158.140.171.20

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. Eka Mas Republik

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	May 10 13:31:46 Tower sshd[27504]: Connection from 222.186.190.14 port 61246 on 192.168.10.220 port 22 rdomain "" May 10 13:31:48 Tower sshd[27504]: Received disconnect from 222.186.190.14 port 61246:11: [preauth] May 10 13:31:48 Tower sshd[27504]: Disconnected from 222.186.190.14 port 61246 [preauth] May 11 23:51:02 Tower sshd[27504]: Connection from 158.140.171.20 port 49257 on 192.168.10.220 port 22 rdomain "" May 11 23:51:04 Tower sshd[27504]: Failed password for root from 158.140.171.20 port 49257 ssh2 May 11 23:51:04 Tower sshd[27504]: Connection closed by authenticating user root 158.140.171.20 port 49257 [preauth]	2020-05-12 15:49:09

类型

评论内容

时间

attackspam

May 10 13:31:46 Tower sshd[27504]: Connection from 222.186.190.14 port 61246 on 192.168.10.220 port 22 rdomain ""
May 10 13:31:48 Tower sshd[27504]: Received disconnect from 222.186.190.14 port 61246:11:  [preauth]
May 10 13:31:48 Tower sshd[27504]: Disconnected from 222.186.190.14 port 61246 [preauth]
May 11 23:51:02 Tower sshd[27504]: Connection from 158.140.171.20 port 49257 on 192.168.10.220 port 22 rdomain ""
May 11 23:51:04 Tower sshd[27504]: Failed password for root from 158.140.171.20 port 49257 ssh2
May 11 23:51:04 Tower sshd[27504]: Connection closed by authenticating user root 158.140.171.20 port 49257 [preauth]

2020-05-12 15:49:09

相同子网IP讨论:

IP	类型	评论内容	时间
158.140.171.122	attackspam	Unauthorized connection attempt from IP address 158.140.171.122 on Port 445(SMB)	2020-07-04 10:34:36
158.140.171.61	attackbots	Unauthorised access (Mar 24) SRC=158.140.171.61 LEN=52 TTL=117 ID=17331 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-16 19:52:56
158.140.171.33	attack	Unauthorized connection attempt from IP address 158.140.171.33 on Port 445(SMB)	2020-04-28 20:01:28
158.140.171.11	attack	Sun, 21 Jul 2019 18:28:47 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-22 03:57:16

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.140.171.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8474
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;158.140.171.20.			IN	A

;; AUTHORITY SECTION:
.			548	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051200 1800 900 604800 86400

;; Query time: 57 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 12 15:49:05 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

20.171.140.158.in-addr.arpa domain name pointer host-158.140.171-20.myrepublic.co.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
20.171.140.158.in-addr.arpa	name = host-158.140.171-20.myrepublic.co.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
63.83.78.237	attackspam	Autoban 63.83.78.237 AUTH/CONNECT	2019-12-12 23:21:57
63.83.78.214	attackbotsspam	Autoban 63.83.78.214 AUTH/CONNECT	2019-12-12 23:41:58
63.83.78.216	attackbotsspam	Autoban 63.83.78.216 AUTH/CONNECT	2019-12-12 23:40:39
184.105.139.80	attackspambots	389/tcp 873/tcp 8080/tcp... [2019-10-17/12-12]21pkt,9pt.(tcp),1pt.(udp)	2019-12-12 23:25:17
189.8.17.18	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 12-12-2019 14:40:11.	2019-12-12 23:24:22
187.143.156.192	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 12-12-2019 14:40:10.	2019-12-12 23:24:53
63.83.78.226	attackspambots	Autoban 63.83.78.226 AUTH/CONNECT	2019-12-12 23:33:41
31.41.121.211	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 12-12-2019 14:40:12.	2019-12-12 23:23:25
49.48.55.40	attackspambots	port 23	2019-12-12 23:37:53
63.83.78.230	attackbots	Autoban 63.83.78.230 AUTH/CONNECT	2019-12-12 23:30:14
54.37.17.251	attackspam	Dec 12 10:04:29 linuxvps sshd\[40040\]: Invalid user falck from 54.37.17.251 Dec 12 10:04:29 linuxvps sshd\[40040\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.17.251 Dec 12 10:04:31 linuxvps sshd\[40040\]: Failed password for invalid user falck from 54.37.17.251 port 46384 ssh2 Dec 12 10:10:40 linuxvps sshd\[43791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.17.251 user=root Dec 12 10:10:42 linuxvps sshd\[43791\]: Failed password for root from 54.37.17.251 port 54996 ssh2	2019-12-12 23:22:50
63.83.78.225	attackbotsspam	Autoban 63.83.78.225 AUTH/CONNECT	2019-12-12 23:34:00
220.191.220.247	attackspam	28080/tcp 8090/tcp 1433/tcp... [2019-11-05/12-12]9pkt,4pt.(tcp)	2019-12-12 23:14:37
63.83.78.224	attackspam	Autoban 63.83.78.224 AUTH/CONNECT	2019-12-12 23:35:07
64.110.25.3	attackbotsspam	Autoban 64.110.25.3 AUTH/CONNECT	2019-12-12 23:02:26

最近上报的IP列表

108.92.168.148	122.116.253.120	3.11.149.42	180.246.126.62
190.206.84.47	230.193.241.116	5.11.185.89	124.99.218.98
219.91.11.117	72.27.69.124	110.147.214.97	204.98.200.195
175.44.42.212	162.243.140.118	116.103.98.251	121.189.200.225
140.143.138.202	72.74.205.105	121.27.79.161	218.155.43.177