14.207.99.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.207.99.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8403
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;14.207.99.6.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 13:46:43 CST 2022
;; MSG SIZE  rcvd: 104

Host info

6.99.207.14.in-addr.arpa domain name pointer mx-ll-14.207.99-6.dynamic.3bb.co.th.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
6.99.207.14.in-addr.arpa	name = mx-ll-14.207.99-6.dynamic.3bb.co.th.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
77.89.228.66	attackspam	srvr1: (mod_security) mod_security (id:920350) triggered by 77.89.228.66 (MD/-/static.77.89.228.66.tmg.md): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/09/11 02:29:01 [error] 12751#0: 27224 [client 77.89.228.66] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159978414175.892027"] [ref "o0,13v21,13"], client: 77.89.228.66, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-09-11 08:47:21
192.35.168.108	attackspam	6443/tcp 11211/tcp 1311/tcp... [2020-07-12/09-10]15pkt,13pt.(tcp)	2020-09-11 08:44:44
185.247.224.21	attack	CMS (WordPress or Joomla) login attempt.	2020-09-11 08:38:28
188.166.159.127	attackbots	2020-09-09T10:16:16.418246hostname sshd[82535]: Failed password for root from 188.166.159.127 port 35992 ssh2 ...	2020-09-11 09:10:40
80.127.116.96	attackbots	80.127.116.96 - - \[10/Sep/2020:18:54:17 +0200\] "GET /index.php\?id=ausland%60%29%2F%2A\&id=%2A%2FWHERE%2F%2A\&id=%2A%2F6977%3D6977%2F%2A\&id=%2A%2FAND%2F%2A\&id=%2A%2F5773%3D%28SELECT%2F%2A\&id=%2A%2F%28CASE%2F%2A\&id=%2A%2FWHEN%2F%2A\&id=%2A%2F%285773%3D5773%29%2F%2A\&id=%2A%2FTHEN%2F%2A\&id=%2A%2F5773%2F%2A\&id=%2A%2FELSE%2F%2A\&id=%2A%2F%28SELECT%2F%2A\&id=%2A%2F8460%2F%2A\&id=%2A%2FUNION%2F%2A\&id=%2A%2FSELECT%2F%2A\&id=%2A%2F3396%29%2F%2A\&id=%2A%2FEND%29%29--%2F%2A\&id=%2A%2FGwgB HTTP/1.1" 200 12305 "http://www.firma-lsf.eu:80/index.php" "Googlebot $compatible Googlebot/2.1 http://www.google.com/bot.html$" ...	2020-09-11 08:37:00
217.27.45.236	attackspam	Lines containing failures of 217.27.45.236 Sep 10 14:42:30 neweola sshd[14168]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.27.45.236 user=r.r Sep 10 14:42:32 neweola sshd[14168]: Failed password for r.r from 217.27.45.236 port 52076 ssh2 Sep 10 14:42:33 neweola sshd[14168]: Connection closed by authenticating user r.r 217.27.45.236 port 52076 [preauth] Sep 10 14:42:33 neweola sshd[14176]: Invalid user ubnt from 217.27.45.236 port 34571 Sep 10 14:42:33 neweola sshd[14176]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.27.45.236 Sep 10 14:42:36 neweola sshd[14176]: Failed password for invalid user ubnt from 217.27.45.236 port 34571 ssh2 Sep 10 14:42:37 neweola sshd[14176]: Connection closed by invalid user ubnt 217.27.45.236 port 34571 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=217.27.45.236	2020-09-11 09:11:32
85.105.185.233	attackspambots	Icarus honeypot on github	2020-09-11 08:31:25
115.165.210.216	attackbots	Unauthorised access (Sep 10) SRC=115.165.210.216 LEN=40 TOS=0x10 PREC=0x40 TTL=47 ID=58243 TCP DPT=23 WINDOW=18924 SYN	2020-09-11 09:09:19
40.113.124.250	attack	WordPress wp-login brute force :: 40.113.124.250 0.108 - [10/Sep/2020:23:24:02 0000] [censored_1] "POST /wp-login.php HTTP/1.1" 200 2414 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" "HTTP/1.1"	2020-09-11 08:33:20
78.96.93.178	attackspambots	2020-09-10T21:55:35.887254mail.broermann.family sshd[13799]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.96.93.178 2020-09-10T21:55:35.883226mail.broermann.family sshd[13799]: Invalid user turbo from 78.96.93.178 port 57952 2020-09-10T21:55:37.942437mail.broermann.family sshd[13799]: Failed password for invalid user turbo from 78.96.93.178 port 57952 ssh2 2020-09-10T21:59:43.764438mail.broermann.family sshd[13924]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.96.93.178 user=root 2020-09-10T21:59:45.197659mail.broermann.family sshd[13924]: Failed password for root from 78.96.93.178 port 45398 ssh2 ...	2020-09-11 08:56:21
115.99.239.68	attackbots	Icarus honeypot on github	2020-09-11 08:52:24
115.99.90.24	attack	Icarus honeypot on github	2020-09-11 09:01:39
45.148.10.186	attack	port	2020-09-11 08:44:10
125.142.85.137	attack	Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:35 marvibiene sshd[60916]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.142.85.137 Sep 10 18:23:34 marvibiene sshd[60916]: Invalid user admin from 125.142.85.137 port 37398 Sep 10 18:23:37 marvibiene sshd[60916]: Failed password for invalid user admin from 125.142.85.137 port 37398 ssh2	2020-09-11 09:04:41
185.247.224.23	attackspam	185.247.224.23 - - \[10/Sep/2020:23:03:03 +0200\] "GET /index.php\?id=ausland%22%29%2F%2A\&id=%2A%2FAND%2F%2A\&id=%2A%2FEXP%28\~%28SELECT%2F%2A\&id=%2A%2F%2A%2F%2A\&id=%2A%2FFROM%2F%2A\&id=%2A%2F%28SELECT%2F%2A\&id=%2A%2FCONCAT%280x7178716b71\&id=%28SELECT%2F%2A\&id=%2A%2F%28ELT%283724%3D3724\&id=1%29%29%29\&id=0x7162717171\&id=0x78%29%29x%29%29%2F%2A\&id=%2A%2FAND%2F%2A\&id=%2A%2F%28%22FRTX%22%2F%2A\&id=%2A%2FLIKE%2F%2A\&id=%2A%2F%22FRTX HTTP/1.1" 200 12305 "http://www.firma-lsf.eu:80/index.php" "Googlebot $compatible Googlebot/2.1 http://www.google.com/bot.html$" ...	2020-09-11 09:08:07

Recently Reported IPs

14.209.192.105	14.207.99.32	14.209.192.113	14.209.192.126
14.209.192.189	14.209.192.68	14.209.192.154	14.209.192.202
14.209.192.136	14.209.192.75	14.209.192.147	14.209.192.83
14.209.192.230	11.2.104.169	14.21.196.93	14.209.38.132
14.21.136.207	14.21.202.234	14.21.210.198	14.21.198.159