14.247.254.241

Basic Info

City: unknown

Region: unknown

Country: Viet Nam

Internet Service Provider: Vietnam Posts and Telecommunications Group

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	445/tcp [2019-06-26]1pkt	2019-06-26 19:53:29

Comments on same subnet:

IP	Type	Details	Datetime
14.247.254.225	attackbotsspam	1590119542 - 05/22/2020 05:52:22 Host: 14.247.254.225/14.247.254.225 Port: 445 TCP Blocked	2020-05-22 16:53:16

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.247.254.241
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17573
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.247.254.241.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062600 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Wed Jun 26 19:53:22 CST 2019
;; MSG SIZE  rcvd: 118

Host info

241.254.247.14.in-addr.arpa domain name pointer static.vnpt.vn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
241.254.247.14.in-addr.arpa	name = static.vnpt.vn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
171.96.30.14	attack	Unauthorised access (Feb 15) SRC=171.96.30.14 LEN=44 PREC=0x20 TTL=49 ID=14524 TCP DPT=23 WINDOW=9563 SYN Unauthorised access (Feb 14) SRC=171.96.30.14 LEN=44 PREC=0x20 TTL=49 ID=34392 TCP DPT=23 WINDOW=57644 SYN	2020-02-15 10:54:39
218.157.181.132	attackspambots	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-15 10:53:19
140.143.208.92	attack	Feb 15 03:04:55 srv01 sshd[4971]: Invalid user ruperto from 140.143.208.92 port 43222 Feb 15 03:04:55 srv01 sshd[4971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.208.92 Feb 15 03:04:55 srv01 sshd[4971]: Invalid user ruperto from 140.143.208.92 port 43222 Feb 15 03:04:58 srv01 sshd[4971]: Failed password for invalid user ruperto from 140.143.208.92 port 43222 ssh2 Feb 15 03:08:06 srv01 sshd[5200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.208.92 user=root Feb 15 03:08:08 srv01 sshd[5200]: Failed password for root from 140.143.208.92 port 38764 ssh2 ...	2020-02-15 10:32:19
1.20.248.101	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-02-15 10:26:39
151.80.41.64	attackspambots	Feb 15 02:28:03 MK-Soft-VM3 sshd[6054]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.41.64 Feb 15 02:28:05 MK-Soft-VM3 sshd[6054]: Failed password for invalid user HUA@wei!@# from 151.80.41.64 port 43136 ssh2 ...	2020-02-15 10:57:18
101.6.68.237	attack	Feb 14 20:41:38 toyboy sshd[15394]: Invalid user admin from 101.6.68.237 Feb 14 20:41:38 toyboy sshd[15394]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.6.68.237 Feb 14 20:41:40 toyboy sshd[15394]: Failed password for invalid user admin from 101.6.68.237 port 44824 ssh2 Feb 14 20:41:40 toyboy sshd[15394]: Received disconnect from 101.6.68.237: 11: Normal Shutdown [preauth] Feb 14 20:44:37 toyboy sshd[15525]: Invalid user ftp from 101.6.68.237 Feb 14 20:44:37 toyboy sshd[15525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.6.68.237 Feb 14 20:44:40 toyboy sshd[15525]: Failed password for invalid user ftp from 101.6.68.237 port 59280 ssh2 Feb 14 20:44:40 toyboy sshd[15525]: Received disconnect from 101.6.68.237: 11: Normal Shutdown [preauth] Feb 14 20:47:38 toyboy sshd[15657]: Invalid user dev from 101.6.68.237 Feb 14 20:47:39 toyboy sshd[15657]: pam_unix(sshd:auth): authenticati........ -------------------------------	2020-02-15 10:37:08
8.208.11.66	attackspam	Invalid user rk from 8.208.11.66 port 46148	2020-02-15 10:40:34
139.59.95.117	attackspambots	Port 5900 (VNC) access denied	2020-02-15 10:32:47
80.79.183.11	attackspambots	Honeypot attack, port: 445, PTR: pc.altegrosky.ru.	2020-02-15 10:46:16
49.88.67.21	attackbotsspam	Feb 14 23:04:21 mxgate1 postfix/postscreen[15951]: CONNECT from [49.88.67.21]:17583 to [176.31.12.44]:25 Feb 14 23:04:21 mxgate1 postfix/dnsblog[16695]: addr 49.88.67.21 listed by domain zen.spamhaus.org as 127.0.0.11 Feb 14 23:04:21 mxgate1 postfix/dnsblog[16695]: addr 49.88.67.21 listed by domain zen.spamhaus.org as 127.0.0.4 Feb 14 23:04:21 mxgate1 postfix/dnsblog[16695]: addr 49.88.67.21 listed by domain zen.spamhaus.org as 127.0.0.3 Feb 14 23:04:21 mxgate1 postfix/dnsblog[15971]: addr 49.88.67.21 listed by domain cbl.abuseat.org as 127.0.0.2 Feb 14 23:04:21 mxgate1 postfix/dnsblog[15967]: addr 49.88.67.21 listed by domain b.barracudacentral.org as 127.0.0.2 Feb 14 23:04:27 mxgate1 postfix/postscreen[17367]: DNSBL rank 4 for [49.88.67.21]:17583 Feb x@x Feb 14 23:04:28 mxgate1 postfix/postscreen[17367]: DISCONNECT [49.88.67.21]:17583 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.88.67.21	2020-02-15 11:03:19
5.26.119.62	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-02-15 10:27:37
178.128.220.8	attackspam	Automatic report - XMLRPC Attack	2020-02-15 10:50:41
213.136.72.221	attackspam	Feb 14 19:01:48 localhost postfix/smtpd[1923149]: disconnect from vmi314533.contaboserver.net[213.136.72.221] ehlo=1 quhostname=1 commands=2 Feb 14 19:01:49 localhost postfix/smtpd[1930334]: disconnect from vmi314533.contaboserver.net[213.136.72.221] ehlo=1 quhostname=1 commands=2 Feb 14 19:01:51 localhost postfix/smtpd[1930334]: disconnect from vmi314533.contaboserver.net[213.136.72.221] ehlo=1 quhostname=1 commands=2 Feb 14 19:01:52 localhost postfix/smtpd[1930334]: disconnect from vmi314533.contaboserver.net[213.136.72.221] ehlo=1 quhostname=1 commands=2 Feb 14 19:01:53 localhost postfix/smtpd[1930334]: disconnect from vmi314533.contaboserver.net[213.136.72.221] ehlo=1 quhostname=1 commands=2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=213.136.72.221	2020-02-15 10:47:00
177.85.98.242	attackbotsspam	Automatic report - XMLRPC Attack	2020-02-15 10:57:01
5.249.146.176	attack	Feb 14 12:43:08 web1 sshd\[9351\]: Invalid user virtual from 5.249.146.176 Feb 14 12:43:08 web1 sshd\[9351\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.146.176 Feb 14 12:43:10 web1 sshd\[9351\]: Failed password for invalid user virtual from 5.249.146.176 port 59278 ssh2 Feb 14 12:44:52 web1 sshd\[9482\]: Invalid user webmaster from 5.249.146.176 Feb 14 12:44:52 web1 sshd\[9482\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.249.146.176	2020-02-15 10:56:35

Recently Reported IPs

216.224.164.17	151.54.61.10	116.113.99.170	59.48.121.10
49.88.226.143	195.34.74.180	15.247.40.116	193.56.29.129
119.86.24.243	254.230.163.117	177.34.124.210	122.4.224.4
193.124.191.92	113.18.35.31	142.93.234.107	119.60.6.26
215.113.255.67	92.60.38.183	187.67.112.235	110.78.80.54