	attackbotsspam	IP 157.55.39.16 attacked honeypot on port: 80 at 7/22/2020 8:51:24 PM	2020-07-23 18:16:53
35.222.207.7	attack	Invalid user sybase from 35.222.207.7 port 38418	2020-07-23 18:28:41
61.133.232.254	attackbotsspam	2020-07-22 UTC: (12x) - admin,angga,epaper,ftpuser,gast,kalina,marine,mdm,moh,mp3,oper,webftp	2020-07-23 18:00:40
182.61.49.179	attackbotsspam	Invalid user felix from 182.61.49.179 port 44032	2020-07-23 18:25:10
80.82.64.98	attackspambots	Jul 23 10:29:22 WHD8 dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.64.98, lip=10.64.89.208, session=\ Jul 23 10:35:03 WHD8 dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.64.98, lip=10.64.89.208, session=\ Jul 23 10:46:32 WHD8 dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.64.98, lip=10.64.89.208, session=\<2oiO5BerGPpQUkBi\> Jul 23 10:59:25 WHD8 dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.64.98, lip=10.64.89.208, session=\ Jul 23 11:05:06 WHD8 dovecot: pop3-login: Aborted login $auth failed, 1 attempts in 2 secs$: user=\, method=PLAIN, rip=80.82.64.98, lip=10.64.89.208, ...	2020-07-23 18:39:43
121.254.254.82	attackspambots	-	2020-07-23 18:15:09
187.217.199.20	attack	$f2bV_matches	2020-07-23 18:04:04
1.30.219.93	attackspambots	07/23/2020-04:10:47.402659 1.30.219.93 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-07-23 18:31:37
123.58.3.14	attackspambots	2020/07/23 05:44:42 [error] 29205#29205: 610663 open() "/usr/share/nginx/html/cgi-bin/php" failed (2: No such file or directory), client: 123.58.3.14, server: _, request: "POST /cgi-bin/php?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1", host: "185.118.197.123" 2020/07/23 05:44:42 [error] 29205#29205: 610663 open() "/usr/share/nginx/html/cgi-bin/php5" failed (2: No such file or directory), client: 123.58.3.14, server: _, request: "POST /cgi-bin/php5?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%	2020-07-23 18:38:03
113.183.53.141	attackbotsspam	Unauthorised access (Jul 23) SRC=113.183.53.141 LEN=52 TTL=111 ID=2002 DF TCP DPT=445 WINDOW=8192 SYN	2020-07-23 18:37:18

Recently Reported IPs

188.63.119.81	172.57.175.134	11.209.3.147	94.69.231.132
147.91.254.203	64.77.39.1	133.23.216.115	222.186.173.201
120.183.139.56	128.0.30.244	120.150.28.188	222.186.173.183
164.60.73.22	122.254.1.68	116.203.71.239	222.186.169.192
102.165.35.203	114.67.80.40	123.207.47.114	23.108.233.166