JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 14.230.85.91

14.230.85.91 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	Vietnam Posts and Telecommunications Group
Usage Type	Mobile ISP
ASN	AS45899
Domain Name	vnpt.com.vn
Country	🇻🇳 Viet Nam
City	Thuan An, Ho Chi Minh City (HCMC)

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 14.230.85.91

Whois 14.230.85.91

IP Abuse Reports for 14.230.85.91:

This IP address has been reported a total of 13 times from 12 distinct sources. 14.230.85.91 was first reported on March 30th 2023, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-25 21:11:25 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 14.230.85.91 (static.vnpt.vn): 1 in the last 30 ... show more (mod_security) mod_security (id:210730) triggered by 14.230.85.91 (static.vnpt.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 25 16:11:18.066193 2026] [security2:error] [pid 2719:tid 2719] [client 14.230.85.91:55327] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|med-engineering.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "med-engineering.com"] [uri "/nexium.com"] [unique_id "aZ9ldulGwJfHUNMpPhs04gAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dusfor72	2023-04-23 08:40:59 (3 years ago)	stupid password attack ...	Brute-Force SSH
🇺🇸 Mike	2023-04-23 08:40:54 (3 years ago)	Brute force sshd	Brute-Force SSH
🇷🇺 alexanderzhirov	2023-04-22 22:29:46 (3 years ago)	FB2 blocked BF	Brute-Force
🇮🇳 Parth Maniar	2023-04-19 12:40:56 (3 years ago)	This IP address carried out 6 SSH credential attack (attempts) on 18-04-2023. For more information o ... show more This IP address carried out 6 SSH credential attack (attempts) on 18-04-2023. For more information or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter. show less	Brute-Force SSH
🇧🇷 Joaojunior	2023-04-18 21:03:52 (3 years ago)	Apr 18 18:03:51 blacklisted sshd[126632]: Failed password for root from 14.230.85.91 port 35736 ssh2 ... show more Apr 18 18:03:51 blacklisted sshd[126632]: Failed password for root from 14.230.85.91 port 35736 ssh2 Apr 18 18:03:51 blacklisted sshd[126632]: Connection closed by authenticating user root 14.230.85.91 port 35736 [preauth] ... show less	Brute-Force SSH
🇩🇪 hyperionfintech.com	2023-04-18 04:48:34 (3 years ago)	Apr 18 04:46:13 ip-10-0-100-10 sshd[11141]: Connection from 14.230.85.91 port 57922 on 10.0.100.10 p ... show more Apr 18 04:46:13 ip-10-0-100-10 sshd[11141]: Connection from 14.230.85.91 port 57922 on 10.0.100.10 port 622 rdomain "" Apr 18 04:46:14 ip-10-0-100-10 sshd[11141]: Connection closed by authenticating user root 14.230.85.91 port 57922 [preauth] Apr 18 04:47:07 ip-10-0-100-10 sshd[11143]: Connection from 14.230.85.91 port 43276 on 10.0.100.10 port 622 rdomain "" Apr 18 04:47:09 ip-10-0-100-10 sshd[11143]: Connection closed by authenticating user root 14.230.85.91 port 43276 [preauth] Apr 18 04:47:36 ip-10-0-100-10 sshd[11146]: Connection from 14.230.85.91 port 49984 on 10.0.100.10 port 622 rdomain "" Apr 18 04:47:38 ip-10-0-100-10 sshd[11146]: Connection closed by authenticating user root 14.230.85.91 port 49984 [preauth] Apr 18 04:48:04 ip-10-0-100-10 sshd[11148]: Connection from 14.230.85.91 port 56598 on 10.0.100.10 port 622 rdomain "" Apr 18 04:48:07 ip-10-0-100-10 sshd[11148]: Connection closed by authenticating user root 14.230.85.91 port 56598 [preauth] Apr 18 04:48:32 ip-10-0-100- ... show less	Brute-Force SSH
