185.39.10.14 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Switzerland

Internet Service Provider: Network Dedicated SAS

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Hits on port : 22	2020-04-05 07:57:47
attackbots	116 packets to ports 33 52 125 220 668 1122 1151 1205 1313 1351 1395 1520 1525 1612 1665 1777 1990 1991 2008 2010 2016 2033 2230 2289 2293 3011 3030 3301 3305 3306 3308 3337 3340 3359 3370 3373 3381 3386 3600 3721 3906 3939 4010 4030 4100 4433 4444 4999 5001, etc.	2020-03-28 19:14:25
attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-12 17:23:53
attack	Portscan or hack attempt detected by psad/fwsnort	2020-02-12 04:34:36
attackspambots	Multiport scan : 83 ports scanned 4344 4354 4376 4413 4425 4429 4465 4472 4497 4503 4562 4564 4577 4596 4609 4610 4631 4640 4644 4645 4674 4688 4690 4692 4704 4720 4729 4745 4746 4777 4812 4828 4848 4851 4903 4951 4967 5044 5077 5079 5091 5125 5165 5168 5214 5230 5269 5273 5285 5287 5289 5301 5310 5322 5326 5330 5343 5359 5362 5375 5378 5394 5407 5408 5410 5431 5449 5463 5488 5489 5495 5504 5553 5586 5594 5601 5617 5633 5649 5660 .....	2020-01-14 07:42:52
attackbots	Jan 13 08:43:31 h2177944 kernel: \[2099864.974494\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.39.10.14 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=58901 PROTO=TCP SPT=58608 DPT=4433 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 08:43:31 h2177944 kernel: \[2099864.974508\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.39.10.14 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=58901 PROTO=TCP SPT=58608 DPT=4433 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 09:23:44 h2177944 kernel: \[2102277.036999\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.39.10.14 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=410 PROTO=TCP SPT=58608 DPT=4658 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 09:23:44 h2177944 kernel: \[2102277.037012\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.39.10.14 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=410 PROTO=TCP SPT=58608 DPT=4658 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 13 09:28:49 h2177944 kernel: \[2102581.856047\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.39.10.14 DST=85.214.117.9 LEN=40 T	2020-01-13 16:41:19
attack	26568/tcp 26615/tcp 26203/tcp... [2019-11-10/12-15]4888pkt,2409pt.(tcp)	2019-12-16 09:15:26

Comments on same subnet:

IP	Type	Details	Datetime
185.39.10.25	attack	TCP (SYN) 185.39.10.25:41852 -> port 6000, len 44	2020-10-06 02:57:44
185.39.10.25	attackbots	TCP (SYN) 185.39.10.25:51434 -> port 5901, len 44	2020-10-05 18:47:55
185.39.10.25	attackspam	DDoS, Port Scanning & attempted Ransomware delivery	2020-09-29 01:59:49
185.39.10.25	attack	TCP (SYN) 185.39.10.25:42273 -> port 5900, len 40	2020-09-28 18:05:59
185.39.10.87	attack	[H1.VM4] Blocked by UFW	2020-09-26 05:27:42
185.39.10.87	attackbotsspam	[MK-VM6] Blocked by UFW	2020-09-25 22:24:43
185.39.10.87	attackbots	Sep 25 04:44:14 [host] kernel: [1333862.831749] [U Sep 25 04:44:29 [host] kernel: [1333877.635412] [U Sep 25 04:49:52 [host] kernel: [1334201.242712] [U Sep 25 04:50:34 [host] kernel: [1334242.556047] [U Sep 25 04:56:00 [host] kernel: [1334568.369863] [U Sep 25 05:00:50 [host] kernel: [1334858.627447] [U	2020-09-25 14:03:01
185.39.10.25	attackbots	ET DROP Spamhaus DROP Listed Traffic Inbound group 23 - port: 5901 proto: tcp cat: Misc Attackbytes: 60	2020-09-25 08:35:03
185.39.10.87	attack	[MK-VM2] Blocked by UFW	2020-09-25 06:53:06
185.39.10.63	attack	[HOST2] Port Scan detected	2020-09-25 03:08:43
185.39.10.83	attackbots	Port scan on 3 port(s): 30625 30850 30863	2020-09-25 02:10:40
185.39.10.63	attackspam	[H1] Blocked by UFW	2020-09-24 18:51:38
185.39.10.83	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-09-24 17:50:03
185.39.10.89	attackbots	Port scan on 7 port(s): 19027 19054 19527 19623 19626 19833 19928	2020-09-24 03:01:24
185.39.10.87	attackbotsspam	[MK-VM2] Blocked by UFW	2020-09-24 02:33:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 185.39.10.14
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35038
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;185.39.10.14.			IN	A

