City: unknown
Region: unknown
Country: Viet Nam
Internet Service Provider: Vietnam Posts and Telecommunications Group
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attackspambots | Unauthorized connection attempt detected from IP address 14.245.2.30 to port 445 |
2020-01-04 16:40:55 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 14.245.230.134 | attackbotsspam | Icarus honeypot on github |
2020-08-17 02:21:12 |
| 14.245.211.93 | attackspambots | 06/26/2020-23:55:13.260209 14.245.211.93 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433 |
2020-06-27 13:39:59 |
| 14.245.247.145 | attackbots | Unauthorized connection attempt from IP address 14.245.247.145 on Port 445(SMB) |
2020-05-03 20:51:37 |
| 14.245.242.66 | attack | Unauthorized connection attempt from IP address 14.245.242.66 on Port 445(SMB) |
2020-04-27 00:57:05 |
| 14.245.220.244 | attackbots | 445/tcp [2020-04-04]1pkt |
2020-04-05 04:44:56 |
| 14.245.29.167 | attackbotsspam | 445/tcp 445/tcp 445/tcp... [2020-02-01/03-23]6pkt,1pt.(tcp) |
2020-03-23 14:20:49 |
| 14.245.240.103 | attackbots | Lines containing failures of 14.245.240.103 auth.log:Feb 10 14:39:28 omfg sshd[29626]: Connection from 14.245.240.103 port 56141 on 78.46.60.16 port 22 auth.log:Feb 10 14:39:28 omfg sshd[29626]: Did not receive identification string from 14.245.240.103 auth.log:Feb 10 14:39:29 omfg sshd[29627]: Connection from 14.245.240.103 port 56124 on 78.46.60.41 port 22 auth.log:Feb 10 14:39:29 omfg sshd[29627]: Did not receive identification string from 14.245.240.103 auth.log:Feb 10 14:39:29 omfg sshd[29628]: Connection from 14.245.240.103 port 56139 on 78.46.60.50 port 22 auth.log:Feb 10 14:39:29 omfg sshd[29628]: Did not receive identification string from 14.245.240.103 auth.log:Feb 10 14:39:33 omfg sshd[29632]: Connection from 14.245.240.103 port 56062 on 78.46.60.50 port 22 auth.log:Feb 10 14:39:34 omfg sshd[29632]: Invalid user thostname0nich from 14.245.240.103 auth.log:Feb 10 14:39:34 omfg sshd[29632]: Connection closed by 14.245.240.103 port 56062 [preauth] ........ ------------------------------------------- |
2020-02-10 23:36:33 |
| 14.245.232.130 | attack | unauthorized connection attempt |
2020-01-22 17:52:47 |
| 14.245.212.200 | attack | unauthorized connection attempt |
2020-01-17 14:10:18 |
| 14.245.204.47 | attackbots | Unauthorized connection attempt from IP address 14.245.204.47 on Port 445(SMB) |
2020-01-17 01:28:09 |
| 14.245.2.184 | attackspam | Unauthorized connection attempt from IP address 14.245.2.184 on Port 445(SMB) |
2020-01-03 19:08:53 |
| 14.245.234.20 | attackbots | Automatic report - Port Scan Attack |
2019-11-18 20:12:29 |
| 14.245.247.105 | attack | Attempt to attack host OS, exploiting network vulnerabilities, on 16-11-2019 06:20:29. |
2019-11-16 20:25:13 |
| 14.245.209.218 | attackspambots | Lines containing failures of 14.245.209.218 Oct 21 03:49:13 omfg postfix/smtpd[23347]: warning: hostname static.vnpt.vn does not resolve to address 14.245.209.218 Oct 21 03:49:13 omfg postfix/smtpd[23347]: connect from unknown[14.245.209.218] Oct x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.245.209.218 |
2019-10-23 07:09:00 |
| 14.245.200.48 | attackbots | Attempt to attack host OS, exploiting network vulnerabilities, on 28-09-2019 13:35:14. |
2019-09-28 21:17:46 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.245.2.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45669
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.245.2.30. IN A
;; AUTHORITY SECTION:
. 384 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020010400 1800 900 604800 86400
;; Query time: 93 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jan 04 16:40:51 CST 2020
;; MSG SIZE rcvd: 11530.2.245.14.in-addr.arpa domain name pointer static.vnpt.vn.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
