124.158.164.42

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Indonesia

运营商(isp): PT Indonesia Comnets Plus

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 9 06:26:32 vtv3 sshd\[470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42 user=root Aug 9 06:26:33 vtv3 sshd\[470\]: Failed password for root from 124.158.164.42 port 44938 ssh2 Aug 9 06:31:52 vtv3 sshd\[3063\]: Invalid user yg from 124.158.164.42 port 40540 Aug 9 06:31:52 vtv3 sshd\[3063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42 Aug 9 06:31:53 vtv3 sshd\[3063\]: Failed password for invalid user yg from 124.158.164.42 port 40540 ssh2 Aug 9 06:42:12 vtv3 sshd\[8117\]: Invalid user ubuntu from 124.158.164.42 port 59476 Aug 9 06:42:12 vtv3 sshd\[8117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42 Aug 9 06:42:15 vtv3 sshd\[8117\]: Failed password for invalid user ubuntu from 124.158.164.42 port 59476 ssh2 Aug 9 06:47:31 vtv3 sshd\[10599\]: Invalid user anonymous from 124.158.164.42 port 55182 Aug 9 06:47:31 vtv3	2019-08-09 15:56:41
attackspam	Aug 9 06:26:32 vtv3 sshd\[470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42 user=root Aug 9 06:26:33 vtv3 sshd\[470\]: Failed password for root from 124.158.164.42 port 44938 ssh2 Aug 9 06:31:52 vtv3 sshd\[3063\]: Invalid user yg from 124.158.164.42 port 40540 Aug 9 06:31:52 vtv3 sshd\[3063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42 Aug 9 06:31:53 vtv3 sshd\[3063\]: Failed password for invalid user yg from 124.158.164.42 port 40540 ssh2 Aug 9 06:42:12 vtv3 sshd\[8117\]: Invalid user ubuntu from 124.158.164.42 port 59476 Aug 9 06:42:12 vtv3 sshd\[8117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42 Aug 9 06:42:15 vtv3 sshd\[8117\]: Failed password for invalid user ubuntu from 124.158.164.42 port 59476 ssh2 Aug 9 06:47:31 vtv3 sshd\[10599\]: Invalid user anonymous from 124.158.164.42 port 55182 Aug 9 06:47:31 vtv3	2019-08-09 12:30:38
attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-08 08:10:11

类型

评论内容

时间

attackspam

Aug  9 06:26:32 vtv3 sshd\[470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42  user=root
Aug  9 06:26:33 vtv3 sshd\[470\]: Failed password for root from 124.158.164.42 port 44938 ssh2
Aug  9 06:31:52 vtv3 sshd\[3063\]: Invalid user yg from 124.158.164.42 port 40540
Aug  9 06:31:52 vtv3 sshd\[3063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42
Aug  9 06:31:53 vtv3 sshd\[3063\]: Failed password for invalid user yg from 124.158.164.42 port 40540 ssh2
Aug  9 06:42:12 vtv3 sshd\[8117\]: Invalid user ubuntu from 124.158.164.42 port 59476
Aug  9 06:42:12 vtv3 sshd\[8117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42
Aug  9 06:42:15 vtv3 sshd\[8117\]: Failed password for invalid user ubuntu from 124.158.164.42 port 59476 ssh2
Aug  9 06:47:31 vtv3 sshd\[10599\]: Invalid user anonymous from 124.158.164.42 port 55182
Aug  9 06:47:31 vtv3

2019-08-09 15:56:41

attackspam

Aug  9 06:26:32 vtv3 sshd\[470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42  user=root
Aug  9 06:26:33 vtv3 sshd\[470\]: Failed password for root from 124.158.164.42 port 44938 ssh2
Aug  9 06:31:52 vtv3 sshd\[3063\]: Invalid user yg from 124.158.164.42 port 40540
Aug  9 06:31:52 vtv3 sshd\[3063\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42
Aug  9 06:31:53 vtv3 sshd\[3063\]: Failed password for invalid user yg from 124.158.164.42 port 40540 ssh2
Aug  9 06:42:12 vtv3 sshd\[8117\]: Invalid user ubuntu from 124.158.164.42 port 59476
Aug  9 06:42:12 vtv3 sshd\[8117\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.42
Aug  9 06:42:15 vtv3 sshd\[8117\]: Failed password for invalid user ubuntu from 124.158.164.42 port 59476 ssh2
Aug  9 06:47:31 vtv3 sshd\[10599\]: Invalid user anonymous from 124.158.164.42 port 55182
Aug  9 06:47:31 vtv3

2019-08-09 12:30:38

attackbots

SSH/22 MH Probe, BF, Hack -

2019-08-08 08:10:11

相同子网IP讨论:

