14.207.28.1 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
14.207.28.171	attack	SSH Invalid Login	2020-09-24 21:09:53
14.207.28.171	attack	SSH Invalid Login	2020-09-24 13:05:04
14.207.28.171	attackspam	(sshd) Failed SSH login from 14.207.28.171 (TH/Thailand/Rayong/Pluak Daeng/mx-ll-14.207.28-171.dynamic.3bb.co.th): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 23 13:04:58 atlas sshd[17419]: Invalid user admin from 14.207.28.171 port 60049 Sep 23 13:05:00 atlas sshd[17419]: Failed password for invalid user admin from 14.207.28.171 port 60049 ssh2 Sep 23 13:05:03 atlas sshd[17452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.207.28.171 user=root Sep 23 13:05:05 atlas sshd[17452]: Failed password for root from 14.207.28.171 port 60295 ssh2 Sep 23 13:05:08 atlas sshd[17595]: Invalid user admin from 14.207.28.171 port 60406	2020-09-24 04:33:41
14.207.28.223	attackbots	Chat Spam	2019-10-05 06:20:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.207.28.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29159
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;14.207.28.1.			IN	A

;; AUTHORITY SECTION:
.			495	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 13:33:51 CST 2022
;; MSG SIZE  rcvd: 104

Host info

1.28.207.14.in-addr.arpa domain name pointer mx-ll-14.207.28-1.dynamic.3bb.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
1.28.207.14.in-addr.arpa	name = mx-ll-14.207.28-1.dynamic.3bb.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
60.250.74.210	attack	2019-07-09T20:40:56.414727enmeeting.mahidol.ac.th sshd\[21233\]: User root from 60-250-74-210.hinet-ip.hinet.net not allowed because not listed in AllowUsers 2019-07-09T20:40:56.540272enmeeting.mahidol.ac.th sshd\[21233\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-250-74-210.hinet-ip.hinet.net user=root 2019-07-09T20:40:58.967570enmeeting.mahidol.ac.th sshd\[21233\]: Failed password for invalid user root from 60.250.74.210 port 47146 ssh2 ...	2019-07-10 00:10:52
117.48.196.181	attackspambots	SMB Server BruteForce Attack	2019-07-10 01:00:02
157.55.39.245	attackbots	Automatic report - Web App Attack	2019-07-10 00:55:14
222.186.15.28	attackspam	SSH Bruteforce attack	2019-07-10 01:14:44
2607:5300:60:172::1	attackspam	[munged]::443 2607:5300:60:172::1 - - [09/Jul/2019:15:38:30 +0200] "POST /[munged]: HTTP/1.1" 200 6315 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 2607:5300:60:172::1 - - [09/Jul/2019:15:38:31 +0200] "POST /[munged]: HTTP/1.1" 200 6287 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-07-10 01:18:47
95.44.60.193	attackbots	$f2bV_matches	2019-07-10 00:09:47
183.131.80.72	attack	3389/tcp [2019-07-09]1pkt	2019-07-10 00:11:22
61.3.61.197	attackbotsspam	firewall-block, port(s): 5431/tcp	2019-07-10 00:46:59
88.26.210.251	attackbotsspam	múltiples y repetidas entradas en los logs del sistema. Entradas no autorizadas y ddos. Ataques al puerto winbox, curiosamente apunta a un RouterOS v6.33.3	2019-07-10 00:15:29
46.107.102.102	attack	$f2bV_matches	2019-07-10 01:10:04
43.249.192.59	attackbots	1433/tcp 8080/tcp 37215/tcp... [2019-05-08/07-09]47pkt,10pt.(tcp)	2019-07-10 00:23:42
3.210.199.77	attackbots	Jul 9 13:38:31 TCP Attack: SRC=3.210.199.77 DST=[Masked] LEN=250 TOS=0x00 PREC=0x00 TTL=235 DF PROTO=TCP SPT=60396 DPT=80 WINDOW=913 RES=0x00 ACK PSH URGP=0	2019-07-10 01:19:12
5.189.184.58	attackbots	Blank UA - Blocked	2019-07-10 00:59:11
188.225.37.86	attackbotsspam	www.goldgier.de 188.225.37.86 \[09/Jul/2019:15:40:12 +0200\] "POST /wp-login.php HTTP/1.1" 200 8726 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.goldgier.de 188.225.37.86 \[09/Jul/2019:15:40:13 +0200\] "POST /wp-login.php HTTP/1.1" 200 8725 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.goldgier.de 188.225.37.86 \[09/Jul/2019:15:40:14 +0200\] "POST /wp-login.php HTTP/1.1" 200 8725 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-10 00:37:35
185.137.233.133	attack	Port scan attempt detected by AWS-CCS, CTS, India	2019-07-10 00:30:29

Recently Reported IPs

14.207.28.103	14.207.28.108	14.207.28.106	14.207.28.104
14.207.28.110	14.207.28.112	14.207.28.116	14.207.28.119
14.207.28.120	14.207.28.114	14.207.28.122	14.207.28.126
14.207.28.130	14.207.28.134	14.207.28.133	14.207.28.136
14.207.28.129	14.207.28.125	14.207.28.138	14.207.28.140