158.140.167.99

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: PT. Eka Mas Republik

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	ssh bruteforce or scan ...	2020-01-14 23:53:45

Comments on same subnet:

IP	Type	Details	Datetime
158.140.167.18	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 11-02-2020 04:55:15.	2020-02-11 15:10:19
158.140.167.38	attack	...	2020-02-03 22:36:30
158.140.167.44	attackbots	Unauthorized connection attempt detected from IP address 158.140.167.44 to port 445	2020-01-04 13:04:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.140.167.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62348
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;158.140.167.99.			IN	A

;; AUTHORITY SECTION:
.			563	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011400 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jan 14 23:53:32 CST 2020
;; MSG SIZE  rcvd: 118

Host info

99.167.140.158.in-addr.arpa domain name pointer host-158.140.167-99.myrepublic.co.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.167.140.158.in-addr.arpa	name = host-158.140.167-99.myrepublic.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.88.241.107	attack	Tried sshing with brute force.	2019-07-07 21:54:03
123.233.89.216	attack	Unauthorised access (Jul 7) SRC=123.233.89.216 LEN=40 TTL=49 ID=47160 TCP DPT=23 WINDOW=50146 SYN	2019-07-07 21:11:56
162.243.69.215	attackbots	Automatic report - Web App Attack	2019-07-07 21:33:26
177.21.196.249	attack	SMTP-sasl brute force ...	2019-07-07 21:30:48
77.247.108.131	attack	Jul 7 10:39:11 mail kernel: [1295069.532489] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=77.247.108.131 DST=77.73.69.240 LEN=442 TOS=0x08 PREC=0x20 TTL=55 ID=36584 DF PROTO=UDP SPT=5449 DPT=3090 LEN=422 Jul 7 10:39:11 mail kernel: [1295069.532549] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=77.247.108.131 DST=77.73.69.240 LEN=444 TOS=0x08 PREC=0x20 TTL=55 ID=36585 DF PROTO=UDP SPT=5449 DPT=3100 LEN=424 Jul 7 10:39:11 mail kernel: [1295069.532564] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=77.247.108.131 DST=77.73.69.240 LEN=441 TOS=0x08 PREC=0x20 TTL=55 ID=36586 DF PROTO=UDP SPT=5449 DPT=3110 LEN=421 Jul 7 10:39:11 mail kernel: [1295069.532583] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=77.247.108.131 DST=77.73.69.240 LEN=443 TOS=0x08 PREC=0x20 TTL=55 ID=36587 DF PROTO=UDP SPT=5449 DPT=3120 LEN=423 Jul 7 10:39:11 mail kernel: [1295069.532682] [UFW BLOCK] IN=eth0 OUT= MAC=00:16	2019-07-07 21:49:02
177.129.204.57	attackbots	SMTP-sasl brute force ...	2019-07-07 21:28:53
40.127.106.50	attackspambots	Jul 7 09:07:16 lnxmail61 sshd[8151]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.127.106.50	2019-07-07 21:14:50
121.190.197.205	attackspam	Jul 7 12:39:24 *** sshd[20517]: Invalid user reich from 121.190.197.205	2019-07-07 21:46:37
180.97.31.28	attackspam	Unauthorized SSH login attempts	2019-07-07 21:35:04
118.25.133.121	attack	Invalid user format from 118.25.133.121 port 56720	2019-07-07 21:43:55
103.207.2.204	attack	Jul 7 10:50:36 tux-35-217 sshd\[14897\]: Invalid user webmaster from 103.207.2.204 port 35628 Jul 7 10:50:36 tux-35-217 sshd\[14897\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.2.204 Jul 7 10:50:38 tux-35-217 sshd\[14897\]: Failed password for invalid user webmaster from 103.207.2.204 port 35628 ssh2 Jul 7 10:56:01 tux-35-217 sshd\[14938\]: Invalid user tester from 103.207.2.204 port 56836 Jul 7 10:56:01 tux-35-217 sshd\[14938\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.207.2.204 ...	2019-07-07 21:37:31
213.32.122.83	attackspam	Jul 7 06:27:11 62-210-73-4 proftpd\[30835\]: 0.0.0.0 \(213.32.122.83\[213.32.122.83\]\) - USER anonymous: no such user found from 213.32.122.83 \[213.32.122.83\] to 62.210.73.4:21 ...	2019-07-07 21:12:49
120.136.26.240	attackspambots	Jul 7 07:15:00 MK-Soft-VM3 sshd\[5531\]: Invalid user papa from 120.136.26.240 port 34495 Jul 7 07:15:00 MK-Soft-VM3 sshd\[5531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.136.26.240 Jul 7 07:15:02 MK-Soft-VM3 sshd\[5531\]: Failed password for invalid user papa from 120.136.26.240 port 34495 ssh2 ...	2019-07-07 21:45:48
189.89.212.196	attackbotsspam	SMTP-sasl brute force ...	2019-07-07 21:40:04
151.80.41.64	attackspambots	2019-07-07T09:11:18.342685scmdmz1 sshd\[28648\]: Invalid user test from 151.80.41.64 port 39189 2019-07-07T09:11:18.346694scmdmz1 sshd\[28648\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns398062.ip-151-80-41.eu 2019-07-07T09:11:20.677122scmdmz1 sshd\[28648\]: Failed password for invalid user test from 151.80.41.64 port 39189 ssh2 ...	2019-07-07 21:31:28

Recently Reported IPs

41.38.30.102	183.89.107.135	197.61.22.112	157.50.213.67
95.188.73.171	176.97.170.107	2.51.68.30	88.44.135.210
13.228.88.44	176.48.118.141	49.206.220.201	45.224.27.242
27.73.119.95	179.174.56.79	37.199.219.81	117.220.198.187
117.4.125.12	114.222.125.123	90.220.143.110	117.193.200.189