124.74.154.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	failed root login	2020-03-16 22:06:39
attackbots	SSH Brute Force	2019-11-01 18:43:07
attackbots	Jun 28 15:42:22 nextcloud sshd\[24045\]: Invalid user jesus from 124.74.154.66 Jun 28 15:42:22 nextcloud sshd\[24045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.154.66 Jun 28 15:42:23 nextcloud sshd\[24045\]: Failed password for invalid user jesus from 124.74.154.66 port 34562 ssh2 ...	2019-06-29 03:18:56

Type

Details

Datetime

attack

failed root login

2020-03-16 22:06:39

attackbots

SSH Brute Force

2019-11-01 18:43:07

attackbots

Jun 28 15:42:22 nextcloud sshd\[24045\]: Invalid user jesus from 124.74.154.66
Jun 28 15:42:22 nextcloud sshd\[24045\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.74.154.66
Jun 28 15:42:23 nextcloud sshd\[24045\]: Failed password for invalid user jesus from 124.74.154.66 port 34562 ssh2
...

2019-06-29 03:18:56

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.74.154.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16965
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.74.154.66.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019062801 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jun 29 03:18:51 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 66.154.74.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 66.154.74.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
223.207.226.137	attack	Port Scan ...	2020-07-21 01:29:46
188.10.245.254	attackspambots	Brute-force attempt banned	2020-07-21 01:50:12
206.189.93.61	attackbots	Jul 20 13:55:49 olgosrv01 sshd[24983]: Failed password for r.r from 206.189.93.61 port 36578 ssh2 Jul 20 13:55:49 olgosrv01 sshd[24983]: Connection closed by 206.189.93.61 [preauth] Jul 20 13:57:56 olgosrv01 sshd[25165]: Failed password for r.r from 206.189.93.61 port 41144 ssh2 Jul 20 13:57:57 olgosrv01 sshd[25165]: Connection closed by 206.189.93.61 [preauth] Jul 20 13:59:58 olgosrv01 sshd[25288]: Failed password for r.r from 206.189.93.61 port 45508 ssh2 Jul 20 13:59:58 olgosrv01 sshd[25288]: Connection closed by 206.189.93.61 [preauth] Jul 20 14:01:43 olgosrv01 sshd[25903]: Failed password for r.r from 206.189.93.61 port 49654 ssh2 Jul 20 14:01:43 olgosrv01 sshd[25903]: Connection closed by 206.189.93.61 [preauth] Jul 20 14:03:19 olgosrv01 sshd[26107]: Failed password for r.r from 206.189.93.61 port 53332 ssh2 Jul 20 14:03:20 olgosrv01 sshd[26107]: Connection closed by 206.189.93.61 [preauth] Jul 20 14:04:54 olgosrv01 sshd[26168]: Failed password for r.r from 206.18........ -------------------------------	2020-07-21 01:49:53
186.96.110.5	attackspam	Dovecot Invalid User Login Attempt.	2020-07-21 01:46:42
125.124.91.206	attackspam	Total attacks: 2	2020-07-21 01:34:29
185.200.118.56	attackspam	TCP (SYN) 185.200.118.56:47749 -> port 1723, len 44	2020-07-21 01:36:49
222.186.180.130	attackspambots	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-07-21 01:41:57
122.51.126.135	attackspam	Jul 20 16:01:13 abendstille sshd\[32091\]: Invalid user jack from 122.51.126.135 Jul 20 16:01:13 abendstille sshd\[32091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.126.135 Jul 20 16:01:15 abendstille sshd\[32091\]: Failed password for invalid user jack from 122.51.126.135 port 45766 ssh2 Jul 20 16:02:40 abendstille sshd\[1042\]: Invalid user min from 122.51.126.135 Jul 20 16:02:40 abendstille sshd\[1042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.126.135 ...	2020-07-21 01:21:45
121.74.25.178	attackbotsspam	SSH Brute-Forcing (server2)	2020-07-21 01:45:36
190.85.171.126	attack	Jul 20 14:49:43 inter-technics sshd[3247]: Invalid user aru from 190.85.171.126 port 50066 Jul 20 14:49:43 inter-technics sshd[3247]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.171.126 Jul 20 14:49:43 inter-technics sshd[3247]: Invalid user aru from 190.85.171.126 port 50066 Jul 20 14:49:46 inter-technics sshd[3247]: Failed password for invalid user aru from 190.85.171.126 port 50066 ssh2 Jul 20 14:51:08 inter-technics sshd[3398]: Invalid user dave from 190.85.171.126 port 39076 ...	2020-07-21 01:55:13
106.13.93.199	attackbots	Jul 20 10:08:06 dignus sshd[22372]: Failed password for invalid user erp from 106.13.93.199 port 46524 ssh2 Jul 20 10:10:03 dignus sshd[22578]: Invalid user user2 from 106.13.93.199 port 39712 Jul 20 10:10:03 dignus sshd[22578]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.93.199 Jul 20 10:10:05 dignus sshd[22578]: Failed password for invalid user user2 from 106.13.93.199 port 39712 ssh2 Jul 20 10:11:56 dignus sshd[22810]: Invalid user zero from 106.13.93.199 port 32900 ...	2020-07-21 01:34:54
103.45.251.245	attackbots	2020-07-20T13:08:24.9507901495-001 sshd[14141]: Failed password for invalid user indu from 103.45.251.245 port 34682 ssh2 2020-07-20T13:10:36.7577471495-001 sshd[14226]: Invalid user admin from 103.45.251.245 port 33402 2020-07-20T13:10:36.7607681495-001 sshd[14226]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.45.251.245 2020-07-20T13:10:36.7577471495-001 sshd[14226]: Invalid user admin from 103.45.251.245 port 33402 2020-07-20T13:10:38.6651991495-001 sshd[14226]: Failed password for invalid user admin from 103.45.251.245 port 33402 ssh2 2020-07-20T13:12:50.1417751495-001 sshd[14296]: Invalid user link from 103.45.251.245 port 60522 ...	2020-07-21 01:40:31
148.70.208.187	attackbots	Jul 20 15:04:29 haigwepa sshd[4873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.208.187 Jul 20 15:04:31 haigwepa sshd[4873]: Failed password for invalid user catchall from 148.70.208.187 port 48342 ssh2 ...	2020-07-21 01:50:44
62.234.17.74	attack	Jul 20 15:01:59 fhem-rasp sshd[12434]: Invalid user xue from 62.234.17.74 port 57288 ...	2020-07-21 01:31:45
190.24.6.162	attack	Jul 20 16:00:40 nextcloud sshd\[7645\]: Invalid user hammad from 190.24.6.162 Jul 20 16:00:40 nextcloud sshd\[7645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.24.6.162 Jul 20 16:00:43 nextcloud sshd\[7645\]: Failed password for invalid user hammad from 190.24.6.162 port 55976 ssh2	2020-07-21 01:44:43

Recently Reported IPs

197.127.193.204	29.220.188.58	136.242.126.157	247.97.155.136
113.172.135.189	20.191.120.2	55.48.11.127	41.155.200.37
191.42.223.110	192.168.20.2	68.177.24.68	1.175.163.81
171.112.160.0	168.194.157.76	26.208.60.253	191.19.157.3
94.78.212.214	25.77.3.35	36.229.250.175	230.9.133.47