124.16.4.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Science & Technology Network

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Fixed Line ISP

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Oct 3 17:44:39 ny01 sshd[32015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Oct 3 17:44:40 ny01 sshd[32015]: Failed password for invalid user wpuser from 124.16.4.5 port 44869 ssh2 Oct 3 17:46:51 ny01 sshd[32245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5	2020-10-04 08:39:00
attack	Oct 3 17:39:21 v22019038103785759 sshd\[13589\]: Invalid user luca from 124.16.4.5 port 61517 Oct 3 17:39:21 v22019038103785759 sshd\[13589\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Oct 3 17:39:23 v22019038103785759 sshd\[13589\]: Failed password for invalid user luca from 124.16.4.5 port 61517 ssh2 Oct 3 17:45:32 v22019038103785759 sshd\[14116\]: Invalid user it from 124.16.4.5 port 13235 Oct 3 17:45:32 v22019038103785759 sshd\[14116\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 ...	2020-10-04 01:09:38
attackbots	(sshd) Failed SSH login from 124.16.4.5 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 06:35:32 server2 sshd[20664]: Invalid user deok from 124.16.4.5 Sep 16 06:35:32 server2 sshd[20664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Sep 16 06:35:34 server2 sshd[20664]: Failed password for invalid user deok from 124.16.4.5 port 60626 ssh2 Sep 16 06:37:44 server2 sshd[22408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 user=root Sep 16 06:37:46 server2 sshd[22408]: Failed password for root from 124.16.4.5 port 10382 ssh2	2020-09-16 19:05:49
attack	Aug 22 18:09:51 NPSTNNYC01T sshd[22560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Aug 22 18:09:53 NPSTNNYC01T sshd[22560]: Failed password for invalid user adm from 124.16.4.5 port 43855 ssh2 Aug 22 18:15:17 NPSTNNYC01T sshd[23211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 ...	2020-08-23 06:25:03
attackspambots	Automatic Fail2ban report - Trying login SSH	2020-08-20 05:23:13
attackbotsspam	Aug 18 14:35:01 vpn01 sshd[32414]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Aug 18 14:35:03 vpn01 sshd[32414]: Failed password for invalid user xp from 124.16.4.5 port 59865 ssh2 ...	2020-08-18 21:32:13
attackbots	Aug 8 21:19:21 lnxmysql61 sshd[29960]: Failed password for root from 124.16.4.5 port 2898 ssh2 Aug 8 21:19:21 lnxmysql61 sshd[29960]: Failed password for root from 124.16.4.5 port 2898 ssh2	2020-08-09 03:36:55
attackspambots	Jul 31 19:59:14 firewall sshd[11918]: Failed password for root from 124.16.4.5 port 38722 ssh2 Jul 31 20:02:30 firewall sshd[12004]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 user=root Jul 31 20:02:32 firewall sshd[12004]: Failed password for root from 124.16.4.5 port 54125 ssh2 ...	2020-08-01 07:30:37
attackbots	Jul 28 14:03:14 minden010 sshd[28284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Jul 28 14:03:16 minden010 sshd[28284]: Failed password for invalid user guotingyou from 124.16.4.5 port 11741 ssh2 Jul 28 14:07:21 minden010 sshd[29747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 ...	2020-07-28 20:48:42
attack	Jul 26 22:50:06 vps639187 sshd\[444\]: Invalid user maciej from 124.16.4.5 port 37460 Jul 26 22:50:06 vps639187 sshd\[444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 Jul 26 22:50:09 vps639187 sshd\[444\]: Failed password for invalid user maciej from 124.16.4.5 port 37460 ssh2 ...	2020-07-27 05:01:06
attackbots	2020-07-25T10:52:55.1920401495-001 sshd[36495]: Invalid user odroid from 124.16.4.5 port 42299 2020-07-25T10:52:57.4234941495-001 sshd[36495]: Failed password for invalid user odroid from 124.16.4.5 port 42299 ssh2 2020-07-25T10:55:48.7209481495-001 sshd[36695]: Invalid user juni from 124.16.4.5 port 57943 2020-07-25T10:55:48.7241181495-001 sshd[36695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.5 2020-07-25T10:55:48.7209481495-001 sshd[36695]: Invalid user juni from 124.16.4.5 port 57943 2020-07-25T10:55:51.0285411495-001 sshd[36695]: Failed password for invalid user juni from 124.16.4.5 port 57943 ssh2 ...	2020-07-25 23:34:53
attack	Jul 22 19:47:08 mout sshd[9163]: Invalid user ebay from 124.16.4.5 port 19725 Jul 22 19:47:11 mout sshd[9163]: Failed password for invalid user ebay from 124.16.4.5 port 19725 ssh2 Jul 22 19:47:12 mout sshd[9163]: Disconnected from invalid user ebay 124.16.4.5 port 19725 [preauth]	2020-07-23 02:10:45

相同子网IP讨论:

