158.140.137.132

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Singapore

运营商(isp): MyRepublic Ltd.

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 10 06:25:12 takio sshd[21711]: Invalid user ubnt from 158.140.137.132 port 55631 Aug 10 06:37:34 takio sshd[22077]: Invalid user ubuntu from 158.140.137.132 port 56027 Aug 10 06:49:55 takio sshd[23134]: Invalid user osmc from 158.140.137.132 port 56430	2020-08-10 18:05:19
attackbotsspam	[Aegis] @ 2019-08-31 22:44:46 0100 -> SSH insecure connection attempt (scan).	2019-09-01 12:48:41

类型

评论内容

时间

attackspam

Aug 10 06:25:12 takio sshd[21711]: Invalid user ubnt from 158.140.137.132 port 55631
Aug 10 06:37:34 takio sshd[22077]: Invalid user ubuntu from 158.140.137.132 port 56027
Aug 10 06:49:55 takio sshd[23134]: Invalid user osmc from 158.140.137.132 port 56430

2020-08-10 18:05:19

attackbotsspam

[Aegis] @ 2019-08-31 22:44:46  0100 -> SSH insecure connection attempt (scan).

2019-09-01 12:48:41

相同子网IP讨论:

IP	类型	评论内容	时间
158.140.137.39	attack	IMAP	2020-06-26 03:01:13
158.140.137.39	attackbotsspam	2020-06-20 22:04:38 Unauthorized connection attempt to IMAP/POP	2020-06-21 16:28:26
158.140.137.39	attackbots	Dovecot Invalid User Login Attempt.	2020-06-19 13:51:28
158.140.137.3	attackbots	#4701 - [158.140.137.39] Closing connection (IP still banned) #4701 - [158.140.137.39] Closing connection (IP still banned) #4701 - [158.140.137.39] Closing connection (IP still banned) #4701 - [158.140.137.39] Closing connection (IP still banned) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=158.140.137.3	2020-05-26 23:24:41
158.140.137.39	attackbots	(imapd) Failed IMAP login from 158.140.137.39 (SG/Singapore/39-137-140-158.myrepublic.com.sg): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 25 22:15:32 ir1 dovecot[2885757]: imap-login: Disconnected (auth failed, 1 attempts in 5 secs): user=, method=PLAIN, rip=158.140.137.39, lip=5.63.12.44, TLS, session=	2020-05-26 01:53:06
158.140.137.39	attackbotsspam	$f2bV_matches	2020-02-23 07:49:38
158.140.137.97	attackbotsspam	unauthorized connection attempt	2020-01-25 13:59:46
158.140.137.39	attackspambots	Dovecot Brute-Force	2019-10-05 16:27:06
158.140.137.39	attackspambots	WordPress login Brute force / Web App Attack on client site.	2019-09-22 23:53:22

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.140.137.132
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3268
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;158.140.137.132.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019083102 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 01 12:48:33 CST 2019
;; MSG SIZE  rcvd: 119

HOST信息:

132.137.140.158.in-addr.arpa domain name pointer 132-137-140-158.myrepublic.com.sg.

