140.113.124.197

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.113.124.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;140.113.124.197.		IN	A

;; AUTHORITY SECTION:
.			450	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2023062800 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jun 28 19:51:20 CST 2023
;; MSG SIZE  rcvd: 108

Host info

197.124.113.140.in-addr.arpa domain name pointer 140-113-124-197.Dorm7.NCTU.edu.tw.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
197.124.113.140.in-addr.arpa	name = 140-113-124-197.Dorm7.NCTU.edu.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.180.224.130	attack	Sep 6 02:16:36 dns1 sshd[28507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130 Sep 6 02:16:36 dns1 sshd[28506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.180.224.130	2020-09-06 13:23:51
222.186.15.62	attackspam	Sep 6 15:02:40 localhost sshd[10987]: Disconnected from 222.186.15.62 port 58979 [preauth] ...	2020-09-06 13:12:35
45.142.120.89	attackbots	2020-09-05T22:58:13.205066linuxbox-skyline auth[107750]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=minerva rhost=45.142.120.89 ...	2020-09-06 13:15:36
112.85.42.232	attackspam	Sep 6 04:55:14 home sshd[922904]: Failed password for root from 112.85.42.232 port 23848 ssh2 Sep 6 04:56:17 home sshd[923010]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root Sep 6 04:56:19 home sshd[923010]: Failed password for root from 112.85.42.232 port 14691 ssh2 Sep 6 04:57:20 home sshd[923108]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.232 user=root Sep 6 04:57:22 home sshd[923108]: Failed password for root from 112.85.42.232 port 45949 ssh2 ...	2020-09-06 13:18:00
5.188.206.194	attackspam	Sep 6 07:07:30 relay postfix/smtpd\[31425\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 07:07:52 relay postfix/smtpd\[31425\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 07:09:59 relay postfix/smtpd\[31424\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 07:10:21 relay postfix/smtpd\[31423\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 6 07:16:10 relay postfix/smtpd\[13250\]: warning: unknown\[5.188.206.194\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-06 13:19:09
61.177.172.128	attackbots	Sep 6 07:01:22 nextcloud sshd\[9807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.128 user=root Sep 6 07:01:24 nextcloud sshd\[9807\]: Failed password for root from 61.177.172.128 port 53255 ssh2 Sep 6 07:01:38 nextcloud sshd\[9807\]: Failed password for root from 61.177.172.128 port 53255 ssh2	2020-09-06 13:02:01
67.205.162.223	attackbotsspam	TCP (SYN) 67.205.162.223:58529 -> port 26091, len 44	2020-09-06 13:16:07
222.186.169.194	attackbots	$f2bV_matches	2020-09-06 13:23:09
61.177.172.168	attack	Sep 6 07:24:01 plg sshd[12098]: Failed none for invalid user root from 61.177.172.168 port 52973 ssh2 Sep 6 07:24:01 plg sshd[12098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root Sep 6 07:24:03 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2 Sep 6 07:24:07 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2 Sep 6 07:24:11 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2 Sep 6 07:24:14 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2 Sep 6 07:24:19 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2 Sep 6 07:24:19 plg sshd[12098]: error: maximum authentication attempts exceeded for invalid user root from 61.177.172.168 port 52973 ssh2 [preauth] ...	2020-09-06 13:26:11
138.122.97.118	attackbots	Sep 5 16:17:25 mailman postfix/smtpd[11570]: warning: unknown[138.122.97.118]: SASL PLAIN authentication failed: authentication failure	2020-09-06 13:05:22
211.142.26.106	attackspam	Sep 5 23:35:00 ip106 sshd[8913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.142.26.106 Sep 5 23:35:02 ip106 sshd[8913]: Failed password for invalid user carter from 211.142.26.106 port 8393 ssh2 ...	2020-09-06 13:30:43
107.189.11.163	attack	Dovecot Invalid User Login Attempt.	2020-09-06 13:20:51
162.214.111.167	attackspambots	TCP (SYN) 162.214.111.167:45179 -> port 2152, len 44	2020-09-06 13:04:21
222.186.175.182	attackbots	Sep 6 06:55:02 PorscheCustomer sshd[17653]: Failed password for root from 222.186.175.182 port 55638 ssh2 Sep 6 06:55:05 PorscheCustomer sshd[17653]: Failed password for root from 222.186.175.182 port 55638 ssh2 Sep 6 06:55:09 PorscheCustomer sshd[17653]: Failed password for root from 222.186.175.182 port 55638 ssh2 Sep 6 06:55:12 PorscheCustomer sshd[17653]: Failed password for root from 222.186.175.182 port 55638 ssh2 ...	2020-09-06 13:10:13
165.90.3.122	attack	[Sun Sep 06 03:13:25.153543 2020] [:error] [pid 2754:tid 140397330274048] [client 165.90.3.122:65500] [client 165.90.3.122] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "X1PxZdlmuncnyx65RuMHlQAAAGU"] ...	2020-09-06 13:06:58

Recently Reported IPs

18.49.3.151	140.123.103.149	140.116.1.143	147.46.114.108
117.121.49.69	140.116.16.228	171.67.70.75	140.116.112.249
140.130.7.10	140.116.208.144	134.208.228.179	140.116.61.210
13.107.160.201	140.116.164.143	202.169.175.130	193.191.132.6
61.56.4.233	95.87.159.103	65.55.117.41	195.130.117.33