120.39.2.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Fujian Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Lines containing failures of 120.39.2.34 Jun 1 00:25:44 cdb sshd[11068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34 user=r.r Jun 1 00:25:46 cdb sshd[11068]: Failed password for r.r from 120.39.2.34 port 58640 ssh2 Jun 1 00:25:46 cdb sshd[11068]: Received disconnect from 120.39.2.34 port 58640:11: Bye Bye [preauth] Jun 1 00:25:46 cdb sshd[11068]: Disconnected from authenticating user r.r 120.39.2.34 port 58640 [preauth] Jun 1 00:36:55 cdb sshd[12496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34 user=r.r Jun 1 00:36:57 cdb sshd[12496]: Failed password for r.r from 120.39.2.34 port 60674 ssh2 Jun 1 00:36:57 cdb sshd[12496]: Received disconnect from 120.39.2.34 port 60674:11: Bye Bye [preauth] Jun 1 00:36:57 cdb sshd[12496]: Disconnected from authenticating user r.r 120.39.2.34 port 60674 [preauth] Jun 1 00:39:52 cdb sshd[12978]: pam_unix(sshd:auth): au........ ------------------------------	2020-06-03 19:46:06
attack	Lines containing failures of 120.39.2.34 Jun 1 00:25:44 cdb sshd[11068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34 user=r.r Jun 1 00:25:46 cdb sshd[11068]: Failed password for r.r from 120.39.2.34 port 58640 ssh2 Jun 1 00:25:46 cdb sshd[11068]: Received disconnect from 120.39.2.34 port 58640:11: Bye Bye [preauth] Jun 1 00:25:46 cdb sshd[11068]: Disconnected from authenticating user r.r 120.39.2.34 port 58640 [preauth] Jun 1 00:36:55 cdb sshd[12496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34 user=r.r Jun 1 00:36:57 cdb sshd[12496]: Failed password for r.r from 120.39.2.34 port 60674 ssh2 Jun 1 00:36:57 cdb sshd[12496]: Received disconnect from 120.39.2.34 port 60674:11: Bye Bye [preauth] Jun 1 00:36:57 cdb sshd[12496]: Disconnected from authenticating user r.r 120.39.2.34 port 60674 [preauth] Jun 1 00:39:52 cdb sshd[12978]: pam_unix(sshd:auth): au........ ------------------------------	2020-06-02 00:54:56

Type

Details

Datetime

attackspam

Lines containing failures of 120.39.2.34
Jun  1 00:25:44 cdb sshd[11068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34  user=r.r
Jun  1 00:25:46 cdb sshd[11068]: Failed password for r.r from 120.39.2.34 port 58640 ssh2
Jun  1 00:25:46 cdb sshd[11068]: Received disconnect from 120.39.2.34 port 58640:11: Bye Bye [preauth]
Jun  1 00:25:46 cdb sshd[11068]: Disconnected from authenticating user r.r 120.39.2.34 port 58640 [preauth]
Jun  1 00:36:55 cdb sshd[12496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34  user=r.r
Jun  1 00:36:57 cdb sshd[12496]: Failed password for r.r from 120.39.2.34 port 60674 ssh2
Jun  1 00:36:57 cdb sshd[12496]: Received disconnect from 120.39.2.34 port 60674:11: Bye Bye [preauth]
Jun  1 00:36:57 cdb sshd[12496]: Disconnected from authenticating user r.r 120.39.2.34 port 60674 [preauth]
Jun  1 00:39:52 cdb sshd[12978]: pam_unix(sshd:auth): au........
------------------------------

2020-06-03 19:46:06

attack

Lines containing failures of 120.39.2.34
Jun  1 00:25:44 cdb sshd[11068]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34  user=r.r
Jun  1 00:25:46 cdb sshd[11068]: Failed password for r.r from 120.39.2.34 port 58640 ssh2
Jun  1 00:25:46 cdb sshd[11068]: Received disconnect from 120.39.2.34 port 58640:11: Bye Bye [preauth]
Jun  1 00:25:46 cdb sshd[11068]: Disconnected from authenticating user r.r 120.39.2.34 port 58640 [preauth]
Jun  1 00:36:55 cdb sshd[12496]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.34  user=r.r
Jun  1 00:36:57 cdb sshd[12496]: Failed password for r.r from 120.39.2.34 port 60674 ssh2
Jun  1 00:36:57 cdb sshd[12496]: Received disconnect from 120.39.2.34 port 60674:11: Bye Bye [preauth]
Jun  1 00:36:57 cdb sshd[12496]: Disconnected from authenticating user r.r 120.39.2.34 port 60674 [preauth]
Jun  1 00:39:52 cdb sshd[12978]: pam_unix(sshd:auth): au........
------------------------------

2020-06-02 00:54:56

Comments on same subnet:

IP	Type	Details	Datetime
120.39.243.92	attack	Port Scan detected! ...	2020-08-31 18:15:03
120.39.251.232	attack	2020-06-26T13:21:14.146540galaxy.wi.uni-potsdam.de sshd[8567]: Failed password for invalid user noaccess from 120.39.251.232 port 34810 ssh2 2020-06-26T13:22:28.926097galaxy.wi.uni-potsdam.de sshd[8717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.251.232 user=root 2020-06-26T13:22:31.107221galaxy.wi.uni-potsdam.de sshd[8717]: Failed password for root from 120.39.251.232 port 41465 ssh2 2020-06-26T13:23:40.132621galaxy.wi.uni-potsdam.de sshd[8815]: Invalid user Admin from 120.39.251.232 port 48119 2020-06-26T13:23:40.137706galaxy.wi.uni-potsdam.de sshd[8815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.251.232 2020-06-26T13:23:40.132621galaxy.wi.uni-potsdam.de sshd[8815]: Invalid user Admin from 120.39.251.232 port 48119 2020-06-26T13:23:42.203011galaxy.wi.uni-potsdam.de sshd[8815]: Failed password for invalid user Admin from 120.39.251.232 port 48119 ssh2 2020-06-26T13:24:58.818076ga ...	2020-06-27 01:25:18
120.39.251.232	attack	Jun 23 22:50:07 inter-technics sshd[26679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.251.232 user=root Jun 23 22:50:09 inter-technics sshd[26679]: Failed password for root from 120.39.251.232 port 33087 ssh2 Jun 23 22:51:09 inter-technics sshd[26748]: Invalid user admin from 120.39.251.232 port 40214 Jun 23 22:51:09 inter-technics sshd[26748]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.251.232 Jun 23 22:51:09 inter-technics sshd[26748]: Invalid user admin from 120.39.251.232 port 40214 Jun 23 22:51:10 inter-technics sshd[26748]: Failed password for invalid user admin from 120.39.251.232 port 40214 ssh2 ...	2020-06-24 07:52:54
120.39.251.232	attackspam	Jun 14 14:40:37 Ubuntu-1404-trusty-64-minimal sshd\[23578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.251.232 user=root Jun 14 14:40:39 Ubuntu-1404-trusty-64-minimal sshd\[23578\]: Failed password for root from 120.39.251.232 port 53281 ssh2 Jun 14 15:03:56 Ubuntu-1404-trusty-64-minimal sshd\[7168\]: Invalid user rosita from 120.39.251.232 Jun 14 15:03:56 Ubuntu-1404-trusty-64-minimal sshd\[7168\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.251.232 Jun 14 15:03:58 Ubuntu-1404-trusty-64-minimal sshd\[7168\]: Failed password for invalid user rosita from 120.39.251.232 port 38365 ssh2	2020-06-15 03:01:41
120.39.2.134	attackbotsspam	Jun 12 15:58:30 vestacp sshd[19589]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.134 user=r.r Jun 12 15:58:32 vestacp sshd[19589]: Failed password for r.r from 120.39.2.134 port 41534 ssh2 Jun 12 15:58:33 vestacp sshd[19589]: Received disconnect from 120.39.2.134 port 41534:11: Bye Bye [preauth] Jun 12 15:58:33 vestacp sshd[19589]: Disconnected from authenticating user r.r 120.39.2.134 port 41534 [preauth] Jun 12 16:00:22 vestacp sshd[20080]: Invalid user mme from 120.39.2.134 port 60852 Jun 12 16:00:22 vestacp sshd[20080]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.134 Jun 12 16:00:24 vestacp sshd[20080]: Failed password for invalid user mme from 120.39.2.134 port 60852 ssh2 Jun 12 16:00:26 vestacp sshd[20080]: Received disconnect from 120.39.2.134 port 60852:11: Bye Bye [preauth] Jun 12 16:00:26 vestacp sshd[20080]: Disconnected from invalid user mme 120.39.2.1........ -------------------------------	2020-06-15 00:24:12
120.39.2.134	attackspam	SSH/22 MH Probe, BF, Hack -	2020-06-13 19:13:25
120.39.2.219	attack	May 5 06:26:15 pkdns2 sshd\[23280\]: Invalid user berry from 120.39.2.219May 5 06:26:16 pkdns2 sshd\[23280\]: Failed password for invalid user berry from 120.39.2.219 port 40164 ssh2May 5 06:30:58 pkdns2 sshd\[23630\]: Invalid user clemens from 120.39.2.219May 5 06:31:00 pkdns2 sshd\[23630\]: Failed password for invalid user clemens from 120.39.2.219 port 45792 ssh2May 5 06:35:43 pkdns2 sshd\[23900\]: Invalid user rg from 120.39.2.219May 5 06:35:46 pkdns2 sshd\[23900\]: Failed password for invalid user rg from 120.39.2.219 port 51414 ssh2 ...	2020-05-05 13:45:37
120.39.2.219	attackspam	May 3 16:06:46 plex sshd[26333]: Invalid user dong from 120.39.2.219 port 44400	2020-05-03 23:03:24
120.39.2.203	attackbots	Mar 16 15:41:21 dallas01 sshd[15470]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.203 Mar 16 15:41:23 dallas01 sshd[15470]: Failed password for invalid user sanchi from 120.39.2.203 port 43320 ssh2 Mar 16 15:49:20 dallas01 sshd[16683]: Failed password for root from 120.39.2.203 port 48176 ssh2	2020-03-17 06:05:17
120.39.2.37	attack	$f2bV_matches	2020-03-11 04:30:10
120.39.2.204	attackbots	Mar 6 02:19:18 v26 sshd[24314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.204 user=r.r Mar 6 02:19:20 v26 sshd[24314]: Failed password for r.r from 120.39.2.204 port 57798 ssh2 Mar 6 02:19:21 v26 sshd[24314]: Received disconnect from 120.39.2.204 port 57798:11: Bye Bye [preauth] Mar 6 02:19:21 v26 sshd[24314]: Disconnected from 120.39.2.204 port 57798 [preauth] Mar 6 02:21:37 v26 sshd[24499]: Invalid user rstudio-server from 120.39.2.204 port 53438 Mar 6 02:21:39 v26 sshd[24499]: Failed password for invalid user rstudio-server from 120.39.2.204 port 53438 ssh2 Mar 6 02:21:39 v26 sshd[24499]: Received disconnect from 120.39.2.204 port 53438:11: Bye Bye [preauth] Mar 6 02:21:39 v26 sshd[24499]: Disconnected from 120.39.2.204 port 53438 [preauth] Mar 6 02:23:11 v26 sshd[24672]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.39.2.204 user=r.r Mar 6 02:23:13 v26 ss........ -------------------------------	2020-03-06 17:15:34
120.39.243.192	attackspam	Unauthorized connection attempt detected from IP address 120.39.243.192 to port 1433 [J]	2020-01-29 00:37:31
120.39.243.89	attackbots	Unauthorized connection attempt detected from IP address 120.39.243.89 to port 1433	2019-12-31 22:21:44

