City: unknown
Region: unknown
Country: Singapore
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 159.138.86.61 | attackbots | Fake Googlebot |
2020-09-06 20:40:56 |
| 159.138.86.61 | attackspambots | Fake Googlebot |
2020-09-06 12:19:35 |
| 159.138.86.61 | attackspambots | Fake Googlebot |
2020-09-06 04:41:45 |
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 159.138.0.0 - 159.138.255.255
CIDR: 159.138.0.0/16
NetName: APNIC
NetHandle: NET-159-138-0-0-1
Parent: NET159 (NET-159-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2017-11-16
Updated: 2017-11-16
Ref: https://rdap.arin.net/registry/ip/159.138.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois://whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '159.138.80.0 - 159.138.95.255'
% Abuse contact for '159.138.80.0 - 159.138.95.255' is 'hwssecurity@huaweicloud.com'
inetnum: 159.138.80.0 - 159.138.95.255
netname: Huawei-SG-CLOUDS
descr: Huawei Singapore Clouds
country: SG
admin-c: HIPL7-AP
tech-c: HIPL7-AP
abuse-c: AH905-AP
status: ALLOCATED NON-PORTABLE
mnt-by: MAINT-HIPL-SG
mnt-irt: IRT-HIPL-SG
last-modified: 2024-08-07T08:08:13Z
geofeed: https://res-static.hc-cdn.cn/cloudbu-site/china/zh-cn/IP-location/google-geo-feed.csv
source: APNIC
irt: IRT-HIPL-SG
address: 15A Changi Business Park Central 1 Eightrium
e-mail: hwssecurity@huaweicloud.com
abuse-mailbox: hwssecurity@huaweicloud.com
admin-c: HIPL4-AP
tech-c: HIPL4-AP
auth: # Filtered
remarks: hwssecurity@huaweicloud.com
remarks: hwssecurity@huaweicloud.com was validated on 2025-06-30
mnt-by: MAINT-HIPL-SG
last-modified: 2025-09-04T07:18:22Z
source: APNIC
role: ABUSE HIPLSG
country: ZZ
address: 15A Changi Business Park Central 1 Eightrium # 03-03/04, Singapore 486035
phone: +000000000
e-mail: hwssecurity@huaweicloud.com
admin-c: HIPL4-AP
tech-c: HIPL4-AP
nic-hdl: AH905-AP
remarks: Generated from irt object IRT-HIPL-SG
remarks: hwssecurity@huaweicloud.com was validated on 2025-06-30
abuse-mailbox: hwssecurity@huaweicloud.com
mnt-by: APNIC-ABUSE
last-modified: 2025-06-30T08:15:08Z
source: APNIC
role: HUAWEI INTERNATIONAL PTE LTD administrator
address: 15A Changi Business Park Central 1 Eightrium #03-03/04, Singapore 486035
country: SG
phone: +8618730601505
e-mail: wanggang222@huawei.com
admin-c: HIPL7-AP
tech-c: HIPL7-AP
nic-hdl: HIPL7-AP
notify: wanggang222@huawei.com
mnt-by: MAINT-HIPL-SG
last-modified: 2021-06-04T07:42:42Z
source: APNIC
% Information related to '159.138.86.0/24AS136907'
route: 159.138.86.0/24
country: SG
origin: AS136907
descr: HUAWEI INTERNATIONAL PTE. LTD.
