Painel🇻🇳 Vietnam14.182.1.39
ABUSE.MOM
RELATÓRIO DE AMEAÇA

Relatório de ameaça IP
14.182.1.39

ABUSE.MOM — COMPORTE-SE OU SERÁ EXPOSTO

Gerado: 2026-05-30 08:53:35
Primeira vez visto: 2026-05-14 05:00:06
Última vez visto: 2026-05-14 05:00:06
70

⛔ Veredito: BLOQUEIO

Este endereço IP foi classificado como fonte de atividade automatizada maliciosa. Pontuação de ameaça: 70/100. Total de solicitações maliciosas observadas: 1.

DANGER_PATHREDIRECT_PROBEREFERER
01

Geolocalização e classificação

Endereço IP
14.182.1.39
Tipo
Residential
País
🇻🇳 Vietnam
Cidade
Hanoi
ISP
VNPT
Organização
Vietnam Posts and Telecommunications Group
Sistema autônomo
AS45899 VNPT Corp
Nº de solicitações
1
02

Assinaturas de detecção

AssinaturaDescriçãoPontosGravidade
Danger medium hits: 4Risco médio: painéis admin, arquivos de configuração+40
Probe pattern 302->404 same pathAnomalia comportamental detectada automaticamente+20
Foreign referer seenReferer de domínio externo não relacionado+10
Σ = 70
03

Atividade observada

Solicitações HTTP reconstruídas dos logs do servidor. Domínios alvo ocultados por segurança.

[redacted]
GET
/
200
Solicitações exibidas: 1 · HTTP 404: 0 · Padrões perigosos: 0

* Typical request patterns for detected signatures. Actual target domains are redacted.

04

Cronologia

2026-05-14 05:00:06
Primeira solicitação maliciosa detectada
IP entrou em monitoramento a partir dos logs
Durante observação
Múltiplas assinaturas de detecção ativadas
Danger medium hits: 4 (+40), Probe pattern 302->404 same path (+20), Foreign referer seen (+10)
2026-05-14 05:00:06
Última solicitação maliciosa observada
Pontuação total atingida: 70/100
Próximo ciclo
IP bloqueado — todas as solicitações subsequentes negadas (HTTP 403)
Adicionado à lista de bloqueio automaticamente
05

Provedor de rede

VNPT
AS45899 · 🇻🇳 Vietnam
06

Recomendações

Ações tomadas e recomendadas

  • IP 14.182.1.39 está bloqueado no nível da aplicação (HTTP 403)
  • Considere bloquear no nível do firewall (iptables/CSF)
  • Reporte o abuso ao provedor de rede através do contato de abuso
  • Garanta que arquivos sensíveis (.env, .git) não sejam acessíveis pela web

🔎 Defesa contra varredura de diretórios

IP 14.182.1.39 está enumerando diretórios. Configure fail2ban com jail apache-404 após 10+ erros 404.

08

Portas abertas e serviços

Dados de reconhecimento de rede do Shodan. Portas abertas podem indicar serviços em execução, configurações incorretas ou superfícies de ataque.

