Dashboard🇻🇳 Vietnam14.182.1.39
ABUSE.MOM
THREAT REPORT

IP Threat Report
14.182.1.39

ABUSE.MOM — BEHAVE OR GET EXPOSED

Generated: 2026-05-30 07:48:29
First seen: 2026-05-14 05:00:06
Last seen: 2026-05-14 05:00:06
70

⛔ Verdict: BLOCK

This IP address has been classified as a source of malicious automated activity. Threat score: 70/100. Total malicious requests observed: 1.

DANGER_PATHREDIRECT_PROBEREFERER
01

Geolocation & Classification

IP Address
14.182.1.39
Type
Residential
Country
🇻🇳 Vietnam
City
Hanoi
ISP
VNPT
Organization
Vietnam Posts and Telecommunications Group
Autonomous System
AS45899 VNPT Corp
Hit Count
1
02

Detection Signatures

SignatureDescriptionPointsSeverity
Danger medium hits: 4Medium-risk: admin panels, config files+40
Probe pattern 302->404 same pathBehavioral anomaly detected by automated analysis+20
Foreign referer seenReferer from unrelated external domain+10
Σ = 70
03

Observed Activity

Reconstructed HTTP requests from server access logs. Target domains redacted for security.

[redacted]
GET
/
200
Requests shown: 1 · HTTP 404: 0 · Dangerous patterns: 0

* Typical request patterns for detected signatures. Actual target domains are redacted.

04

Timeline

2026-05-14 05:00:06
First malicious request detected
IP entered monitoring from server access logs
During observation
Multiple detection signatures triggered
Danger medium hits: 4 (+40), Probe pattern 302->404 same path (+20), Foreign referer seen (+10)
2026-05-14 05:00:06
Last malicious request observed
Total score reached: 70/100
Next cycle
IP blocked — all subsequent requests denied (HTTP 403)
Added to blocklist automatically
05

Network Provider

VNPT
AS45899 · 🇻🇳 Vietnam
06

Recommendations

Actions taken & recommended

  • IP 14.182.1.39 is blocked at application level (HTTP 403)
  • Consider blocking at firewall level (iptables/CSF) to reduce server load
  • Report abuse to the network provider via their abuse contact
  • Ensure sensitive files (.env, .git, backups) are not accessible from the web

🔎 Path Enumeration Protection

Block scanning from 14.182.1.39: rate-limit 404 responses per IP, deploy a honeypot 404 page, ensure no backup files are web-accessible.

08

Open Ports & Services

Network reconnaissance data from Shodan. Open ports may indicate running services, misconfigurations, or potential attack surfaces.

