城市(city): unknown
省份(region): unknown
国家(country): Hong Kong
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 158.132.0.0 - 158.132.255.255
CIDR: 158.132.0.0/16
NetName: APNIC-ERX-158-132-0-0
NetHandle: NET-158-132-0-0-1
Parent: NET158 (NET-158-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2003-10-15
Updated: 2009-10-08
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/158.132.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '158.132.0.0 - 158.132.255.255'
% Abuse contact for '158.132.0.0 - 158.132.255.255' is 'abuse@polyu.edu.hk'
inetnum: 158.132.0.0 - 158.132.255.255
netname: THKPU-HK
descr: The Hong Kong Polytechnic University
country: HK
org: ORG-THKP2-AP
admin-c: THKP1-AP
tech-c: THKP1-AP
abuse-c: AT1668-AP
status: ALLOCATED PORTABLE
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-THKPU-HK
mnt-routes: MAINT-THKPU-HK
mnt-irt: IRT-THKPU-HK
last-modified: 2022-05-24T00:49:22Z
source: APNIC
irt: IRT-THKPU-HK
address: 11 Yuk Choi Rd, Hung Hom, Hung Hom Kowloon 0000
e-mail: abuse@polyu.edu.hk
abuse-mailbox: abuse@polyu.edu.hk
admin-c: THKP1-AP
tech-c: THKP1-AP
auth: # Filtered
remarks: abuse@polyu.edu.hk was validated on 2026-03-06
mnt-by: MAINT-THKPU-HK
last-modified: 2026-03-06T09:56:34Z
source: APNIC
organisation: ORG-THKP2-AP
org-name: The Hong Kong Polytechnic University
org-type: LIR
country: HK
address: 11 Yuk Choi Rd, Hung Hom
phone: +852-27664566
e-mail: noc.admin@polyu.edu.hk
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2023-09-05T02:18:53Z
source: APNIC
role: ABUSE THKPUHK
country: ZZ
address: 11 Yuk Choi Rd, Hung Hom, Hung Hom Kowloon 0000
phone: +000000000
e-mail: abuse@polyu.edu.hk
admin-c: THKP1-AP
tech-c: THKP1-AP
nic-hdl: AT1668-AP
remarks: Generated from irt object IRT-THKPU-HK
remarks: abuse@polyu.edu.hk was validated on 2026-03-06
abuse-mailbox: abuse@polyu.edu.hk
mnt-by: APNIC-ABUSE
last-modified: 2026-03-06T09:56:52Z
source: APNIC
role: The Hong Kong Polytechnic University administrator
address: 11 Yuk Choi Rd, Hung Hom, Hung Hom Kowloon 0000
country: HK
phone: +852-27664566
e-mail: abuse@polyu.edu.hk
admin-c: THKP1-AP
tech-c: THKP1-AP
nic-hdl: THKP1-AP
mnt-by: MAINT-THKPU-HK
last-modified: 2022-05-24T00:31:59Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.47 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.132.192.233
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34000
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;158.132.192.233. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032901 1800 900 604800 86400
;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 30 12:49:38 CST 2026
;; MSG SIZE rcvd: 108Host 233.192.132.158.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 233.192.132.158.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 176.27.30.237 | attack | 2020-01-02T20:58:39.727779WS-Zach sshd[319948]: User root from 176.27.30.237 not allowed because none of user's groups are listed in AllowGroups 2020-01-02T20:58:40.525015WS-Zach sshd[319948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.27.30.237 user=root 2020-01-02T20:58:39.727779WS-Zach sshd[319948]: User root from 176.27.30.237 not allowed because none of user's groups are listed in AllowGroups 2020-01-02T20:58:42.715720WS-Zach sshd[319948]: Failed password for invalid user root from 176.27.30.237 port 51340 ssh2 2020-01-04T04:32:35.734264WS-Zach sshd[624247]: User root from 176.27.30.237 not allowed because none of user's groups are listed in AllowGroups ... |
2020-01-04 17:35:34 |
| 62.165.30.221 | attackspambots | Jan 4 04:17:42 debian sshd[27780]: Unable to negotiate with 62.165.30.221 port 32718: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Jan 4 04:20:46 debian sshd[27902]: Unable to negotiate with 62.165.30.221 port 51711: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ... |
2020-01-04 17:35:11 |
