IP address

Search at other sites:
.00014.225.208.190static.vnpt.vn
Shodan(more info)
Passive DNS
Tags: Static IP Scanner
IP blacklists
Spamhaus PBL
14.225.208.190 is listed on the Spamhaus PBL blacklist.

Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2024-05-14 04:10:25.340000
Was present on blacklist at: 2024-03-12 04:10, 2024-03-19 04:10, 2024-03-26 04:10, 2024-04-02 04:10, 2024-04-09 04:10, 2024-04-16 04:10, 2024-04-23 04:10, 2024-04-30 04:10, 2024-05-07 04:10, 2024-05-14 04:10
CI Army
14.225.208.190 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2024-04-03 02:50:01.018000
Was present on blacklist at: 2024-03-13 03:50, 2024-03-14 03:50, 2024-03-15 03:50, 2024-03-16 03:50, 2024-03-17 03:50, 2024-03-18 03:50, 2024-03-19 03:50, 2024-03-20 03:50, 2024-03-21 03:50, 2024-03-22 03:50, 2024-03-23 03:50, 2024-03-24 03:50, 2024-03-25 03:50, 2024-03-26 03:50, 2024-03-27 03:50, 2024-03-28 03:50, 2024-03-29 03:50, 2024-03-30 03:50, 2024-03-31 02:50, 2024-04-01 02:50, 2024-04-02 02:50, 2024-04-03 02:50
AbuseIPDB
14.225.208.190 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>IPs performing malicious activity(DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2024-03-31 04:00:00.550000
Was present on blacklist at: 2024-03-13 05:00, 2024-03-14 05:00, 2024-03-15 05:00, 2024-03-18 05:00, 2024-03-19 05:00, 2024-03-21 05:00, 2024-03-22 05:00, 2024-03-23 05:00, 2024-03-24 05:00, 2024-03-25 05:00, 2024-03-26 05:00, 2024-03-27 05:00, 2024-03-28 05:00, 2024-03-29 05:00, 2024-03-30 05:00, 2024-03-31 04:00
ThreatFox
14.225.208.190 is listed on the ThreatFox blacklist.

Description: ThreatFox is a free platform from abuse.ch with the goal of<br>sharing indicators of compromise (IOCs) associated with malware with the<br>infosec community, AV vendors and threat intelligence providers.
Type of feed: primary (feed detail page)

