124.78.54.66 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	SSH authentication failure x 6 reported by Fail2Ban ...	2020-01-18 21:12:39
attack	Unauthorized connection attempt detected from IP address 124.78.54.66 to port 2220 [J]	2020-01-15 18:17:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.78.54.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56151
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.78.54.66.			IN	A

;; AUTHORITY SECTION:
.			195	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020011500 1800 900 604800 86400

;; Query time: 71 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 15 18:17:31 CST 2020
;; MSG SIZE  rcvd: 116

Host info

66.54.78.124.in-addr.arpa domain name pointer 66.54.78.124.broad.xw.sh.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
66.54.78.124.in-addr.arpa	name = 66.54.78.124.broad.xw.sh.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.251.198.4	attackspambots	Aug 16 06:11:24 db sshd[23026]: User root from 82.251.198.4 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 13:40:16
185.220.101.200	attackspam	Invalid user admin from 185.220.101.200 port 6318	2020-08-16 13:46:14
91.83.160.172	attack	Brute force attempt	2020-08-16 13:30:18
222.186.175.215	attackspambots	Aug 15 22:22:59 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:02 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:06 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:09 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 Aug 15 22:23:12 dignus sshd[7383]: Failed password for root from 222.186.175.215 port 12800 ssh2 ...	2020-08-16 13:39:59
45.148.121.3	attackbotsspam	[2020-08-16 01:37:30] NOTICE[1185] chan_sip.c: Registration from '"200" ' failed for '45.148.121.3:5311' - Wrong password [2020-08-16 01:37:30] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-16T01:37:30.980-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="200",SessionID="0x7f10c40ef148",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.148.121.3/5311",Challenge="35381028",ReceivedChallenge="35381028",ReceivedHash="58b4cd8b54669b1a05324018eea15b98" [2020-08-16 01:37:31] NOTICE[1185] chan_sip.c: Registration from '"200" ' failed for '45.148.121.3:5311' - Wrong password [2020-08-16 01:37:31] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-16T01:37:31.200-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="200",SessionID="0x7f10c4270ff8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.148.121. ...	2020-08-16 13:43:35
62.210.194.8	attackspam	Aug 16 06:28:59 mail.srvfarm.net postfix/smtpd[1924775]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:32:26 mail.srvfarm.net postfix/smtpd[1931100]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:35:38 mail.srvfarm.net postfix/smtpd[1931102]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:36:43 mail.srvfarm.net postfix/smtpd[1931100]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8] Aug 16 06:38:05 mail.srvfarm.net postfix/smtpd[1931097]: lost connection after STARTTLS from r8.news.eu.rvca.com[62.210.194.8]	2020-08-16 13:24:36
91.230.88.36	attackspam	Aug 16 05:15:34 mail.srvfarm.net postfix/smtpd[1887729]: warning: unknown[91.230.88.36]: SASL PLAIN authentication failed: Aug 16 05:15:34 mail.srvfarm.net postfix/smtpd[1887729]: lost connection after AUTH from unknown[91.230.88.36] Aug 16 05:15:39 mail.srvfarm.net postfix/smtpd[1888825]: warning: unknown[91.230.88.36]: SASL PLAIN authentication failed: Aug 16 05:15:39 mail.srvfarm.net postfix/smtpd[1888825]: lost connection after AUTH from unknown[91.230.88.36] Aug 16 05:18:57 mail.srvfarm.net postfix/smtpd[1879275]: warning: unknown[91.230.88.36]: SASL PLAIN authentication failed:	2020-08-16 13:22:20
