120.92.102.30 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Kingsoft Cloud Internet Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jun 25 08:58:04 prod4 sshd\[6567\]: Invalid user msr from 120.92.102.30 Jun 25 08:58:06 prod4 sshd\[6567\]: Failed password for invalid user msr from 120.92.102.30 port 60236 ssh2 Jun 25 09:00:29 prod4 sshd\[8081\]: Failed password for root from 120.92.102.30 port 25326 ssh2 ...	2020-06-25 20:20:27

Type

Details

Datetime

attack

Jun 25 08:58:04 prod4 sshd\[6567\]: Invalid user msr from 120.92.102.30
Jun 25 08:58:06 prod4 sshd\[6567\]: Failed password for invalid user msr from 120.92.102.30 port 60236 ssh2
Jun 25 09:00:29 prod4 sshd\[8081\]: Failed password for root from 120.92.102.30 port 25326 ssh2
...

2020-06-25 20:20:27

Comments on same subnet:

IP	Type	Details	Datetime
120.92.102.213	attackbots	TCP (SYN) 120.92.102.213:45884 -> port 28854, len 44	2020-10-02 01:21:26
120.92.102.213	attackspambots	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-01 17:27:46
120.92.102.213	attackspambots	firewall-block, port(s): 6024/tcp	2020-04-22 20:07:08
120.92.102.213	attackbotsspam	2019-12-23T12:00:26.126900vps751288.ovh.net sshd\[10178\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 user=root 2019-12-23T12:00:28.125433vps751288.ovh.net sshd\[10178\]: Failed password for root from 120.92.102.213 port 23973 ssh2 2019-12-23T12:07:16.983020vps751288.ovh.net sshd\[10258\]: Invalid user ftpuser from 120.92.102.213 port 18904 2019-12-23T12:07:16.990720vps751288.ovh.net sshd\[10258\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 2019-12-23T12:07:18.943669vps751288.ovh.net sshd\[10258\]: Failed password for invalid user ftpuser from 120.92.102.213 port 18904 ssh2	2019-12-23 20:24:09
120.92.102.213	attackbotsspam	Dec 18 04:30:10 kapalua sshd\[20252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 user=root Dec 18 04:30:12 kapalua sshd\[20252\]: Failed password for root from 120.92.102.213 port 49882 ssh2 Dec 18 04:38:13 kapalua sshd\[21071\]: Invalid user nfs from 120.92.102.213 Dec 18 04:38:13 kapalua sshd\[21071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 Dec 18 04:38:15 kapalua sshd\[21071\]: Failed password for invalid user nfs from 120.92.102.213 port 45917 ssh2	2019-12-18 22:43:03
120.92.102.213	attackspambots	Dec 17 18:07:37 eventyay sshd[24778]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 Dec 17 18:07:39 eventyay sshd[24778]: Failed password for invalid user manolios from 120.92.102.213 port 40986 ssh2 Dec 17 18:15:19 eventyay sshd[24989]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.213 ...	2019-12-18 01:58:45
120.92.102.213	attack	2019-12-09T19:02:31.263168abusebot-5.cloudsearch.cf sshd\[23792\]: Invalid user web from 120.92.102.213 port 60580	2019-12-10 03:44:10