Last checked at: 2024-04-04 22:10:00.748000
Was present on blacklist at: 2024-03-19 19:10, 2024-03-19 23:10, 2024-03-20 03:10, 2024-03-20 07:10, 2024-03-20 11:10, 2024-03-20 15:10, 2024-03-20 19:10, 2024-03-20 23:10, 2024-03-21 03:10, 2024-03-21 07:10, 2024-03-21 11:10, 2024-03-21 15:10, 2024-04-03 02:10, 2024-04-03 06:10, 2024-04-03 10:10, 2024-04-03 14:10, 2024-04-03 18:10, 2024-04-03 22:10, 2024-04-04 02:10, 2024-04-04 06:10, 2024-04-04 10:10, 2024-04-04 14:10, 2024-04-04 18:10, 2024-04-04 22:10
Warden events (8281)
2024-03-30
ReconScanning (node.8cbf96): 90
ReconScanning (node.bd32ad): 93
ReconScanning (node.7d83c0): 15
ReconScanning (node.32f23f): 1
2024-03-29
ReconScanning (node.bd32ad): 290
ReconScanning (node.8cbf96): 283
ReconScanning (node.7d83c0): 46
ReconScanning (node.32f23f): 2
2024-03-28
ReconScanning (node.8cbf96): 286
ReconScanning (node.bd32ad): 288
ReconScanning (node.7d83c0): 46
ReconScanning (node.32f23f): 2
2024-03-27
ReconScanning (node.8cbf96): 283
ReconScanning (node.bd32ad): 285
ReconScanning (node.7d83c0): 47
ReconScanning (node.32f23f): 4
2024-03-26
ReconScanning (node.bd32ad): 275
ReconScanning (node.8cbf96): 270
ReconScanning (node.7d83c0): 47
ReconScanning (node.32f23f): 1
2024-03-25
ReconScanning (node.bd32ad): 290
ReconScanning (node.8cbf96): 286
ReconScanning (node.7d83c0): 46
ReconScanning (node.32f23f): 1
2024-03-24
ReconScanning (node.bd32ad): 289
ReconScanning (node.8cbf96): 286
ReconScanning (node.7d83c0): 46
2024-03-23
ReconScanning (node.bd32ad): 290
ReconScanning (node.8cbf96): 286
ReconScanning (node.7d83c0): 46
ReconScanning (node.32f23f): 1
2024-03-22
ReconScanning (node.bd32ad): 286
ReconScanning (node.8cbf96): 286
ReconScanning (node.7d83c0): 46
2024-03-21
ReconScanning (node.bd32ad): 286
ReconScanning (node.8cbf96): 280
ReconScanning (node.7d83c0): 46
ReconScanning (node.32f23f): 2
2024-03-20
ReconScanning (node.7d83c0): 38
ReconScanning (node.8cbf96): 219
ReconScanning (node.bd32ad): 219
ReconScanning (node.32f23f): 3
2024-03-19
ReconScanning (node.8cbf96): 101
ReconScanning (node.bd32ad): 102
ReconScanning (node.7d83c0): 20
2024-03-18
ReconScanning (node.7d83c0): 25
ReconScanning (node.bd32ad): 126
ReconScanning (node.8cbf96): 127
2024-03-17
ReconScanning (node.7d83c0): 22
ReconScanning (node.bd32ad): 111
ReconScanning (node.8cbf96): 110
ReconScanning (node.32f23f): 1
2024-03-16
ReconScanning (node.bd32ad): 3
ReconScanning (node.8cbf96): 1
ReconScanning (node.7d83c0): 3
2024-03-15
ReconScanning (node.8cbf96): 34
ReconScanning (node.bd32ad): 35
ReconScanning (node.7d83c0): 3
AnomalyTraffic (node.c35ced): 17
2024-03-14
ReconScanning (node.bd32ad): 238
ReconScanning (node.8cbf96): 240
ReconScanning (node.7d83c0): 30
ReconScanning (node.32f23f): 1
AnomalyTraffic (node.c35ced): 4
2024-03-13
ReconScanning (node.8cbf96): 126
ReconScanning (node.bd32ad): 126
ReconScanning (node.7d83c0): 26
ReconScanning (node.32f23f): 1
2024-03-12
ReconScanning (node.7d83c0): 67
ReconScanning (node.bd32ad): 173
ReconScanning (node.8cbf96): 174
ReconScanning (node.32f23f): 2
DShield reports (IP summary, reports)
2024-03-12
Number of reports: 3148
Distinct targets: 401
2024-03-13
Number of reports: 2295
Distinct targets: 371
2024-03-14
Number of reports: 5420
Distinct targets: 447
2024-03-15
Number of reports: 755
Distinct targets: 237
2024-03-17
Number of reports: 1892
Distinct targets: 380
2024-03-18
Number of reports: 2201
Distinct targets: 380
2024-03-19
Number of reports: 1831
Distinct targets: 389
2024-03-20
Number of reports: 4203
Distinct targets: 394
2024-03-21
Number of reports: 3850
Distinct targets: 393
2024-03-22
Number of reports: 4421
Distinct targets: 401
2024-03-23
Number of reports: 6252
Distinct targets: 433
2024-03-24
Number of reports: 6131
Distinct targets: 433
2024-03-25
Number of reports: 6126
Distinct targets: 438
2024-03-26
Number of reports: 6080
Distinct targets: 446
2024-03-27
Number of reports: 4167
Distinct targets: 467
2024-03-28
Number of reports: 5384
Distinct targets: 434
2024-03-29
Number of reports: 5142
Distinct targets: 452
2024-03-30
Number of reports: 1947
Distinct targets: 366
OTX pulses
[606d75c11c08ff94089a9430] 2021-04-07 09:05:05.353000 | Georgs Honeypot
Author name:georgengelmann
Pulse modified:2024-04-29 02:00:46.828000
Indicator created:2024-03-30 06:57:02
Indicator role:trojan
Indicator title:ServeMe Trojan from static.vnpt.vn port 46146
Indicator expiration:2024-04-29 06:00:00
Origin AS
AS135905 - VNPT-AS-VN
BGP Prefix
14.225.208.0/24
geo
Vietnam, Hanoi
🕑 Asia/Bangkok
hostname
static.vnpt.vn
hostname_class
['static']
Address block ('inetnum' or 'NetRange' in whois database)
14.224.0.0 - 14.255.255.255
last_activity
2024-04-29 04:04:52.269000
last_warden_event
2024-03-30 07:27:35
rep
0.0
reserved_range
0
Shodan's InternetDB
Open ports: 135, 443, 3306, 3389, 5985, 8181
Tags: database, self-signed, eol-os
CPEs: cpe:/a:jquery:jquery, cpe:/a:apache:http_server:2.4.56, cpe:/a:php:php:8.0.28, cpe:/a:getbootstrap:bootstrap:5.0.2, cpe:/a:openssl:openssl:1.1.1t
ts_added
2024-03-12 04:10:16.625000
ts_last_update
2024-05-19 04:10:22.943000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses