124.158.160.34

Basic Info

City: Bandung

Region: West Java

Country: Indonesia

Internet Service Provider: PT Indonesia Comnets Plus

Hostname: unknown

Organization: PT INDONESIA COMNETS PLUS

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2020-09-11 04:01:25
attackspam	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2020-09-10 19:39:44
attackbotsspam	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2020-08-02 08:50:14
attackbotsspam	445/tcp 445/tcp 445/tcp... [2020-02-08/03-30]12pkt,1pt.(tcp)	2020-03-31 06:35:52
attack	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2020-03-09 09:34:28
attackbots	Honeypot attack, port: 445, PTR: PTR record not found	2020-03-03 15:26:12
attack	Port probing on unauthorized port 445	2020-02-21 17:47:42
attackspam	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2020-01-04 02:00:06
attackbots	20/1/1@01:01:06: FAIL: Alarm-Network address from=124.158.160.34 ...	2020-01-01 14:11:13
attackbotsspam	445/tcp 445/tcp 445/tcp... [2019-10-26/12-22]29pkt,1pt.(tcp)	2019-12-24 04:19:14
attack	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2019-11-04 03:38:34
attackbots	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2019-11-03 21:34:42
attack	Unauthorised access (Oct 22) SRC=124.158.160.34 LEN=52 TOS=0x10 PREC=0x40 TTL=110 ID=20718 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Oct 14) SRC=124.158.160.34 LEN=52 PREC=0x20 TTL=107 ID=7200 DF TCP DPT=445 WINDOW=8192 SYN	2019-10-22 12:49:40
attack	Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)	2019-10-19 23:38:44
attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 22:15:09,437 INFO [amun_request_handler] PortScan Detected on Port: 445 (124.158.160.34)	2019-08-29 10:56:29
attackbotsspam	Unauthorised access (Aug 14) SRC=124.158.160.34 LEN=52 PREC=0x20 TTL=106 ID=2817 DF TCP DPT=445 WINDOW=8192 SYN	2019-08-15 04:21:46
attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 09:41:46,470 INFO [shellcode_manager] (124.158.160.34) no match, writing hexdump (3028ec7b5e8f4663b81b67055ec68a2d :2158038) - MS17010 (EternalBlue)	2019-06-29 19:41:02

