Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Bandung

Region: West Java

Country: Indonesia

Internet Service Provider: PT Indonesia Comnets Plus

Hostname: unknown

Organization: PT INDONESIA COMNETS PLUS

Usage Type: Fixed Line ISP

Comments:
Type Details Datetime
attackbots
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2020-09-11 04:01:25
attackspam
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2020-09-10 19:39:44
attackbotsspam
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2020-08-02 08:50:14
attackbotsspam
445/tcp 445/tcp 445/tcp...
[2020-02-08/03-30]12pkt,1pt.(tcp)
2020-03-31 06:35:52
attack
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2020-03-09 09:34:28
attackbots
Honeypot attack, port: 445, PTR: PTR record not found
2020-03-03 15:26:12
attack
Port probing on unauthorized port 445
2020-02-21 17:47:42
attackspam
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2020-01-04 02:00:06
attackbots
20/1/1@01:01:06: FAIL: Alarm-Network address from=124.158.160.34
...
2020-01-01 14:11:13
attackbotsspam
445/tcp 445/tcp 445/tcp...
[2019-10-26/12-22]29pkt,1pt.(tcp)
2019-12-24 04:19:14
attack
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2019-11-04 03:38:34
attackbots
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2019-11-03 21:34:42
attack
Unauthorised access (Oct 22) SRC=124.158.160.34 LEN=52 TOS=0x10 PREC=0x40 TTL=110 ID=20718 DF TCP DPT=445 WINDOW=8192 SYN 
Unauthorised access (Oct 14) SRC=124.158.160.34 LEN=52 PREC=0x20 TTL=107 ID=7200 DF TCP DPT=445 WINDOW=8192 SYN
2019-10-22 12:49:40
attack
Unauthorized connection attempt from IP address 124.158.160.34 on Port 445(SMB)
2019-10-19 23:38:44
attackbots
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-28 22:15:09,437 INFO [amun_request_handler] PortScan Detected on Port: 445 (124.158.160.34)
2019-08-29 10:56:29
attackbotsspam
Unauthorised access (Aug 14) SRC=124.158.160.34 LEN=52 PREC=0x20 TTL=106 ID=2817 DF TCP DPT=445 WINDOW=8192 SYN
2019-08-15 04:21:46
attack
@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-06-29 09:41:46,470 INFO [shellcode_manager] (124.158.160.34) no match, writing hexdump (3028ec7b5e8f4663b81b67055ec68a2d :2158038) - MS17010 (EternalBlue)
2019-06-29 19:41:02
Comments on same subnet:
No discussion about this subnet yet..
Whois info:
b
Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.158.160.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2126
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.158.160.34.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019041300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Sat Apr 13 21:51:18 +08 2019
;; MSG SIZE  rcvd: 118

Host info
Host 34.160.158.124.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 34.160.158.124.in-addr.arpa: NXDOMAIN

Related IP info:
Related comments:
IP Type Details Datetime
185.50.149.10 attack
May  7 17:45:10 mail.srvfarm.net postfix/smtps/smtpd[966052]: warning: unknown[185.50.149.10]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May  7 17:45:10 mail.srvfarm.net postfix/smtps/smtpd[966052]: lost connection after AUTH from unknown[185.50.149.10]
May  7 17:45:13 mail.srvfarm.net postfix/smtpd[947798]: warning: unknown[185.50.149.10]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May  7 17:45:13 mail.srvfarm.net postfix/smtpd[963330]: lost connection after AUTH from unknown[185.50.149.10]
May  7 17:45:14 mail.srvfarm.net postfix/smtpd[947798]: lost connection after AUTH from unknown[185.50.149.10]
2020-05-08 00:18:51
184.60.24.74 attackspambots
WEB_SERVER 403 Forbidden
2020-05-08 00:29:45
112.85.42.176 attackspambots
May  7 18:41:44 vps sshd[114507]: Failed password for root from 112.85.42.176 port 48332 ssh2
May  7 18:41:48 vps sshd[114507]: Failed password for root from 112.85.42.176 port 48332 ssh2
May  7 18:41:51 vps sshd[114507]: Failed password for root from 112.85.42.176 port 48332 ssh2
May  7 18:41:55 vps sshd[114507]: Failed password for root from 112.85.42.176 port 48332 ssh2
May  7 18:41:59 vps sshd[114507]: Failed password for root from 112.85.42.176 port 48332 ssh2
...
2020-05-08 00:42:36
129.211.50.239 attack
(sshd) Failed SSH login from 129.211.50.239 (CN/China/-): 5 in the last 3600 secs
2020-05-08 00:58:45
139.59.231.103 attack
Automatic report - XMLRPC Attack
2020-05-08 01:13:01
121.156.122.97 attackbots
May  7 17:39:22 ArkNodeAT sshd\[15727\]: Invalid user gpadmin from 121.156.122.97
May  7 17:39:22 ArkNodeAT sshd\[15727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.156.122.97
May  7 17:39:24 ArkNodeAT sshd\[15727\]: Failed password for invalid user gpadmin from 121.156.122.97 port 47624 ssh2
2020-05-08 00:10:59
129.226.123.66 attackspam
May  7 14:40:53 srv-ubuntu-dev3 sshd[11325]: Invalid user sarwar from 129.226.123.66
May  7 14:40:53 srv-ubuntu-dev3 sshd[11325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.123.66
May  7 14:40:53 srv-ubuntu-dev3 sshd[11325]: Invalid user sarwar from 129.226.123.66
May  7 14:40:55 srv-ubuntu-dev3 sshd[11325]: Failed password for invalid user sarwar from 129.226.123.66 port 49254 ssh2
May  7 14:43:03 srv-ubuntu-dev3 sshd[11671]: Invalid user backuper from 129.226.123.66
May  7 14:43:03 srv-ubuntu-dev3 sshd[11671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.123.66
May  7 14:43:03 srv-ubuntu-dev3 sshd[11671]: Invalid user backuper from 129.226.123.66
May  7 14:43:06 srv-ubuntu-dev3 sshd[11671]: Failed password for invalid user backuper from 129.226.123.66 port 45506 ssh2
May  7 14:45:16 srv-ubuntu-dev3 sshd[12041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=
...
2020-05-08 00:25:13
103.218.3.206 attackbots
1588852750 - 05/07/2020 18:59:10 Host: 103.218.3.206/103.218.3.206 Port: 11211 UDP Blocked
...
2020-05-08 00:33:15
58.213.116.170 attackbots
...
2020-05-08 01:09:13
118.24.100.198 attack
SSH invalid-user multiple login attempts
2020-05-08 00:52:21
40.77.167.24 attack
WEB_SERVER 403 Forbidden
2020-05-08 00:59:39
67.205.158.115 attackbots
2020-05-08T00:51:15.203024vivaldi2.tree2.info sshd[6090]: Failed password for root from 67.205.158.115 port 33240 ssh2
2020-05-08T00:55:13.080054vivaldi2.tree2.info sshd[6220]: Invalid user sftpuser from 67.205.158.115
2020-05-08T00:55:13.092171vivaldi2.tree2.info sshd[6220]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=mh-nyc-mailserver-2.messagehopper.com
2020-05-08T00:55:13.080054vivaldi2.tree2.info sshd[6220]: Invalid user sftpuser from 67.205.158.115
2020-05-08T00:55:16.424500vivaldi2.tree2.info sshd[6220]: Failed password for invalid user sftpuser from 67.205.158.115 port 44332 ssh2
...
2020-05-08 00:49:24
118.25.96.30 attackspambots
2020-05-07T16:45:08.460756shield sshd\[18926\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.96.30  user=root
2020-05-07T16:45:10.672377shield sshd\[18926\]: Failed password for root from 118.25.96.30 port 44829 ssh2
2020-05-07T16:46:40.591271shield sshd\[19384\]: Invalid user bbb from 118.25.96.30 port 61611
2020-05-07T16:46:40.595256shield sshd\[19384\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.96.30
2020-05-07T16:46:42.435578shield sshd\[19384\]: Failed password for invalid user bbb from 118.25.96.30 port 61611 ssh2
2020-05-08 00:59:21
222.186.15.10 attackspam
May  7 16:37:43 scw-6657dc sshd[8732]: Failed password for root from 222.186.15.10 port 47058 ssh2
May  7 16:37:43 scw-6657dc sshd[8732]: Failed password for root from 222.186.15.10 port 47058 ssh2
May  7 16:37:45 scw-6657dc sshd[8732]: Failed password for root from 222.186.15.10 port 47058 ssh2
...
2020-05-08 00:42:12
198.47.99.99 attack
Time	08:45:13 May 07
ID	267
Category	Security Services
Group	Attacks
Event	TCP Xmas Tree Attack
Msg. Type	Standard
Priority	Alert
Message	TCP Xmas Tree dropped
Src. Name	
Dst. Name	
Notes	TCP Flag(s): PSH SYN
Src. IP	198.47.99.99
Src. Port	6667
Src. MAC	C8:4C:75:51:40:BF
Src. Vendor	CISCO SYSTEMS
2020-05-08 00:47:30

Recently Reported IPs

140.143.77.85 46.148.21.32 192.168.10.248 154.83.17.56
203.41.236.130 165.227.123.44 54.166.230.72 185.10.68.55
81.17.94.50 119.39.84.75 113.160.244.167 2001:41d0:52:a00::e3d
161.246.95.136 107.173.52.160 185.253.97.242 123.194.33.68
177.94.224.157 107.152.143.143 45.55.206.7 90.143.27.14