124.16.4.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Science & Technology Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 3 17:44:39 ny01 sshd[32015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Oct 3 17:44:40 ny01 sshd[32015]: Failed password for invalid user wpuser from 124.16.4.5 port 44869 ssh2 Oct 3 17:46:51 ny01 sshd[32245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5	2020-10-04 08:39:00
attack	Oct 3 17:39:21 v22019038103785759 sshd\[13589\]: Invalid user luca from 124.16.4.5 port 61517 Oct 3 17:39:21 v22019038103785759 sshd\[13589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Oct 3 17:39:23 v22019038103785759 sshd\[13589\]: Failed password for invalid user luca from 124.16.4.5 port 61517 ssh2 Oct 3 17:45:32 v22019038103785759 sshd\[14116\]: Invalid user it from 124.16.4.5 port 13235 Oct 3 17:45:32 v22019038103785759 sshd\[14116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 ...	2020-10-04 01:09:38
attackbots	(sshd) Failed SSH login from 124.16.4.5 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 06:35:32 server2 sshd[20664]: Invalid user deok from 124.16.4.5 Sep 16 06:35:32 server2 sshd[20664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Sep 16 06:35:34 server2 sshd[20664]: Failed password for invalid user deok from 124.16.4.5 port 60626 ssh2 Sep 16 06:37:44 server2 sshd[22408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 user=root Sep 16 06:37:46 server2 sshd[22408]: Failed password for root from 124.16.4.5 port 10382 ssh2	2020-09-16 19:05:49
attack	Aug 22 18:09:51 NPSTNNYC01T sshd[22560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Aug 22 18:09:53 NPSTNNYC01T sshd[22560]: Failed password for invalid user adm from 124.16.4.5 port 43855 ssh2 Aug 22 18:15:17 NPSTNNYC01T sshd[23211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 ...	2020-08-23 06:25:03
attackspambots	Automatic Fail2ban report - Trying login SSH	2020-08-20 05:23:13
attackbotsspam	Aug 18 14:35:01 vpn01 sshd[32414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Aug 18 14:35:03 vpn01 sshd[32414]: Failed password for invalid user xp from 124.16.4.5 port 59865 ssh2 ...	2020-08-18 21:32:13
attackbots	Aug 8 21:19:21 lnxmysql61 sshd[29960]: Failed password for root from 124.16.4.5 port 2898 ssh2 Aug 8 21:19:21 lnxmysql61 sshd[29960]: Failed password for root from 124.16.4.5 port 2898 ssh2	2020-08-09 03:36:55
attackspambots	Jul 31 19:59:14 firewall sshd[11918]: Failed password for root from 124.16.4.5 port 38722 ssh2 Jul 31 20:02:30 firewall sshd[12004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 user=root Jul 31 20:02:32 firewall sshd[12004]: Failed password for root from 124.16.4.5 port 54125 ssh2 ...	2020-08-01 07:30:37
attackbots	Jul 28 14:03:14 minden010 sshd[28284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Jul 28 14:03:16 minden010 sshd[28284]: Failed password for invalid user guotingyou from 124.16.4.5 port 11741 ssh2 Jul 28 14:07:21 minden010 sshd[29747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 ...	2020-07-28 20:48:42
attack	Jul 26 22:50:06 vps639187 sshd\[444\]: Invalid user maciej from 124.16.4.5 port 37460 Jul 26 22:50:06 vps639187 sshd\[444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Jul 26 22:50:09 vps639187 sshd\[444\]: Failed password for invalid user maciej from 124.16.4.5 port 37460 ssh2 ...	2020-07-27 05:01:06
attackbots	2020-07-25T10:52:55.1920401495-001 sshd[36495]: Invalid user odroid from 124.16.4.5 port 42299 2020-07-25T10:52:57.4234941495-001 sshd[36495]: Failed password for invalid user odroid from 124.16.4.5 port 42299 ssh2 2020-07-25T10:55:48.7209481495-001 sshd[36695]: Invalid user juni from 124.16.4.5 port 57943 2020-07-25T10:55:48.7241181495-001 sshd[36695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 2020-07-25T10:55:48.7209481495-001 sshd[36695]: Invalid user juni from 124.16.4.5 port 57943 2020-07-25T10:55:51.0285411495-001 sshd[36695]: Failed password for invalid user juni from 124.16.4.5 port 57943 ssh2 ...	2020-07-25 23:34:53
attack	Jul 22 19:47:08 mout sshd[9163]: Invalid user ebay from 124.16.4.5 port 19725 Jul 22 19:47:11 mout sshd[9163]: Failed password for invalid user ebay from 124.16.4.5 port 19725 ssh2 Jul 22 19:47:12 mout sshd[9163]: Disconnected from invalid user ebay 124.16.4.5 port 19725 [preauth]	2020-07-23 02:10:45

