124.78.54.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-01-18 21:12:39
attack	Unauthorized connection attempt detected from IP address 124.78.54.66 to port 2220 [J]	2020-01-15 18:17:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.78.54.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56151
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.78.54.66.			IN	A

;; AUTHORITY SECTION:
.			195	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011500 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 18:17:31 CST 2020
;; MSG SIZE  rcvd: 116

Host info

66.54.78.124.in-addr.arpa domain name pointer 66.54.78.124.broad.xw.sh.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.54.78.124.in-addr.arpa	name = 66.54.78.124.broad.xw.sh.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.217.227.32	attackbotsspam	$f2bV_matches	2020-06-07 22:36:56
175.24.81.207	attackbots	SSH Bruteforce Attempt (failed auth)	2020-06-07 22:47:41
37.49.224.187	attackbotsspam	Jun 7 16:21:58 debian-2gb-nbg1-2 kernel: \[13798461.820758\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=37.49.224.187 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=7364 PROTO=TCP SPT=58617 DPT=50802 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 23:02:09
188.236.222.100	attack	GET /xmlrpc.php HTTP/1.1	2020-06-07 22:54:35
185.124.34.134	attackspambots	185.124.34.134 (RO/Romania/-), 5 distributed smtpauth attacks on account [ichelle.bradleym@phpc.ca] in the last 3600 secs	2020-06-07 22:35:06
49.235.183.62	attackspam	2020-06-07T09:00:36.9299081495-001 sshd[15072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.183.62 user=root 2020-06-07T09:00:38.6744691495-001 sshd[15072]: Failed password for root from 49.235.183.62 port 42230 ssh2 2020-06-07T09:10:30.7174761495-001 sshd[15408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.183.62 user=root 2020-06-07T09:10:32.3415271495-001 sshd[15408]: Failed password for root from 49.235.183.62 port 37722 ssh2 2020-06-07T09:15:27.8296471495-001 sshd[15620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.183.62 user=root 2020-06-07T09:15:30.2265081495-001 sshd[15620]: Failed password for root from 49.235.183.62 port 35468 ssh2 ...	2020-06-07 23:01:22
187.95.60.1	attackspambots	$f2bV_matches	2020-06-07 22:22:57
95.85.85.43	attack	Jun 7 14:05:28 server sshd[24608]: Failed password for root from 95.85.85.43 port 50547 ssh2 Jun 7 14:06:53 server sshd[26047]: Failed password for root from 95.85.85.43 port 47973 ssh2 Jun 7 14:07:15 server sshd[26309]: Failed password for root from 95.85.85.43 port 51389 ssh2	2020-06-07 22:29:20
110.35.173.2	attackbots	Jun 7 14:05:38 pornomens sshd\[21370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.2 user=root Jun 7 14:05:41 pornomens sshd\[21370\]: Failed password for root from 110.35.173.2 port 6040 ssh2 Jun 7 14:06:33 pornomens sshd\[21386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.35.173.2 user=root ...	2020-06-07 23:06:01
117.66.118.91	attackbots	IP reached maximum auth failures	2020-06-07 23:06:50
170.254.190.2	attackspam	IP 170.254.190.2 attacked honeypot on port: 8080 at 6/7/2020 1:06:29 PM	2020-06-07 22:59:31
125.212.217.214	attackspam	TCP (SYN) 125.212.217.214:29011 -> port 4664, len 44	2020-06-07 22:23:31
51.75.28.134	attackspambots	Jun 7 14:07:50 game-panel sshd[16152]: Failed password for root from 51.75.28.134 port 49322 ssh2 Jun 7 14:11:31 game-panel sshd[16460]: Failed password for root from 51.75.28.134 port 52944 ssh2	2020-06-07 22:29:35
18.188.248.134	attack	mue-Direct access to plugin not allowed	2020-06-07 22:45:58
217.182.77.186	attack	2020-06-07T11:59:24.373126shield sshd\[4561\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.ip-217-182-77.eu user=root 2020-06-07T11:59:26.706866shield sshd\[4561\]: Failed password for root from 217.182.77.186 port 34880 ssh2 2020-06-07T12:02:58.484350shield sshd\[6389\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.ip-217-182-77.eu user=root 2020-06-07T12:03:00.175350shield sshd\[6389\]: Failed password for root from 217.182.77.186 port 38396 ssh2 2020-06-07T12:06:36.889813shield sshd\[7692\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.ip-217-182-77.eu user=root	2020-06-07 23:03:03

Recently Reported IPs

61.5.17.246	106.52.175.233	157.230.36.61	114.38.25.114
180.241.191.180	36.66.176.85	74.139.198.95	185.66.57.103
212.83.144.113	85.104.251.24	113.25.65.147	14.160.24.50
182.254.147.226	27.68.39.88	172.81.226.22	36.72.214.12
221.192.178.37	201.248.25.165	180.183.19.173	152.32.169.165