120.92.102.121	attack	2019-10-11T10:54:07.488977enmeeting.mahidol.ac.th sshd\[12802\]: User root from 120.92.102.121 not allowed because not listed in AllowUsers 2019-10-11T10:54:07.610627enmeeting.mahidol.ac.th sshd\[12802\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.121 user=root 2019-10-11T10:54:09.683129enmeeting.mahidol.ac.th sshd\[12802\]: Failed password for invalid user root from 120.92.102.121 port 33570 ssh2 ...	2019-10-11 15:14:35
120.92.102.121	attackspam	SSH brutforce	2019-10-05 16:06:26
120.92.102.121	attackspambots	Sep 24 05:58:29 MK-Soft-Root1 sshd[1930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.121 Sep 24 05:58:31 MK-Soft-Root1 sshd[1930]: Failed password for invalid user bestyrer from 120.92.102.121 port 23752 ssh2 ...	2019-09-24 12:29:33
120.92.102.121	attack	Sep 12 21:05:26 kapalua sshd\[15764\]: Invalid user hadoop123!@\# from 120.92.102.121 Sep 12 21:05:26 kapalua sshd\[15764\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.121 Sep 12 21:05:28 kapalua sshd\[15764\]: Failed password for invalid user hadoop123!@\# from 120.92.102.121 port 48550 ssh2 Sep 12 21:10:24 kapalua sshd\[16303\]: Invalid user pass from 120.92.102.121 Sep 12 21:10:24 kapalua sshd\[16303\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.121	2019-09-13 17:27:15
120.92.102.121	attack	2019-09-11T19:22:35.387120abusebot-2.cloudsearch.cf sshd\[28717\]: Invalid user ts3server from 120.92.102.121 port 33874	2019-09-12 10:49:28
120.92.102.121	attack	Sep 6 19:58:38 friendsofhawaii sshd\[1831\]: Invalid user q3server from 120.92.102.121 Sep 6 19:58:38 friendsofhawaii sshd\[1831\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.121 Sep 6 19:58:40 friendsofhawaii sshd\[1831\]: Failed password for invalid user q3server from 120.92.102.121 port 27086 ssh2 Sep 6 20:03:23 friendsofhawaii sshd\[2225\]: Invalid user hduser from 120.92.102.121 Sep 6 20:03:23 friendsofhawaii sshd\[2225\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.121	2019-09-07 14:20:38
120.92.102.121	attackspam	Aug 29 06:13:34 plex sshd[16855]: Invalid user ts3 from 120.92.102.121 port 55360	2019-08-29 12:19:58
120.92.102.121	attackspambots	Aug 28 05:50:32 srv-4 sshd\[10065\]: Invalid user server from 120.92.102.121 Aug 28 05:50:32 srv-4 sshd\[10065\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.102.121 Aug 28 05:50:33 srv-4 sshd\[10065\]: Failed password for invalid user server from 120.92.102.121 port 42424 ssh2 ...	2019-08-28 11:28:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.102.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43412
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.102.30.			IN	A

