158.140.171.20

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. Eka Mas Republik

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	May 10 13:31:46 Tower sshd[27504]: Connection from 222.186.190.14 port 61246 on 192.168.10.220 port 22 rdomain "" May 10 13:31:48 Tower sshd[27504]: Received disconnect from 222.186.190.14 port 61246:11: [preauth] May 10 13:31:48 Tower sshd[27504]: Disconnected from 222.186.190.14 port 61246 [preauth] May 11 23:51:02 Tower sshd[27504]: Connection from 158.140.171.20 port 49257 on 192.168.10.220 port 22 rdomain "" May 11 23:51:04 Tower sshd[27504]: Failed password for root from 158.140.171.20 port 49257 ssh2 May 11 23:51:04 Tower sshd[27504]: Connection closed by authenticating user root 158.140.171.20 port 49257 [preauth]	2020-05-12 15:49:09

类型

评论内容

时间

attackspam

May 10 13:31:46 Tower sshd[27504]: Connection from 222.186.190.14 port 61246 on 192.168.10.220 port 22 rdomain ""
May 10 13:31:48 Tower sshd[27504]: Received disconnect from 222.186.190.14 port 61246:11:  [preauth]
May 10 13:31:48 Tower sshd[27504]: Disconnected from 222.186.190.14 port 61246 [preauth]
May 11 23:51:02 Tower sshd[27504]: Connection from 158.140.171.20 port 49257 on 192.168.10.220 port 22 rdomain ""
May 11 23:51:04 Tower sshd[27504]: Failed password for root from 158.140.171.20 port 49257 ssh2
May 11 23:51:04 Tower sshd[27504]: Connection closed by authenticating user root 158.140.171.20 port 49257 [preauth]

2020-05-12 15:49:09

相同子网IP讨论:

IP	类型	评论内容	时间
158.140.171.122	attackspam	Unauthorized connection attempt from IP address 158.140.171.122 on Port 445(SMB)	2020-07-04 10:34:36
158.140.171.61	attackbots	Unauthorised access (Mar 24) SRC=158.140.171.61 LEN=52 TTL=117 ID=17331 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-16 19:52:56
158.140.171.33	attack	Unauthorized connection attempt from IP address 158.140.171.33 on Port 445(SMB)	2020-04-28 20:01:28
158.140.171.11	attack	Sun, 21 Jul 2019 18:28:47 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:57:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.140.171.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8474
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;158.140.171.20.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051200 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 12 15:49:05 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

20.171.140.158.in-addr.arpa domain name pointer host-158.140.171-20.myrepublic.co.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.171.140.158.in-addr.arpa	name = host-158.140.171-20.myrepublic.co.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
61.239.76.140	attackbots	Honeypot attack, port: 5555, PTR: 061239076140.ctinets.com.	2020-04-05 02:27:32
45.143.221.47	attackspambots	Apr 4 15:37:57 debian-2gb-nbg1-2 kernel: \[8266512.174361\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.143.221.47 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=57773 PROTO=TCP SPT=41609 DPT=44385 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-05 02:08:45
49.88.112.75	attackbotsspam	Apr 4 22:40:14 gw1 sshd[3203]: Failed password for root from 49.88.112.75 port 13223 ssh2 Apr 4 22:40:16 gw1 sshd[3203]: Failed password for root from 49.88.112.75 port 13223 ssh2 ...	2020-04-05 01:46:36
112.85.42.89	attackbots	Apr 4 19:47:51 ns381471 sshd[27108]: Failed password for root from 112.85.42.89 port 55510 ssh2 Apr 4 19:47:53 ns381471 sshd[27108]: Failed password for root from 112.85.42.89 port 55510 ssh2	2020-04-05 01:52:12
60.171.208.199	attackbots	Tried sshing with brute force.	2020-04-05 02:24:17
190.156.231.245	attack	$f2bV_matches	2020-04-05 02:15:04
190.110.181.104	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-04-05 02:25:19
222.186.173.201	attack	Apr 4 20:11:09 plex sshd[15839]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Apr 4 20:11:11 plex sshd[15839]: Failed password for root from 222.186.173.201 port 7660 ssh2	2020-04-05 02:13:41
162.243.55.188	attackbots	Apr 4 17:54:41 dev0-dcde-rnet sshd[2680]: Failed password for root from 162.243.55.188 port 46030 ssh2 Apr 4 18:06:29 dev0-dcde-rnet sshd[2708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.55.188 Apr 4 18:06:31 dev0-dcde-rnet sshd[2708]: Failed password for invalid user hadoop from 162.243.55.188 port 52234 ssh2	2020-04-05 01:45:50
89.35.39.6	attack	Amazon ID Phishing Website http://flame.forshana2a.net.cn/ 103.44.28.186 301 server_redirect permanent https://forshana1a.top/ 89.35.39.6 302 server_redirect temporary https://forshana1a.top/pc/ Return-Path: Received: from yusheng25.yushengserver02.top (yusheng25.yushengserver02.top [107.179.65.90]) From: "" Subject: Amazon. co. jp にご登録のアカウント（名前、パスワード、その他個人情報）の確認 Date: Sat, 4 Apr 2020 21:17:31 +0800 X-mailer: Lbb 1	2020-04-05 02:02:42
218.92.0.145	attackspam	04/04/2020-14:05:59.075097 218.92.0.145 Protocol: 6 ET SCAN Potential SSH Scan	2020-04-05 02:07:48
54.37.66.73	attackspambots	2020-04-04T18:00:25.047568librenms sshd[4899]: Failed password for root from 54.37.66.73 port 44006 ssh2 2020-04-04T18:04:11.768353librenms sshd[4975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=73.ip-54-37-66.eu user=root 2020-04-04T18:04:14.259588librenms sshd[4975]: Failed password for root from 54.37.66.73 port 50774 ssh2 ...	2020-04-05 01:52:44
51.178.29.191	attack	Apr 4 18:10:41 sshd[4589]: Failed password for invalid user test from 51.178.29.191 port 57380 ssh2	2020-04-05 02:10:53
62.110.11.66	attackspambots	Apr 4 17:31:06 game-panel sshd[19866]: Failed password for root from 62.110.11.66 port 52608 ssh2 Apr 4 17:34:54 game-panel sshd[20046]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.110.11.66 Apr 4 17:34:56 game-panel sshd[20046]: Failed password for invalid user sunfang from 62.110.11.66 port 35256 ssh2	2020-04-05 01:50:04
186.122.147.189	attack	Apr 4 17:46:57 localhost sshd[1424]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.147.189 user=root Apr 4 17:46:59 localhost sshd[1424]: Failed password for root from 186.122.147.189 port 48494 ssh2 Apr 4 17:51:52 localhost sshd[2091]: Invalid user default from 186.122.147.189 port 59092 Apr 4 17:51:52 localhost sshd[2091]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.147.189 Apr 4 17:51:52 localhost sshd[2091]: Invalid user default from 186.122.147.189 port 59092 Apr 4 17:51:55 localhost sshd[2091]: Failed password for invalid user default from 186.122.147.189 port 59092 ssh2 ...	2020-04-05 02:05:04

最近上报的IP列表

108.92.168.148	122.116.253.120	3.11.149.42	180.246.126.62
190.206.84.47	230.193.241.116	5.11.185.89	124.99.218.98
219.91.11.117	72.27.69.124	110.147.214.97	204.98.200.195
175.44.42.212	162.243.140.118	116.103.98.251	121.189.200.225
140.143.138.202	72.74.205.105	121.27.79.161	218.155.43.177