14.207.7.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
14.207.70.210	attack	Jul 28 14:03:34 debian-2gb-nbg1-2 kernel: \[18196315.209437\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=14.207.70.210 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=48 ID=49196 PROTO=TCP SPT=17793 DPT=55494 WINDOW=34189 RES=0x00 ACK URGP=0	2020-07-29 01:32:45
14.207.77.183	attack	Honeypot attack, port: 445, PTR: mx-ll-14.207.77-183.dynamic.3bb.in.th.	2020-03-08 15:19:28
14.207.74.9	attackbots	Unauthorized connection attempt detected from IP address 14.207.74.9 to port 445 [T]	2020-01-15 22:27:23
14.207.73.125	attackspam	Unauthorized connection attempt detected from IP address 14.207.73.125 to port 80 [J]	2020-01-07 13:36:54
14.207.73.169	attack	Unauthorized connection attempt from IP address 14.207.73.169 on Port 445(SMB)	2020-01-04 19:13:50
14.207.71.172	attackbotsspam	Unauthorized connection attempt detected from IP address 14.207.71.172 to port 8000	2019-12-30 09:20:29
14.207.73.169	attackbotsspam	Unauthorized connection attempt detected from IP address 14.207.73.169 to port 445	2019-12-21 00:29:53
14.207.78.152	attack	firewall-block, port(s): 9001/tcp	2019-12-03 23:42:35
14.207.78.18	attackspam	UTC: 2019-11-30 pkts: 2 ports(tcp): 23, 26	2019-12-01 20:20:32
14.207.7.137	attackspambots	23/tcp [2019-10-30]1pkt	2019-10-30 22:15:03
14.207.74.112	attackspam	Brute forcing RDP port 3389	2019-10-28 18:31:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.207.7.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7794
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;14.207.7.34.			IN	A

;; AUTHORITY SECTION:
.			119	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 13:41:01 CST 2022
;; MSG SIZE  rcvd: 104