OPEN PORTS (266)
PortServiceRiskDescription
10254UnknownLowService on port 10254
10380UnknownLowService on port 10380
10554UnknownLowService on port 10554
10911UnknownLowService on port 10911
10943UnknownLowService on port 10943
11002UnknownLowService on port 11002
11027UnknownLowService on port 11027
11112UnknownLowService on port 11112
11210UnknownLowService on port 11210
11211UnknownLowService on port 11211
11300UnknownLowService on port 11300
11348UnknownLowService on port 11348
11371UnknownLowService on port 11371
11401UnknownLowService on port 11401
11434UnknownLowService on port 11434
11602UnknownLowService on port 11602
11767UnknownLowService on port 11767
11920UnknownLowService on port 11920
12084UnknownLowService on port 12084
12110UnknownLowService on port 12110
12124UnknownLowService on port 12124
12128UnknownLowService on port 12128
12137UnknownLowService on port 12137
12147UnknownLowService on port 12147
12154UnknownLowService on port 12154
12164UnknownLowService on port 12164
12169UnknownLowService on port 12169
12170UnknownLowService on port 12170
12187UnknownLowService on port 12187
12189UnknownLowService on port 12189
12191UnknownLowService on port 12191
12199UnknownLowService on port 12199
12201UnknownLowService on port 12201
12207UnknownLowService on port 12207
12210UnknownLowService on port 12210
12212UnknownLowService on port 12212
12214UnknownLowService on port 12214
12216UnknownLowService on port 12216
12217UnknownLowService on port 12217
12243UnknownLowService on port 12243
12245UnknownLowService on port 12245
12257UnknownLowService on port 12257
12265UnknownLowService on port 12265
12273UnknownLowService on port 12273
12280UnknownLowService on port 12280
12281UnknownLowService on port 12281
12282UnknownLowService on port 12282
12287UnknownLowService on port 12287
12292UnknownLowService on port 12292
12300UnknownLowService on port 12300
12301UnknownLowService on port 12301
12311UnknownLowService on port 12311
12314UnknownLowService on port 12314
12323UnknownLowService on port 12323
12327UnknownLowService on port 12327
12338UnknownLowService on port 12338
12344UnknownLowService on port 12344
12350UnknownLowService on port 12350
12352UnknownLowService on port 12352
12358UnknownLowService on port 12358
12360UnknownLowService on port 12360
12364UnknownLowService on port 12364
12365UnknownLowService on port 12365
12366UnknownLowService on port 12366
12375UnknownLowService on port 12375
12376UnknownLowService on port 12376
12378UnknownLowService on port 12378
12381UnknownLowService on port 12381
12390UnknownLowService on port 12390
12408UnknownLowService on port 12408
12409UnknownLowService on port 12409
12412UnknownLowService on port 12412
12430UnknownLowService on port 12430
12439UnknownLowService on port 12439
12463UnknownLowService on port 12463
12467UnknownLowService on port 12467
12468UnknownLowService on port 12468
12475UnknownLowService on port 12475
12482UnknownLowService on port 12482
12485UnknownLowService on port 12485
12489UnknownLowService on port 12489
12493UnknownLowService on port 12493
12494UnknownLowService on port 12494
12522UnknownLowService on port 12522
12530UnknownLowService on port 12530
12552UnknownLowService on port 12552
12580UnknownLowService on port 12580
12980UnknownLowService on port 12980
13000UnknownLowService on port 13000
13970UnknownLowService on port 13970
14147UnknownLowService on port 14147
14265UnknownLowService on port 14265
14401UnknownLowService on port 14401
14406UnknownLowService on port 14406
15066UnknownLowService on port 15066
15082UnknownLowService on port 15082
15084UnknownLowService on port 15084
15502UnknownLowService on port 15502
15503UnknownLowService on port 15503
15563UnknownLowService on port 15563
15831UnknownLowService on port 15831
16000UnknownLowService on port 16000
16004UnknownLowService on port 16004
16008UnknownLowService on port 16008
16010UnknownLowService on port 16010
16026UnknownLowService on port 16026
16030UnknownLowService on port 16030
16032UnknownLowService on port 16032
16033UnknownLowService on port 16033
16035UnknownLowService on port 16035
16055UnknownLowService on port 16055
16071UnknownLowService on port 16071
16084UnknownLowService on port 16084
16088UnknownLowService on port 16088
16089UnknownLowService on port 16089
16093UnknownLowService on port 16093
16103UnknownLowService on port 16103
16311UnknownLowService on port 16311
16992UnknownLowService on port 16992
16993UnknownLowService on port 16993
17042UnknownLowService on port 17042
17100UnknownLowService on port 17100
17102UnknownLowService on port 17102
17381UnknownLowService on port 17381
17955UnknownLowService on port 17955
18005UnknownLowService on port 18005
18007UnknownLowService on port 18007
18016UnknownLowService on port 18016
18030UnknownLowService on port 18030
18032UnknownLowService on port 18032
18040UnknownLowService on port 18040
18049UnknownLowService on port 18049
18053UnknownLowService on port 18053
