控制台🇻🇳 Vietnam14.182.1.39
ABUSE.MOM
威胁报告

IP威胁报告
14.182.1.39

ABUSE.MOM — 规矩点,否则你将被曝光

生成时间: 2026-05-30 11:21:18
首次发现: 2026-05-14 05:00:06
最后发现: 2026-05-14 05:00:06
70

⛔ 判定:封锁

该IP地址已被归类为自动化恶意活动的来源。 威胁评分: 70/100. 已观察到的恶意请求总数: 1.

DANGER_PATHREDIRECT_PROBEREFERER
01

地理位置与分类

IP地址
14.182.1.39
类型
Residential
国家
🇻🇳 Vietnam
城市
Hanoi
ISP
VNPT
组织
Vietnam Posts and Telecommunications Group
自治系统
AS45899 VNPT Corp
请求次数
1
02

检测签名

签名描述分数严重性
Danger medium hits: 4中等风险:管理面板、配置文件+40
Probe pattern 302->404 same path自动分析检测到行为异常+20
Foreign referer seen来自无关外部域名的Referer+10
Σ = 70
03

观察到的活动

从服务器访问日志重建的HTTP请求。出于安全考虑,目标域名已隐藏。

[redacted]
GET
/
200
显示请求: 1 · HTTP 404: 0 · 危险模式: 0

* Typical request patterns for detected signatures. Actual target domains are redacted.

04

时间线

2026-05-14 05:00:06
检测到首次恶意请求
IP已从服务器日志进入监控
观察期间
触发了多个检测签名
Danger medium hits: 4 (+40), Probe pattern 302->404 same path (+20), Foreign referer seen (+10)
2026-05-14 05:00:06
观察到最后一次恶意请求
总分达到: 70/100
下一周期
IP已封锁——所有后续请求被拒绝(HTTP 403)
自动添加到封锁列表
05

网络供应商

VNPT
AS45899 · 🇻🇳 Vietnam
06

建议

已采取和建议的措施

  • IP 14.182.1.39 已在应用层封锁(HTTP 403)
  • 建议在防火墙层(iptables/CSF)进行封锁
  • 通过abuse联系方式向网络供应商举报
  • 确保敏感文件(.env、.git、备份)无法从网络访问