| 185.176.27.118 | attack | Jan 4 10:32:55 mc1 kernel: \[2289148.796741\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=29417 PROTO=TCP SPT=50222 DPT=51599 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 10:33:00 mc1 kernel: \[2289153.202145\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=39349 PROTO=TCP SPT=46752 DPT=37686 WINDOW=1024 RES=0x00 SYN URGP=0 Jan 4 10:34:40 mc1 kernel: \[2289253.331162\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.118 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=7158 PROTO=TCP SPT=50222 DPT=13122 WINDOW=1024 RES=0x00 SYN URGP=0 ... |
2020-01-04 17:37:31 |
| 103.79.169.7 | attack | Jan 2 03:25:30 nbi-636 sshd[9618]: Invalid user ruan from 103.79.169.7 port 54362 Jan 2 03:25:32 nbi-636 sshd[9618]: Failed password for invalid user ruan from 103.79.169.7 port 54362 ssh2 Jan 2 03:25:33 nbi-636 sshd[9618]: Received disconnect from 103.79.169.7 port 54362:11: Bye Bye [preauth] Jan 2 03:25:33 nbi-636 sshd[9618]: Disconnected from 103.79.169.7 port 54362 [preauth] Jan 2 03:41:01 nbi-636 sshd[12059]: Invalid user nt from 103.79.169.7 port 49740 Jan 2 03:41:03 nbi-636 sshd[12059]: Failed password for invalid user nt from 103.79.169.7 port 49740 ssh2 Jan 2 03:41:03 nbi-636 sshd[12059]: Received disconnect from 103.79.169.7 port 49740:11: Bye Bye [preauth] Jan 2 03:41:03 nbi-636 sshd[12059]: Disconnected from 103.79.169.7 port 49740 [preauth] Jan 2 03:43:59 nbi-636 sshd[12539]: Invalid user edu from 103.79.169.7 port 43834 Jan 2 03:44:01 nbi-636 sshd[12539]: Failed password for invalid user edu from 103.79.169.7 port 43834 ssh2 Jan 2 03:44:01 nbi-6........ ------------------------------- |
2020-01-04 17:46:57 |
| 202.153.40.26 | attackbots | Honeypot attack, port: 5555, PTR: PTR record not found |
2020-01-04 17:45:06 |
| 35.246.183.218 | attack | Unauthorized connection attempt detected from IP address 35.246.183.218 to port 23 |
2020-01-04 17:47:26 |
| 115.202.225.233 | attackbotsspam | Automatic report - Port Scan Attack |
2020-01-04 17:49:57 |
| 111.231.237.245 | attackspam | Jan 4 11:18:31 server sshd\[2462\]: Invalid user filter from 111.231.237.245 Jan 4 11:18:31 server sshd\[2462\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.237.245 Jan 4 11:18:33 server sshd\[2462\]: Failed password for invalid user filter from 111.231.237.245 port 50630 ssh2 Jan 4 11:28:33 server sshd\[4635\]: Invalid user telnet from 111.231.237.245 Jan 4 11:28:33 server sshd\[4635\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.237.245 ... |
2020-01-04 17:25:08 |
| 119.181.10.151 | attackbots | Fail2Ban - FTP Abuse Attempt |
2020-01-04 17:28:43 |
| 103.15.226.14 | attackspam | 103.15.226.14 - - \[04/Jan/2020:08:46:22 +0100\] "POST /wp-login.php HTTP/1.0" 200 4404 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.15.226.14 - - \[04/Jan/2020:08:46:26 +0100\] "POST /wp-login.php HTTP/1.0" 200 4236 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 103.15.226.14 - - \[04/Jan/2020:08:46:28 +0100\] "POST /xmlrpc.php HTTP/1.0" 200 736 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-01-04 17:42:59 |
| 106.12.36.21 | attackbotsspam | Jan 4 10:42:51 lnxweb61 sshd[31826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.21 Jan 4 10:42:51 lnxweb61 sshd[31826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.21 |
2020-01-04 17:57:24 |
| 118.99.179.164 | attackbots | Automatic report - Port Scan Attack |
2020-01-04 17:38:49 |
| 35.199.73.100 | attackbotsspam | SSH Brute-Force reported by Fail2Ban |
2020-01-04 17:55:42 |
| 92.169.247.72 | attack | Jan 4 10:14:23 solowordpress sshd[30125]: Invalid user user from 92.169.247.72 port 44046 ... |
2020-01-04 17:39:54 |
| 113.167.175.242 | attackspam | 20/1/3@23:49:09: FAIL: Alarm-Network address from=113.167.175.242 20/1/3@23:49:10: FAIL: Alarm-Network address from=113.167.175.242 ... |
2020-01-04 17:32:41 |