158.140.180.74

Basic Info

City: Jakarta

Region: Jakarta

Country: Indonesia

Internet Service Provider: PT. Eka Mas Republik

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	C1,WP GET /nelson/wp-login.php	2019-11-02 03:04:07

Comments on same subnet:

IP	Type	Details	Datetime
158.140.180.71	attackspam	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-12 04:51:29
158.140.180.71	attackbots	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 20:55:43
158.140.180.71	attack	158.140.180.71 - - [10/Oct/2020:22:35:08 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:39:12 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:40:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:41:15 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:42:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 12:52:14
158.140.180.71	attack	158.140.180.71 - - [10/Oct/2020:21:51:25 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:57:31 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:58:32 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:21:59:33 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-" 158.140.180.71 - - [10/Oct/2020:22:00:35 +0000] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "-"	2020-10-11 06:14:51
158.140.180.125	attackspambots	TCP (SYN) 158.140.180.125:61359 -> port 445, len 52	2020-09-04 04:16:05
158.140.180.125	attack	TCP (SYN) 158.140.180.125:61359 -> port 445, len 52	2020-09-03 19:57:13
158.140.180.81	attackbotsspam	Unauthorized connection attempt from IP address 158.140.180.81 on Port 445(SMB)	2020-08-29 03:00:56
158.140.180.130	attack	IP 158.140.180.130 attacked honeypot on port: 22 at 7/3/2020 11:31:16 AM	2020-07-04 03:04:30
158.140.180.76	attackbots	Unauthorised access (Dec 1) SRC=158.140.180.76 LEN=52 TTL=116 ID=23440 DF TCP DPT=445 WINDOW=8192 SYN	2019-12-02 04:16:57
158.140.180.79	attackspambots	Unauthorized connection attempt from IP address 158.140.180.79 on Port 445(SMB)	2019-11-26 06:11:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 158.140.180.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58709
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;158.140.180.74.			IN	A

;; AUTHORITY SECTION:
.			506	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110101 1800 900 604800 86400

;; Query time: 279 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 02 03:04:02 CST 2019
;; MSG SIZE  rcvd: 118

Host info

74.180.140.158.in-addr.arpa domain name pointer host-158.140.180-74.myrepublic.co.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
74.180.140.158.in-addr.arpa	name = host-158.140.180-74.myrepublic.co.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
190.40.155.40	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 22-09-2019 22:00:47.	2019-09-23 09:11:16
140.143.2.228	attackspambots	Sep 23 06:35:28 areeb-Workstation sshd[11166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.2.228 Sep 23 06:35:30 areeb-Workstation sshd[11166]: Failed password for invalid user dhcp from 140.143.2.228 port 46888 ssh2 ...	2019-09-23 09:28:56
122.225.22.22	attackbotsspam	Unauthorized connection attempt from IP address 122.225.22.22 on Port 445(SMB)	2019-09-23 09:23:46
185.176.27.86	attackspambots	09/23/2019-01:46:05.848638 185.176.27.86 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-09-23 09:08:57
191.232.191.238	attackbots	Sep 22 20:47:48 TORMINT sshd\[3584\]: Invalid user libsys from 191.232.191.238 Sep 22 20:47:48 TORMINT sshd\[3584\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.232.191.238 Sep 22 20:47:49 TORMINT sshd\[3584\]: Failed password for invalid user libsys from 191.232.191.238 port 41392 ssh2 ...	2019-09-23 09:02:33
193.169.255.144	attack	Sep 23 01:05:06 mail postfix/smtpd\[3317\]: warning: unknown\[193.169.255.144\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 23 01:40:27 mail postfix/smtpd\[7062\]: warning: unknown\[193.169.255.144\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 23 01:49:15 mail postfix/smtpd\[7878\]: warning: unknown\[193.169.255.144\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\ Sep 23 01:58:07 mail postfix/smtpd\[7032\]: warning: unknown\[193.169.255.144\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6\	2019-09-23 09:26:33
137.74.152.239	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/137.74.152.239/ FR - 1H : (45) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : FR NAME ASN : ASN16276 IP : 137.74.152.239 CIDR : 137.74.0.0/16 PREFIX COUNT : 132 UNIQUE IP COUNT : 3052544 WYKRYTE ATAKI Z ASN16276 : 1H - 2 3H - 5 6H - 5 12H - 7 24H - 18 INFO : Best E-Mail Spam Filter Detected and Blocked by ADMIN - data recovery	2019-09-23 09:15:40
86.183.148.162	attackbots	Sep 22 22:16:48 XXX sshd[48820]: Invalid user webster from 86.183.148.162 port 60950	2019-09-23 09:24:13
91.134.140.242	attackspambots	Sep 23 00:21:20 lnxmysql61 sshd[19228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.134.140.242	2019-09-23 08:47:19
49.88.112.65	attack	Sep 23 02:39:14 mail sshd\[17338\]: Failed password for root from 49.88.112.65 port 43666 ssh2 Sep 23 02:39:17 mail sshd\[17338\]: Failed password for root from 49.88.112.65 port 43666 ssh2 Sep 23 02:40:49 mail sshd\[17505\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.65 user=root Sep 23 02:40:51 mail sshd\[17505\]: Failed password for root from 49.88.112.65 port 51874 ssh2 Sep 23 02:40:53 mail sshd\[17505\]: Failed password for root from 49.88.112.65 port 51874 ssh2	2019-09-23 08:50:21
114.37.80.164	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 22-09-2019 22:00:36.	2019-09-23 09:30:14
103.129.47.30	attackbotsspam	Sep 23 02:10:32 ArkNodeAT sshd\[16751\]: Invalid user ok from 103.129.47.30 Sep 23 02:10:32 ArkNodeAT sshd\[16751\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.129.47.30 Sep 23 02:10:34 ArkNodeAT sshd\[16751\]: Failed password for invalid user ok from 103.129.47.30 port 38246 ssh2	2019-09-23 09:13:19
178.140.191.120	attackspam	firewall-block, port(s): 22/tcp	2019-09-23 09:27:12
200.115.157.122	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 22-09-2019 22:00:48.	2019-09-23 09:10:57
198.27.90.106	attackbots	Sep 23 03:00:05 SilenceServices sshd[25415]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.90.106 Sep 23 03:00:07 SilenceServices sshd[25415]: Failed password for invalid user odoo10 from 198.27.90.106 port 52331 ssh2 Sep 23 03:04:12 SilenceServices sshd[26561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.27.90.106	2019-09-23 09:14:34

Recently Reported IPs

42.148.223.18	199.108.36.107	91.119.150.194	163.159.99.108
150.246.109.105	124.191.6.5	45.102.25.59	174.238.103.122
122.173.254.225	46.233.201.155	243.223.69.55	215.29.76.2
187.39.30.85	67.89.110.196	226.213.179.7	73.198.23.72
141.66.193.226	244.0.31.232	102.156.201.69	105.65.16.189