🔎 目录扫描防御

IP 14.182.1.39正在枚举目录。在10次以上404错误后配置fail2ban apache-404 jail。禁用目录列表。

08

开放端口和服务

来自Shodan的网络侦察数据。开放端口可能表示正在运行的服务、错误配置或潜在的攻击面。

开放端口 (266)
PortServiceRiskDescription
10254UnknownLowService on port 10254
10380UnknownLowService on port 10380
10554UnknownLowService on port 10554
10911UnknownLowService on port 10911
10943UnknownLowService on port 10943
11002UnknownLowService on port 11002
11027UnknownLowService on port 11027
11112UnknownLowService on port 11112
11210UnknownLowService on port 11210
11211UnknownLowService on port 11211
11300UnknownLowService on port 11300
11348UnknownLowService on port 11348
11371UnknownLowService on port 11371
11401UnknownLowService on port 11401
11434UnknownLowService on port 11434
11602UnknownLowService on port 11602
11767UnknownLowService on port 11767
11920UnknownLowService on port 11920
12084UnknownLowService on port 12084
12110UnknownLowService on port 12110
12124UnknownLowService on port 12124
12128UnknownLowService on port 12128
12137UnknownLowService on port 12137
12147UnknownLowService on port 12147
12154UnknownLowService on port 12154
12164UnknownLowService on port 12164
12169UnknownLowService on port 12169
12170UnknownLowService on port 12170
12187UnknownLowService on port 12187
12189UnknownLowService on port 12189
12191UnknownLowService on port 12191
12199UnknownLowService on port 12199
12201UnknownLowService on port 12201
12207UnknownLowService on port 12207
12210UnknownLowService on port 12210
12212UnknownLowService on port 12212
12214UnknownLowService on port 12214
12216UnknownLowService on port 12216
12217UnknownLowService on port 12217
12243UnknownLowService on port 12243
12245UnknownLowService on port 12245
12257UnknownLowService on port 12257
12265UnknownLowService on port 12265
12273UnknownLowService on port 12273
12280UnknownLowService on port 12280
12281UnknownLowService on port 12281
12282UnknownLowService on port 12282
12287UnknownLowService on port 12287
12292UnknownLowService on port 12292
12300UnknownLowService on port 12300
12301UnknownLowService on port 12301
12311UnknownLowService on port 12311
12314UnknownLowService on port 12314
12323UnknownLowService on port 12323
12327UnknownLowService on port 12327
12338UnknownLowService on port 12338
12344UnknownLowService on port 12344
12350UnknownLowService on port 12350
12352UnknownLowService on port 12352
12358UnknownLowService on port 12358
12360UnknownLowService on port 12360
12364UnknownLowService on port 12364
12365UnknownLowService on port 12365
12366UnknownLowService on port 12366
12375UnknownLowService on port 12375
12376UnknownLowService on port 12376
12378UnknownLowService on port 12378
12381UnknownLowService on port 12381
12390UnknownLowService on port 12390
12408UnknownLowService on port 12408
12409UnknownLowService on port 12409
12412UnknownLowService on port 12412
12430UnknownLowService on port 12430
12439UnknownLowService on port 12439
12463UnknownLowService on port 12463
12467UnknownLowService on port 12467
12468UnknownLowService on port 12468
12475UnknownLowService on port 12475
12482UnknownLowService on port 12482
12485UnknownLowService on port 12485
12489UnknownLowService on port 12489
12493UnknownLowService on port 12493
12494UnknownLowService on port 12494
12522UnknownLowService on port 12522
12530UnknownLowService on port 12530
12552UnknownLowService on port 12552
12580UnknownLowService on port 12580
12980UnknownLowService on port 12980
13000UnknownLowService on port 13000
13970UnknownLowService on port 13970
14147UnknownLowService on port 14147
14265UnknownLowService on port 14265
14401UnknownLowService on port 14401
14406UnknownLowService on port 14406
15066UnknownLowService on port 15066
15082UnknownLowService on port 15082
15084UnknownLowService on port 15084
15502UnknownLowService on port 15502
15503UnknownLowService on port 15503
15563UnknownLowService on port 15563
15831UnknownLowService on port 15831
16000UnknownLowService on port 16000
16004UnknownLowService on port 16004
16008UnknownLowService on port 16008
16010UnknownLowService on port 16010
16026UnknownLowService on port 16026
16030UnknownLowService on port 16030
16032UnknownLowService on port 16032
16033UnknownLowService on port 16033
16035UnknownLowService on port 16035
16055UnknownLowService on port 16055
16071UnknownLowService on port 16071
16084UnknownLowService on port 16084
16088UnknownLowService on port 16088
16089UnknownLowService on port 16089
16093UnknownLowService on port 16093
16103UnknownLowService on port 16103
16311UnknownLowService on port 16311
16992UnknownLowService on port 16992
16993UnknownLowService on port 16993
17042UnknownLowService on port 17042
17100UnknownLowService on port 17100
17102UnknownLowService on port 17102
17381UnknownLowService on port 17381
17955UnknownLowService on port 17955
18005UnknownLowService on port 18005
18007UnknownLowService on port 18007
18016UnknownLowService on port 18016
18030UnknownLowService on port 18030
18032UnknownLowService on port 18032
18040UnknownLowService on port 18040