15A Changi Business Park Central 1 Eightrium #03-03/04
mnt-by: MAINT-HIPL-SG
last-modified: 2025-02-12T09:23:29Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 159.138.86.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6060
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;159.138.86.200. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025110901 1800 900 604800 86400
;; Query time: 39 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 10 10:53:27 CST 2025
;; MSG SIZE rcvd: 107200.86.138.159.in-addr.arpa domain name pointer ecs-159-138-86-200.compute.hwclouds-dns.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
200.86.138.159.in-addr.arpa name = ecs-159-138-86-200.compute.hwclouds-dns.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 106.12.176.53 | attackspambots | May 20 19:41:04 pkdns2 sshd\[60227\]: Invalid user est from 106.12.176.53May 20 19:41:06 pkdns2 sshd\[60227\]: Failed password for invalid user est from 106.12.176.53 port 36826 ssh2May 20 19:43:15 pkdns2 sshd\[60365\]: Invalid user vni from 106.12.176.53May 20 19:43:17 pkdns2 sshd\[60365\]: Failed password for invalid user vni from 106.12.176.53 port 35408 ssh2May 20 19:45:25 pkdns2 sshd\[60531\]: Invalid user wnr from 106.12.176.53May 20 19:45:27 pkdns2 sshd\[60531\]: Failed password for invalid user wnr from 106.12.176.53 port 34006 ssh2 ... |
2020-05-21 01:28:39 |
| 185.234.219.108 | attackbotsspam | Unauthorized connection attempt detected from IP address 185.234.219.108 to port 25 |
2020-05-21 01:39:15 |
| 222.186.175.23 | attack | May 20 19:10:23 vps639187 sshd\[26998\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.23 user=root May 20 19:10:25 vps639187 sshd\[26998\]: Failed password for root from 222.186.175.23 port 55534 ssh2 May 20 19:10:27 vps639187 sshd\[26998\]: Failed password for root from 222.186.175.23 port 55534 ssh2 ... |
2020-05-21 01:17:43 |
| 141.98.80.47 | attack | May 20 18:48:01 relay postfix/smtpd\[2279\]: warning: unknown\[141.98.80.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 20 18:48:01 relay postfix/smtpd\[22912\]: warning: unknown\[141.98.80.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 20 18:48:46 relay postfix/smtpd\[2786\]: warning: unknown\[141.98.80.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 20 18:48:46 relay postfix/smtpd\[22912\]: warning: unknown\[141.98.80.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 20 19:07:08 relay postfix/smtpd\[2786\]: warning: unknown\[141.98.80.47\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-05-21 01:07:28 |
| 213.217.0.133 | attack | May 20 19:17:19 debian-2gb-nbg1-2 kernel: \[12253865.167268\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=213.217.0.133 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=35661 PROTO=TCP SPT=53560 DPT=61542 WINDOW=1024 RES=0x00 SYN URGP=0 |
2020-05-21 01:19:02 |
| 222.186.30.76 | attackbots | May 20 19:15:17 ovpn sshd\[19583\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root May 20 19:15:19 ovpn sshd\[19583\]: Failed password for root from 222.186.30.76 port 23896 ssh2 May 20 19:15:26 ovpn sshd\[19629\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.76 user=root May 20 19:15:28 ovpn sshd\[19629\]: Failed password for root from 222.186.30.76 port 53755 ssh2 May 20 19:15:29 ovpn sshd\[19629\]: Failed password for root from 222.186.30.76 port 53755 ssh2 |
2020-05-21 01:18:29 |
| 175.193.13.3 | attackspambots | May 20 11:59:51 r.ca sshd[16264]: Failed password for invalid user whs from 175.193.13.3 port 42320 ssh2 |
2020-05-21 01:27:50 |