;; AUTHORITY SECTION:
.			348	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121501 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Dec 16 09:15:22 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 14.10.39.185.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 14.10.39.185.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
111.161.74.112	attackbots	2019-11-19T09:38:22.561055ns386461 sshd\[5276\]: Invalid user server from 111.161.74.112 port 57407 2019-11-19T09:38:22.566044ns386461 sshd\[5276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.161.74.112 2019-11-19T09:38:24.382485ns386461 sshd\[5276\]: Failed password for invalid user server from 111.161.74.112 port 57407 ssh2 2019-11-19T09:46:00.529793ns386461 sshd\[12237\]: Invalid user super from 111.161.74.112 port 18418 2019-11-19T09:46:00.534336ns386461 sshd\[12237\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.161.74.112 ...	2019-11-19 17:23:26
92.118.161.29	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-19 17:33:34
172.104.94.253	attackbotsspam	[portscan] tcp/81 [alter-web/web-proxy] *(RWIN=65535)(11190859)	2019-11-19 17:33:16
175.119.91.147	attack	" "	2019-11-19 17:54:49
115.56.193.55	attackbots	[portscan] tcp/1433 [MsSQL] *(RWIN=1024)(11190859)	2019-11-19 17:40:54
104.140.188.30	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-19 17:59:51
170.130.187.34	attackbots	Port scan: Attack repeated for 24 hours	2019-11-19 17:55:37
121.26.201.158	attackspam	[portscan] tcp/21 [FTP] [scan/connect: 6 time(s)] in blocklist.de:'listed [ftp]' *(RWIN=65535)(11190859)	2019-11-19 17:40:10
209.236.20.61	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=35390)(11190859)	2019-11-19 17:50:09
190.96.128.183	attack	[portscan] tcp/23 [TELNET] *(RWIN=64592)(11190859)	2019-11-19 17:51:11
51.38.127.31	attackspambots	Nov 19 10:07:28 legacy sshd[11997]: Failed password for uucp from 51.38.127.31 port 56638 ssh2 Nov 19 10:11:13 legacy sshd[12084]: Failed password for root from 51.38.127.31 port 37428 ssh2 Nov 19 10:14:57 legacy sshd[12182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.127.31 ...	2019-11-19 17:34:35
159.65.164.210	attackspambots	Nov 19 09:49:07 mout sshd[5898]: Invalid user hurtworld from 159.65.164.210 port 37112	2019-11-19 17:39:19
182.126.96.186	attack	[portscan] tcp/23 [TELNET] *(RWIN=39576)(11190859)	2019-11-19 17:52:16
106.104.172.25	attack	[portscan] tcp/23 [TELNET] *(RWIN=56142)(11190859)	2019-11-19 17:24:29
123.9.116.249	attackspambots	[portscan] tcp/23 [TELNET] *(RWIN=17850)(11190859)	2019-11-19 17:20:49

Recently Reported IPs

99.164.11.43	82.30.149.38	220.81.122.196	186.213.190.246
186.34.12.232	62.166.49.130	82.170.200.190	75.75.183.139
113.46.65.73	120.133.239.54	82.59.151.158	24.27.229.54
13.224.244.197	200.196.103.44	223.215.123.21	141.117.14.192
218.233.153.41	192.99.10.170	210.64.125.94	2604:a880:cad:d0::6839:e001