14.207.12.60 - IPInfo

基本信息:

城市(city): Bangkok

省份(region): Bangkok

国家(country): Thailand

运营商(isp): Triple T Internet PCL

主机名(hostname): unknown

机构(organization): Triple T Internet/Triple T Broadband

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jul 10 20:52:37 srv1 sshd[12249]: Address 14.207.12.60 maps to mx-ll-14.207.12-60.dynamic.3bb.in.th, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 10 20:52:37 srv1 sshd[12249]: Invalid user admin from 14.207.12.60 Jul 10 20:52:37 srv1 sshd[12249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.12.60 Jul 10 20:52:39 srv1 sshd[12249]: Failed password for invalid user admin from 14.207.12.60 port 49951 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=14.207.12.60	2019-07-11 03:39:11

类型

评论内容

时间

attack

Jul 10 20:52:37 srv1 sshd[12249]: Address 14.207.12.60 maps to mx-ll-14.207.12-60.dynamic.3bb.in.th, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
Jul 10 20:52:37 srv1 sshd[12249]: Invalid user admin from 14.207.12.60
Jul 10 20:52:37 srv1 sshd[12249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.12.60 
Jul 10 20:52:39 srv1 sshd[12249]: Failed password for invalid user admin from 14.207.12.60 port 49951 ssh2


........
-----------------------------------------------
https://www.blocklist.de/en/view.html?ip=14.207.12.60

2019-07-11 03:39:11

相同子网IP讨论:

IP	类型	评论内容	时间
14.207.128.159	attackspam	20/5/14@23:52:48: FAIL: Alarm-Network address from=14.207.128.159 ...	2020-05-15 16:15:48
14.207.124.134	attack	unauthorized connection attempt	2020-02-19 21:13:59
14.207.12.124	attack	Feb 12 05:58:33 cvbnet sshd[3072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.12.124 Feb 12 05:58:35 cvbnet sshd[3072]: Failed password for invalid user supervisor from 14.207.12.124 port 36879 ssh2 ...	2020-02-12 13:18:19
14.207.129.75	attackbotsspam	Triggered: repeated knocking on closed ports.	2020-02-03 21:34:20
14.207.122.193	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 30-01-2020 04:55:16.	2020-01-30 21:20:18
14.207.126.39	attack	Honeypot attack, port: 81, PTR: mx-ll-14.207.126-39.dynamic.3bb.co.th.	2020-01-12 20:20:20
14.207.126.207	attack	Unauthorized connection attempt from IP address 14.207.126.207 on Port 445(SMB)	2019-11-04 04:43:26
14.207.124.106	attack	Invalid user admin from 14.207.124.106 port 45568	2019-10-11 22:56:23
14.207.124.106	attackspambots	Invalid user admin from 14.207.124.106 port 45568	2019-10-10 21:08:06
14.207.123.77	attackspam	Unauthorized connection attempt from IP address 14.207.123.77 on Port 445(SMB)	2019-09-03 22:18:44
14.207.122.119	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-02 01:08:09,853 INFO [shellcode_manager] (14.207.122.119) no match, writing hexdump (0b84678d3b9196bc4c876c0ca50cb3a3 :2130327) - MS17010 (EternalBlue)	2019-07-02 23:05:33
14.207.122.247	attackspam	firewall-block, port(s): 41878/tcp	2019-06-30 16:36:39

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.207.12.60
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15921
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.207.12.60.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071000 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jul 11 03:39:04 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