| 140.249.19.110 | attack | 2020-05-20T18:05:31.510681 sshd[20169]: Invalid user blackfire from 140.249.19.110 port 34388 2020-05-20T18:05:31.524903 sshd[20169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.249.19.110 2020-05-20T18:05:31.510681 sshd[20169]: Invalid user blackfire from 140.249.19.110 port 34388 2020-05-20T18:05:33.549054 sshd[20169]: Failed password for invalid user blackfire from 140.249.19.110 port 34388 ssh2 ... |
2020-05-21 01:28:13 |
| 180.250.124.227 | attackbots | May 20 19:05:53 PorscheCustomer sshd[25265]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.124.227 May 20 19:05:55 PorscheCustomer sshd[25265]: Failed password for invalid user prd from 180.250.124.227 port 46988 ssh2 May 20 19:09:48 PorscheCustomer sshd[25440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.124.227 ... |
2020-05-21 01:35:01 |
| 111.231.215.244 | attackspambots | May 20 19:13:06 vps sshd[545653]: Failed password for invalid user jlw from 111.231.215.244 port 11145 ssh2 May 20 19:15:38 vps sshd[560803]: Invalid user oyg from 111.231.215.244 port 39165 May 20 19:15:38 vps sshd[560803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.215.244 May 20 19:15:40 vps sshd[560803]: Failed password for invalid user oyg from 111.231.215.244 port 39165 ssh2 May 20 19:18:12 vps sshd[570302]: Invalid user qif from 111.231.215.244 port 10680 ... |
2020-05-21 01:36:06 |
| 125.234.1.154 | attack | firewall-block, port(s): 445/tcp |
2020-05-21 01:15:59 |
| 66.70.130.149 | attack | May 20 18:39:50 home sshd[28940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.149 May 20 18:39:51 home sshd[28940]: Failed password for invalid user ctl from 66.70.130.149 port 43110 ssh2 May 20 18:49:02 home sshd[30413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.149 ... |
2020-05-21 01:01:56 |
| 213.92.204.253 | attackbots | May 20 17:46:14 mail.srvfarm.net postfix/smtps/smtpd[1512838]: warning: unknown[213.92.204.253]: SASL PLAIN authentication failed: May 20 17:46:14 mail.srvfarm.net postfix/smtps/smtpd[1512838]: lost connection after AUTH from unknown[213.92.204.253] May 20 17:48:46 mail.srvfarm.net postfix/smtpd[1512839]: warning: unknown[213.92.204.253]: SASL PLAIN authentication failed: May 20 17:48:46 mail.srvfarm.net postfix/smtpd[1512839]: lost connection after AUTH from unknown[213.92.204.253] May 20 17:50:38 mail.srvfarm.net postfix/smtpd[1512860]: warning: unknown[213.92.204.253]: SASL PLAIN authentication failed: |
2020-05-21 01:03:33 |
| 77.45.85.135 | attackspambots | May 20 17:48:09 mail.srvfarm.net postfix/smtpd[1512860]: warning: 77-45-85-135.sta.asta-net.com.pl[77.45.85.135]: SASL PLAIN authentication failed: May 20 17:48:09 mail.srvfarm.net postfix/smtpd[1512860]: lost connection after AUTH from 77-45-85-135.sta.asta-net.com.pl[77.45.85.135] May 20 17:52:02 mail.srvfarm.net postfix/smtpd[1512860]: warning: 77-45-85-135.sta.asta-net.com.pl[77.45.85.135]: SASL PLAIN authentication failed: May 20 17:52:02 mail.srvfarm.net postfix/smtpd[1512860]: lost connection after AUTH from 77-45-85-135.sta.asta-net.com.pl[77.45.85.135] May 20 17:56:07 mail.srvfarm.net postfix/smtps/smtpd[1515643]: lost connection after CONNECT from 77-45-85-135.sta.asta-net.com.pl[77.45.85.135] |
2020-05-21 01:00:49 |
| 186.216.69.50 | attackspam | May 20 17:37:02 mail.srvfarm.net postfix/smtpd[1492148]: warning: unknown[186.216.69.50]: SASL PLAIN authentication failed: May 20 17:37:02 mail.srvfarm.net postfix/smtpd[1492148]: lost connection after AUTH from unknown[186.216.69.50] May 20 17:37:18 mail.srvfarm.net postfix/smtpd[1507561]: warning: unknown[186.216.69.50]: SASL PLAIN authentication failed: May 20 17:37:19 mail.srvfarm.net postfix/smtpd[1507561]: lost connection after AUTH from unknown[186.216.69.50] May 20 17:45:48 mail.srvfarm.net postfix/smtps/smtpd[1512840]: lost connection after CONNECT from unknown[186.216.69.50] |
2020-05-21 01:05:15 |