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.39.2.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58371
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.39.2.34.			IN	A

;; AUTHORITY SECTION:
.			557	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020060100 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 02 00:54:50 CST 2020
;; MSG SIZE  rcvd: 115

Host info

34.2.39.120.in-addr.arpa domain name pointer 34.2.39.120.broad.xm.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
34.2.39.120.in-addr.arpa	name = 34.2.39.120.broad.xm.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.210.211.34	attackspam	Honeypot attack, port: 5555, PTR: PTR record not found	2020-02-07 18:06:17
119.30.38.134	attack	unauthorized connection attempt	2020-02-07 17:33:37
217.19.154.218	attackbotsspam	Feb 6 22:19:53 web1 sshd\[14333\]: Invalid user zek from 217.19.154.218 Feb 6 22:19:53 web1 sshd\[14333\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.19.154.218 Feb 6 22:19:56 web1 sshd\[14333\]: Failed password for invalid user zek from 217.19.154.218 port 25917 ssh2 Feb 6 22:20:34 web1 sshd\[14398\]: Invalid user ecb from 217.19.154.218 Feb 6 22:20:34 web1 sshd\[14398\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.19.154.218	2020-02-07 17:49:20
178.93.35.155	attackspam	unauthorized connection attempt	2020-02-07 18:10:10
222.186.173.183	attackbotsspam	Feb 7 10:31:00 sd-53420 sshd\[23057\]: User root from 222.186.173.183 not allowed because none of user's groups are listed in AllowGroups Feb 7 10:31:01 sd-53420 sshd\[23057\]: Failed none for invalid user root from 222.186.173.183 port 44068 ssh2 Feb 7 10:31:01 sd-53420 sshd\[23057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.183 user=root Feb 7 10:31:03 sd-53420 sshd\[23057\]: Failed password for invalid user root from 222.186.173.183 port 44068 ssh2 Feb 7 10:31:06 sd-53420 sshd\[23057\]: Failed password for invalid user root from 222.186.173.183 port 44068 ssh2 ...	2020-02-07 17:48:57
200.57.196.162	attackspam	unauthorized connection attempt	2020-02-07 18:08:47
114.41.10.227	attack	unauthorized connection attempt	2020-02-07 17:51:05
189.213.153.18	attackspam	unauthorized connection attempt	2020-02-07 17:56:38
83.219.136.197	attackbotsspam	unauthorized connection attempt	2020-02-07 17:52:43
162.243.129.233	attackspambots	firewall-block, port(s): 70/tcp	2020-02-07 18:11:03
197.53.109.174	attackbotsspam	unauthorized connection attempt	2020-02-07 18:04:47
189.208.188.183	attackbots	unauthorized connection attempt	2020-02-07 17:42:02
49.228.8.249	attackspam	unauthorized connection attempt	2020-02-07 17:36:12
179.98.154.223	attackspambots	unauthorized connection attempt	2020-02-07 17:39:15
60.241.62.214	attackspambots	RDP Bruteforce	2020-02-07 17:34:14

Recently Reported IPs

67.29.48.64	46.216.196.235	148.13.51.36	36.73.175.7
165.97.192.97	160.185.24.114	145.219.247.154	211.184.200.108
151.235.215.68	92.230.110.211	172.83.177.43	125.52.22.14
214.19.98.200	13.1.114.248	94.143.31.83	186.184.120.45
215.35.76.66	186.28.126.48	176.112.76.11	52.228.123.105