14.207.57.91 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Triple T Internet PCL

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	1590983128 - 06/01/2020 05:45:28 Host: 14.207.57.91/14.207.57.91 Port: 445 TCP Blocked	2020-06-01 20:00:33

Comments on same subnet:

IP	Type	Details	Datetime
14.207.57.111	attackspam	SSH/22 MH Probe, BF, Hack -	2020-07-11 01:44:46
14.207.57.126	attackspambots	1583241604 - 03/03/2020 14:20:04 Host: 14.207.57.126/14.207.57.126 Port: 445 TCP Blocked	2020-03-04 05:34:38
14.207.57.187	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 06-02-2020 04:55:20.	2020-02-06 15:40:43

Type

Details

Datetime

14.207.57.111

attackspam

SSH/22 MH Probe, BF, Hack -

2020-07-11 01:44:46

14.207.57.126

attackspambots

1583241604 - 03/03/2020 14:20:04 Host: 14.207.57.126/14.207.57.126 Port: 445 TCP Blocked

2020-03-04 05:34:38

14.207.57.187

attackbots

Attempt to attack host OS, exploiting network vulnerabilities, on 06-02-2020 04:55:20.

2020-02-06 15:40:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.207.57.91
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48152
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.207.57.91.			IN	A

;; AUTHORITY SECTION:
.			493	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060100 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 01 20:00:29 CST 2020
;; MSG SIZE  rcvd: 116

Host info

91.57.207.14.in-addr.arpa domain name pointer mx-ll-14.207.57-91.dynamic.3bb.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
91.57.207.14.in-addr.arpa	name = mx-ll-14.207.57-91.dynamic.3bb.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.199.179.248	attack	Found on CINS badguys / proto=6 . srcport=51245 . dstport=23 Telnet . (1015)	2020-10-03 19:22:51
118.244.128.29	attackbots	Oct 3 00:58:39 host sshd[20593]: Invalid user sig from 118.244.128.29 port 2811 ...	2020-10-03 19:25:06
193.239.147.179	attackspam	Relay mail to check212014@gmail.com	2020-10-03 18:45:14
178.32.192.85	attackspambots	SSH auth scanning - multiple failed logins	2020-10-03 19:21:05
208.82.118.236	attackspam	RU spamvertising/fraud - From: Ultra Wifi Pro - UBE 208.82.118.236 (EHLO newstart.club) Ndchost - Spam link mail.kraften.site = 185.56.88.154 Buzinessware FZCO – phishing redirect: a) spendlesslist.com = 104.144.63.165 ServerMania - Spam link #2 mail.kraften.site - phishing redirect: a) spendlesslist.com = 104.144.63.165 ServerMania b) safemailremove.com = 40.64.107.53 Microsoft Corporation - Spam link newstart.club = host not found Images - 151.101.120.193 Fastly - https://imgur.com/wmqfoW2.png = Ultra Wifi Pro ad - https://imgur.com/F6adfzn.png = Ultra Wifi Pro 73 Greentree Dr. #57 Dover DE 19904 – entity not found at listed address; BBB: Ultra HD Antennas & Ultra WiFi Pro – " this business is no longer in business "	2020-10-03 18:57:08
185.220.100.247	attackbotsspam	xmlrpc attack	2020-10-03 18:48:19
165.21.103.192	attackspambots	SSH login attempts.	2020-10-03 19:27:09
27.4.171.173	attackbots	Icarus honeypot on github	2020-10-03 19:18:58
218.92.0.203	attackspam	Oct 3 12:29:28 pve1 sshd[13975]: Failed password for root from 218.92.0.203 port 24630 ssh2 Oct 3 12:29:32 pve1 sshd[13975]: Failed password for root from 218.92.0.203 port 24630 ssh2 ...	2020-10-03 19:03:51
180.250.115.121	attackbots	Oct 2 22:35:09 * sshd[31693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.121 Oct 2 22:35:11 * sshd[31693]: Failed password for invalid user a from 180.250.115.121 port 59259 ssh2	2020-10-03 18:52:37
90.154.91.97	attackspam	Icarus honeypot on github	2020-10-03 19:08:05
183.63.87.236	attackbots	Oct 3 11:34:49 ns382633 sshd\[27132\]: Invalid user cisco from 183.63.87.236 port 39324 Oct 3 11:34:49 ns382633 sshd\[27132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.63.87.236 Oct 3 11:34:51 ns382633 sshd\[27132\]: Failed password for invalid user cisco from 183.63.87.236 port 39324 ssh2 Oct 3 11:40:12 ns382633 sshd\[27898\]: Invalid user joan from 183.63.87.236 port 34678 Oct 3 11:40:12 ns382633 sshd\[27898\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.63.87.236	2020-10-03 18:43:19
116.196.81.216	attack	Oct 3 12:27:55 abendstille sshd\[13881\]: Invalid user marcel from 116.196.81.216 Oct 3 12:27:55 abendstille sshd\[13881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 Oct 3 12:27:58 abendstille sshd\[13881\]: Failed password for invalid user marcel from 116.196.81.216 port 58196 ssh2 Oct 3 12:30:13 abendstille sshd\[16434\]: Invalid user james from 116.196.81.216 Oct 3 12:30:13 abendstille sshd\[16434\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.81.216 ...	2020-10-03 18:46:35
129.211.50.239	attack	Oct 3 09:56:57 vm0 sshd[21235]: Failed password for root from 129.211.50.239 port 38374 ssh2 Oct 3 10:01:05 vm0 sshd[21288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.50.239 ...	2020-10-03 19:24:18
94.23.24.213	attackspam	Bruteforce detected by fail2ban	2020-10-03 18:47:34

Recently Reported IPs

37.105.173.161	117.242.111.116	123.21.119.240	115.203.181.2
110.137.83.41	109.111.79.120	103.206.179.20	180.183.159.194
92.238.6.103	23.75.236.242	221.213.62.10	113.23.116.114
189.152.223.140	203.40.18.234	88.87.71.60	77.40.47.168
165.29.105.3	158.186.52.127	142.85.208.15	3.60.94.175