158.140.180.130

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT. Eka Mas Republik

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	IP 158.140.180.130 attacked honeypot on port: 22 at 7/3/2020 11:31:16 AM	2020-07-04 03:04:30

相同子网IP讨论:

IP	类型	评论内容	时间
158.140.180.71	attackspam	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-12 04:51:29
158.140.180.71	attackbots	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 20:55:43
158.140.180.71	attack	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 12:52:14
158.140.180.71	attack	158.140.180.71 - - [10/Oct/2020:21:51:25 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:57:31 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:58:32 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:59:33 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:00:35 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 06:14:51
158.140.180.125	attackspambots	TCP (SYN) 158.140.180.125:61359 -> port 445, len 52	2020-09-04 04:16:05
158.140.180.125	attack	TCP (SYN) 158.140.180.125:61359 -> port 445, len 52	2020-09-03 19:57:13
158.140.180.81	attackbotsspam	Unauthorized connection attempt from IP address 158.140.180.81 on Port 445(SMB)	2020-08-29 03:00:56
158.140.180.76	attackbots	Unauthorised access (Dec 1) SRC=158.140.180.76 LEN=52 TTL=116 ID=23440 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-02 04:16:57
158.140.180.79	attackspambots	Unauthorized connection attempt from IP address 158.140.180.79 on Port 445(SMB)	2019-11-26 06:11:17
158.140.180.74	attackspambots	C1,WP GET /nelson/wp-login.php	2019-11-02 03:04:07

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.140.180.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25399
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;158.140.180.130.		IN	A

;; AUTHORITY SECTION:
.			381	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070301 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Jul 04 03:04:27 CST 2020
;; MSG SIZE  rcvd: 119

HOST信息:

130.180.140.158.in-addr.arpa domain name pointer host-158.140.180-130.myrepublic.co.id.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
130.180.140.158.in-addr.arpa	name = host-158.140.180-130.myrepublic.co.id.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
125.160.80.24	attack	445/tcp 445/tcp [2020-10-03]2pkt	2020-10-05 00:16:52
172.105.40.217	attack	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: li1992-217.members.linode.com.	2020-10-05 00:20:18
51.158.70.82	attackspambots	Oct 4 17:08:07 marvibiene sshd[25677]: Failed password for root from 51.158.70.82 port 51702 ssh2 Oct 4 17:11:46 marvibiene sshd[26014]: Failed password for root from 51.158.70.82 port 58548 ssh2	2020-10-04 23:55:24
196.92.143.188	attackspambots	23/tcp [2020-10-03]1pkt	2020-10-05 00:19:56
179.184.64.168	attack	445/tcp [2020-10-03]1pkt	2020-10-05 00:13:37
191.234.186.93	attack	(sshd) Failed SSH login from 191.234.186.93 (BR/Brazil/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 4 11:13:30 optimus sshd[22041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.186.93 user=root Oct 4 11:13:31 optimus sshd[22041]: Failed password for root from 191.234.186.93 port 53468 ssh2 Oct 4 11:18:24 optimus sshd[23737]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.186.93 user=root Oct 4 11:18:27 optimus sshd[23737]: Failed password for root from 191.234.186.93 port 36206 ssh2 Oct 4 11:28:28 optimus sshd[27316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.234.186.93 user=root	2020-10-04 23:56:12
185.33.134.14	attackbotsspam	5555/tcp [2020-10-03]1pkt	2020-10-04 23:47:31
47.176.38.253	attackbots	Brute%20Force%20SSH	2020-10-04 23:40:17
178.141.166.137	attack	0,34-03/03 [bc01/m56] PostRequest-Spammer scoring: berlin	2020-10-04 23:50:25
51.75.66.142	attackspam	Oct 4 16:56:44 marvibiene sshd[24851]: Failed password for root from 51.75.66.142 port 37736 ssh2 Oct 4 16:58:50 marvibiene sshd[24999]: Failed password for root from 51.75.66.142 port 42420 ssh2	2020-10-04 23:43:44
119.74.66.157	attackbots	37215/tcp [2020-10-03]1pkt	2020-10-05 00:06:33
218.92.0.223	attack	Oct 4 16:03:19 scw-gallant-ride sshd[10279]: Failed password for root from 218.92.0.223 port 8042 ssh2	2020-10-05 00:14:07
218.4.239.146	attackbots	Unauthorized connection attempt from IP address 218.4.239.146 on Port 25(SMTP)	2020-10-05 00:09:44
68.183.21.239	attackspambots	SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: 18-scan-andrew.foma-protonmail.com.	2020-10-05 00:16:04
118.43.97.168	attackspambots	Automatic report - Banned IP Access	2020-10-04 23:44:18

最近上报的IP列表

193.211.217.124	94.61.48.41	31.220.0.39	83.30.92.67
2a00:23c7:4f81:a600:d509:3bf:c2a7:8fc0	27.185.25.78	191.254.192.239	181.129.182.43
176.231.171.191	59.102.252.12	2.180.157.129	113.116.128.156
58.245.227.118	39.42.90.228	182.74.246.42	191.54.128.11
36.57.43.237	211.253.27.146	187.144.224.162	14.229.227.53

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表