18056UnknownLowService on port 18056
18060UnknownLowService on port 18060
18061UnknownLowService on port 18061
18075UnknownLowService on port 18075
18084UnknownLowService on port 18084
18094UnknownLowService on port 18094
18101UnknownLowService on port 18101
18239UnknownLowService on port 18239
18245UnknownLowService on port 18245
18777UnknownLowService on port 18777
18789UnknownLowService on port 18789
19000UnknownLowService on port 19000
19222UnknownLowService on port 19222
20000UnknownLowService on port 20000
20001UnknownLowService on port 20001
20050UnknownLowService on port 20050
20070UnknownLowService on port 20070
20084UnknownLowService on port 20084
20110UnknownLowService on port 20110
20201UnknownLowService on port 20201
20235UnknownLowService on port 20235
20256UnknownLowService on port 20256
20433UnknownLowService on port 20433
20443UnknownLowService on port 20443
20547UnknownLowService on port 20547
20643UnknownLowService on port 20643
20880UnknownLowService on port 20880
21001UnknownLowService on port 21001
21025UnknownLowService on port 21025
21236UnknownLowService on port 21236
21239UnknownLowService on port 21239
21251UnknownLowService on port 21251
21262UnknownLowService on port 21262
21264UnknownLowService on port 21264
21268UnknownLowService on port 21268
21276UnknownLowService on port 21276
21281UnknownLowService on port 21281
21292UnknownLowService on port 21292
21294UnknownLowService on port 21294
21329UnknownLowService on port 21329
21379UnknownLowService on port 21379
22084UnknownLowService on port 22084
22206UnknownLowService on port 22206
23268UnknownLowService on port 23268
23424UnknownLowService on port 23424
24181UnknownLowService on port 24181
25001UnknownLowService on port 25001
25105UnknownLowService on port 25105
25952UnknownLowService on port 25952
26209UnknownLowService on port 26209
27015UnknownLowService on port 27015
27017MongoDBCriticalMongoDB — commonly found exposed without authentication
27304UnknownLowService on port 27304
27776UnknownLowService on port 27776
28015UnknownLowService on port 28015
28031UnknownLowService on port 28031
28455UnknownLowService on port 28455
28654UnknownLowService on port 28654
29504UnknownLowService on port 29504
29840UnknownLowService on port 29840
30005UnknownLowService on port 30005
30015UnknownLowService on port 30015
30101UnknownLowService on port 30101
30104UnknownLowService on port 30104
30443UnknownLowService on port 30443
31210UnknownLowService on port 31210
31337UnknownLowService on port 31337
31443UnknownLowService on port 31443
31444UnknownLowService on port 31444
32400UnknownLowService on port 32400
32746UnknownLowService on port 32746
32764UnknownLowService on port 32764
33060UnknownLowService on port 33060
35000UnknownLowService on port 35000
35042UnknownLowService on port 35042
35101UnknownLowService on port 35101
35522UnknownLowService on port 35522
35559UnknownLowService on port 35559
36611UnknownLowService on port 36611
36983UnknownLowService on port 36983
37154UnknownLowService on port 37154
37215UnknownLowService on port 37215
37443UnknownLowService on port 37443
40001UnknownLowService on port 40001
42155UnknownLowService on port 42155
42901UnknownLowService on port 42901
43129UnknownLowService on port 43129
43200UnknownLowService on port 43200
43250UnknownLowService on port 43250
44320UnknownLowService on port 44320
44340UnknownLowService on port 44340
44341UnknownLowService on port 44341
44436UnknownLowService on port 44436
44712UnknownLowService on port 44712
45439UnknownLowService on port 45439
45455UnknownLowService on port 45455
45821UnknownLowService on port 45821
46723UnknownLowService on port 46723
47000UnknownLowService on port 47000
47058UnknownLowService on port 47058
47080UnknownLowService on port 47080
47119UnknownLowService on port 47119
48001UnknownLowService on port 48001
48013UnknownLowService on port 48013
49038UnknownLowService on port 49038
49152UnknownLowService on port 49152
49153UnknownLowService on port 49153
50000UnknownLowService on port 50000
50002UnknownLowService on port 50002
50003UnknownLowService on port 50003
50050UnknownLowService on port 50050
50102UnknownLowService on port 50102
50346UnknownLowService on port 50346
50436UnknownLowService on port 50436
50998UnknownLowService on port 50998
51106UnknownLowService on port 51106
51235UnknownLowService on port 51235
51847UnknownLowService on port 51847
52311UnknownLowService on port 52311
52869UnknownLowService on port 52869
53116UnknownLowService on port 53116
53860UnknownLowService on port 53860
55200UnknownLowService on port 55200
55443UnknownLowService on port 55443
55470UnknownLowService on port 55470
55554UnknownLowService on port 55554
55867UnknownLowService on port 55867
56178UnknownLowService on port 56178
56435UnknownLowService on port 56435
56445UnknownLowService on port 56445
57782UnknownLowService on port 57782
57783UnknownLowService on port 57783
57784UnknownLowService on port 57784