IP	类型	评论内容	时间
124.158.164.146	attackbots	Sep 22 16:55:46 serwer sshd\[15167\]: Invalid user arnold from 124.158.164.146 port 35690 Sep 22 16:55:46 serwer sshd\[15167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Sep 22 16:55:49 serwer sshd\[15167\]: Failed password for invalid user arnold from 124.158.164.146 port 35690 ssh2 Sep 22 17:06:29 serwer sshd\[16518\]: Invalid user simon from 124.158.164.146 port 39622 Sep 22 17:06:29 serwer sshd\[16518\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Sep 22 17:06:31 serwer sshd\[16518\]: Failed password for invalid user simon from 124.158.164.146 port 39622 ssh2 Sep 22 17:09:54 serwer sshd\[16948\]: Invalid user maint from 124.158.164.146 port 45442 Sep 22 17:09:54 serwer sshd\[16948\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Sep 22 17:09:56 serwer sshd\[16948\]: Failed password for invalid us ...	2020-09-23 23:03:24
124.158.164.146	attackbotsspam	Sep 23 08:27:23 vpn01 sshd[25080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Sep 23 08:27:25 vpn01 sshd[25080]: Failed password for invalid user postgres from 124.158.164.146 port 38334 ssh2 ...	2020-09-23 15:18:21
124.158.164.146	attackspambots	Sep 22 23:02:37 scw-6657dc sshd[23569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 user=root Sep 22 23:02:37 scw-6657dc sshd[23569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 user=root Sep 22 23:02:38 scw-6657dc sshd[23569]: Failed password for root from 124.158.164.146 port 47970 ssh2 ...	2020-09-23 07:10:55
124.158.164.146	attack	Cluster member 178.17.174.160 (MD/Republic of Moldova/ChiÈinÄu Municipality/Chisinau/kiv.hlex.pw/[AS43289 I.C.S. Trabia-Network S.R.L.]) said, TEMPDENY 124.158.164.146, Reason:[(sshd) Failed SSH login from 124.158.164.146 (ID/Indonesia/Banten/Tangerang/-/[AS9341 PT INDONESIA COMNETS PLUS]): 1 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:	2020-09-15 23:30:24
124.158.164.146	attackspambots	(sshd) Failed SSH login from 124.158.164.146 (ID/Indonesia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 15 07:50:46 amsweb01 sshd[15208]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 user=root Sep 15 07:50:48 amsweb01 sshd[15208]: Failed password for root from 124.158.164.146 port 54274 ssh2 Sep 15 08:02:23 amsweb01 sshd[23561]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 user=root Sep 15 08:02:25 amsweb01 sshd[23561]: Failed password for root from 124.158.164.146 port 53568 ssh2 Sep 15 08:06:53 amsweb01 sshd[25338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 user=root	2020-09-15 15:23:20
124.158.164.146	attack	SSH brutforce	2020-09-15 07:29:41
124.158.164.146	attackbots	Aug 23 09:04:14 sshgateway sshd\[17764\]: Invalid user test1 from 124.158.164.146 Aug 23 09:04:14 sshgateway sshd\[17764\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Aug 23 09:04:16 sshgateway sshd\[17764\]: Failed password for invalid user test1 from 124.158.164.146 port 48796 ssh2	2020-08-23 17:49:50
124.158.164.146	attackbotsspam	Aug 17 07:39:43 home sshd[335842]: Invalid user plesk from 124.158.164.146 port 36630 Aug 17 07:39:43 home sshd[335842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Aug 17 07:39:43 home sshd[335842]: Invalid user plesk from 124.158.164.146 port 36630 Aug 17 07:39:45 home sshd[335842]: Failed password for invalid user plesk from 124.158.164.146 port 36630 ssh2 Aug 17 07:44:18 home sshd[337505]: Invalid user ts3srv from 124.158.164.146 port 47886 ...	2020-08-17 14:04:44
124.158.164.146	attack	Aug 16 21:32:49 jumpserver sshd[175916]: Invalid user clj from 124.158.164.146 port 33370 Aug 16 21:32:51 jumpserver sshd[175916]: Failed password for invalid user clj from 124.158.164.146 port 33370 ssh2 Aug 16 21:37:02 jumpserver sshd[175947]: Invalid user info from 124.158.164.146 port 58466 ...	2020-08-17 05:47:48
124.158.164.146	attackspam	Invalid user guolijun from 124.158.164.146 port 60634	2020-08-01 14:48:49
124.158.164.146	attackspam	Jul 19 00:42:16 dignus sshd[25310]: Failed password for invalid user utl from 124.158.164.146 port 33186 ssh2 Jul 19 00:47:04 dignus sshd[25791]: Invalid user mysql from 124.158.164.146 port 51070 Jul 19 00:47:04 dignus sshd[25791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Jul 19 00:47:06 dignus sshd[25791]: Failed password for invalid user mysql from 124.158.164.146 port 51070 ssh2 Jul 19 00:52:02 dignus sshd[26348]: Invalid user huawei from 124.158.164.146 port 45286 ...	2020-07-19 19:28:54
124.158.164.146	attack	Invalid user git from 124.158.164.146 port 60870	2020-07-16 16:45:48
124.158.164.146	attackspambots	Jun 16 07:42:04 piServer sshd[10294]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.158.164.146 Jun 16 07:42:07 piServer sshd[10294]: Failed password for invalid user lxy from 124.158.164.146 port 44286 ssh2 Jun 16 07:46:46 piServer sshd[10712]: Failed password for root from 124.158.164.146 port 52752 ssh2 ...	2020-06-16 16:09:42
124.158.164.146	attackspam	Jun 5 17:26:41 ws22vmsma01 sshd[138606]: Failed password for root from 124.158.164.146 port 40528 ssh2 ...	2020-06-06 05:28:47
124.158.164.146	attackbots	$f2bV_matches	2020-05-26 20:06:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.158.164.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9966
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.158.164.42.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080702 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 08 08:10:05 CST 2019
;; MSG SIZE  rcvd: 118

