124.131.1.166 - IPInfo

Basic Info

City: Yantai

Region: Shandong

Country: China

Internet Service Provider: China Unicom

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
124.131.151.221	attack	port scan and connect, tcp 23 (telnet)	2020-10-02 07:28:57
124.131.151.221	attackbots	port scan and connect, tcp 23 (telnet)	2020-10-02 00:01:04
124.131.151.221	attack	port scan and connect, tcp 23 (telnet)	2020-10-01 16:08:00
124.131.142.255	attack	23/tcp [2020-09-26]1pkt	2020-09-28 06:44:05
124.131.142.255	attackbotsspam	23/tcp [2020-09-26]1pkt	2020-09-27 23:10:23
124.131.142.255	attackspambots	23/tcp [2020-09-26]1pkt	2020-09-27 15:08:21
124.131.111.3	attack	Telnet/23 MH Probe, Scan, BF, Hack -	2020-04-02 03:00:09
124.131.113.190	attackspam	UTC: 2019-12-06 port: 23/tcp	2019-12-07 22:37:25
124.131.123.78	attack	[portscan] tcp/23 [TELNET] *(RWIN=62761)(11190859)	2019-11-19 17:56:50
124.131.100.76	attackspam	Unauthorised access (Oct 8) SRC=124.131.100.76 LEN=40 TTL=49 ID=56027 TCP DPT=8080 WINDOW=23664 SYN Unauthorised access (Oct 8) SRC=124.131.100.76 LEN=40 TTL=49 ID=62940 TCP DPT=8080 WINDOW=8804 SYN	2019-10-08 12:35:29
124.131.197.169	attackspam	Unauthorised access (Oct 4) SRC=124.131.197.169 LEN=40 TTL=49 ID=27364 TCP DPT=8080 WINDOW=38782 SYN Unauthorised access (Oct 2) SRC=124.131.197.169 LEN=40 TTL=49 ID=45730 TCP DPT=8080 WINDOW=38782 SYN Unauthorised access (Oct 1) SRC=124.131.197.169 LEN=40 TTL=49 ID=40584 TCP DPT=8080 WINDOW=57229 SYN Unauthorised access (Sep 30) SRC=124.131.197.169 LEN=40 TTL=49 ID=63329 TCP DPT=8080 WINDOW=40397 SYN	2019-10-04 16:31:09
124.131.164.127	attackspam	Aug 28 06:28:08 [snip] sshd[29297]: Invalid user ts3admin from 124.131.164.127 port 60660 Aug 28 06:28:08 [snip] sshd[29297]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.131.164.127 Aug 28 06:28:10 [snip] sshd[29297]: Failed password for invalid user ts3admin from 124.131.164.127 port 60660 ssh2[...]	2019-08-28 14:06:21
124.131.112.56	attack	Aug 6 11:15:15 DDOS Attack: SRC=124.131.112.56 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=48 DF PROTO=TCP SPT=29285 DPT=80 WINDOW=0 RES=0x00 RST URGP=0	2019-08-07 02:50:40
124.131.114.170	attackspam	TCP port 23 (Telnet) attempt blocked by firewall. [2019-06-30 05:38:39]	2019-06-30 16:48:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.131.1.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19148
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.131.1.166.			IN	A

;; AUTHORITY SECTION:
.			209	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012101 1800 900 604800 86400

;; Query time: 94 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 22 07:52:38 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 166.1.131.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 166.1.131.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
202.163.66.201	attack	1577171700 - 12/24/2019 08:15:00 Host: 202.163.66.201/202.163.66.201 Port: 445 TCP Blocked	2019-12-24 21:13:09
145.239.73.103	attackspambots	Invalid user pion from 145.239.73.103 port 54610	2019-12-24 20:58:19
62.234.154.56	attack	Dec 24 01:08:05 askasleikir sshd[293591]: Failed password for invalid user naser from 62.234.154.56 port 50287 ssh2	2019-12-24 21:09:05
197.50.17.163	attackspambots	"IMAP brute force auth login attempt."	2019-12-24 21:11:32
78.127.239.138	attack	Dec 24 11:04:20 herz-der-gamer sshd[22904]: Invalid user hyonil from 78.127.239.138 port 50722 Dec 24 11:04:20 herz-der-gamer sshd[22904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.127.239.138 Dec 24 11:04:20 herz-der-gamer sshd[22904]: Invalid user hyonil from 78.127.239.138 port 50722 Dec 24 11:04:22 herz-der-gamer sshd[22904]: Failed password for invalid user hyonil from 78.127.239.138 port 50722 ssh2 ...	2019-12-24 21:21:08
106.12.102.143	attackspam	Dec 24 09:03:56 dev0-dcde-rnet sshd[17165]: Failed password for root from 106.12.102.143 port 57162 ssh2 Dec 24 09:33:31 dev0-dcde-rnet sshd[17341]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.102.143 Dec 24 09:33:33 dev0-dcde-rnet sshd[17341]: Failed password for invalid user tsbot from 106.12.102.143 port 34928 ssh2	2019-12-24 21:14:23
186.249.92.18	attack	Automatic report - Port Scan Attack	2019-12-24 20:45:18
177.125.222.78	attackspam	Unauthorized connection attempt from IP address 177.125.222.78 on Port 445(SMB)	2019-12-24 20:57:59
36.69.50.170	attack	Unauthorized connection attempt from IP address 36.69.50.170 on Port 445(SMB)	2019-12-24 20:44:39
51.75.16.138	attackbotsspam	Invalid user wwwadmin from 51.75.16.138 port 49743	2019-12-24 21:14:49
196.52.43.84	attack	ICMP MH Probe, Scan /Distributed -	2019-12-24 21:21:29
183.82.154.18	attack	Unauthorized connection attempt from IP address 183.82.154.18 on Port 445(SMB)	2019-12-24 20:53:03
107.189.11.168	attackspam	Dec 24 08:45:38 zeus sshd[26781]: Failed password for root from 107.189.11.168 port 55688 ssh2 Dec 24 08:48:08 zeus sshd[26885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.11.168 Dec 24 08:48:10 zeus sshd[26885]: Failed password for invalid user 123 from 107.189.11.168 port 50762 ssh2 Dec 24 08:50:37 zeus sshd[26963]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.189.11.168	2019-12-24 21:00:04
36.85.30.211	attack	Unauthorized connection attempt from IP address 36.85.30.211 on Port 445(SMB)	2019-12-24 20:47:57
222.186.42.4	attackspambots	Dec 24 14:02:55 markkoudstaal sshd[23422]: Failed password for root from 222.186.42.4 port 11598 ssh2 Dec 24 14:03:10 markkoudstaal sshd[23422]: error: maximum authentication attempts exceeded for root from 222.186.42.4 port 11598 ssh2 [preauth] Dec 24 14:03:16 markkoudstaal sshd[23457]: Failed password for root from 222.186.42.4 port 28984 ssh2	2019-12-24 21:04:05

Recently Reported IPs

2.182.125.242	91.102.40.68	137.110.90.134	49.89.123.174
123.243.165.239	20.36.119.135	77.150.33.34	45.148.10.159
162.51.71.122	84.123.103.178	60.189.26.66	43.247.184.225
187.69.217.148	192.174.35.19	173.254.225.159	41.236.172.241
52.80.61.85	36.32.3.233	126.85.208.116	31.200.192.96