⚠️ Network scanning reveals 1 dangerous service exposed on 14.182.1.39. Open database ports suggest possible data exfiltration risk. These services should not be publicly accessible without strict firewall rules.

Hostnames: static.vnpt.vn
PTR: static.vnpt.vn

Data source: Shodan InternetDB. Scanned independently of abuse.mom.

09

Blacklist Status (DNSBL)

This IP was checked against major DNS-based blacklists used by mail servers and firewalls worldwide.

⛔ LISTED
b.barracudacentral.org
✓ Clean
ix.dnsbl.manitu.net
✓ Clean
dnsbl.sorbs.net
✓ Clean
zen.spamhaus.org
✓ Clean
bl.spamcop.net
✓ Clean
dnsbl-1.uceprotect.net
✓ Clean
truncate.gbudb.net
✓ Clean
psbl.surriel.com

Checked: Spamhaus, SpamCop, Barracuda, SORBS, CBL, UCEProtect. Results may change over time.

10

Threat Analysis

14.182.1.39 has been assigned a threat score of 70/100 (High). This classifies it as a high-severity threat. Proactive blocking is recommended for sensitive infrastructure.

The following attack categories were identified:

Path Enumeration

📊 Threat Analysis

IP address 14.182.1.39 has been traced to Hanoi, Vietnam, operating on the network of VNPT. Our threat detection systems have flagged this address based on observed malicious behavior patterns. Our sensors captured 1 malicious requests from this address across a 1-day span, reflecting a sustained attack cadence of ~1 requests per day. Operating from a residential network, this IP may represent a compromised home gateway or IoT device that has been drafted into a larger attack infrastructure. The IP exhibits directory enumeration behavior, systematically requesting non-existent paths to discover hidden files and misconfigured resources. Vietnam currently accounts for 196 blocked IPs in our database, making it a significant source of malicious traffic. A threat score of 70/100 places this IP in the high-risk category. Blocking at the firewall level is recommended.

This IP is classified as residential, suggesting it may belong to a compromised home device, IoT botnet member, or an infected personal computer. Residential IPs involved in attacks often indicate malware infection without the owner's knowledge.

11

Related Threats

🇻🇳 Top threats from Vietnam

103.216.118.66 (273)210.2.86.189 (235)103.61.123.221 (235)116.118.47.174 (235)14.225.32.188 (235)View all →

🏢 Same network: AS45899

14.174.108.137 (163)14.241.96.71 (155)203.210.222.126 (150)123.30.233.48 (130)14.178.10.112 (130)View all →
12

Security Intelligence

💡 Remote Code Execution (RCE)

RCE vulnerabilities allow attackers to execute arbitrary code on target servers. These critical flaws often arise from deserialization bugs, template injection, or file upload vulnerabilities, and represent the highest severity class of web application weaknesses.

💡 Automated Incident Response

Automated response systems can block threats in milliseconds, far faster than human analysts. However, automation requires careful safeguards — rate limits on blocking actions, automatic expiration, and human review queues prevent automated systems from causing self-inflicted outages.

🔍 Check Any IP Address

Share this report:
AboutDisclaimerTermsAbuse Reports Tracker
Report generated 30.05.2026 07:48
Behave or get exposed