139.59.93.93	attackspambots	Aug 16 05:56:18 db sshd[21410]: User root from 139.59.93.93 not allowed because none of user's groups are listed in AllowGroups ...	2020-08-16 13:41:17
103.25.134.140	attackbots	Aug 16 05:00:26 mail.srvfarm.net postfix/smtpd[1872412]: warning: unknown[103.25.134.140]: SASL PLAIN authentication failed: Aug 16 05:00:26 mail.srvfarm.net postfix/smtpd[1872412]: lost connection after AUTH from unknown[103.25.134.140] Aug 16 05:03:03 mail.srvfarm.net postfix/smtpd[1887487]: warning: unknown[103.25.134.140]: SASL PLAIN authentication failed: Aug 16 05:03:04 mail.srvfarm.net postfix/smtpd[1887487]: lost connection after AUTH from unknown[103.25.134.140] Aug 16 05:09:52 mail.srvfarm.net postfix/smtps/smtpd[1887810]: warning: unknown[103.25.134.140]: SASL PLAIN authentication failed:	2020-08-16 13:21:42
189.91.3.98	attack	Aug 16 05:12:04 mail.srvfarm.net postfix/smtpd[1888509]: warning: unknown[189.91.3.98]: SASL PLAIN authentication failed: Aug 16 05:12:05 mail.srvfarm.net postfix/smtpd[1888509]: lost connection after AUTH from unknown[189.91.3.98] Aug 16 05:12:27 mail.srvfarm.net postfix/smtpd[1875198]: warning: unknown[189.91.3.98]: SASL PLAIN authentication failed: Aug 16 05:12:28 mail.srvfarm.net postfix/smtpd[1875198]: lost connection after AUTH from unknown[189.91.3.98] Aug 16 05:15:19 mail.srvfarm.net postfix/smtps/smtpd[1890604]: warning: unknown[189.91.3.98]: SASL PLAIN authentication failed:	2020-08-16 13:11:37
74.91.21.183	attack	From contato@amplide.com.br Sun Aug 16 00:56:00 2020 Received: from anoke.amplide.com.br ([74.91.21.183]:44478)	2020-08-16 13:49:39
80.82.77.33	attackspambots	srv02 Mass scanning activity detected Target: 9000 ..	2020-08-16 13:23:47
62.210.194.6	attackbots	Aug 16 06:28:58 mail.srvfarm.net postfix/smtpd[1913728]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 16 06:32:25 mail.srvfarm.net postfix/smtpd[1929155]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 16 06:35:37 mail.srvfarm.net postfix/smtpd[1924776]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 16 06:36:42 mail.srvfarm.net postfix/smtpd[1931084]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6] Aug 16 06:38:04 mail.srvfarm.net postfix/smtpd[1931084]: lost connection after STARTTLS from r6.news.eu.rvca.com[62.210.194.6]	2020-08-16 13:25:16
120.31.138.70	attackbotsspam	Aug 16 03:48:42 vlre-nyc-1 sshd\[4065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.31.138.70 user=root Aug 16 03:48:45 vlre-nyc-1 sshd\[4065\]: Failed password for root from 120.31.138.70 port 33322 ssh2 Aug 16 03:52:50 vlre-nyc-1 sshd\[4165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.31.138.70 user=root Aug 16 03:52:51 vlre-nyc-1 sshd\[4165\]: Failed password for root from 120.31.138.70 port 52658 ssh2 Aug 16 03:56:06 vlre-nyc-1 sshd\[4250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.31.138.70 user=root ...	2020-08-16 13:43:17
185.18.133.17	attackbots	Aug 16 05:03:04 mail.srvfarm.net postfix/smtpd[1875198]: warning: unknown[185.18.133.17]: SASL PLAIN authentication failed: Aug 16 05:03:04 mail.srvfarm.net postfix/smtpd[1875198]: lost connection after AUTH from unknown[185.18.133.17] Aug 16 05:08:33 mail.srvfarm.net postfix/smtpd[1888504]: warning: unknown[185.18.133.17]: SASL PLAIN authentication failed: Aug 16 05:08:33 mail.srvfarm.net postfix/smtpd[1888504]: lost connection after AUTH from unknown[185.18.133.17] Aug 16 05:09:37 mail.srvfarm.net postfix/smtpd[1888504]: warning: unknown[185.18.133.17]: SASL PLAIN authentication failed:	2020-08-16 13:14:53

Recently Reported IPs

61.5.17.246	106.52.175.233	157.230.36.61	114.38.25.114
180.241.191.180	36.66.176.85	74.139.198.95	185.66.57.103
212.83.144.113	85.104.251.24	113.25.65.147	14.160.24.50
182.254.147.226	27.68.39.88	172.81.226.22	36.72.214.12
221.192.178.37	201.248.25.165	180.183.19.173	152.32.169.165