PORTAS ABERTAS (266)
PortServiceRiskDescription
10254UnknownLowService on port 10254
10380UnknownLowService on port 10380
10554UnknownLowService on port 10554
10911UnknownLowService on port 10911
10943UnknownLowService on port 10943
11002UnknownLowService on port 11002
11027UnknownLowService on port 11027
11112UnknownLowService on port 11112
11210UnknownLowService on port 11210
11211UnknownLowService on port 11211
11300UnknownLowService on port 11300
11348UnknownLowService on port 11348
11371UnknownLowService on port 11371
11401UnknownLowService on port 11401
11434UnknownLowService on port 11434
11602UnknownLowService on port 11602
11767UnknownLowService on port 11767
11920UnknownLowService on port 11920
12084UnknownLowService on port 12084
12110UnknownLowService on port 12110
12124UnknownLowService on port 12124
12128UnknownLowService on port 12128
12137UnknownLowService on port 12137
12147UnknownLowService on port 12147
12154UnknownLowService on port 12154
12164UnknownLowService on port 12164
12169UnknownLowService on port 12169
12170UnknownLowService on port 12170
12187UnknownLowService on port 12187
12189UnknownLowService on port 12189
12191UnknownLowService on port 12191
12199UnknownLowService on port 12199
12201UnknownLowService on port 12201
12207UnknownLowService on port 12207
12210UnknownLowService on port 12210
12212UnknownLowService on port 12212
12214UnknownLowService on port 12214
12216UnknownLowService on port 12216
12217UnknownLowService on port 12217
12243UnknownLowService on port 12243
12245UnknownLowService on port 12245
12257UnknownLowService on port 12257
12265UnknownLowService on port 12265
12273UnknownLowService on port 12273
12280UnknownLowService on port 12280
12281UnknownLowService on port 12281
12282UnknownLowService on port 12282
12287UnknownLowService on port 12287
12292UnknownLowService on port 12292
12300UnknownLowService on port 12300
12301UnknownLowService on port 12301
12311UnknownLowService on port 12311
12314UnknownLowService on port 12314
12323UnknownLowService on port 12323
12327UnknownLowService on port 12327
12338UnknownLowService on port 12338
12344UnknownLowService on port 12344
12350UnknownLowService on port 12350
12352UnknownLowService on port 12352
12358UnknownLowService on port 12358
12360UnknownLowService on port 12360
12364UnknownLowService on port 12364
12365UnknownLowService on port 12365
12366UnknownLowService on port 12366
12375UnknownLowService on port 12375
12376UnknownLowService on port 12376
12378UnknownLowService on port 12378
12381UnknownLowService on port 12381
12390UnknownLowService on port 12390
12408UnknownLowService on port 12408
12409UnknownLowService on port 12409
12412UnknownLowService on port 12412
12430UnknownLowService on port 12430
12439UnknownLowService on port 12439
12463UnknownLowService on port 12463
12467UnknownLowService on port 12467
12468UnknownLowService on port 12468
12475UnknownLowService on port 12475
12482UnknownLowService on port 12482
12485UnknownLowService on port 12485
12489UnknownLowService on port 12489
12493UnknownLowService on port 12493
12494UnknownLowService on port 12494
12522UnknownLowService on port 12522
12530UnknownLowService on port 12530
12552UnknownLowService on port 12552
12580UnknownLowService on port 12580
12980UnknownLowService on port 12980
13000UnknownLowService on port 13000
13970UnknownLowService on port 13970
14147UnknownLowService on port 14147
14265UnknownLowService on port 14265
14401UnknownLowService on port 14401
14406UnknownLowService on port 14406
15066UnknownLowService on port 15066
15082UnknownLowService on port 15082
15084UnknownLowService on port 15084
15502UnknownLowService on port 15502
15503UnknownLowService on port 15503
15563UnknownLowService on port 15563
15831UnknownLowService on port 15831
16000UnknownLowService on port 16000
16004UnknownLowService on port 16004
16008UnknownLowService on port 16008
16010UnknownLowService on port 16010
16026UnknownLowService on port 16026
16030UnknownLowService on port 16030
16032UnknownLowService on port 16032
16033UnknownLowService on port 16033
16035UnknownLowService on port 16035
16055UnknownLowService on port 16055
16071UnknownLowService on port 16071
16084UnknownLowService on port 16084
16088UnknownLowService on port 16088
16089UnknownLowService on port 16089
16093UnknownLowService on port 16093
16103UnknownLowService on port 16103
16311UnknownLowService on port 16311
16992UnknownLowService on port 16992
16993UnknownLowService on port 16993
17042UnknownLowService on port 17042
17100UnknownLowService on port 17100
17102UnknownLowService on port 17102
17381UnknownLowService on port 17381
17955UnknownLowService on port 17955
18005UnknownLowService on port 18005
18007UnknownLowService on port 18007
18016UnknownLowService on port 18016
18030UnknownLowService on port 18030
18032UnknownLowService on port 18032
18040UnknownLowService on port 18040
18049UnknownLowService on port 18049
18053UnknownLowService on port 18053
