14.207.12.60 - IPInfo

基本信息:

城市(city): Bangkok

省份(region): Bangkok

国家(country): Thailand

运营商(isp): Triple T Internet PCL

主机名(hostname): unknown

机构(organization): Triple T Internet/Triple T Broadband

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 10 20:52:37 srv1 sshd[12249]: Address 14.207.12.60 maps to mx-ll-14.207.12-60.dynamic.3bb.in.th, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 10 20:52:37 srv1 sshd[12249]: Invalid user admin from 14.207.12.60 Jul 10 20:52:37 srv1 sshd[12249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.12.60 Jul 10 20:52:39 srv1 sshd[12249]: Failed password for invalid user admin from 14.207.12.60 port 49951 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.207.12.60	2019-07-11 03:39:11

类型

评论内容

时间

attack

Jul 10 20:52:37 srv1 sshd[12249]: Address 14.207.12.60 maps to mx-ll-14.207.12-60.dynamic.3bb.in.th, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jul 10 20:52:37 srv1 sshd[12249]: Invalid user admin from 14.207.12.60
Jul 10 20:52:37 srv1 sshd[12249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.12.60 
Jul 10 20:52:39 srv1 sshd[12249]: Failed password for invalid user admin from 14.207.12.60 port 49951 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=14.207.12.60

2019-07-11 03:39:11

相同子网IP讨论:

IP	类型	评论内容	时间
14.207.128.159	attackspam	20/5/14@23:52:48: FAIL: Alarm-Network address from=14.207.128.159 ...	2020-05-15 16:15:48
14.207.124.134	attack	unauthorized connection attempt	2020-02-19 21:13:59
14.207.12.124	attack	Feb 12 05:58:33 cvbnet sshd[3072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.12.124 Feb 12 05:58:35 cvbnet sshd[3072]: Failed password for invalid user supervisor from 14.207.12.124 port 36879 ssh2 ...	2020-02-12 13:18:19
14.207.129.75	attackbotsspam	Triggered: repeated knocking on closed ports.	2020-02-03 21:34:20
14.207.122.193	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 30-01-2020 04:55:16.	2020-01-30 21:20:18
14.207.126.39	attack	Honeypot attack, port: 81, PTR: mx-ll-14.207.126-39.dynamic.3bb.co.th.	2020-01-12 20:20:20
14.207.126.207	attack	Unauthorized connection attempt from IP address 14.207.126.207 on Port 445(SMB)	2019-11-04 04:43:26
14.207.124.106	attack	Invalid user admin from 14.207.124.106 port 45568	2019-10-11 22:56:23
14.207.124.106	attackspambots	Invalid user admin from 14.207.124.106 port 45568	2019-10-10 21:08:06
14.207.123.77	attackspam	Unauthorized connection attempt from IP address 14.207.123.77 on Port 445(SMB)	2019-09-03 22:18:44
14.207.122.119	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 01:08:09,853 INFO [shellcode_manager] (14.207.122.119) no match, writing hexdump (0b84678d3b9196bc4c876c0ca50cb3a3 :2130327) - MS17010 (EternalBlue)	2019-07-02 23:05:33
14.207.122.247	attackspam	firewall-block, port(s): 41878/tcp	2019-06-30 16:36:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.207.12.60
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15921
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.207.12.60.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 03:39:04 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

