140.114.75.74 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Republic of China (ROC)

Internet Service Provider: Taiwan Academic Network

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Sep 9 04:32:50 *** sshd[14183]: Invalid user ansibleuser from 140.114.75.74	2019-09-09 20:13:08
attack	Automatic report - SSH Brute-Force Attack	2019-09-08 13:13:03

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.114.75.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4920
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.114.75.74.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090701 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 13:12:52 CST 2019
;; MSG SIZE  rcvd: 117

Host info

74.75.114.140.in-addr.arpa domain name pointer cad74.cs.nthu.edu.tw.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
74.75.114.140.in-addr.arpa	name = cad74.cs.nthu.edu.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
116.113.44.82	attack	$f2bV_matches	2019-11-09 17:15:20
163.172.44.100	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-09 17:05:16
45.125.65.99	attack	\[2019-11-09 04:06:56\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T04:06:56.266-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6227601148343508002",SessionID="0x7fdf2c8a8ab8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/49879",ACLName="no_extension_match" \[2019-11-09 04:07:09\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T04:07:09.261-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6548001148556213011",SessionID="0x7fdf2cd1cd48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/60327",ACLName="no_extension_match" \[2019-11-09 04:07:54\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-09T04:07:54.155-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="6886701148585359060",SessionID="0x7fdf2c473798",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.65.99/62941",ACLNam	2019-11-09 17:18:01
168.232.197.5	attack	2019-11-09T06:26:28.150119homeassistant sshd[19485]: Invalid user zimbra from 168.232.197.5 port 40632 2019-11-09T06:26:28.166307homeassistant sshd[19485]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.232.197.5 ...	2019-11-09 17:06:41
173.201.196.147	attack	Automatic report - XMLRPC Attack	2019-11-09 17:14:27
185.175.93.45	attackspam	Scanning (more than 2 packets) random ports - tries to find possible vulnerable services	2019-11-09 17:09:33
167.114.231.174	attackspam	Nov 9 08:52:57 SilenceServices sshd[22336]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.231.174 Nov 9 08:52:59 SilenceServices sshd[22336]: Failed password for invalid user thebeef from 167.114.231.174 port 50644 ssh2 Nov 9 09:00:51 SilenceServices sshd[24534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.231.174	2019-11-09 16:44:21
106.54.10.188	attack	Nov 7 17:21:35 xm3 sshd[25780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.10.188 user=r.r Nov 7 17:21:38 xm3 sshd[25780]: Failed password for r.r from 106.54.10.188 port 38456 ssh2 Nov 7 17:21:39 xm3 sshd[25780]: Received disconnect from 106.54.10.188: 11: Bye Bye [preauth] Nov 7 17:44:33 xm3 sshd[9200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.10.188 user=r.r Nov 7 17:44:34 xm3 sshd[9200]: Failed password for r.r from 106.54.10.188 port 42000 ssh2 Nov 7 17:44:35 xm3 sshd[9200]: Received disconnect from 106.54.10.188: 11: Bye Bye [preauth] Nov 7 17:48:40 xm3 sshd[18440]: Failed password for invalid user marleth from 106.54.10.188 port 47368 ssh2 Nov 7 17:48:40 xm3 sshd[18440]: Received disconnect from 106.54.10.188: 11: Bye Bye [preauth] Nov 7 17:52:35 xm3 sshd[27968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhos........ -------------------------------	2019-11-09 16:54:51
83.48.101.184	attackspambots	Nov 9 09:02:53 ns381471 sshd[20656]: Failed password for root from 83.48.101.184 port 47380 ssh2	2019-11-09 17:01:38
61.216.15.225	attackspambots	Nov 9 04:29:27 firewall sshd[23253]: Failed password for invalid user fengjian from 61.216.15.225 port 48160 ssh2 Nov 9 04:33:55 firewall sshd[23318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.216.15.225 user=root Nov 9 04:33:57 firewall sshd[23318]: Failed password for root from 61.216.15.225 port 58230 ssh2 ...	2019-11-09 17:02:25
43.240.125.198	attack	SSH invalid-user multiple login try	2019-11-09 16:57:06
113.134.211.228	attack	Nov 9 09:09:33 server sshd\[25005\]: Invalid user demo from 113.134.211.228 Nov 9 09:09:33 server sshd\[25005\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.134.211.228 Nov 9 09:09:35 server sshd\[25005\]: Failed password for invalid user demo from 113.134.211.228 port 35165 ssh2 Nov 9 09:26:10 server sshd\[29483\]: Invalid user cssserver from 113.134.211.228 Nov 9 09:26:10 server sshd\[29483\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.134.211.228 ...	2019-11-09 17:17:02
73.94.192.215	attackspambots	Nov 9 09:43:38 serwer sshd\[28875\]: Invalid user pi from 73.94.192.215 port 57220 Nov 9 09:43:38 serwer sshd\[28875\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.94.192.215 Nov 9 09:43:38 serwer sshd\[28877\]: Invalid user pi from 73.94.192.215 port 57226 Nov 9 09:43:38 serwer sshd\[28877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.94.192.215 ...	2019-11-09 17:07:10
198.23.223.139	attackspam	CloudCIX Reconnaissance Scan Detected, PTR: 198-23-223-139-host.colocrossing.com.	2019-11-09 17:22:23
118.121.201.83	attackbotsspam	2019-11-09T08:42:28.579646abusebot-5.cloudsearch.cf sshd\[10594\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.121.201.83 user=root	2019-11-09 17:09:13

Recently Reported IPs

109.90.180.38	200.76.195.103	113.58.126.45	113.125.41.217
58.7.79.157	168.9.78.222	47.227.20.155	221.215.144.9
82.165.253.46	93.114.66.66	36.248.224.37	149.28.27.139
106.53.86.229	109.36.191.144	46.229.212.250	70.194.232.18
103.0.163.75	110.0.248.131	81.193.43.51	153.129.238.223