;; AUTHORITY SECTION:
.			285	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062500 1800 900 604800 86400

;; Query time: 67 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 25 20:20:22 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 30.102.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 30.102.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.13.123.223	attack	Sep 16 16:19:01 tdfoods sshd\[10165\]: Invalid user ftpuser from 183.13.123.223 Sep 16 16:19:01 tdfoods sshd\[10165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.13.123.223 Sep 16 16:19:04 tdfoods sshd\[10165\]: Failed password for invalid user ftpuser from 183.13.123.223 port 42809 ssh2 Sep 16 16:26:00 tdfoods sshd\[10788\]: Invalid user bookings from 183.13.123.223 Sep 16 16:26:00 tdfoods sshd\[10788\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.13.123.223	2019-09-17 10:48:08
51.79.7.237	attackbots	Sep 16 20:49:28 mail postfix/smtpd\[24285\]: NOQUEUE: reject: RCPT from sdfg.six-figure-biz.com\[51.79.7.237\]: 554 5.7.1 Service unavailable\; Client host \[51.79.7.237\] blocked using zen.spamhaus.org\; https://www.spamhaus.org/sbl/query/SBLCSS\; from=\ to=\ proto=ESMTP helo=\	2019-09-17 10:51:23
194.228.3.191	attackspambots	Sep 17 01:09:19 hcbbdb sshd\[10752\]: Invalid user password321 from 194.228.3.191 Sep 17 01:09:19 hcbbdb sshd\[10752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.228.3.191 Sep 17 01:09:21 hcbbdb sshd\[10752\]: Failed password for invalid user password321 from 194.228.3.191 port 47199 ssh2 Sep 17 01:13:52 hcbbdb sshd\[11808\]: Invalid user kn from 194.228.3.191 Sep 17 01:13:52 hcbbdb sshd\[11808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.228.3.191	2019-09-17 10:51:50
192.163.197.138	attack	F2B jail: sshd. Time: 2019-09-16 23:28:23, Reported by: VKReport	2019-09-17 10:36:18
183.11.235.20	attackbots	Sep 16 19:35:37 hcbbdb sshd\[7147\]: Invalid user ftp from 183.11.235.20 Sep 16 19:35:37 hcbbdb sshd\[7147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.11.235.20 Sep 16 19:35:39 hcbbdb sshd\[7147\]: Failed password for invalid user ftp from 183.11.235.20 port 35398 ssh2 Sep 16 19:39:51 hcbbdb sshd\[7633\]: Invalid user db2fenc1 from 183.11.235.20 Sep 16 19:39:51 hcbbdb sshd\[7633\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.11.235.20	2019-09-17 10:42:56
85.133.218.40	attack	Attempt To attack host OS, exploiting network vulnerabilities, on 16-09-2019 22:53:26.	2019-09-17 10:35:47
168.234.50.2	attackspambots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 16:57:51,763 INFO [amun_request_handler] PortScan Detected on Port: 445 (168.234.50.2)	2019-09-17 10:38:20
117.2.128.207	attackbotsspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-16 16:58:10,161 INFO [amun_request_handler] PortScan Detected on Port: 445 (117.2.128.207)	2019-09-17 10:34:35
118.25.61.152	attack	2019-09-16T19:19:38.967465abusebot-3.cloudsearch.cf sshd\[29836\]: Invalid user 12345 from 118.25.61.152 port 45020	2019-09-17 11:07:20
209.235.67.49	attack	Sep 16 22:21:13 unicornsoft sshd\[12369\]: Invalid user admin from 209.235.67.49 Sep 16 22:21:13 unicornsoft sshd\[12369\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.235.67.49 Sep 16 22:21:15 unicornsoft sshd\[12369\]: Failed password for invalid user admin from 209.235.67.49 port 48452 ssh2	2019-09-17 11:11:05
107.170.63.221	attackspambots	2019-09-17T04:39:29.143873 sshd[11121]: Invalid user Kristian from 107.170.63.221 port 36904 2019-09-17T04:39:29.159278 sshd[11121]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.63.221 2019-09-17T04:39:29.143873 sshd[11121]: Invalid user Kristian from 107.170.63.221 port 36904 2019-09-17T04:39:30.647905 sshd[11121]: Failed password for invalid user Kristian from 107.170.63.221 port 36904 ssh2 2019-09-17T04:56:44.960014 sshd[11335]: Invalid user newscng from 107.170.63.221 port 52548 ...	2019-09-17 11:12:58
189.134.110.102	attackspam	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-17 01:10:30,614 INFO [amun_request_handler] PortScan Detected on Port: 445 (189.134.110.102)	2019-09-17 11:03:55
46.105.244.1	attackspambots	2019-09-16T21:34:35.586017abusebot-8.cloudsearch.cf sshd\[32090\]: Invalid user telkom from 46.105.244.1 port 60929 2019-09-16T21:34:35.590313abusebot-8.cloudsearch.cf sshd\[32090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.244.1	2019-09-17 11:15:07
13.71.5.110	attackbots	Sep 17 02:35:38 MK-Soft-VM7 sshd\[26908\]: Invalid user takahashi from 13.71.5.110 port 14686 Sep 17 02:35:38 MK-Soft-VM7 sshd\[26908\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.71.5.110 Sep 17 02:35:40 MK-Soft-VM7 sshd\[26908\]: Failed password for invalid user takahashi from 13.71.5.110 port 14686 ssh2 ...	2019-09-17 11:01:02
128.199.185.42	attackbots	F2B jail: sshd. Time: 2019-09-16 21:24:57, Reported by: VKReport	2019-09-17 10:45:44

Recently Reported IPs

121.126.220.15	39.36.115.18	146.243.30.15	10.159.19.146
122.71.255.131	20.16.227.216	218.0.188.176	77.184.198.243
171.235.196.219	163.209.213.130	198.6.191.158	226.152.82.71
215.247.121.50	42.81.136.44	192.162.99.167	166.170.220.176
124.244.192.147	159.89.225.156	86.63.110.172	68.63.6.225