60.12.207.14.in-addr.arpa domain name pointer mx-ll-14.207.12-60.dynamic.3bb.co.th.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
60.12.207.14.in-addr.arpa	name = mx-ll-14.207.12-60.dynamic.3bb.in.th.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
219.250.188.46	attackbots	Sep 22 07:04:49 vps691689 sshd[4203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.250.188.46 Sep 22 07:04:51 vps691689 sshd[4203]: Failed password for invalid user operatore from 219.250.188.46 port 43920 ssh2 ...	2019-09-22 13:12:33
182.61.177.109	attack	Invalid user renault from 182.61.177.109 port 41242	2019-09-22 13:10:59
190.210.42.209	attackbotsspam	Sep 22 08:18:14 server sshd\[20705\]: Invalid user deploy from 190.210.42.209 port 21589 Sep 22 08:18:14 server sshd\[20705\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.210.42.209 Sep 22 08:18:16 server sshd\[20705\]: Failed password for invalid user deploy from 190.210.42.209 port 21589 ssh2 Sep 22 08:23:36 server sshd\[20702\]: Invalid user ansibleuser from 190.210.42.209 port 9733 Sep 22 08:23:36 server sshd\[20702\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.210.42.209	2019-09-22 13:28:12
103.243.107.92	attack	Sep 22 04:56:45 hcbbdb sshd\[22148\]: Invalid user nexus from 103.243.107.92 Sep 22 04:56:45 hcbbdb sshd\[22148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.243.107.92 Sep 22 04:56:47 hcbbdb sshd\[22148\]: Failed password for invalid user nexus from 103.243.107.92 port 56831 ssh2 Sep 22 05:01:52 hcbbdb sshd\[22764\]: Invalid user xin from 103.243.107.92 Sep 22 05:01:52 hcbbdb sshd\[22764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.243.107.92	2019-09-22 13:18:54
119.29.15.124	attackbots	Sep 21 18:58:37 auw2 sshd\[26856\]: Invalid user hadoop from 119.29.15.124 Sep 21 18:58:37 auw2 sshd\[26856\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.15.124 Sep 21 18:58:39 auw2 sshd\[26856\]: Failed password for invalid user hadoop from 119.29.15.124 port 44232 ssh2 Sep 21 19:04:15 auw2 sshd\[27584\]: Invalid user avnbot from 119.29.15.124 Sep 21 19:04:15 auw2 sshd\[27584\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.15.124	2019-09-22 13:13:37
185.243.180.140	attackbots	Sep 22 13:21:34 our-server-hostname postfix/smtpd[9213]: connect from unknown[185.243.180.140] Sep x@x Sep x@x Sep 22 13:21:37 our-server-hostname postfix/smtpd[9213]: 1552EA40010: client=unknown[185.243.180.140] Sep 22 13:21:37 our-server-hostname postfix/smtpd[10508]: E6398A40051: client=unknown[127.0.0.1], orig_client=unknown[185.243.180.140] Sep 22 13:21:37 our-server-hostname amavis[15207]: (1520 .... truncated .... Sep 22 13:21:34 our-server-hostname postfix/smtpd[9213]: connect from unknown[185.243.180.140] Sep x@x Sep x@x Sep 22 13:21:37 our-server-hostname postfix/smtpd[9213]: 1552EA40010: client=unknown[185.243.180.140] Sep 22 13:21:37 our-server-hostname postfix/smtpd[10508]: E6398A40051: client=unknown[127.0.0.1], orig_client=unknown[185.243.180.140] Sep 22 13:21:37 our-server-hostname amavis[15207]: (15207-03) Passed CLEAN, [185.243.180.140] [185.243.180.140] , mail_id: w36rmqcB6Eab, Hhostnames: -, size: 11103, queued_as: E6398A40051, 135 ms Sep x@x ........ -------------------------------	2019-09-22 13:16:15
218.92.0.181	attackbots	Sep 22 06:54:44 Ubuntu-1404-trusty-64-minimal sshd\[17162\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.181 user=root Sep 22 06:54:46 Ubuntu-1404-trusty-64-minimal sshd\[17162\]: Failed password for root from 218.92.0.181 port 2148 ssh2 Sep 22 06:54:49 Ubuntu-1404-trusty-64-minimal sshd\[17162\]: Failed password for root from 218.92.0.181 port 2148 ssh2 Sep 22 06:54:52 Ubuntu-1404-trusty-64-minimal sshd\[17162\]: Failed password for root from 218.92.0.181 port 2148 ssh2 Sep 22 06:54:55 Ubuntu-1404-trusty-64-minimal sshd\[17162\]: Failed password for root from 218.92.0.181 port 2148 ssh2	2019-09-22 13:20:25