Host info

34.7.207.14.in-addr.arpa domain name pointer mx-ll-14.207.7-34.dynamic.3bb.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.7.207.14.in-addr.arpa	name = mx-ll-14.207.7-34.dynamic.3bb.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
196.188.28.217	attackspam	Aug 20 18:12:13 srv-4 sshd\[13740\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.188.28.217 user=root Aug 20 18:12:15 srv-4 sshd\[13740\]: Failed password for root from 196.188.28.217 port 43876 ssh2 Aug 20 18:17:44 srv-4 sshd\[14129\]: Invalid user telnet from 196.188.28.217 Aug 20 18:17:44 srv-4 sshd\[14129\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=196.188.28.217 ...	2019-08-21 08:27:41
59.100.246.170	attack	Invalid user guest from 59.100.246.170 port 49879	2019-08-21 08:03:32
198.211.114.102	attack	Aug 20 18:46:37 lnxmail61 sshd[8778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.114.102	2019-08-21 08:06:10
81.190.185.154	attack	Aug 20 05:34:32 web9 sshd\[3656\]: Invalid user cmd from 81.190.185.154 Aug 20 05:34:32 web9 sshd\[3656\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.190.185.154 Aug 20 05:34:34 web9 sshd\[3656\]: Failed password for invalid user cmd from 81.190.185.154 port 53656 ssh2 Aug 20 05:40:52 web9 sshd\[4955\]: Invalid user zhao from 81.190.185.154 Aug 20 05:40:52 web9 sshd\[4955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.190.185.154	2019-08-21 07:55:16
80.55.3.18	attack	Invalid user april from 80.55.3.18 port 58337	2019-08-21 08:22:24
112.65.201.26	attackspam	Aug 21 02:59:47 server sshd\[26455\]: Invalid user lfs from 112.65.201.26 port 19772 Aug 21 02:59:47 server sshd\[26455\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.65.201.26 Aug 21 02:59:49 server sshd\[26455\]: Failed password for invalid user lfs from 112.65.201.26 port 19772 ssh2 Aug 21 03:03:27 server sshd\[31421\]: Invalid user deploy from 112.65.201.26 port 36321 Aug 21 03:03:27 server sshd\[31421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.65.201.26	2019-08-21 08:04:42
94.143.105.73	attackspam	Received: from r1a-centrosaurus.mta.dotmailer.com (r1a-centrosaurus.mta.dotmailer.com. [94.143.105.73]) by mx.google.com with ESMTPS id jx7si1259507ejb.237.2019.08.15.05.03.23 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 15 Aug 2019 05:03:24 -0700 (PDT) Received-SPF: pass (google.com: domain of bo-2lb1-1ctd1-9f9lsc-c0rcd@e.directferries.com designates 94.143.105.73 as permitted sender) client-ip=94.143.105.73; Authentication-Results: mx.google.com; dkim=pass header.i=@e.directferries.com header.s=dkim1024 header.b=hjGMDN79; dkim=pass header.i=@dkim.dotmailer.com header.s=dkim1024 header.b=a8StpnZi; spf=pass (google.com: domain of bo-2lb1-1ctd1-9f9lsc-c0rcd@e.directferries.com designates 94.143.105.73 as permitted sender) smtp.mailfrom=bo-2LB1-1CTD1-9F9LSC-C0RCD@e.directferries.com	2019-08-21 08:18:48
60.191.38.77	attack	21.08.2019 00:15:44 Connection to port 50 blocked by firewall	2019-08-21 08:27:00
198.108.66.161	attackbots	22/tcp 623/tcp 8081/tcp... [2019-06-20/08-20]5pkt,4pt.(tcp)	2019-08-21 08:00:01
54.37.139.235	attackspam	Automatic report - Banned IP Access	2019-08-21 08:15:30
128.106.195.126	attackbotsspam	Aug 20 23:25:39 sshgateway sshd\[2147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.106.195.126 user=root Aug 20 23:25:41 sshgateway sshd\[2147\]: Failed password for root from 128.106.195.126 port 59453 ssh2 Aug 20 23:29:16 sshgateway sshd\[2161\]: Invalid user anton from 128.106.195.126	2019-08-21 08:03:07
182.61.104.242	attackspam	Invalid user agsadmin from 182.61.104.242 port 59912	2019-08-21 08:08:47
78.175.140.103	attackbotsspam	Automatic report - Port Scan Attack	2019-08-21 07:49:26
23.126.140.33	attackbots	Aug 20 14:24:54 hcbb sshd\[5679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-126-140-33.lightspeed.miamfl.sbcglobal.net user=root Aug 20 14:24:56 hcbb sshd\[5679\]: Failed password for root from 23.126.140.33 port 58874 ssh2 Aug 20 14:30:13 hcbb sshd\[6183\]: Invalid user sumit from 23.126.140.33 Aug 20 14:30:13 hcbb sshd\[6183\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=23-126-140-33.lightspeed.miamfl.sbcglobal.net Aug 20 14:30:15 hcbb sshd\[6183\]: Failed password for invalid user sumit from 23.126.140.33 port 36300 ssh2	2019-08-21 08:31:29
106.12.42.110	attackbots	Aug 20 18:50:05 [munged] sshd[32081]: Invalid user oraprod from 106.12.42.110 port 48572 Aug 20 18:50:05 [munged] sshd[32081]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.42.110	2019-08-21 08:21:20

Recently Reported IPs

14.207.7.244	14.207.7.47	14.207.7.65	14.207.7.52
14.207.7.60	14.207.7.75	14.207.7.77	14.207.7.83
14.207.7.81	14.207.7.73	14.207.7.92	14.207.7.9
14.207.7.89	14.207.70.121	14.207.70.174	14.207.7.99
14.207.70.236	14.207.70.173	14.207.70.14	14.207.70.233