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
132.137.140.158.in-addr.arpa	name = 132-137-140-158.myrepublic.com.sg.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
171.238.59.76	attackspambots	Automatic report - Banned IP Access	2019-08-08 05:35:13
159.224.177.236	attack	2019-08-07T21:35:32.622758abusebot-7.cloudsearch.cf sshd\[7066\]: Invalid user ggg from 159.224.177.236 port 43078	2019-08-08 05:45:15
104.248.80.78	attack	Aug 8 00:33:59 server sshd\[12329\]: Invalid user TEST from 104.248.80.78 port 34876 Aug 8 00:33:59 server sshd\[12329\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78 Aug 8 00:34:01 server sshd\[12329\]: Failed password for invalid user TEST from 104.248.80.78 port 34876 ssh2 Aug 8 00:38:09 server sshd\[25832\]: Invalid user 123456 from 104.248.80.78 port 57594 Aug 8 00:38:09 server sshd\[25832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.248.80.78	2019-08-08 05:42:54
58.219.248.72	attackbotsspam	Honeypot attack, port: 23, PTR: PTR record not found	2019-08-08 05:09:06
122.225.100.82	attack	Aug 7 22:47:42 pornomens sshd\[1578\]: Invalid user test2 from 122.225.100.82 port 36232 Aug 7 22:47:42 pornomens sshd\[1578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.225.100.82 Aug 7 22:47:45 pornomens sshd\[1578\]: Failed password for invalid user test2 from 122.225.100.82 port 36232 ssh2 ...	2019-08-08 05:42:33
104.248.185.25	attack	08/07/2019-13:39:29.363434 104.248.185.25 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-08-08 05:23:10
168.128.86.35	attackspambots	Aug 7 20:13:43 vps691689 sshd[27096]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.86.35 Aug 7 20:13:45 vps691689 sshd[27096]: Failed password for invalid user 123456789 from 168.128.86.35 port 50160 ssh2 Aug 7 20:20:39 vps691689 sshd[27138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.128.86.35 ...	2019-08-08 05:23:54
43.227.68.26	attackspambots	Automatic report - Banned IP Access	2019-08-08 05:31:41
134.209.189.224	attackspambots	Aug 7 22:41:02 microserver sshd[30672]: Invalid user pe from 134.209.189.224 port 46218 Aug 7 22:41:02 microserver sshd[30672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.189.224 Aug 7 22:41:04 microserver sshd[30672]: Failed password for invalid user pe from 134.209.189.224 port 46218 ssh2 Aug 7 22:45:18 microserver sshd[31448]: Invalid user cedric from 134.209.189.224 port 45920 Aug 7 22:45:18 microserver sshd[31448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.189.224 Aug 7 22:57:42 microserver sshd[33516]: Invalid user rajesh from 134.209.189.224 port 42168 Aug 7 22:57:42 microserver sshd[33516]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.189.224 Aug 7 22:57:44 microserver sshd[33516]: Failed password for invalid user rajesh from 134.209.189.224 port 42168 ssh2 Aug 7 23:01:54 microserver sshd[34328]: Invalid user gilberto from 134.209.189.22	2019-08-08 05:27:33
191.53.193.70	attackspam	Aug 7 19:37:30 xeon postfix/smtpd[15324]: warning: unknown[191.53.193.70]: SASL PLAIN authentication failed: authentication failure	2019-08-08 05:11:11
82.194.210.31	attack	firewall-block, port(s): 2323/tcp	2019-08-08 05:10:31
5.62.41.134	attackbots	\[2019-08-07 16:57:03\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.134:1184' - Wrong password \[2019-08-07 16:57:03\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-07T16:57:03.849-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="18185",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.134/62834",Challenge="6591e38e",ReceivedChallenge="6591e38e",ReceivedHash="9b0db67aea1896f58662747befd42d89" \[2019-08-07 16:57:43\] NOTICE\[2288\] chan_sip.c: Registration from '\' failed for '5.62.41.134:1159' - Wrong password \[2019-08-07 16:57:43\] SECURITY\[2326\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-07T16:57:43.625-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="46371",SessionID="0x7ff4d0160998",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/5.62.41.134/5	2019-08-08 05:08:22
119.196.83.14	attack	SSH bruteforce (Triggered fail2ban)	2019-08-08 05:38:52
134.209.61.78	attackbotsspam	Aug 7 19:39:00 [munged] sshd[4743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.61.78	2019-08-08 05:32:26
190.210.9.25	attack	Automatic report - Banned IP Access	2019-08-08 05:21:04

最近上报的IP列表

129.226.76.114	217.10.102.82	82.115.215.86	209.97.174.183
122.141.141.64	103.121.26.150	196.56.65.94	221.237.152.171
61.236.250.29	187.101.235.10	79.55.14.4	70.218.190.221
215.96.104.62	33.163.232.244	31.73.186.68	88.52.164.5
13.80.91.189	128.247.8.123	146.144.94.71	89.35.253.220