120.109.125.53

Basic Info

City: Taipei

Region: Taipei City

Country: Taiwan, China

Internet Service Provider: Ministry of Education Computer Center

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	2019-11-10T07:47:36.251335abusebot-8.cloudsearch.cf sshd\[17118\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pc125053.ocu.edu.tw	2019-11-10 17:25:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.109.125.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48475
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.109.125.53.			IN	A

;; AUTHORITY SECTION:
.			171	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111000 1800 900 604800 86400

;; Query time: 88 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 10 17:25:11 CST 2019
;; MSG SIZE  rcvd: 118

Host info

53.125.109.120.in-addr.arpa domain name pointer pc125053.ocu.edu.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
53.125.109.120.in-addr.arpa	name = pc125053.ocu.edu.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
191.53.252.76	attackspam	$f2bV_matches	2019-08-02 13:23:44
170.231.94.138	attackspam	Try access to SMTP/POP/IMAP server.	2019-08-02 13:23:03
197.98.180.107	attackspam	197.98.180.107 has been banned for [spam] ...	2019-08-02 13:13:31
118.24.246.208	attackspambots	Automatic report - Banned IP Access	2019-08-02 13:08:04
103.8.149.78	attackbots	Aug 2 06:32:55 nextcloud sshd\[25747\]: Invalid user mongodb from 103.8.149.78 Aug 2 06:32:55 nextcloud sshd\[25747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.8.149.78 Aug 2 06:32:57 nextcloud sshd\[25747\]: Failed password for invalid user mongodb from 103.8.149.78 port 37697 ssh2 ...	2019-08-02 13:47:05
217.61.6.112	attackbotsspam	Jul 31 17:57:46 mx-in-01 sshd[23634]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.6.112 user=r.r Jul 31 17:57:48 mx-in-01 sshd[23634]: Failed password for r.r from 217.61.6.112 port 50922 ssh2 Jul 31 17:57:48 mx-in-01 sshd[23634]: Received disconnect from 217.61.6.112 port 50922:11: Bye Bye [preauth] Jul 31 17:57:48 mx-in-01 sshd[23634]: Disconnected from 217.61.6.112 port 50922 [preauth] Jul 31 18:09:48 mx-in-01 sshd[24148]: Invalid user sma from 217.61.6.112 port 55908 Jul 31 18:09:48 mx-in-01 sshd[24148]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.61.6.112 Jul 31 18:09:50 mx-in-01 sshd[24148]: Failed password for invalid user sma from 217.61.6.112 port 55908 ssh2 Jul 31 18:09:50 mx-in-01 sshd[24148]: Received disconnect from 217.61.6.112 port 55908:11: Bye Bye [preauth] Jul 31 18:09:50 mx-in-01 sshd[24148]: Disconnected from 217.61.6.112 port 55908 [preauth] Jul 31 18........ -------------------------------	2019-08-02 13:22:11
203.99.110.214	attackspam	2019-08-01 18:17:24 H=(losthighways.it) [203.99.110.214]:33356 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-08-01 18:17:25 H=(losthighways.it) [203.99.110.214]:33356 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBLCSS) 2019-08-01 18:17:27 H=(losthighways.it) [203.99.110.214]:33356 I=[192.147.25.65]:25 F= rejected RCPT : RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.3, 127.0.0.4) (https://www.spamhaus.org/sbl/query/SBLCSS) ...	2019-08-02 13:24:44
157.230.251.89	attackbotsspam	Jul 30 08:25:17 xxx sshd[21695]: Invalid user testing from 157.230.251.89 Jul 30 08:25:19 xxx sshd[21695]: Failed password for invalid user testing from 157.230.251.89 port 48844 ssh2 Jul 30 08:34:18 xxx sshd[22431]: Invalid user sss from 157.230.251.89 Jul 30 08:34:21 xxx sshd[22431]: Failed password for invalid user sss from 157.230.251.89 port 57462 ssh2 Jul 30 08:39:33 xxx sshd[22995]: Failed password for r.r from 157.230.251.89 port 54760 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=157.230.251.89	2019-08-02 12:54:22
112.73.93.180	attack	Aug 2 07:34:45 site1 sshd\[50725\]: Address 112.73.93.180 maps to ns1.eflydns.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 2 07:34:45 site1 sshd\[50725\]: Invalid user rodica from 112.73.93.180Aug 2 07:34:48 site1 sshd\[50725\]: Failed password for invalid user rodica from 112.73.93.180 port 41162 ssh2Aug 2 07:40:30 site1 sshd\[51501\]: Address 112.73.93.180 maps to ns1.eflydns.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Aug 2 07:40:30 site1 sshd\[51501\]: Invalid user arma3 from 112.73.93.180Aug 2 07:40:32 site1 sshd\[51501\]: Failed password for invalid user arma3 from 112.73.93.180 port 38081 ssh2 ...	2019-08-02 12:55:50
190.119.190.122	attackspam	Brute force attempt	2019-08-02 13:44:16
106.251.118.119	attackspambots	Invalid user mysquel from 106.251.118.119 port 45478	2019-08-02 13:00:06
148.70.26.85	attack	Invalid user steam from 148.70.26.85 port 58910	2019-08-02 13:50:07
49.71.126.169	attack	19/8/1@19:16:59: FAIL: IoT-Telnet address from=49.71.126.169 ...	2019-08-02 13:41:24
144.135.85.184	attackbots	Aug 2 07:30:27 mail sshd[13017]: Invalid user dev from 144.135.85.184 Aug 2 07:30:27 mail sshd[13017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.135.85.184 Aug 2 07:30:27 mail sshd[13017]: Invalid user dev from 144.135.85.184 Aug 2 07:30:29 mail sshd[13017]: Failed password for invalid user dev from 144.135.85.184 port 47026 ssh2 ...	2019-08-02 13:53:38
188.246.236.122	attackbots	Automatic report - Port Scan Attack	2019-08-02 13:18:54

Recently Reported IPs

192.192.125.53	109.6.115.178	167.179.69.206	220.128.228.172
41.76.149.164	79.135.68.2	201.62.44.63	123.20.32.68
52.27.50.232	80.211.31.147	124.244.79.131	120.202.46.181
134.73.51.47	122.10.90.9	36.155.115.95	201.164.255.55
159.203.83.37	51.75.123.107	41.220.143.6	115.198.33.32