相同子网IP讨论:

IP	类型	评论内容	时间
124.16.4.21	attackbots	Sep 23 21:08:37 lcprod sshd\[6791\]: Invalid user matt from 124.16.4.21 Sep 23 21:08:37 lcprod sshd\[6791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 23 21:08:39 lcprod sshd\[6791\]: Failed password for invalid user matt from 124.16.4.21 port 60400 ssh2 Sep 23 21:14:50 lcprod sshd\[7369\]: Invalid user qiang from 124.16.4.21 Sep 23 21:14:50 lcprod sshd\[7369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21	2019-09-24 18:05:59
124.16.4.21	attackbotsspam	Sep 17 08:31:04 microserver sshd[11196]: Invalid user Maila from 124.16.4.21 port 46358 Sep 17 08:31:04 microserver sshd[11196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 17 08:31:06 microserver sshd[11196]: Failed password for invalid user Maila from 124.16.4.21 port 46358 ssh2 Sep 17 08:36:35 microserver sshd[11899]: Invalid user admin from 124.16.4.21 port 49220 Sep 17 08:36:35 microserver sshd[11899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 17 09:34:18 microserver sshd[19188]: Invalid user testhp from 124.16.4.21 port 49614 Sep 17 09:34:18 microserver sshd[19188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 17 09:34:19 microserver sshd[19188]: Failed password for invalid user testhp from 124.16.4.21 port 49614 ssh2 Sep 17 09:40:07 microserver sshd[19920]: Invalid user mailman from 124.16.4.21 port 52482 Sep 17 09:40:07 mic	2019-09-17 19:14:05
124.16.4.21	attackspam	Sep 9 20:30:39 lnxded63 sshd[28478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21	2019-09-10 02:51:21
124.16.4.21	attack	Aug 24 17:13:26 aiointranet sshd\[24302\]: Invalid user user1 from 124.16.4.21 Aug 24 17:13:26 aiointranet sshd\[24302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Aug 24 17:13:28 aiointranet sshd\[24302\]: Failed password for invalid user user1 from 124.16.4.21 port 52014 ssh2 Aug 24 17:20:40 aiointranet sshd\[24961\]: Invalid user java from 124.16.4.21 Aug 24 17:20:40 aiointranet sshd\[24961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21	2019-08-25 11:28:55
124.16.4.21	attackbots	vps1:pam-generic	2019-08-18 17:58:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.16.4.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34679
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.16.4.5.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072201 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 23 02:10:41 CST 2020
;; MSG SIZE  rcvd: 114

HOST信息:

Host 5.4.16.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.4.16.124.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
27.61.166.184	attackspambots	Jan 8 13:04:12 unicornsoft sshd\[9684\]: User root from 27.61.166.184 not allowed because not listed in AllowUsers Jan 8 13:04:12 unicornsoft sshd\[9684\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.61.166.184 user=root Jan 8 13:04:14 unicornsoft sshd\[9684\]: Failed password for invalid user root from 27.61.166.184 port 12700 ssh2	2020-01-08 23:11:01
128.199.47.148	attackbots	Jan 8 04:51:45 wbs sshd\[4102\]: Invalid user nyx from 128.199.47.148 Jan 8 04:51:45 wbs sshd\[4102\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.47.148 Jan 8 04:51:46 wbs sshd\[4102\]: Failed password for invalid user nyx from 128.199.47.148 port 55154 ssh2 Jan 8 04:58:35 wbs sshd\[4699\]: Invalid user Administrator from 128.199.47.148 Jan 8 04:58:35 wbs sshd\[4699\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.47.148	2020-01-08 23:01:37
122.176.38.177	attackbotsspam	Jan 8 13:01:32 124388 sshd[25719]: Invalid user bismark from 122.176.38.177 port 53116 Jan 8 13:01:32 124388 sshd[25719]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.176.38.177 Jan 8 13:01:32 124388 sshd[25719]: Invalid user bismark from 122.176.38.177 port 53116 Jan 8 13:01:33 124388 sshd[25719]: Failed password for invalid user bismark from 122.176.38.177 port 53116 ssh2 Jan 8 13:03:51 124388 sshd[25727]: Invalid user server from 122.176.38.177 port 2224	2020-01-08 23:28:11
14.98.48.30	attack	Jan 8 14:03:48 h2177944 kernel: \[1687156.546043\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=14.98.48.30 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=31009 DF PROTO=TCP SPT=58801 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jan 8 14:03:48 h2177944 kernel: \[1687156.546057\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=14.98.48.30 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=31009 DF PROTO=TCP SPT=58801 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jan 8 14:03:52 h2177944 kernel: \[1687159.823994\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=14.98.48.30 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=18061 DF PROTO=TCP SPT=58945 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jan 8 14:03:52 h2177944 kernel: \[1687159.824009\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=14.98.48.30 DST=85.214.117.9 LEN=52 TOS=0x00 PREC=0x00 TTL=111 ID=18061 DF PROTO=TCP SPT=58945 DPT=8291 WINDOW=8192 RES=0x00 SYN URGP=0 Jan 8 14:03:58 h2177944 kernel: \[1687166.081180\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=14.98.48.30 DST=85.214.117	2020-01-08 23:25:43
54.37.136.87	attack	Automatic report - Banned IP Access	2020-01-08 22:46:36
190.7.146.165	attackspam	Jan 8 15:43:16 mout sshd[11563]: Invalid user fd from 190.7.146.165 port 47635	2020-01-08 23:22:15
206.189.149.9	attack	Jan 8 15:33:24 plex sshd[31492]: Invalid user mating from 206.189.149.9 port 36304	2020-01-08 23:17:18
180.71.47.198	attackspam	Jan 8 14:04:27 MK-Soft-VM5 sshd[7025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.71.47.198 Jan 8 14:04:28 MK-Soft-VM5 sshd[7025]: Failed password for invalid user wifi from 180.71.47.198 port 49046 ssh2 ...	2020-01-08 22:59:38
36.76.94.216	attackspam	Automatic report - Port Scan Attack	2020-01-08 23:12:38
31.5.234.238	attack	Jan 8 13:40:23 h2034429 postfix/smtpd[32173]: connect from unknown[31.5.234.238] Jan x@x Jan 8 13:40:25 h2034429 postfix/smtpd[32173]: lost connection after DATA from unknown[31.5.234.238] Jan 8 13:40:25 h2034429 postfix/smtpd[32173]: disconnect from unknown[31.5.234.238] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jan 8 13:41:05 h2034429 postfix/smtpd[32175]: connect from unknown[31.5.234.238] Jan x@x Jan 8 13:41:06 h2034429 postfix/smtpd[32175]: lost connection after DATA from unknown[31.5.234.238] Jan 8 13:41:06 h2034429 postfix/smtpd[32175]: disconnect from unknown[31.5.234.238] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 Jan 8 13:41:29 h2034429 postfix/smtpd[32196]: connect from unknown[31.5.234.238] Jan x@x Jan 8 13:41:30 h2034429 postfix/smtpd[32196]: lost connection after DATA from unknown[31.5.234.238] Jan 8 13:41:30 h2034429 postfix/smtpd[32196]: disconnect from unknown[31.5.234.238] ehlo=1 mail=1 rcpt=0/1 data=0/1 commands=2/4 ........ ----------------------------------------------- ht	2020-01-08 23:13:01
217.64.142.250	attackbots	IP blocked	2020-01-08 22:54:02
79.124.62.34	attackspam	Unauthorized connection attempt from IP address 79.124.62.34 on Port 3389(RDP)	2020-01-08 22:54:30
142.11.241.65	attackspam	Jan 8 05:56:36 localhost sshd[14182]: Did not receive identification string from 142.11.241.65 port 40046 Jan 8 05:56:37 localhost sshd[14183]: error: Received disconnect from 142.11.241.65 port 40096:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jan 8 05:56:37 localhost sshd[14183]: Disconnected from 142.11.241.65 port 40096 [preauth] Jan 8 05:56:38 localhost sshd[14185]: error: Received disconnect from 142.11.241.65 port 40188:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jan 8 05:56:38 localhost sshd[14185]: Disconnected from 142.11.241.65 port 40188 [preauth] Jan 8 05:56:38 localhost sshd[14187]: Invalid user pi from 142.11.241.65 port 40318 Jan 8 05:56:38 localhost sshd[14187]: error: Received disconnect from 142.11.241.65 port 40318:3: com.jcraft.jsch.JSchException: Auth fail [preauth] Jan 8 05:56:38 localhost sshd[14187]: Disconnected from 142.11.241.65 port 40318 [preauth] Jan 8 05:56:39 localhost sshd[14189]: Invalid user pi from 142.11........ -------------------------------	2020-01-08 22:49:54
42.236.10.77	attack	Automated report (2020-01-08T13:04:29+00:00). Scraper detected at this address.	2020-01-08 23:01:18
89.248.172.85	attackspam	01/08/2020-09:30:17.541821 89.248.172.85 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 98	2020-01-08 22:50:15

最近上报的IP列表

122.254.11.177	98.143.61.177	115.175.14.244	139.59.249.16
56.111.175.204	122.117.110.164	114.41.170.202	163.184.197.155
55.86.107.143	59.127.71.36	37.37.244.157	8.164.70.11
1.170.28.138	174.219.146.39	122.117.88.78	60.190.114.58
190.167.122.189	112.28.74.38	130.1.225.180	106.52.130.172