14.227.242.253

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Aug 1) SRC=14.227.242.253 LEN=52 TTL=119 ID=10709 DF TCP DPT=445 WINDOW=8192 SYN	2019-08-01 13:27:11

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.227.242.253
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2930
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.227.242.253.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 13:27:02 CST 2019
;; MSG SIZE  rcvd: 118

Host info

253.242.227.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
253.242.227.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
123.30.154.184	attackbotsspam	2019-08-31T18:13:47.769591abusebot-2.cloudsearch.cf sshd\[15454\]: Invalid user centos from 123.30.154.184 port 33890	2019-09-01 02:17:20
106.13.117.204	attackspam	Aug 31 18:43:40 pornomens sshd\[29113\]: Invalid user admin from 106.13.117.204 port 34710 Aug 31 18:43:40 pornomens sshd\[29113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.117.204 Aug 31 18:43:42 pornomens sshd\[29113\]: Failed password for invalid user admin from 106.13.117.204 port 34710 ssh2 ...	2019-09-01 02:17:58
189.57.73.18	attackbots	Aug 31 13:03:48 aat-srv002 sshd[22146]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.57.73.18 Aug 31 13:03:50 aat-srv002 sshd[22146]: Failed password for invalid user oracle from 189.57.73.18 port 34433 ssh2 Aug 31 13:08:47 aat-srv002 sshd[22261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.57.73.18 Aug 31 13:08:49 aat-srv002 sshd[22261]: Failed password for invalid user marek from 189.57.73.18 port 27137 ssh2 ...	2019-09-01 02:26:05
159.89.134.64	attackbots	Aug 31 13:41:56 aat-srv002 sshd[23098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.134.64 Aug 31 13:41:58 aat-srv002 sshd[23098]: Failed password for invalid user daniela from 159.89.134.64 port 54878 ssh2 Aug 31 13:45:50 aat-srv002 sshd[23217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.134.64 Aug 31 13:45:53 aat-srv002 sshd[23217]: Failed password for invalid user ht from 159.89.134.64 port 42766 ssh2 ...	2019-09-01 03:04:17
54.37.17.251	attack	$f2bV_matches	2019-09-01 03:00:30
68.183.178.162	attack	Reported by AbuseIPDB proxy server.	2019-09-01 02:39:30
121.12.118.6	attack	Aug3113:22:30server2dovecot:imap-login:Disconnected$authfailed\,1attemptsin5secs$:user=\\,method=PLAIN\,rip=178.47.132.182\,lip=81.17.25.230\,TLS\,session=\<1ogQ9GeRDuuyL4S2\>Aug3112:53:36server2dovecot:imap-login:Disconnected$authfailed\,1attemptsin6secs$:user=\\,method=PLAIN\,rip=59.46.102.202\,lip=81.17.25.230\,TLS\,session=\Aug3112:48:14server2dovecot:imap-login:Disconnected$authfailed\,1attemptsin17secs$:user=\\,method=PLAIN\,rip=178.124.176.185\,lip=81.17.25.230\,TLS:Connectionclosed\,session=\Aug3113:34:26server2dovecot:imap-login:Disconnected$authfailed\,1attemptsin6secs$:user=\\,method=PLAIN\,rip=183.167.204.69\,lip=81.17.25.230\,TLS:Connectionclosed\,session=\Aug3112:53:17server2dovecot:imap-login:Disconnected$authfailed\,1attemptsin20secs$:user=\\,method=PLAIN\,rip=58.210.126.206\,lip=81.17.25.230\,TLS\,sessio	2019-09-01 03:11:25
2.154.187.72	attackspambots	Brute force attempt	2019-09-01 03:10:32
138.97.218.51	attackbots	DATE:2019-08-31 18:42:04, IP:138.97.218.51, PORT:ssh SSH brute force auth (thor)	2019-09-01 03:02:20
138.68.59.173	attackbotsspam	Lines containing failures of 138.68.59.173 (max 1000) Aug 31 07:05:06 localhost sshd[15972]: Invalid user customer from 138.68.59.173 port 53098 Aug 31 07:05:06 localhost sshd[15972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.59.173 Aug 31 07:05:08 localhost sshd[15972]: Failed password for invalid user customer from 138.68.59.173 port 53098 ssh2 Aug 31 07:05:09 localhost sshd[15972]: Received disconnect from 138.68.59.173 port 53098:11: Bye Bye [preauth] Aug 31 07:05:09 localhost sshd[15972]: Disconnected from invalid user customer 138.68.59.173 port 53098 [preauth] Aug 31 07:18:04 localhost sshd[17893]: Invalid user centos from 138.68.59.173 port 36144 Aug 31 07:18:04 localhost sshd[17893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.59.173 Aug 31 07:18:06 localhost sshd[17893]: Failed password for invalid user centos from 138.68.59.173 port 36144 ssh2 Aug 31 07:18........ ------------------------------	2019-09-01 02:20:40
46.166.151.47	attackbots	\[2019-08-31 11:45:24\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T11:45:24.550-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="40980046812111447",SessionID="0x7f7b303c21f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/52216",ACLName="no_extension_match" \[2019-08-31 11:45:38\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T11:45:38.849-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01246406820574",SessionID="0x7f7b30e1c6c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/63481",ACLName="no_extension_match" \[2019-08-31 11:47:24\] SECURITY\[1837\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-08-31T11:47:24.601-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="90046812410249",SessionID="0x7f7b303c21f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/46.166.151.47/53586",ACLName="no_ext	2019-09-01 02:51:37
75.49.249.16	attackspambots	Aug 31 20:24:57 legacy sshd[4885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.49.249.16 Aug 31 20:24:59 legacy sshd[4885]: Failed password for invalid user weblogic from 75.49.249.16 port 55368 ssh2 Aug 31 20:29:13 legacy sshd[5000]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=75.49.249.16 ...	2019-09-01 02:47:12
178.62.117.82	attackbots	15 Failures SSH Logins w/ invalid user	2019-09-01 03:00:07
104.175.32.206	attack	Aug 31 20:45:41 vps647732 sshd[16099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.175.32.206 Aug 31 20:45:43 vps647732 sshd[16099]: Failed password for invalid user user from 104.175.32.206 port 36014 ssh2 ...	2019-09-01 03:06:49
217.112.128.193	attack	Spam mails sent to address hacked/leaked from Nexus Mods in July 2013	2019-09-01 02:21:32

Recently Reported IPs

66.45.225.233	62.234.68.246	103.231.188.73	175.162.155.175
165.227.89.126	14.139.120.70	104.40.227.30	81.101.170.165
187.120.135.128	80.211.66.44	150.109.113.127	56.252.170.54
87.241.105.71	177.69.245.33	167.88.177.147	222.186.52.120
193.105.155.168	187.112.203.248	95.133.58.54	201.46.62.28