106.13.2.130	attackspam	Sep 22 00:14:53 aat-srv002 sshd[6743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.2.130 Sep 22 00:14:55 aat-srv002 sshd[6743]: Failed password for invalid user tf21234567 from 106.13.2.130 port 41408 ssh2 Sep 22 00:19:21 aat-srv002 sshd[6978]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.2.130 Sep 22 00:19:23 aat-srv002 sshd[6978]: Failed password for invalid user $BLANKPASS from 106.13.2.130 port 42652 ssh2 ...	2019-09-22 13:44:03
31.154.93.97	attackspambots	Sep 22 05:55:47 xeon cyrus/imap[50775]: badlogin: [31.154.93.97] plain [SASL(-13): authentication failure: Password verification failed]	2019-09-22 13:20:05
200.84.198.246	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 22-09-2019 04:55:22.	2019-09-22 13:53:43
89.45.232.67	attackspambots	Sep 21 19:01:48 aiointranet sshd\[30182\]: Invalid user niu from 89.45.232.67 Sep 21 19:01:48 aiointranet sshd\[30182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cloud-89-45-232-67.instance.cloud.sunet.se Sep 21 19:01:50 aiointranet sshd\[30182\]: Failed password for invalid user niu from 89.45.232.67 port 37354 ssh2 Sep 21 19:06:14 aiointranet sshd\[30541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=cloud-89-45-232-67.instance.cloud.sunet.se user=root Sep 21 19:06:16 aiointranet sshd\[30541\]: Failed password for root from 89.45.232.67 port 51388 ssh2	2019-09-22 13:09:04
188.254.0.214	attackbots	Sep 21 18:27:29 lcdev sshd\[27876\]: Invalid user c from 188.254.0.214 Sep 21 18:27:29 lcdev sshd\[27876\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.214 Sep 21 18:27:31 lcdev sshd\[27876\]: Failed password for invalid user c from 188.254.0.214 port 56802 ssh2 Sep 21 18:32:02 lcdev sshd\[28255\]: Invalid user cq from 188.254.0.214 Sep 21 18:32:02 lcdev sshd\[28255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.254.0.214	2019-09-22 13:00:53
103.248.25.171	attack	Sep 22 07:21:02 OPSO sshd\[28907\]: Invalid user hd from 103.248.25.171 port 55200 Sep 22 07:21:02 OPSO sshd\[28907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.25.171 Sep 22 07:21:04 OPSO sshd\[28907\]: Failed password for invalid user hd from 103.248.25.171 port 55200 ssh2 Sep 22 07:25:53 OPSO sshd\[29694\]: Invalid user titanium from 103.248.25.171 port 39104 Sep 22 07:25:53 OPSO sshd\[29694\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.248.25.171	2019-09-22 13:44:46
111.231.75.83	attackspam	Sep 21 19:13:52 auw2 sshd\[28991\]: Invalid user linode from 111.231.75.83 Sep 21 19:13:52 auw2 sshd\[28991\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83 Sep 21 19:13:54 auw2 sshd\[28991\]: Failed password for invalid user linode from 111.231.75.83 port 47670 ssh2 Sep 21 19:19:06 auw2 sshd\[29633\]: Invalid user char from 111.231.75.83 Sep 21 19:19:06 auw2 sshd\[29633\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.75.83	2019-09-22 13:22:15
222.186.31.145	attackspam	2019-09-22T05:17:41.984550abusebot-2.cloudsearch.cf sshd\[30191\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.31.145 user=root	2019-09-22 13:18:20

最近上报的IP列表

187.18.83.171	177.52.234.50	223.1.0.237	208.60.54.201
190.18.14.209	211.121.25.20	153.1.152.251	104.30.176.100
181.12.195.77	116.179.60.121	53.150.18.168	160.7.41.66
144.224.39.15	114.5.98.54	49.152.144.194	1.53.36.205
2.196.172.73	112.193.248.212	105.174.216.41	46.4.84.115