HOST信息:

Host 42.164.158.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 42.164.158.124.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
95.58.194.141	attackspam	Jul 8 16:27:57 bouncer sshd\[5384\]: Invalid user fc from 95.58.194.141 port 37714 Jul 8 16:27:57 bouncer sshd\[5384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.58.194.141 Jul 8 16:28:00 bouncer sshd\[5384\]: Failed password for invalid user fc from 95.58.194.141 port 37714 ssh2 ...	2019-07-08 22:47:51
41.237.145.169	attack	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 23:29:09
114.46.73.155	attackbotsspam	Honeypot attack, port: 23, PTR: 114-46-73-155.dynamic-ip.hinet.net.	2019-07-08 22:41:39
171.25.193.77	attackbotsspam	REQUEST_URI was /formmail.php	2019-07-08 23:40:28
93.41.190.83	attack	Jul 8 10:33:41 * sshd[26907]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.41.190.83 Jul 8 10:33:43 * sshd[26907]: Failed password for invalid user bay from 93.41.190.83 port 42800 ssh2	2019-07-08 23:10:35
223.136.150.39	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 08:32:18,172 INFO [amun_request_handler] PortScan Detected on Port: 445 (223.136.150.39)	2019-07-08 23:25:17
60.191.38.77	attackbots	Unauthorised access (Jul 8) SRC=60.191.38.77 LEN=44 TTL=111 ID=41015 TCP DPT=8080 WINDOW=29200 SYN	2019-07-08 23:23:06
185.129.148.165	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 07:56:14,561 INFO [amun_request_handler] PortScan Detected on Port: 3389 (185.129.148.165)	2019-07-08 23:07:18
68.183.229.159	attackbotsspam	ssh failed login	2019-07-08 23:11:16
123.133.136.200	attackbotsspam	Unauthorised access (Jul 8) SRC=123.133.136.200 LEN=40 TTL=49 ID=39376 TCP DPT=23 WINDOW=31171 SYN	2019-07-08 22:49:17
42.188.157.244	attackspambots	SMTP/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-07-08 23:18:44
94.45.152.83	attack	Honeypot attack, port: 445, PTR: 94.45.152.083.luxlite.com.ua.	2019-07-08 22:51:19
200.75.2.170	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 10:15:23,730 INFO [shellcode_manager] (200.75.2.170) no match, writing hexdump (7ebe67eb7c2cf73804170e067d021975 :11440) - SMB (Unknown)	2019-07-08 23:00:00
185.234.216.220	attackspam	failed_logins	2019-07-08 22:48:49
110.78.173.130	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 07:54:29,728 INFO [amun_request_handler] PortScan Detected on Port: 445 (110.78.173.130)	2019-07-08 23:39:34

最近上报的IP列表

83.221.205.203	54.36.149.27	51.81.20.101	116.203.76.46
112.225.219.103	121.23.183.61	117.48.206.235	115.204.234.197
84.253.112.21	84.205.241.1	51.223.139.5	46.176.6.140
122.176.27.149	119.136.199.18	47.93.163.150	132.232.72.110
88.238.17.192	79.134.76.177	124.162.40.166	217.115.10.131