14.34.6.81 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea (the Republic of)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
14.34.6.69	attackbots	Sep 10 04:24:33 XXX sshd[21347]: User r.r from 14.34.6.69 not allowed because none of user's groups are listed in AllowGroups Sep 10 04:24:34 XXX sshd[21347]: Connection closed by 14.34.6.69 [preauth] Sep 10 04:24:38 XXX sshd[21349]: Invalid user jenkins from 14.34.6.69 Sep 10 04:24:38 XXX sshd[21349]: Connection closed by 14.34.6.69 [preauth] Sep 10 04:24:43 XXX sshd[21351]: Invalid user test from 14.34.6.69 Sep 10 04:24:44 XXX sshd[21351]: Connection closed by 14.34.6.69 [preauth] Sep 10 04:24:48 XXX sshd[21353]: Invalid user test from 14.34.6.69 Sep 10 04:24:49 XXX sshd[21353]: Connection closed by 14.34.6.69 [preauth] Sep 10 04:24:55 XXX sshd[21355]: User r.r from 14.34.6.69 not allowed because none of user's groups are listed in AllowGroups Sep 10 04:24:56 XXX sshd[21355]: Connection closed by 14.34.6.69 [preauth] Sep 10 04:25:00 XXX sshd[21357]: Invalid user admin from 14.34.6.69 Sep 10 04:25:01 XXX sshd[21357]: Connection closed by 14.34.6.69 [preauth] ........ ---------------------------------------	2020-09-11 00:46:54
14.34.6.69	attackbotsspam	Scanning	2020-09-10 16:05:55
14.34.6.69	attackspam	Failed password for invalid user from 14.34.6.69 port 56481 ssh2	2020-09-10 06:45:52
14.34.61.68	attackspambots	Unauthorized connection attempt detected from IP address 14.34.61.68 to port 23 [J]	2020-03-01 03:54:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.34.6.81
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46336
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;14.34.6.81.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023052400 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 24 15:20:25 CST 2023
;; MSG SIZE  rcvd: 103

Host info

Host 81.6.34.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 81.6.34.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
216.244.66.237	attack	[Sat Apr 25 10:55:32.426174 2020] [:error] [pid 12868:tid 140048390907648] [client 216.244.66.237:38456] [client 216.244.66.237] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "staklim-malang.info"] [uri "/index.php/prakiraan-iklim/agroklimatologi/kalender-tanam/844-kalender-tanam-katam-terpadu-pulau-jawa/kalender-tanam-katam-terpadu-provinsi-jawa-timur/kalender-tanam-katam-terpadu-kabupaten-madiun/kalender-tanam-katam-terpadu-kecamatan-balerejo-kabupaten-madiun/ka ...	2020-04-25 14:58:14
80.82.70.118	attack	MultiHost/MultiPort Probe, Scan, Hack -	2020-04-25 15:36:43
159.65.35.14	attackbotsspam	Apr 25 08:45:42 server sshd[60375]: Failed password for invalid user adelina from 159.65.35.14 port 55710 ssh2 Apr 25 08:58:34 server sshd[1974]: Failed password for invalid user bsnl from 159.65.35.14 port 53264 ssh2 Apr 25 09:03:18 server sshd[4445]: Failed password for invalid user team2 from 159.65.35.14 port 38828 ssh2	2020-04-25 15:28:50
36.67.81.7	attackbots	2020-04-25 05:55:50,732 fail2ban.actions [22360]: NOTICE [sshd] Ban 36.67.81.7 2020-04-25 06:30:54,586 fail2ban.actions [22360]: NOTICE [sshd] Ban 36.67.81.7 2020-04-25 07:11:13,874 fail2ban.actions [22360]: NOTICE [sshd] Ban 36.67.81.7 2020-04-25 07:47:19,231 fail2ban.actions [22360]: NOTICE [sshd] Ban 36.67.81.7 2020-04-25 08:23:54,141 fail2ban.actions [22360]: NOTICE [sshd] Ban 36.67.81.7 ...	2020-04-25 14:59:48
36.91.151.2	attack	[Sat Apr 25 10:55:31.925710 2020] [:error] [pid 12896:tid 140048449656576] [client 36.91.151.2:51020] [client 36.91.151.2] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 500 found within RESPONSE_STATUS: 500"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/tugas-dan-wilayah-kerja"] [unique_id "XqO0rVqy6aEM-Aql8DvToAAAAQM"], referer: https://www.google.com/ ...	2020-04-25 14:59:13
196.52.43.121	attackspam	Unauthorized connection attempt IP: 196.52.43.121 Ports affected IMAP over TLS protocol (993) Abuse Confidence rating 100% Found in DNSBL('s) ASN Details AS60781 LeaseWeb Netherlands B.V. South Africa (ZA) CIDR 196.52.43.0/24 Log Date: 25/04/2020 4:41:31 AM UTC	2020-04-25 15:19:25
139.193.60.188	attackbotsspam	xmlrpc attack	2020-04-25 15:36:26
148.72.207.250	attackspam	US - - [24/Apr/2020:21:26:37 +0300] POST /wp-login.php HTTP/1.1 200 4865 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 15:09:21
51.38.235.100	attackspam	Invalid user docker from 51.38.235.100 port 34092	2020-04-25 15:25:08
106.12.93.251	attack	Invalid user postgres from 106.12.93.251 port 45270	2020-04-25 15:02:24
125.132.224.207	attackbots	nft/Honeypot/1180/38cdf	2020-04-25 15:02:06
222.186.15.115	attackbotsspam	2020-04-25T09:21:53.045364vps773228.ovh.net sshd[13158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root 2020-04-25T09:21:54.876825vps773228.ovh.net sshd[13158]: Failed password for root from 222.186.15.115 port 27653 ssh2 2020-04-25T09:21:53.045364vps773228.ovh.net sshd[13158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.115 user=root 2020-04-25T09:21:54.876825vps773228.ovh.net sshd[13158]: Failed password for root from 222.186.15.115 port 27653 ssh2 2020-04-25T09:21:58.021069vps773228.ovh.net sshd[13158]: Failed password for root from 222.186.15.115 port 27653 ssh2 ...	2020-04-25 15:23:11
170.130.187.50	attackspambots	Port 3389 (MS RDP) access denied	2020-04-25 15:18:24
88.156.122.72	attack	Apr 25 08:29:27 server sshd[21298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=88.156.122.72 Apr 25 08:29:29 server sshd[21298]: Failed password for invalid user ciserve from 88.156.122.72 port 34634 ssh2 Apr 25 08:35:49 server sshd[21933]: Failed password for mysql from 88.156.122.72 port 47716 ssh2 ...	2020-04-25 15:24:12
189.125.93.48	attack	Wordpress malicious attack:[sshd]	2020-04-25 15:08:17

Recently Reported IPs

94.157.243.143	194.11.255.80	243.7.227.30	101.65.178.207
225.60.17.182	23.220.60.45	137.153.132.64	5.218.133.46
27.40.109.75	181.90.158.68	47.151.53.187	22.0.83.51
255.71.255.30	49.164.186.103	177.9.70.91	211.20.50.79
84.15.90.99	64.185.2.195	67.45.190.244	180.70.27.2