18049UnknownLowService on port 18049
18053UnknownLowService on port 18053
18056UnknownLowService on port 18056
18060UnknownLowService on port 18060
18061UnknownLowService on port 18061
18075UnknownLowService on port 18075
18084UnknownLowService on port 18084
18094UnknownLowService on port 18094
18101UnknownLowService on port 18101
18239UnknownLowService on port 18239
18245UnknownLowService on port 18245
18777UnknownLowService on port 18777
18789UnknownLowService on port 18789
19000UnknownLowService on port 19000
19222UnknownLowService on port 19222
20000UnknownLowService on port 20000
20001UnknownLowService on port 20001
20050UnknownLowService on port 20050
20070UnknownLowService on port 20070
20084UnknownLowService on port 20084
20110UnknownLowService on port 20110
20201UnknownLowService on port 20201
20235UnknownLowService on port 20235
20256UnknownLowService on port 20256
20433UnknownLowService on port 20433
20443UnknownLowService on port 20443
20547UnknownLowService on port 20547
20643UnknownLowService on port 20643
20880UnknownLowService on port 20880
21001UnknownLowService on port 21001
21025UnknownLowService on port 21025
21236UnknownLowService on port 21236
21239UnknownLowService on port 21239
21251UnknownLowService on port 21251
21262UnknownLowService on port 21262
21264UnknownLowService on port 21264
21268UnknownLowService on port 21268
21276UnknownLowService on port 21276
21281UnknownLowService on port 21281
21292UnknownLowService on port 21292
21294UnknownLowService on port 21294
21329UnknownLowService on port 21329
21379UnknownLowService on port 21379
22084UnknownLowService on port 22084
22206UnknownLowService on port 22206
23268UnknownLowService on port 23268
23424UnknownLowService on port 23424
24181UnknownLowService on port 24181
25001UnknownLowService on port 25001
25105UnknownLowService on port 25105
25952UnknownLowService on port 25952
26209UnknownLowService on port 26209
27015UnknownLowService on port 27015
27017MongoDBCriticalMongoDB — commonly found exposed without authentication
27304UnknownLowService on port 27304
27776UnknownLowService on port 27776
28015UnknownLowService on port 28015
28031UnknownLowService on port 28031
28455UnknownLowService on port 28455
28654UnknownLowService on port 28654
29504UnknownLowService on port 29504
29840UnknownLowService on port 29840
30005UnknownLowService on port 30005
30015UnknownLowService on port 30015
30101UnknownLowService on port 30101
30104UnknownLowService on port 30104
30443UnknownLowService on port 30443
31210UnknownLowService on port 31210
31337UnknownLowService on port 31337
31443UnknownLowService on port 31443
31444UnknownLowService on port 31444
32400UnknownLowService on port 32400
32746UnknownLowService on port 32746
32764UnknownLowService on port 32764
33060UnknownLowService on port 33060
35000UnknownLowService on port 35000
35042UnknownLowService on port 35042
35101UnknownLowService on port 35101
35522UnknownLowService on port 35522
35559UnknownLowService on port 35559
36611UnknownLowService on port 36611
36983UnknownLowService on port 36983
37154UnknownLowService on port 37154
37215UnknownLowService on port 37215
37443UnknownLowService on port 37443
40001UnknownLowService on port 40001
42155UnknownLowService on port 42155
42901UnknownLowService on port 42901
43129UnknownLowService on port 43129
43200UnknownLowService on port 43200
43250UnknownLowService on port 43250
44320UnknownLowService on port 44320
44340UnknownLowService on port 44340
44341UnknownLowService on port 44341
44436UnknownLowService on port 44436
44712UnknownLowService on port 44712
45439UnknownLowService on port 45439
45455UnknownLowService on port 45455
45821UnknownLowService on port 45821
46723UnknownLowService on port 46723
47000UnknownLowService on port 47000
47058UnknownLowService on port 47058
47080UnknownLowService on port 47080
47119UnknownLowService on port 47119
48001UnknownLowService on port 48001
48013UnknownLowService on port 48013
49038UnknownLowService on port 49038
49152UnknownLowService on port 49152
49153UnknownLowService on port 49153
50000UnknownLowService on port 50000
50002UnknownLowService on port 50002
50003UnknownLowService on port 50003
50050UnknownLowService on port 50050
50102UnknownLowService on port 50102
50346UnknownLowService on port 50346
50436UnknownLowService on port 50436
50998UnknownLowService on port 50998
51106UnknownLowService on port 51106
51235UnknownLowService on port 51235
51847UnknownLowService on port 51847
52311UnknownLowService on port 52311
52869UnknownLowService on port 52869
53116UnknownLowService on port 53116
53860UnknownLowService on port 53860
55200UnknownLowService on port 55200
55443UnknownLowService on port 55443
55470UnknownLowService on port 55470
55554UnknownLowService on port 55554
55867UnknownLowService on port 55867
56178UnknownLowService on port 56178
56435UnknownLowService on port 56435
56445UnknownLowService on port 56445
57782UnknownLowService on port 57782
57783UnknownLowService on port 57783
57784UnknownLowService on port 57784