18056UnknownLowService on port 18056
18060UnknownLowService on port 18060
18061UnknownLowService on port 18061
18075UnknownLowService on port 18075
18084UnknownLowService on port 18084
18094UnknownLowService on port 18094
18101UnknownLowService on port 18101
18239UnknownLowService on port 18239
18245UnknownLowService on port 18245
18777UnknownLowService on port 18777
18789UnknownLowService on port 18789
19000UnknownLowService on port 19000
19222UnknownLowService on port 19222
20000UnknownLowService on port 20000
20001UnknownLowService on port 20001
20050UnknownLowService on port 20050
20070UnknownLowService on port 20070
20084UnknownLowService on port 20084
20110UnknownLowService on port 20110
20201UnknownLowService on port 20201
20235UnknownLowService on port 20235
20256UnknownLowService on port 20256
20433UnknownLowService on port 20433
20443UnknownLowService on port 20443
20547UnknownLowService on port 20547
20643UnknownLowService on port 20643
20880UnknownLowService on port 20880
21001UnknownLowService on port 21001
21025UnknownLowService on port 21025
21236UnknownLowService on port 21236
21239UnknownLowService on port 21239
21251UnknownLowService on port 21251
21262UnknownLowService on port 21262
21264UnknownLowService on port 21264
21268UnknownLowService on port 21268
21276UnknownLowService on port 21276
21281UnknownLowService on port 21281
21292UnknownLowService on port 21292
21294UnknownLowService on port 21294
21329UnknownLowService on port 21329
21379UnknownLowService on port 21379
22084UnknownLowService on port 22084
22206UnknownLowService on port 22206
23268UnknownLowService on port 23268
23424UnknownLowService on port 23424
24181UnknownLowService on port 24181
25001UnknownLowService on port 25001
25105UnknownLowService on port 25105
25952UnknownLowService on port 25952
26209UnknownLowService on port 26209
27015UnknownLowService on port 27015
27017MongoDBCriticalMongoDB — commonly found exposed without authentication
27304UnknownLowService on port 27304
27776UnknownLowService on port 27776
28015UnknownLowService on port 28015
28031UnknownLowService on port 28031
28455UnknownLowService on port 28455
28654UnknownLowService on port 28654
29504UnknownLowService on port 29504
29840UnknownLowService on port 29840
30005UnknownLowService on port 30005
30015UnknownLowService on port 30015
30101UnknownLowService on port 30101
30104UnknownLowService on port 30104
30443UnknownLowService on port 30443
31210UnknownLowService on port 31210
31337UnknownLowService on port 31337
31443UnknownLowService on port 31443
31444UnknownLowService on port 31444
32400UnknownLowService on port 32400
32746UnknownLowService on port 32746
32764UnknownLowService on port 32764
33060UnknownLowService on port 33060
35000UnknownLowService on port 35000
35042UnknownLowService on port 35042
35101UnknownLowService on port 35101
35522UnknownLowService on port 35522
35559UnknownLowService on port 35559
36611UnknownLowService on port 36611
36983UnknownLowService on port 36983
37154UnknownLowService on port 37154
37215UnknownLowService on port 37215
37443UnknownLowService on port 37443
40001UnknownLowService on port 40001
42155UnknownLowService on port 42155
42901UnknownLowService on port 42901
43129UnknownLowService on port 43129
43200UnknownLowService on port 43200
43250UnknownLowService on port 43250
44320UnknownLowService on port 44320
44340UnknownLowService on port 44340
44341UnknownLowService on port 44341
44436UnknownLowService on port 44436
44712UnknownLowService on port 44712
45439UnknownLowService on port 45439
45455UnknownLowService on port 45455
45821UnknownLowService on port 45821
46723UnknownLowService on port 46723
47000UnknownLowService on port 47000
47058UnknownLowService on port 47058
47080UnknownLowService on port 47080
47119UnknownLowService on port 47119
48001UnknownLowService on port 48001
48013UnknownLowService on port 48013
49038UnknownLowService on port 49038
49152UnknownLowService on port 49152
49153UnknownLowService on port 49153
50000UnknownLowService on port 50000
50002UnknownLowService on port 50002
50003UnknownLowService on port 50003
50050UnknownLowService on port 50050
50102UnknownLowService on port 50102
50346UnknownLowService on port 50346
50436UnknownLowService on port 50436
50998UnknownLowService on port 50998
51106UnknownLowService on port 51106
51235UnknownLowService on port 51235
51847UnknownLowService on port 51847
52311UnknownLowService on port 52311
52869UnknownLowService on port 52869
53116UnknownLowService on port 53116
53860UnknownLowService on port 53860
55200UnknownLowService on port 55200
55443UnknownLowService on port 55443
55470UnknownLowService on port 55470
55554UnknownLowService on port 55554
55867UnknownLowService on port 55867
56178UnknownLowService on port 56178
56435UnknownLowService on port 56435
56445UnknownLowService on port 56445
57782UnknownLowService on port 57782
57783UnknownLowService on port 57783
57784UnknownLowService on port 57784