Anonymous	2023-04-15 10:42:17 (3 years ago)	Apr 15 12:39:49 local sshd[2867295]: Invalid user aaa from 14.230.85.91 port 51852 Apr 15 12:40:27 l ... show more Apr 15 12:39:49 local sshd[2867295]: Invalid user aaa from 14.230.85.91 port 51852 Apr 15 12:40:27 local sshd[2867310]: Invalid user abc from 14.230.85.91 port 57890 Apr 15 12:41:05 local sshd[2867319]: Invalid user activemq from 14.230.85.91 port 63928 Apr 15 12:41:40 local sshd[2867326]: Invalid user admin from 14.230.85.91 port 37164 Apr 15 12:42:17 local sshd[2867332]: Invalid user admin from 14.230.85.91 port 47644 ... show less	Brute-Force SSH
🇨🇳 ThreatBook.io	2023-04-11 23:25:00 (3 years ago)	ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/14.230.85.91 2023-04-11 ... show more ThreatBook Intelligence: Dynamic IP more details on http://threatbook.io/ip/14.230.85.91 2023-04-11 01:01:57 ["cat /proc/cpuinfo\|grep name\|cut -f2 -d':'\|uniq -c ; uname -a"] show less	SSH
🇺🇸 bigscoots.com	2023-04-11 19:26:52 (3 years ago)	14.230.85.91 (VN/Vietnam/static.vnpt.vn), 5 distributed sshd attacks on account [root] in the last 3 ... show more 14.230.85.91 (VN/Vietnam/static.vnpt.vn), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: Apr 11 13:58:51 18098 sshd[22665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.28.205.219 user=root Apr 11 14:18:15 18098 sshd[23444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.169.59.68 user=root Apr 11 14:18:17 18098 sshd[23444]: Failed password for root from 116.169.59.68 port 40555 ssh2 Apr 11 13:55:06 18098 sshd[22518]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.185.61 user=root Apr 11 14:26:48 18098 sshd[23748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.230.85.91 user=root IP Addresses Blocked: 103.28.205.219 (CN/China/-) 116.169.59.68 (CN/China/-) 68.183.185.61 (SG/Singapore/-) show less	Brute-Force SSH
🇺🇸 Dan Habot	2023-04-10 17:42:17 (3 years ago)	2023-04-10T13:43:44.977379-04:00 workstation sshd[3454469]: Invalid user aaa from 14.230.85.91 port ... show more 2023-04-10T13:43:44.977379-04:00 workstation sshd[3454469]: Invalid user aaa from 14.230.85.91 port 64382 ... show less	Brute-Force SSH
🇸🇨 hc	2023-04-05 07:11:19 (3 years ago)	die IP-Adresse [14.230.85.91] versuchte sich innerhalb von 1 Minuten 3 Mal erfolglos bei SSH auf DS9 ... show more die IP-Adresse [14.230.85.91] versuchte sich innerhalb von 1 Minuten 3 Mal erfolglos bei SSH auf DS916 anzumelden und wurde um 2023-04-04 10:37 blockiert. show less	Brute-Force SSH
🇺🇸 Dan Habot	2023-03-30 13:06:39 (3 years ago)	2023-03-30T09:07:50.766358-04:00 workstation sshd[2242020]: Invalid user sipp from 14.230.85.91 port ... show more 2023-03-30T09:07:50.766358-04:00 workstation sshd[2242020]: Invalid user sipp from 14.230.85.91 port 57412 ... show less	Brute-Force SSH

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:171:fd:f0::227

🇧🇷 177.37.141.167

🇺🇸 172.245.21.30

🇬🇧 165.232.33.216

🇨🇳 113.200.72.200

🇧🇩 103.113.148.219

🇺🇿 77.83.206.139

🇲🇾 47.250.37.58

🇻🇳 14.184.145.150

🇺🇸 208.109.52.213

🇺🇸 146.88.240.110

🇨🇳 117.33.242.50

🇨🇳 114.106.135.204

🇮🇩 103.160.213.54

🇷🇺 93.77.185.248

🇧🇬 78.128.114.102

🇧🇬 78.128.113.74

🇨🇳 60.208.132.111

🇺🇸 50.6.228.111

🇺🇸 45.79.190.10