107.140.5.137 - IPInfo

Basic Info

City: Whittier

Region: California

Country: United States

Internet Service Provider: AT&T Internet Services

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-06-28T22:36:00.213135mail.broermann.family sshd[26733]: Failed password for root from 107.140.5.137 port 59312 ssh2 2020-06-28T22:36:01.584212mail.broermann.family sshd[26738]: Invalid user admin from 107.140.5.137 port 59358 2020-06-28T22:36:01.737964mail.broermann.family sshd[26738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107-140-5-137.lightspeed.irvnca.sbcglobal.net 2020-06-28T22:36:01.584212mail.broermann.family sshd[26738]: Invalid user admin from 107.140.5.137 port 59358 2020-06-28T22:36:03.583990mail.broermann.family sshd[26738]: Failed password for invalid user admin from 107.140.5.137 port 59358 ssh2 ...	2020-06-29 07:34:14

Type

Details

Datetime

attack

2020-06-28T22:36:00.213135mail.broermann.family sshd[26733]: Failed password for root from 107.140.5.137 port 59312 ssh2
2020-06-28T22:36:01.584212mail.broermann.family sshd[26738]: Invalid user admin from 107.140.5.137 port 59358
2020-06-28T22:36:01.737964mail.broermann.family sshd[26738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107-140-5-137.lightspeed.irvnca.sbcglobal.net
2020-06-28T22:36:01.584212mail.broermann.family sshd[26738]: Invalid user admin from 107.140.5.137 port 59358
2020-06-28T22:36:03.583990mail.broermann.family sshd[26738]: Failed password for invalid user admin from 107.140.5.137 port 59358 ssh2
...

2020-06-29 07:34:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.140.5.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37300
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;107.140.5.137.			IN	A

;; AUTHORITY SECTION:
.			236	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062801 1800 900 604800 86400

;; Query time: 70 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 29 07:34:10 CST 2020
;; MSG SIZE  rcvd: 117

Host info

137.5.140.107.in-addr.arpa domain name pointer 107-140-5-137.lightspeed.irvnca.sbcglobal.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
137.5.140.107.in-addr.arpa	name = 107-140-5-137.lightspeed.irvnca.sbcglobal.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
103.218.27.171	spam	লগইন	2023-02-14 23:22:03
109.207.200.42	attack	Possible NTP DDoS Inbound	2023-02-21 13:50:25
134.209.207.188	spambotsattack	ET DROP Dshield Block Listed Source group 1 - port: 8080 proto: tcp cat: Misc Attackbytes: 60	2023-02-18 16:14:41
20.12.30.237	spamattack	Automatic report - Banned IP Access	2023-02-18 15:46:27
154.89.5.124	proxy	Unauthorized VPN	2023-02-16 14:00:39
95.217.53.14	attack	Scan port	2023-02-13 19:04:19
61.177.172.104	spambotsattack	Feb 18 11:19:54 localhost.localdomain sshd[22736]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.147 user=root Feb 18 11:20:12 localhost.localdomain sshd[22806]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.147 user=root Feb 18 11:20:14 localhost.localdomain sshd[22806]: Failed password for root from 61.177.172.147 port 19147 ssh2 Feb 18 11:20:18 localhost.localdomain sshd[22806]: Failed password for root from 61.177.172.147 port 19147 ssh2 Feb 18 11:20:21 localhost.localdomain sshd[22806]: Failed password for root from 61.177.172.147 port 19147 ssh2 Feb 18 11:20:23 localhost.localdomain sshd[22806]: Received disconnect from 61.177.172.147 port 19147:11: [preauth] Feb 18 11:20:23 localhost.localdomain sshd[22806]: Disconnected from authenticating user root 61.177.172.147 port 19147 [preauth] Feb 18 11:20:23 localhost.localdomain sshd[22806]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.147 user=root Feb 18 11:22:43 localhost.localdomain sshd[22867]: fatal: Timeout before authentication for 61.177.172.147 port 34714 Feb 18 11:23:16 localhost.localdomain sshd[22998]: fatal: Timeout before authentication for 61.177.172.147 port 34839	2023-02-18 18:47:10
94.102.61.29	proxy	Scan VPN	2023-02-20 14:02:11
47.89.195.210	spambotsattack	Intrusion attempt on business server Microsoft-Windows-Security-Auditing	2023-02-18 16:03:30
71.6.135.131	proxy	VPN fraud	2023-02-20 14:09:08
47.251.11.3	spambotsattack	Intrusion attempt on business server	2023-02-18 16:06:56
139.162.214.192	spambotsattack	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2023-02-18 16:15:46
40.77.167.195	spamattack	Automatic report - Banned IP Access	2023-02-18 15:44:16
89.248.165.91	attack	Scan port	2023-02-13 13:37:59
47.251.14.232	spambotsattack	Intrusion attempt on business server Microsoft-Windows-Security-Auditing	2023-02-18 16:04:07

Recently Reported IPs

107.178.37.214	12.189.163.87	47.143.208.153	138.204.13.229
17.41.48.79	179.209.73.50	96.40.46.213	101.162.111.91
88.97.240.118	37.84.207.178	62.96.65.186	97.63.250.220
112.213.126.26	17.40.88.65	81.29.81.52	136.243.172.49
112.99.236.210	79.152.92.197	39.48.216.227	49.72.75.210