30.2.245.14.in-addr.arpa name = static.vnpt.vn.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 68.183.48.172 | attack | Nov 19 13:37:54 php1 sshd\[25464\]: Invalid user aud from 68.183.48.172 Nov 19 13:37:54 php1 sshd\[25464\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 Nov 19 13:37:56 php1 sshd\[25464\]: Failed password for invalid user aud from 68.183.48.172 port 39163 ssh2 Nov 19 13:41:48 php1 sshd\[25891\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.48.172 user=root Nov 19 13:41:50 php1 sshd\[25891\]: Failed password for root from 68.183.48.172 port 57272 ssh2 |
2019-11-20 07:52:07 |
| 45.80.104.119 | attackbots | 9.260.741,85-03/02 [bc18/m74] PostRequest-Spammer scoring: Lusaka01 |
2019-11-20 07:30:46 |
| 202.61.120.218 | attackspambots | 445/tcp 445/tcp 445/tcp [2019-10-11/11-19]3pkt |
2019-11-20 07:40:37 |
| 54.36.148.169 | attackbotsspam | www noscript ... |
2019-11-20 07:22:36 |
| 81.22.45.71 | attack | Unauthorised access (Nov 20) SRC=81.22.45.71 LEN=40 TTL=248 ID=21444 TCP DPT=3389 WINDOW=1024 SYN |
2019-11-20 07:37:14 |
| 196.37.111.104 | attackbots | 1433/tcp 1433/tcp 1433/tcp [2019-11-03/19]3pkt |
2019-11-20 07:19:26 |
| 190.36.255.87 | attackbotsspam | 23/tcp 23/tcp 23/tcp [2019-10-09/11-19]3pkt |
2019-11-20 07:34:14 |
| 162.193.170.75 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/162.193.170.75/ US - 1H : (148) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN7018 IP : 162.193.170.75 CIDR : 162.193.0.0/16 PREFIX COUNT : 9621 UNIQUE IP COUNT : 81496832 ATTACKS DETECTED ASN7018 : 1H - 2 3H - 5 6H - 6 12H - 6 24H - 10 DateTime : 2019-11-19 22:11:39 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-11-20 07:48:15 |
| 216.10.249.73 | attack | Invalid user selenite from 216.10.249.73 port 38280 |
2019-11-20 07:48:45 |
| 150.95.199.179 | attackspam | Nov 20 00:28:14 server sshd\[12798\]: Invalid user pv from 150.95.199.179 Nov 20 00:28:14 server sshd\[12798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v150-95-199-179.a0f3.g.tyo1.static.cnode.io Nov 20 00:28:16 server sshd\[12798\]: Failed password for invalid user pv from 150.95.199.179 port 43838 ssh2 Nov 20 00:45:53 server sshd\[17241\]: Invalid user kanetsuki from 150.95.199.179 Nov 20 00:45:53 server sshd\[17241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=v150-95-199-179.a0f3.g.tyo1.static.cnode.io ... |
2019-11-20 07:34:42 |
| 201.219.217.70 | attackspambots | Brute force attempt |
2019-11-20 07:44:40 |
| 77.247.108.77 | attackbotsspam | 77.247.108.77 was recorded 34 times by 34 hosts attempting to connect to the following ports: 5038. Incident counter (4h, 24h, all-time): 34, 250, 2943 |
2019-11-20 07:18:16 |
| 103.6.198.227 | attackbots | schuetzenmusikanten.de 103.6.198.227 \[19/Nov/2019:22:12:04 +0100\] "POST /wp-login.php HTTP/1.1" 200 6379 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" schuetzenmusikanten.de 103.6.198.227 \[19/Nov/2019:22:12:07 +0100\] "POST /wp-login.php HTTP/1.1" 200 6348 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" schuetzenmusikanten.de 103.6.198.227 \[19/Nov/2019:22:12:08 +0100\] "POST /xmlrpc.php HTTP/1.1" 200 4112 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-11-20 07:28:34 |
| 50.70.229.239 | attackspambots | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.70.229.239 user=root Failed password for root from 50.70.229.239 port 55664 ssh2 Invalid user loryn from 50.70.229.239 port 36276 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.70.229.239 Failed password for invalid user loryn from 50.70.229.239 port 36276 ssh2 |
2019-11-20 07:36:17 |
| 59.72.112.47 | attackspam | Nov 19 23:44:36 server sshd\[1966\]: Invalid user guest from 59.72.112.47 Nov 19 23:44:36 server sshd\[1966\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.112.47 Nov 19 23:44:38 server sshd\[1966\]: Failed password for invalid user guest from 59.72.112.47 port 47919 ssh2 Nov 20 00:12:00 server sshd\[8882\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.72.112.47 user=dbus Nov 20 00:12:02 server sshd\[8882\]: Failed password for dbus from 59.72.112.47 port 59191 ssh2 ... |
2019-11-20 07:31:53 |