140.136.147.92

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: MOEC

Hostname: unknown

Organization: Fu Jen Catholic University

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Aug 28 09:22:03 hiderm sshd\[15787\]: Invalid user nagios from 140.136.147.92 Aug 28 09:22:03 hiderm sshd\[15787\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw Aug 28 09:22:05 hiderm sshd\[15787\]: Failed password for invalid user nagios from 140.136.147.92 port 39980 ssh2 Aug 28 09:26:34 hiderm sshd\[16172\]: Invalid user inactive from 140.136.147.92 Aug 28 09:26:34 hiderm sshd\[16172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw	2019-08-29 03:32:04
attackbotsspam	Aug 22 02:37:06 auw2 sshd\[12913\]: Invalid user user from 140.136.147.92 Aug 22 02:37:06 auw2 sshd\[12913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw Aug 22 02:37:08 auw2 sshd\[12913\]: Failed password for invalid user user from 140.136.147.92 port 53244 ssh2 Aug 22 02:42:02 auw2 sshd\[13472\]: Invalid user pc01 from 140.136.147.92 Aug 22 02:42:02 auw2 sshd\[13472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw	2019-08-23 01:34:12

Type

Details

Datetime

attackbotsspam

Aug 28 09:22:03 hiderm sshd\[15787\]: Invalid user nagios from 140.136.147.92
Aug 28 09:22:03 hiderm sshd\[15787\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw
Aug 28 09:22:05 hiderm sshd\[15787\]: Failed password for invalid user nagios from 140.136.147.92 port 39980 ssh2
Aug 28 09:26:34 hiderm sshd\[16172\]: Invalid user inactive from 140.136.147.92
Aug 28 09:26:34 hiderm sshd\[16172\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw

2019-08-29 03:32:04

attackbotsspam

Aug 22 02:37:06 auw2 sshd\[12913\]: Invalid user user from 140.136.147.92
Aug 22 02:37:06 auw2 sshd\[12913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw
Aug 22 02:37:08 auw2 sshd\[12913\]: Failed password for invalid user user from 140.136.147.92 port 53244 ssh2
Aug 22 02:42:02 auw2 sshd\[13472\]: Invalid user pc01 from 140.136.147.92
Aug 22 02:42:02 auw2 sshd\[13472\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=850-92.ee.fju.edu.tw

2019-08-23 01:34:12

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 140.136.147.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11658
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;140.136.147.92.			IN	A

;; AUTHORITY SECTION:
.			2365	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082200 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 01:34:00 CST 2019
;; MSG SIZE  rcvd: 118

