120.92.117.134

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Kingsoft Cloud Internet Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	unauthorized connection attempt	2020-06-26 12:28:09

Comments on same subnet:

IP	Type	Details	Datetime
120.92.117.182	attackbots	$f2bV_matches	2020-09-29 01:50:33
120.92.117.182	attackspam	Aug 31 06:44:25 lukav-desktop sshd\[18700\]: Invalid user andres from 120.92.117.182 Aug 31 06:44:25 lukav-desktop sshd\[18700\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182 Aug 31 06:44:28 lukav-desktop sshd\[18700\]: Failed password for invalid user andres from 120.92.117.182 port 9426 ssh2 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: Invalid user ubnt from 120.92.117.182 Aug 31 06:49:37 lukav-desktop sshd\[18769\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.182	2020-08-31 18:24:55
120.92.117.182	attackbotsspam	(sshd) Failed SSH login from 120.92.117.182 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 30 11:10:01 server sshd[4798]: Invalid user asterisk from 120.92.117.182 port 10898 Aug 30 11:10:04 server sshd[4798]: Failed password for invalid user asterisk from 120.92.117.182 port 10898 ssh2 Aug 30 11:27:07 server sshd[12918]: Invalid user riv from 120.92.117.182 port 26683 Aug 30 11:27:08 server sshd[12918]: Failed password for invalid user riv from 120.92.117.182 port 26683 ssh2 Aug 30 11:32:25 server sshd[15417]: Invalid user ftpuser from 120.92.117.182 port 21096	2020-08-30 23:36:43
120.92.117.184	attack	Aug 27 13:12:13 OPSO sshd\[16145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 user=root Aug 27 13:12:14 OPSO sshd\[16145\]: Failed password for root from 120.92.117.184 port 26219 ssh2 Aug 27 13:17:31 OPSO sshd\[17371\]: Invalid user win from 120.92.117.184 port 4578 Aug 27 13:17:31 OPSO sshd\[17371\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.117.184 Aug 27 13:17:32 OPSO sshd\[17371\]: Failed password for invalid user win from 120.92.117.184 port 4578 ssh2	2019-08-27 19:21:35
120.92.117.184	attackbotsspam	Invalid user mhlee from 120.92.117.184 port 53131	2019-08-23 19:15:58
120.92.117.2	attackbots	SSH/22 MH Probe, BF, Hack -	2019-08-02 20:13:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.117.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29835
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.117.134.			IN	A

;; AUTHORITY SECTION:
.			457	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020062502 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jun 26 12:27:51 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 134.117.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.117.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
194.247.178.11	attackspambots	Unauthorized connection attempt from IP address 194.247.178.11 on Port 445(SMB)	2020-05-06 23:14:29
190.200.77.4	attackspam	Unauthorized connection attempt from IP address 190.200.77.4 on Port 445(SMB)	2020-05-06 23:07:51
2a02:1812:1e01:1400:5590:a6db:de2c:692b	attackbotsspam	May 6 15:59:06 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=2a02:1812:1e01:1400:5590:a6db:de2c:692b, lip=2a01:7e01:e001:164::, TLS, session=<4C25Kvukd/QqAhgSHgEUAFWQptveLGkr> May 6 16:06:04 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=2a02:1812:1e01:1400:5590:a6db:de2c:692b, lip=2a01:7e01:e001:164::, TLS, session=<4xujQ/ukhPQqAhgSHgEUAFWQptveLGkr> May 6 16:06:10 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=2a02:1812:1e01:1400:5590:a6db:de2c:692b, lip=2a01:7e01:e001:164::, TLS, session= May 6 16:06:10 server dovecot: imap-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=2a02:1812:1e01:1400:5590:a6db:de2c:692b, lip=2a01:7e01:e001:164::, TLS, session= May ...	2020-05-06 23:29:46
49.15.86.191	attackspam	SMB Server BruteForce Attack	2020-05-06 22:50:47
68.183.60.218	attack	SSH Brute Force	2020-05-06 22:56:58
104.236.47.37	attack	May 6 12:54:53 game-panel sshd[26133]: Failed password for root from 104.236.47.37 port 36338 ssh2 May 6 12:57:41 game-panel sshd[26257]: Failed password for root from 104.236.47.37 port 51228 ssh2	2020-05-06 23:20:17
45.164.8.244	attack	2020-05-06T14:00:30.8221091240 sshd\[22907\]: Invalid user dave from 45.164.8.244 port 45776 2020-05-06T14:00:30.8261211240 sshd\[22907\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.164.8.244 2020-05-06T14:00:32.6441881240 sshd\[22907\]: Failed password for invalid user dave from 45.164.8.244 port 45776 ssh2 ...	2020-05-06 23:08:47
171.235.63.54	attack	20/5/6@08:00:31: FAIL: Alarm-Network address from=171.235.63.54 ...	2020-05-06 23:12:17
222.122.31.133	attackbots	May 6 10:10:37 NPSTNNYC01T sshd[2931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.31.133 May 6 10:10:39 NPSTNNYC01T sshd[2931]: Failed password for invalid user server from 222.122.31.133 port 50944 ssh2 May 6 10:13:38 NPSTNNYC01T sshd[3161]: Failed password for root from 222.122.31.133 port 60610 ssh2 ...	2020-05-06 22:44:07
39.36.93.141	attack	39.36.93.141 - - [06/May/2020:14:00:35 +0200] "GET /wp-login.php HTTP/1.1" 301 247 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0"	2020-05-06 23:05:31
124.109.33.146	attackbots	Unauthorized connection attempt from IP address 124.109.33.146 on Port 445(SMB)	2020-05-06 23:02:01
45.143.223.217	spam	May 6 15:27:48 XXXXX postfix/smtpd[8335]: NOQUEUE: reject: RCPT from unknown[45.143.223.217]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo=	2020-05-06 22:56:34
125.161.107.154	attackbotsspam	20/5/6@08:00:31: FAIL: Alarm-Network address from=125.161.107.154 20/5/6@08:00:31: FAIL: Alarm-Network address from=125.161.107.154 ...	2020-05-06 23:13:15
105.112.182.84	attack	Unauthorized connection attempt from IP address 105.112.182.84 on Port 445(SMB)	2020-05-06 23:22:56
208.109.8.97	attackbotsspam	May 6 16:24:15 roki sshd[6124]: Invalid user oracle from 208.109.8.97 May 6 16:24:15 roki sshd[6124]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.109.8.97 May 6 16:24:16 roki sshd[6124]: Failed password for invalid user oracle from 208.109.8.97 port 39100 ssh2 May 6 16:29:37 roki sshd[6465]: Invalid user tester from 208.109.8.97 May 6 16:29:37 roki sshd[6465]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.109.8.97 ...	2020-05-06 22:59:35

Recently Reported IPs

117.50.37.103	1.212.68.75	1.29.24.103	31.28.230.118
68.183.95.85	36.137.140.128	3.136.135.51	181.32.90.108
46.7.5.219	163.83.71.51	125.215.187.54	202.114.93.97
46.223.15.13	182.180.121.7	37.187.161.195	44.97.99.97
22.151.169.244	114.116.124.108	54.159.78.28	134.17.217.30