IP	类型	评论内容	时间
124.16.4.21	attackbots	Sep 23 21:08:37 lcprod sshd\[6791\]: Invalid user matt from 124.16.4.21 Sep 23 21:08:37 lcprod sshd\[6791\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 23 21:08:39 lcprod sshd\[6791\]: Failed password for invalid user matt from 124.16.4.21 port 60400 ssh2 Sep 23 21:14:50 lcprod sshd\[7369\]: Invalid user qiang from 124.16.4.21 Sep 23 21:14:50 lcprod sshd\[7369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21	2019-09-24 18:05:59
124.16.4.21	attackbotsspam	Sep 17 08:31:04 microserver sshd[11196]: Invalid user Maila from 124.16.4.21 port 46358 Sep 17 08:31:04 microserver sshd[11196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 17 08:31:06 microserver sshd[11196]: Failed password for invalid user Maila from 124.16.4.21 port 46358 ssh2 Sep 17 08:36:35 microserver sshd[11899]: Invalid user admin from 124.16.4.21 port 49220 Sep 17 08:36:35 microserver sshd[11899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 17 09:34:18 microserver sshd[19188]: Invalid user testhp from 124.16.4.21 port 49614 Sep 17 09:34:18 microserver sshd[19188]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Sep 17 09:34:19 microserver sshd[19188]: Failed password for invalid user testhp from 124.16.4.21 port 49614 ssh2 Sep 17 09:40:07 microserver sshd[19920]: Invalid user mailman from 124.16.4.21 port 52482 Sep 17 09:40:07 mic	2019-09-17 19:14:05
124.16.4.21	attackspam	Sep 9 20:30:39 lnxded63 sshd[28478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21	2019-09-10 02:51:21
124.16.4.21	attack	Aug 24 17:13:26 aiointranet sshd\[24302\]: Invalid user user1 from 124.16.4.21 Aug 24 17:13:26 aiointranet sshd\[24302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21 Aug 24 17:13:28 aiointranet sshd\[24302\]: Failed password for invalid user user1 from 124.16.4.21 port 52014 ssh2 Aug 24 17:20:40 aiointranet sshd\[24961\]: Invalid user java from 124.16.4.21 Aug 24 17:20:40 aiointranet sshd\[24961\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.16.4.21	2019-08-25 11:28:55
124.16.4.21	attackbots	vps1:pam-generic	2019-08-18 17:58:33

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.16.4.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34679
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.16.4.5.			IN	A

;; AUTHORITY SECTION:
.			498	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072201 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 23 02:10:41 CST 2020
;; MSG SIZE  rcvd: 114

HOST信息:

Host 5.4.16.124.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.4.16.124.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
117.192.60.71	attackspam	Invalid user user from 117.192.60.71 port 56647	2020-01-10 23:12:47
163.172.204.185	attack	Unauthorized connection attempt detected from IP address 163.172.204.185 to port 22	2020-01-10 23:03:06
45.178.141.202	attackspam	Invalid user admin from 45.178.141.202 port 32264	2020-01-10 22:47:32
120.92.35.127	attackbotsspam	Invalid user dmartin from 120.92.35.127 port 57500	2020-01-10 23:10:34
107.170.249.6	attackspam	Invalid user ocadmin from 107.170.249.6 port 39037	2020-01-10 22:38:27
111.161.74.118	attackbots	Invalid user freida from 111.161.74.118 port 48188	2020-01-10 23:15:58
112.35.75.6	attackbots	SSH/22 MH Probe, BF, Hack -	2020-01-10 22:37:30
198.50.159.33	attackspam	Jan 10 14:30:30 thevastnessof sshd[16331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.50.159.33 ...	2020-01-10 22:54:23
112.17.190.29	attackspambots	Invalid user ogh from 112.17.190.29 port 60701	2020-01-10 23:14:58
139.180.137.254	attackbots	Invalid user tc from 139.180.137.254 port 39268	2020-01-10 23:07:33
111.231.141.221	attackbotsspam	Invalid user opn from 111.231.141.221 port 49506	2020-01-10 22:37:55
62.234.68.215	attack	Invalid user saa from 62.234.68.215 port 34419	2020-01-10 22:43:58
168.126.85.225	attackbots	Invalid user cpanel from 168.126.85.225 port 39286	2020-01-10 23:02:39
115.249.205.29	attack	Invalid user tommy from 115.249.205.29 port 43499	2020-01-10 22:37:00
117.247.253.2	attackspam	Invalid user iws from 117.247.253.2 port 33822	2020-01-10 23:12:17

最近上报的IP列表

122.254.11.177	98.143.61.177	115.175.14.244	139.59.249.16
56.111.175.204	122.117.110.164	114.41.170.202	163.184.197.155
55.86.107.143	59.127.71.36	37.37.244.157	8.164.70.11
1.170.28.138	174.219.146.39	122.117.88.78	60.190.114.58
190.167.122.189	112.28.74.38	130.1.225.180	106.52.130.172