⚠️ 在14.182.1.39上检测到1个高风险端口。开放的数据库端口表明可能存在数据泄露风险。 这些服务在没有严格防火墙规则的情况下不应公开访问。

Hostnames: static.vnpt.vn
PTR: static.vnpt.vn

数据来源:Shodan InternetDB。独立于abuse.mom进行扫描。

09

黑名单状态 (DNSBL)

该IP已通过全球邮件服务器和防火墙使用的主要DNS黑名单进行检查。

⛔ 已列入
b.barracudacentral.org
✓ 清洁
ix.dnsbl.manitu.net
✓ 清洁
dnsbl.sorbs.net
✓ 清洁
zen.spamhaus.org
✓ 清洁
bl.spamcop.net
✓ 清洁
dnsbl-1.uceprotect.net
✓ 清洁
truncate.gbudb.net
✓ 清洁
psbl.surriel.com

已检查:Spamhaus、SpamCop、Barracuda、SORBS、CBL、UCEProtect。

10

Threat Analysis

14.182.1.39 has been assigned a threat score of 70/100 (High). 这将其归类为高严重性威胁。建议对敏感基础设施进行主动封锁。

The following attack categories were identified:

Path Enumeration

📊 Threat Analysis

IP地址14.182.1.39已追溯至Hanoi, Vietnam,运营在VNPT的网络中。我们的威胁检测系统根据观察到的恶意行为模式标记了此地址。 我们的传感器在1天内捕获了来自此地址的1次恶意请求,反映出每天约1次的持续攻击节奏。 该地址被归类为住宅,意味着它可能属于终端用户ISP连接。来自住宅IP的恶意活动通常表明设备已被入侵或属于僵尸网络。 该IP表现出目录枚举行为,系统地请求不存在的路径以发现隐藏文件和配置错误的资源。 我们的记录显示来自Vietnam的196个恶意IP,使其成为全球威胁活动的重要贡献者。 评分70/100表明这是一个已确认的恶意行为者。网络级别封锁是适当的。

This IP is classified as residential, suggesting it may belong to a compromised home device, IoT botnet member, or an infected personal computer. Residential IPs involved in attacks often indicate malware infection without the owner's knowledge.

11

Related Threats

🇻🇳 Top threats from Vietnam

103.216.118.66 (273)210.2.86.189 (235)103.61.123.221 (235)116.118.47.174 (235)14.225.32.188 (235)View all →

🏢 Same network: AS45899

14.174.108.137 (163)14.241.96.71 (155)203.210.222.126 (150)123.30.233.48 (130)14.178.10.112 (130)View all →
12

Security Intelligence

💡 Remote Code Execution (RCE)

RCE vulnerabilities allow attackers to execute arbitrary code on target servers. These critical flaws often arise from deserialization bugs, template injection, or file upload vulnerabilities, and represent the highest severity class of web application weaknesses.

💡 Automated Incident Response

Automated response systems can block threats in milliseconds, far faster than human analysts. However, automation requires careful safeguards — rate limits on blocking actions, automatic expiration, and human review queues prevent automated systems from causing self-inflicted outages.

🔍 Check Any IP Address

Share this report:
关于免责声明条款举报追踪
报告生成时间 30.05.2026 11:21
规矩点,否则你将被曝光