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.158.160.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2126
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.158.160.34.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 21:51:18 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 34.160.158.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 34.160.158.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
62.12.115.116	attack	Feb 3 02:22:24 legacy sshd[30382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.12.115.116 Feb 3 02:22:26 legacy sshd[30382]: Failed password for invalid user krzysiek from 62.12.115.116 port 50572 ssh2 Feb 3 02:25:50 legacy sshd[30701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.12.115.116 ...	2020-02-03 09:30:00
222.80.125.103	attack	Unauthorized connection attempt detected from IP address 222.80.125.103 to port 3389 [T]	2020-02-03 10:04:56
103.100.211.16	attackspambots	2020-02-02T18:07:20.2479141495-001 sshd[63280]: Invalid user ruriko from 103.100.211.16 port 34584 2020-02-02T18:07:20.2510041495-001 sshd[63280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.211.16 2020-02-02T18:07:20.2479141495-001 sshd[63280]: Invalid user ruriko from 103.100.211.16 port 34584 2020-02-02T18:07:22.1812431495-001 sshd[63280]: Failed password for invalid user ruriko from 103.100.211.16 port 34584 ssh2 2020-02-02T18:13:06.8726731495-001 sshd[63531]: Invalid user evans from 103.100.211.16 port 54459 2020-02-02T18:13:06.8759981495-001 sshd[63531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.100.211.16 2020-02-02T18:13:06.8726731495-001 sshd[63531]: Invalid user evans from 103.100.211.16 port 54459 2020-02-02T18:13:08.6404751495-001 sshd[63531]: Failed password for invalid user evans from 103.100.211.16 port 54459 ssh2 2020-02-02T18:15:39.0517811495-001 sshd[63653]: Invalid u ...	2020-02-03 09:26:43
103.10.30.207	attackbotsspam	Feb 2 20:33:44 plusreed sshd[12042]: Invalid user qo from 103.10.30.207 ...	2020-02-03 09:42:50
185.176.27.90	attack	02/02/2020-19:38:15.610245 185.176.27.90 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-02-03 09:32:05
49.88.112.55	attackbots	Feb 3 06:44:43 areeb-Workstation sshd[31751]: Failed password for root from 49.88.112.55 port 13794 ssh2 Feb 3 06:44:48 areeb-Workstation sshd[31751]: Failed password for root from 49.88.112.55 port 13794 ssh2 ...	2020-02-03 09:24:41
51.38.71.191	attackspambots	Feb 3 00:25:51 srv01 sshd[12433]: Invalid user neng from 51.38.71.191 port 37600 Feb 3 00:25:51 srv01 sshd[12433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.38.71.191 Feb 3 00:25:51 srv01 sshd[12433]: Invalid user neng from 51.38.71.191 port 37600 Feb 3 00:25:53 srv01 sshd[12433]: Failed password for invalid user neng from 51.38.71.191 port 37600 ssh2 Feb 3 00:28:03 srv01 sshd[12548]: Invalid user pc from 51.38.71.191 port 33602 ...	2020-02-03 09:59:24
14.215.95.5	attack	CN_APNIC-HM_<177>1580686079 [1:2403320:55043] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 11 [Classification: Misc Attack] [Priority: 2] {TCP} 14.215.95.5:39017	2020-02-03 10:03:20
51.15.141.188	attackspambots	20/2/2@20:06:05: FAIL: Alarm-Intrusion address from=51.15.141.188 ...	2020-02-03 09:44:16
222.186.31.166	attackspambots	$f2bV_matches	2020-02-03 09:29:31
222.186.180.142	attack	(sshd) Failed SSH login from 222.186.180.142 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Feb 3 01:58:53 elude sshd[11654]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Feb 3 01:58:55 elude sshd[11654]: Failed password for root from 222.186.180.142 port 47983 ssh2 Feb 3 02:23:54 elude sshd[13009]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root Feb 3 02:23:56 elude sshd[13009]: Failed password for root from 222.186.180.142 port 51677 ssh2 Feb 3 02:37:56 elude sshd[13876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.142 user=root	2020-02-03 09:50:34
139.59.89.7	attackspam	Feb 3 02:28:44 vpn01 sshd[2161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.89.7 Feb 3 02:28:46 vpn01 sshd[2161]: Failed password for invalid user u1 from 139.59.89.7 port 46306 ssh2 ...	2020-02-03 09:30:15
175.152.111.129	attack	port scan and connect, tcp 25 (smtp)	2020-02-03 09:45:13
81.22.45.182	attackbots	Feb 3 03:06:06 mail kernel: [105027.113240] [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3c:05:0d:89:f8:66:f2:68:66:ff:08:00 SRC=81.22.45.182 DST=77.73.69.240 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=64477 PROTO=TCP SPT=54682 DPT=6038 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2020-02-03 10:15:16
120.70.103.239	attackbotsspam	Jan 27 20:44:27 ahost sshd[11017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.239 user=r.r Jan 27 20:44:29 ahost sshd[11017]: Failed password for r.r from 120.70.103.239 port 50482 ssh2 Jan 27 20:44:29 ahost sshd[11017]: Received disconnect from 120.70.103.239: 11: Bye Bye [preauth] Jan 27 21:01:38 ahost sshd[19871]: Invalid user compta from 120.70.103.239 Jan 27 21:01:38 ahost sshd[19871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.239 Jan 27 21:01:40 ahost sshd[19871]: Failed password for invalid user compta from 120.70.103.239 port 38565 ssh2 Jan 27 21:01:40 ahost sshd[19871]: Received disconnect from 120.70.103.239: 11: Bye Bye [preauth] Jan 27 21:05:22 ahost sshd[20110]: Invalid user allison from 120.70.103.239 Jan 27 21:05:22 ahost sshd[20110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.70.103.239 Jan 27........ ------------------------------	2020-02-03 09:31:06

Recently Reported IPs

140.143.77.85	46.148.21.32	192.168.10.248	154.83.17.56
203.41.236.130	165.227.123.44	54.166.230.72	185.10.68.55
81.17.94.50	119.39.84.75	113.160.244.167	2001:41d0:52:a00::e3d
161.246.95.136	107.173.52.160	185.253.97.242	123.194.33.68
177.94.224.157	107.152.143.143	45.55.206.7	90.143.27.14