60.12.207.14.in-addr.arpa domain name pointer mx-ll-14.207.12-60.dynamic.3bb.co.th.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
60.12.207.14.in-addr.arpa	name = mx-ll-14.207.12-60.dynamic.3bb.in.th.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
155.94.182.217	attackspambots	SSH Bruteforce attack	2020-10-02 01:25:01
139.59.46.226	attackspambots	TCP port : 23063	2020-10-02 01:25:35
177.32.97.36	attack	Sep 28 14:31:17 CT728 sshd[10318]: reveeclipse mapping checking getaddrinfo for b1206124.virtua.com.br [177.32.97.36] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 28 14:31:19 CT728 sshd[10318]: Failed password for invalid user fossil from 177.32.97.36 port 60563 ssh2 Sep 28 14:31:19 CT728 sshd[10318]: Received disconnect from 177.32.97.36: 11: Bye Bye [preauth] Sep 28 14:43:53 CT728 sshd[10706]: reveeclipse mapping checking getaddrinfo for b1206124.virtua.com.br [177.32.97.36] failed - POSSIBLE BREAK-IN ATTEMPT! Sep 28 14:43:53 CT728 sshd[10706]: User r.r from 177.32.97.36 not allowed because not listed in AllowUsers Sep 28 14:43:53 CT728 sshd[10706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.32.97.36 user=r.r Sep 28 14:43:55 CT728 sshd[10706]: Failed password for invalid user r.r from 177.32.97.36 port 43013 ssh2 Sep 28 14:43:56 CT728 sshd[10706]: Received disconnect from 177.32.97.36: 11: Bye Bye [preauth] Sep 28 14:50:13 ........ -------------------------------	2020-10-02 01:39:58
176.31.163.192	attackspam	Oct 1 17:19:14 host2 sshd[466221]: Failed password for root from 176.31.163.192 port 37582 ssh2 Oct 1 17:22:43 host2 sshd[466832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.163.192 user=root Oct 1 17:22:46 host2 sshd[466832]: Failed password for root from 176.31.163.192 port 44768 ssh2 Oct 1 17:22:43 host2 sshd[466832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.163.192 user=root Oct 1 17:22:46 host2 sshd[466832]: Failed password for root from 176.31.163.192 port 44768 ssh2 ...	2020-10-02 01:55:48
109.92.223.146	attackspambots	Sep 30 22:36:18 mellenthin postfix/smtpd[20926]: NOQUEUE: reject: RCPT from unknown[109.92.223.146]: 554 5.7.1 Service unavailable; Client host [109.92.223.146] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/109.92.223.146; from= to= proto=ESMTP helo=<109-92-223-146.static.isp.telekom.rs>	2020-10-02 01:21:39
178.128.61.133	attackbots	$f2bV_matches	2020-10-02 01:49:38
160.124.50.93	attackspam	(sshd) Failed SSH login from 160.124.50.93 (ZA/South Africa/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 1 12:24:01 server2 sshd[14562]: Invalid user Justin from 160.124.50.93 Oct 1 12:24:01 server2 sshd[14562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.124.50.93 Oct 1 12:24:03 server2 sshd[14562]: Failed password for invalid user Justin from 160.124.50.93 port 38558 ssh2 Oct 1 12:36:09 server2 sshd[24491]: Invalid user el from 160.124.50.93 Oct 1 12:36:09 server2 sshd[24491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=160.124.50.93	2020-10-02 01:36:07
189.124.30.144	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-10-02 01:38:49
218.6.99.67	attackspambots	Brute forcing email accounts	2020-10-02 01:51:21
190.134.177.201	attack	Brute force attempt	2020-10-02 01:38:25
49.233.171.219	attackspam	Oct 1 16:41:21 marvibiene sshd[29788]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.171.219 Oct 1 16:41:23 marvibiene sshd[29788]: Failed password for invalid user minecraft from 49.233.171.219 port 45921 ssh2 Oct 1 16:47:03 marvibiene sshd[30056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.171.219	2020-10-02 01:23:12
139.155.79.35	attack	Oct 1 22:13:05 mx sshd[1095138]: Invalid user anjana from 139.155.79.35 port 55124 Oct 1 22:13:05 mx sshd[1095138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.79.35 Oct 1 22:13:05 mx sshd[1095138]: Invalid user anjana from 139.155.79.35 port 55124 Oct 1 22:13:06 mx sshd[1095138]: Failed password for invalid user anjana from 139.155.79.35 port 55124 ssh2 Oct 1 22:17:43 mx sshd[1095191]: Invalid user ftpuser from 139.155.79.35 port 49276 ...	2020-10-02 01:48:56
91.98.70.131	attackbots	[portscan] Port scan	2020-10-02 01:20:05
51.210.107.15	attackbotsspam	2020-10-01T13:45:04.971641sorsha.thespaminator.com sshd[8654]: Invalid user test from 51.210.107.15 port 37116 2020-10-01T13:45:07.252245sorsha.thespaminator.com sshd[8654]: Failed password for invalid user test from 51.210.107.15 port 37116 ssh2 ...	2020-10-02 01:47:48
49.233.182.23	attackspam	2020-10-01T18:33[Censored Hostname] sshd[1764]: Invalid user michel from 49.233.182.23 port 43702 2020-10-01T18:33[Censored Hostname] sshd[1764]: Failed password for invalid user michel from 49.233.182.23 port 43702 ssh2 2020-10-01T18:34[Censored Hostname] sshd[1770]: Invalid user admin from 49.233.182.23 port 51780[...]	2020-10-02 01:37:46

最近上报的IP列表

187.18.83.171	177.52.234.50	223.1.0.237	208.60.54.201
190.18.14.209	211.121.25.20	153.1.152.251	104.30.176.100
181.12.195.77	116.179.60.121	53.150.18.168	160.7.41.66
144.224.39.15	114.5.98.54	49.152.144.194	1.53.36.205
2.196.172.73	112.193.248.212	105.174.216.41	46.4.84.115