211.107.14.12 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Korea (Republic of)

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	06/27/2020-08:19:22.105972 211.107.14.12 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-27 23:49:17

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.107.14.12
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63621
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.107.14.12.			IN	A

;; AUTHORITY SECTION:
.			284	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062700 1800 900 604800 86400

;; Query time: 123 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jun 27 23:49:13 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 12.14.107.211.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 12.14.107.211.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.184.174	attackspam	Feb 21 10:58:18 MK-Soft-VM3 sshd[25188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.184.174 Feb 21 10:58:20 MK-Soft-VM3 sshd[25188]: Failed password for invalid user hadoop from 106.13.184.174 port 39120 ssh2 ...	2020-02-21 18:08:42
5.29.191.195	attackbots	Feb 20 22:14:03 kapalua sshd\[15474\]: Invalid user debian from 5.29.191.195 Feb 20 22:14:03 kapalua sshd\[15474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.29.191.195 Feb 20 22:14:06 kapalua sshd\[15474\]: Failed password for invalid user debian from 5.29.191.195 port 46960 ssh2 Feb 20 22:21:47 kapalua sshd\[16060\]: Invalid user eisp from 5.29.191.195 Feb 20 22:21:47 kapalua sshd\[16060\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.29.191.195	2020-02-21 18:08:18
203.160.163.194	attack	1582260695 - 02/21/2020 05:51:35 Host: 203.160.163.194/203.160.163.194 Port: 445 TCP Blocked	2020-02-21 18:11:33
49.207.4.45	attack	Invalid user pi from 49.207.4.45 port 42342	2020-02-21 18:10:41
37.114.180.84	attack	Feb 21 05:50:32 Ubuntu-1404-trusty-64-minimal sshd\[12376\]: Invalid user admin from 37.114.180.84 Feb 21 05:50:32 Ubuntu-1404-trusty-64-minimal sshd\[12376\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.180.84 Feb 21 05:50:34 Ubuntu-1404-trusty-64-minimal sshd\[12376\]: Failed password for invalid user admin from 37.114.180.84 port 40968 ssh2 Feb 21 05:50:36 Ubuntu-1404-trusty-64-minimal sshd\[12397\]: Invalid user admin from 37.114.180.84 Feb 21 05:50:36 Ubuntu-1404-trusty-64-minimal sshd\[12397\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.114.180.84	2020-02-21 18:40:22
159.65.109.148	attackspambots	Feb 21 05:51:29 odroid64 sshd\[4435\]: Invalid user test1 from 159.65.109.148 Feb 21 05:51:29 odroid64 sshd\[4435\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.109.148 ...	2020-02-21 18:15:25
116.218.131.185	attackspam	Lines containing failures of 116.218.131.185 Feb 21 05:47:23 shared10 sshd[6042]: Invalid user ubuntu from 116.218.131.185 port 20124 Feb 21 05:47:23 shared10 sshd[6042]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.218.131.185 Feb 21 05:47:24 shared10 sshd[6042]: Failed password for invalid user ubuntu from 116.218.131.185 port 20124 ssh2 Feb 21 05:47:25 shared10 sshd[6042]: Received disconnect from 116.218.131.185 port 20124:11: Bye Bye [preauth] Feb 21 05:47:25 shared10 sshd[6042]: Disconnected from invalid user ubuntu 116.218.131.185 port 20124 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=116.218.131.185	2020-02-21 18:31:25
122.51.71.156	attack	Feb 21 08:24:35 lnxded64 sshd[11664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.71.156	2020-02-21 18:13:15
54.183.29.236	attackspambots	Unauthorized access to SSH at 21/Feb/2020:09:17:55 +0000. Received: (SSH-2.0-paramiko_2.1.3)	2020-02-21 18:20:36
178.62.23.60	attackbotsspam	$f2bV_matches	2020-02-21 18:17:17
157.230.16.157	attackspambots	[munged]::443 157.230.16.157 - - [21/Feb/2020:09:23:27 +0100] "POST /[munged]: HTTP/1.1" 200 9081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 157.230.16.157 - - [21/Feb/2020:09:23:30 +0100] "POST /[munged]: HTTP/1.1" 200 9081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 157.230.16.157 - - [21/Feb/2020:09:23:34 +0100] "POST /[munged]: HTTP/1.1" 200 9081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 157.230.16.157 - - [21/Feb/2020:09:23:37 +0100] "POST /[munged]: HTTP/1.1" 200 9081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 157.230.16.157 - - [21/Feb/2020:09:23:40 +0100] "POST /[munged]: HTTP/1.1" 200 9081 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" [munged]::443 157.230.16.157 - - [21/Feb/2020:09:23:43 +0100] "POST /[munged]: HTTP/1.1" 200 9081 "-" "Mozilla/5.0 (X11	2020-02-21 18:37:11
54.36.182.244	attack	2020-02-21T11:18:46.175831 sshd[10820]: Invalid user live from 54.36.182.244 port 60359 2020-02-21T11:18:46.186882 sshd[10820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.182.244 2020-02-21T11:18:46.175831 sshd[10820]: Invalid user live from 54.36.182.244 port 60359 2020-02-21T11:18:48.558975 sshd[10820]: Failed password for invalid user live from 54.36.182.244 port 60359 ssh2 ...	2020-02-21 18:25:57
67.143.176.97	attackbotsspam	Brute forcing email accounts	2020-02-21 18:12:15
188.243.100.4	attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-02-21 18:35:22
177.86.181.210	attackspambots	Autoban 177.86.181.210 AUTH/CONNECT	2020-02-21 18:35:07

Recently Reported IPs

83.114.45.79	177.101.133.35	124.123.254.223	99.16.84.67
94.142.239.100	176.99.9.148	112.196.9.88	167.86.85.194
187.40.30.123	218.76.101.25	105.112.46.161	31.146.102.123
122.241.227.25	182.127.20.130	183.89.211.2	88.230.185.23
95.68.118.133	192.99.5.228	52.247.106.200	105.101.95.168