⚠️ Foram detectadas 1 porta de alto risco em 14.182.1.39. Portas de banco de dados abertas sugerem risco de exfiltração de dados. Estes serviços não devem ser acessíveis publicamente sem regras rígidas de firewall.

Hostnames: static.vnpt.vn
PTR: static.vnpt.vn

Fonte: Shodan InternetDB. Escaneado independentemente do abuse.mom.

09

Status em listas negras (DNSBL)

Este IP foi verificado nas principais listas negras DNS usadas por servidores de e-mail e firewalls.

⛔ NA LISTA
b.barracudacentral.org
✓ Limpo
ix.dnsbl.manitu.net
✓ Limpo
dnsbl.sorbs.net
✓ Limpo
zen.spamhaus.org
✓ Limpo
bl.spamcop.net
✓ Limpo
dnsbl-1.uceprotect.net
✓ Limpo
truncate.gbudb.net
✓ Limpo
psbl.surriel.com

Verificado: Spamhaus, SpamCop, Barracuda, SORBS, CBL, UCEProtect.

10

Threat Analysis

14.182.1.39 has been assigned a threat score of 70/100 (High). Isso o classifica como uma ameaça de alta severidade. O bloqueio proativo é recomendado para infraestrutura sensível.

The following attack categories were identified:

Path Enumeration

📊 Threat Analysis

O endereço IP 14.182.1.39 foi rastreado até Hanoi, Vietnam, operando na rede de VNPT. Nossos sistemas de detecção de ameaças sinalizaram este endereço com base em padrões de comportamento malicioso observados. Nossos sensores capturaram 1 requisições maliciosas deste endereço em um período de 1 dias, refletindo uma cadência de ataque sustentada de ~1 requisições por dia. O endereço é classificado como residencial. Atividade maliciosa de IPs residenciais tipicamente indica comprometimento de dispositivo ou participação em botnet. O IP exibe comportamento de enumeração de diretórios, solicitando sistematicamente caminhos inexistentes. Nossos registros mostram 196 IPs maliciosos originados de Vietnam, posicionando-o como um contribuinte significativa para atividade de ameaças global. A pontuação de 70/100 indica um ator malicioso confirmado.

This IP is classified as residential, suggesting it may belong to a compromised home device, IoT botnet member, or an infected personal computer. Residential IPs involved in attacks often indicate malware infection without the owner's knowledge.

11

Related Threats

🇻🇳 Top threats from Vietnam

103.216.118.66 (273)210.2.86.189 (235)103.61.123.221 (235)116.118.47.174 (235)14.225.32.188 (235)View all →

🏢 Same network: AS45899

14.174.108.137 (163)14.241.96.71 (155)203.210.222.126 (150)123.30.233.48 (130)14.178.10.112 (130)View all →
12

Security Intelligence

💡 Remote Code Execution (RCE)

RCE vulnerabilities allow attackers to execute arbitrary code on target servers. These critical flaws often arise from deserialization bugs, template injection, or file upload vulnerabilities, and represent the highest severity class of web application weaknesses.

💡 Automated Incident Response

Automated response systems can block threats in milliseconds, far faster than human analysts. However, automation requires careful safeguards — rate limits on blocking actions, automatic expiration, and human review queues prevent automated systems from causing self-inflicted outages.

🔍 Check Any IP Address

Share this report:
SobreIsençãoTermosRastreador de denúncias
Relatório gerado 30.05.2026 08:53
Comporte-se ou será exposto