14.84.148.30 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: South Korea

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.84.148.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35448
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;14.84.148.30.			IN	A

;; AUTHORITY SECTION:
.			494	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102801 1800 900 604800 86400

;; Query time: 95 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Oct 29 03:33:46 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 30.148.84.14.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 30.148.84.14.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.118.144.77	attack	45.118.144.77 - - [03/Oct/2020:11:39:58 +0100] "POST /wp-login.php HTTP/1.1" 200 2604 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.118.144.77 - - [03/Oct/2020:11:40:01 +0100] "POST /wp-login.php HTTP/1.1" 200 2580 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 45.118.144.77 - - [03/Oct/2020:11:40:02 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-10-03 19:10:47
157.245.244.212	attackbots	SSH brute-force attack detected from [157.245.244.212]	2020-10-03 19:36:59
58.214.11.123	attackspam	Port scan: Attack repeated for 24 hours	2020-10-03 19:02:42
177.134.170.38	attack	Oct 3 09:32:58 scw-gallant-ride sshd[10713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.134.170.38	2020-10-03 19:41:40
210.242.52.28	attackspam	(sshd) Failed SSH login from 210.242.52.28 (TW/Taiwan/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 3 07:42:08 server2 sshd[17003]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.242.52.28 user=mysql Oct 3 07:42:11 server2 sshd[17003]: Failed password for mysql from 210.242.52.28 port 59731 ssh2 Oct 3 07:50:25 server2 sshd[18350]: Invalid user ubuntu from 210.242.52.28 port 33464 Oct 3 07:50:27 server2 sshd[18350]: Failed password for invalid user ubuntu from 210.242.52.28 port 33464 ssh2 Oct 3 07:52:23 server2 sshd[18683]: Invalid user deploy from 210.242.52.28 port 3517	2020-10-03 19:28:26
178.128.98.193	attack	Oct 3 10:12:07 ip-172-31-42-142 sshd\[28715\]: Invalid user test123 from 178.128.98.193\ Oct 3 10:12:09 ip-172-31-42-142 sshd\[28715\]: Failed password for invalid user test123 from 178.128.98.193 port 60248 ssh2\ Oct 3 10:16:17 ip-172-31-42-142 sshd\[28775\]: Invalid user sinusbot from 178.128.98.193\ Oct 3 10:16:18 ip-172-31-42-142 sshd\[28775\]: Failed password for invalid user sinusbot from 178.128.98.193 port 40018 ssh2\ Oct 3 10:20:17 ip-172-31-42-142 sshd\[28804\]: Failed password for root from 178.128.98.193 port 48010 ssh2\	2020-10-03 19:22:30
176.165.48.246	attack	Oct 2 22:21:56 web1 sshd\[24816\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.165.48.246 user=root Oct 2 22:21:59 web1 sshd\[24816\]: Failed password for root from 176.165.48.246 port 52324 ssh2 Oct 2 22:25:17 web1 sshd\[25148\]: Invalid user tania from 176.165.48.246 Oct 2 22:25:17 web1 sshd\[25148\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.165.48.246 Oct 2 22:25:19 web1 sshd\[25148\]: Failed password for invalid user tania from 176.165.48.246 port 51022 ssh2	2020-10-03 19:22:01
142.44.170.9	attackbots	SpamScore above: 10.0	2020-10-03 19:02:16
116.24.67.158	attackbots	SSH_attack	2020-10-03 19:06:22
123.206.62.112	attack	Invalid user student from 123.206.62.112 port 54136	2020-10-03 19:12:58
67.205.141.165	attackspambots	27090/tcp 14680/tcp 17812/tcp... [2020-08-30/10-03]80pkt,27pt.(tcp)	2020-10-03 19:37:12
192.241.239.179	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-10-03 19:43:12
78.161.82.194	attackbots	SSH bruteforce	2020-10-03 19:07:17
190.202.124.93	attackspambots	Oct 3 13:03:42 ns381471 sshd[7566]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.202.124.93 Oct 3 13:03:44 ns381471 sshd[7566]: Failed password for invalid user zhanglei from 190.202.124.93 port 39110 ssh2	2020-10-03 19:15:59
162.142.125.50	attack	[Sat Oct 03 17:47:25.195961 2020] [:error] [pid 10959:tid 140392171284224] [client 162.142.125.50:38322] [client 162.142.125.50] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "756"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197:80"] [severity "WARNING"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "X3hWveXmh9WfvxChEP5EpgAAAGA"] ...	2020-10-03 19:30:06

Recently Reported IPs

113.41.107.70	235.27.43.249	217.68.214.155	165.27.234.187
111.148.231.234	229.24.154.123	134.50.192.130	60.177.21.44
240.9.149.73	80.18.53.21	156.224.182.237	223.32.110.38
86.216.233.62	60.219.125.113	167.71.86.42	60.127.224.183
68.183.114.226	139.211.213.113	80.104.213.230	116.107.213.159