158.140.180.67

Basic Info

City: South Tangerang

Region: Banten

Country: Indonesia

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
158.140.180.71	attackspam	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-12 04:51:29
158.140.180.71	attackbots	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 20:55:43
158.140.180.71	attack	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 12:52:14
158.140.180.71	attack	158.140.180.71 - - [10/Oct/2020:21:51:25 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:57:31 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:58:32 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:59:33 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:00:35 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 06:14:51
158.140.180.125	attackspambots	TCP (SYN) 158.140.180.125:61359 -> port 445, len 52	2020-09-04 04:16:05
158.140.180.125	attack	TCP (SYN) 158.140.180.125:61359 -> port 445, len 52	2020-09-03 19:57:13
158.140.180.81	attackbotsspam	Unauthorized connection attempt from IP address 158.140.180.81 on Port 445(SMB)	2020-08-29 03:00:56
158.140.180.130	attack	IP 158.140.180.130 attacked honeypot on port: 22 at 7/3/2020 11:31:16 AM	2020-07-04 03:04:30
158.140.180.76	attackbots	Unauthorised access (Dec 1) SRC=158.140.180.76 LEN=52 TTL=116 ID=23440 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-02 04:16:57
158.140.180.79	attackspambots	Unauthorized connection attempt from IP address 158.140.180.79 on Port 445(SMB)	2019-11-26 06:11:17
158.140.180.74	attackspambots	C1,WP GET /nelson/wp-login.php	2019-11-02 03:04:07

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.140.180.67
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36620
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;158.140.180.67.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025031401 1800 900 604800 86400

;; Query time: 38 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 15 12:35:51 CST 2025
;; MSG SIZE  rcvd: 107

Host info

67.180.140.158.in-addr.arpa domain name pointer host-158.140.180-67.myrepublic.co.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
67.180.140.158.in-addr.arpa	name = host-158.140.180-67.myrepublic.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.13.133.80	attackspam	Oct 8 19:21:42 *** sshd[8842]: User root from 106.13.133.80 not allowed because not listed in AllowUsers	2019-10-09 04:03:15
218.22.100.42	attackbots	Oct 8 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=218.22.100.42, lip=REMOVED, TLS: Disconnected, session=\ Oct 8 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 5 secs$: user=\, method=PLAIN, rip=218.22.100.42, lip=REMOVED, TLS: Disconnected, session=\ Oct 8 REMOVED dovecot: imap-login: Disconnected $auth failed, 1 attempts in 6 secs$: user=\, method=PLAIN, rip=218.22.100.42, lip=REMOVED, TLS: Disconnected, session=\<3KOtsGuUrJvaFmQq\>	2019-10-09 04:48:50
42.58.4.105	attack	Unauthorised access (Oct 8) SRC=42.58.4.105 LEN=40 TTL=49 ID=43072 TCP DPT=8080 WINDOW=20226 SYN Unauthorised access (Oct 7) SRC=42.58.4.105 LEN=40 TTL=49 ID=3088 TCP DPT=8080 WINDOW=15875 SYN Unauthorised access (Oct 6) SRC=42.58.4.105 LEN=40 TTL=49 ID=61113 TCP DPT=8080 WINDOW=20226 SYN	2019-10-09 04:13:49
60.170.224.187	attackbotsspam	Telnet Server BruteForce Attack	2019-10-09 04:40:00
77.247.181.162	attackspambots	2019-10-08T20:07:50.659786abusebot.cloudsearch.cf sshd\[30929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=chomsky.torservers.net user=root	2019-10-09 04:33:51
209.141.34.95	attackspam	2019-10-08T20:06:03.901245abusebot.cloudsearch.cf sshd\[30873\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=lv1.nixnet.xyz user=root	2019-10-09 04:19:32
45.23.108.9	attackspambots	Oct 8 21:59:07 DAAP sshd[13484]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.23.108.9 user=root Oct 8 21:59:09 DAAP sshd[13484]: Failed password for root from 45.23.108.9 port 37695 ssh2 Oct 8 22:02:58 DAAP sshd[13531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.23.108.9 user=root Oct 8 22:02:59 DAAP sshd[13531]: Failed password for root from 45.23.108.9 port 57898 ssh2 Oct 8 22:06:40 DAAP sshd[13557]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.23.108.9 user=root Oct 8 22:06:42 DAAP sshd[13557]: Failed password for root from 45.23.108.9 port 49863 ssh2 ...	2019-10-09 04:08:41
132.148.104.16	attack	C1,WP GET /suche/wp-login.php	2019-10-09 04:37:45
109.116.196.174	attackspam	Oct 8 22:06:03 mail sshd\[27936\]: Invalid user P4$$123!@\# from 109.116.196.174 Oct 8 22:06:03 mail sshd\[27936\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.196.174 Oct 8 22:06:06 mail sshd\[27936\]: Failed password for invalid user P4$$123!@\# from 109.116.196.174 port 60654 ssh2 ...	2019-10-09 04:26:53
104.248.187.179	attack	k+ssh-bruteforce	2019-10-09 04:30:55
103.57.80.58	attackbots	postfix	2019-10-09 04:16:14
122.114.161.19	attack	Oct 8 22:00:56 [host] sshd[16159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.161.19 user=root Oct 8 22:00:58 [host] sshd[16159]: Failed password for root from 122.114.161.19 port 45666 ssh2 Oct 8 22:06:17 [host] sshd[16285]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.161.19 user=root	2019-10-09 04:19:18
148.70.84.130	attackbots	Automatic report - Banned IP Access	2019-10-09 04:06:04
194.61.24.23	attackspambots	scan r	2019-10-09 04:15:24
62.210.37.82	attackspam	2019-10-08T20:05:08.166266abusebot.cloudsearch.cf sshd\[30839\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62-210-37-82.rev.poneytelecom.eu user=root	2019-10-09 04:53:40

Recently Reported IPs

253.27.111.137	159.60.214.72	69.243.231.116	199.172.111.131
9.106.199.57	81.233.228.232	114.216.222.32	206.229.7.32
126.23.77.0	41.123.174.49	232.179.52.30	189.245.140.247
164.130.19.140	134.239.75.41	49.205.153.158	14.141.237.24
99.79.223.220	44.147.58.172	15.239.150.45	38.24.214.248