Host info

92.147.136.140.in-addr.arpa domain name pointer 850-92.ee.fju.edu.tw.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
92.147.136.140.in-addr.arpa	name = 850-92.ee.fju.edu.tw.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.216	attackspam	$f2bV_matches	2019-10-02 05:44:35
207.180.214.168	attackbotsspam	Oct 1 17:43:47 Http-D proftpd[1559]: 2019-10-01 17:43:47,075 Http-D proftpd[21780] 192.168.178.86 (207.180.214.168[207.180.214.168]): USER digi-trolley: no such user found from 207.180.214.168 [207.180.214.168] to 192.168.178.86:21 Oct 1 17:43:48 Http-D proftpd[1559]: 2019-10-01 17:43:48,179 Http-D proftpd[21783] 192.168.178.86 (207.180.214.168[207.180.214.168]): USER admin: no such user found from 207.180.214.168 [207.180.214.168] to 192.168.178.86:21 Oct 1 23:04:32 Http-D proftpd[1559]: 2019-10-01 23:04:32,641 Http-D proftpd[4155] 192.168.178.86 (207.180.214.168[207.180.214.168]): USER o-bus: no such user found from 207.180.214.168 [207.180.214.168] to 192.168.178.86:21	2019-10-02 06:06:09
45.142.195.5	attackspambots	Oct 1 23:08:49 mail postfix/smtpd\[24567\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 1 23:09:32 mail postfix/smtpd\[24783\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 1 23:39:43 mail postfix/smtpd\[26015\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Oct 1 23:40:14 mail postfix/smtpd\[24783\]: warning: unknown\[45.142.195.5\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-10-02 05:57:33
52.34.76.65	attackbots	Fail2Ban Ban Triggered	2019-10-02 05:37:55
5.1.88.50	attackspambots	Oct 1 22:43:10 mail sshd[13608]: Invalid user oracld from 5.1.88.50 Oct 1 22:43:10 mail sshd[13608]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.1.88.50 Oct 1 22:43:10 mail sshd[13608]: Invalid user oracld from 5.1.88.50 Oct 1 22:43:12 mail sshd[13608]: Failed password for invalid user oracld from 5.1.88.50 port 58036 ssh2 Oct 1 23:04:55 mail sshd[16259]: Invalid user server from 5.1.88.50 ...	2019-10-02 05:51:28
95.238.211.79	attackbotsspam	BURG,WP GET /wp-login.php	2019-10-02 05:44:06
106.13.82.49	attackspam	Oct 1 23:48:16 localhost sshd\[20670\]: Invalid user minecraft from 106.13.82.49 port 60446 Oct 1 23:48:16 localhost sshd\[20670\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.82.49 Oct 1 23:48:17 localhost sshd\[20670\]: Failed password for invalid user minecraft from 106.13.82.49 port 60446 ssh2	2019-10-02 06:03:16
94.248.184.21	attackspam	ENG,WP GET /wp-login.php	2019-10-02 05:50:57
46.38.144.146	attack	Oct 1 23:38:45 webserver postfix/smtpd\[32442\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 23:40:34 webserver postfix/smtpd\[32442\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 23:42:18 webserver postfix/smtpd\[32442\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 23:44:13 webserver postfix/smtpd\[32442\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 1 23:46:03 webserver postfix/smtpd\[32442\]: warning: unknown\[46.38.144.146\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-10-02 05:46:09
62.234.152.218	attack	Oct 1 11:51:11 php1 sshd\[4195\]: Invalid user wuhao from 62.234.152.218 Oct 1 11:51:11 php1 sshd\[4195\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.152.218 Oct 1 11:51:13 php1 sshd\[4195\]: Failed password for invalid user wuhao from 62.234.152.218 port 36075 ssh2 Oct 1 11:55:20 php1 sshd\[4542\]: Invalid user coen from 62.234.152.218 Oct 1 11:55:20 php1 sshd\[4542\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.152.218	2019-10-02 05:57:04
45.55.222.162	attackbotsspam	2019-10-01T21:44:49.248193shield sshd\[26519\]: Invalid user todd from 45.55.222.162 port 40002 2019-10-01T21:44:49.252474shield sshd\[26519\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 2019-10-01T21:44:51.813679shield sshd\[26519\]: Failed password for invalid user todd from 45.55.222.162 port 40002 ssh2 2019-10-01T21:48:28.746760shield sshd\[26906\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.222.162 user=sshd 2019-10-01T21:48:30.705777shield sshd\[26906\]: Failed password for sshd from 45.55.222.162 port 52292 ssh2	2019-10-02 05:53:33
111.198.29.223	attackspam	Oct 1 23:32:16 markkoudstaal sshd[6521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.198.29.223 Oct 1 23:32:19 markkoudstaal sshd[6521]: Failed password for invalid user comerce from 111.198.29.223 port 1654 ssh2 Oct 1 23:36:13 markkoudstaal sshd[6822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.198.29.223	2019-10-02 05:41:10
112.216.39.29	attack	2019-10-01T17:39:45.4252921495-001 sshd\[57738\]: Invalid user cic from 112.216.39.29 port 47030 2019-10-01T17:39:45.4336891495-001 sshd\[57738\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.216.39.29 2019-10-01T17:39:47.2623991495-001 sshd\[57738\]: Failed password for invalid user cic from 112.216.39.29 port 47030 ssh2 2019-10-01T17:43:55.9484381495-001 sshd\[58039\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.216.39.29 user=root 2019-10-01T17:43:58.4296251495-001 sshd\[58039\]: Failed password for root from 112.216.39.29 port 59046 ssh2 2019-10-01T17:48:08.1443411495-001 sshd\[58355\]: Invalid user sales from 112.216.39.29 port 42826 ...	2019-10-02 06:06:21
95.84.134.5	attackspam	Oct 2 01:06:36 www4 sshd\[38549\]: Invalid user secvpn from 95.84.134.5 Oct 2 01:06:36 www4 sshd\[38549\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.84.134.5 Oct 2 01:06:38 www4 sshd\[38549\]: Failed password for invalid user secvpn from 95.84.134.5 port 48418 ssh2 ...	2019-10-02 06:09:24
168.121.97.68	attack	Automatic report - Port Scan Attack	2019-10-02 06:10:55

Recently Reported IPs

39.40.125.26	148.102.201.252	220.102.249.128	40.170.116.95
218.189.104.144	57.96.230.5	87.214.50.78	137.87.145.237
176.201.229.215	215.61.156.140	88.58.61.98	185.94.84.4
191.147.103.185	97.245.231.57	27.239.225.218	211.7.22.152
199.98.92.196	110.246.241.110	176.69.155.134	163.16.106.13