120.92.2.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Kingsoft Cloud Internet Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	(sshd) Failed SSH login from 120.92.2.48 (CN/China/-): 5 in the last 3600 secs	2020-08-18 18:58:53
attackspambots	Jul 28 01:05:50 rancher-0 sshd[616082]: Invalid user yangjiayang from 120.92.2.48 port 7196 ...	2020-07-28 07:49:58
attackbotsspam	Jun 22 05:51:52 piServer sshd[16142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 Jun 22 05:51:54 piServer sshd[16142]: Failed password for invalid user shop from 120.92.2.48 port 64173 ssh2 Jun 22 05:55:56 piServer sshd[16766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 ...	2020-06-22 12:00:31
attackspam	Invalid user user from 120.92.2.48 port 55484	2020-06-20 19:06:51
attackspambots	Jun 18 17:40:04: Invalid user zookeeper from 120.92.2.48 port 9475	2020-06-19 07:38:44
attack	Jun 9 13:43:28 localhost sshd[55487]: Invalid user admin from 120.92.2.48 port 4002 Jun 9 13:43:28 localhost sshd[55487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 Jun 9 13:43:28 localhost sshd[55487]: Invalid user admin from 120.92.2.48 port 4002 Jun 9 13:43:30 localhost sshd[55487]: Failed password for invalid user admin from 120.92.2.48 port 4002 ssh2 Jun 9 13:48:34 localhost sshd[55990]: Invalid user lky2 from 120.92.2.48 port 31134 ...	2020-06-09 21:57:44
attack	Jun 8 16:50:48 firewall sshd[18074]: Failed password for invalid user ftptest from 120.92.2.48 port 43756 ssh2 Jun 8 16:52:12 firewall sshd[18139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 user=root Jun 8 16:52:13 firewall sshd[18139]: Failed password for root from 120.92.2.48 port 54398 ssh2 ...	2020-06-09 03:57:58
attackbotsspam	2020-05-28T03:49:28.348857abusebot-8.cloudsearch.cf sshd[22968]: Invalid user nfs from 120.92.2.48 port 22064 2020-05-28T03:49:28.357973abusebot-8.cloudsearch.cf sshd[22968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 2020-05-28T03:49:28.348857abusebot-8.cloudsearch.cf sshd[22968]: Invalid user nfs from 120.92.2.48 port 22064 2020-05-28T03:49:30.288251abusebot-8.cloudsearch.cf sshd[22968]: Failed password for invalid user nfs from 120.92.2.48 port 22064 ssh2 2020-05-28T03:53:57.286037abusebot-8.cloudsearch.cf sshd[23284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 user=root 2020-05-28T03:53:59.481643abusebot-8.cloudsearch.cf sshd[23284]: Failed password for root from 120.92.2.48 port 49394 ssh2 2020-05-28T03:58:45.925933abusebot-8.cloudsearch.cf sshd[23524]: Invalid user butter from 120.92.2.48 port 12257 ...	2020-05-28 12:03:05
attackspambots	Apr 29 10:55:58 server sshd[31591]: Failed password for invalid user ean from 120.92.2.48 port 50027 ssh2 Apr 29 11:06:56 server sshd[40499]: Failed password for invalid user uuu from 120.92.2.48 port 18111 ssh2 Apr 29 11:09:23 server sshd[42404]: Failed password for invalid user tmm from 120.92.2.48 port 31302 ssh2	2020-04-29 17:12:06
attackbots	2020-04-22 07:45:48,041 fail2ban.actions: WARNING [ssh] Ban 120.92.2.48	2020-04-22 15:46:47
attack	Mar 31 00:53:31 ws22vmsma01 sshd[237274]: Failed password for root from 120.92.2.48 port 37345 ssh2 ...	2020-03-31 14:03:01

Comments on same subnet:

IP	Type	Details	Datetime
120.92.2.217	attack	Unauthorized SSH login attempts	2020-08-26 22:51:59
120.92.210.196	attackspambots	Invalid user postgres from 120.92.210.196 port 47610	2020-08-25 21:21:09
120.92.2.217	attackbots	Aug 24 14:34:58 h2779839 sshd[31002]: Invalid user user from 120.92.2.217 port 25178 Aug 24 14:34:58 h2779839 sshd[31002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 Aug 24 14:34:58 h2779839 sshd[31002]: Invalid user user from 120.92.2.217 port 25178 Aug 24 14:35:00 h2779839 sshd[31002]: Failed password for invalid user user from 120.92.2.217 port 25178 ssh2 Aug 24 14:38:36 h2779839 sshd[31063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 user=root Aug 24 14:38:37 h2779839 sshd[31063]: Failed password for root from 120.92.2.217 port 60752 ssh2 Aug 24 14:42:09 h2779839 sshd[31155]: Invalid user kyang from 120.92.2.217 port 31896 Aug 24 14:42:09 h2779839 sshd[31155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 Aug 24 14:42:09 h2779839 sshd[31155]: Invalid user kyang from 120.92.2.217 port 31896 Aug 24 14:42:11 h277983 ...	2020-08-24 23:54:13
120.92.2.217	attackbots	SSH_scan	2020-08-16 16:13:35
120.92.210.196	attack	Failed password for root from 120.92.210.196 port 60054 ssh2	2020-08-09 18:17:14
120.92.210.196	attack	Aug 2 06:39:41 eventyay sshd[22911]: Failed password for root from 120.92.210.196 port 42072 ssh2 Aug 2 06:43:14 eventyay sshd[23051]: Failed password for root from 120.92.210.196 port 16868 ssh2 ...	2020-08-02 12:49:49
120.92.209.229	attackspam	Jul 29 01:16:04 ny01 sshd[30771]: Failed password for root from 120.92.209.229 port 1634 ssh2 Jul 29 01:20:52 ny01 sshd[31328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229 Jul 29 01:20:54 ny01 sshd[31328]: Failed password for invalid user jianhaoc from 120.92.209.229 port 54174 ssh2	2020-07-29 13:27:46
120.92.209.229	attackbotsspam	Jul 27 20:50:55 jane sshd[10204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229 Jul 27 20:50:57 jane sshd[10204]: Failed password for invalid user tammy from 120.92.209.229 port 41494 ssh2 ...	2020-07-28 03:15:40
120.92.2.217	attackbotsspam	Invalid user johanna from 120.92.2.217 port 48912	2020-07-27 07:21:46
120.92.210.196	attackbotsspam	$f2bV_matches	2020-07-26 12:51:49
120.92.209.229	attackbotsspam	Jul 23 15:42:46 Ubuntu-1404-trusty-64-minimal sshd\[2569\]: Invalid user ada from 120.92.209.229 Jul 23 15:42:46 Ubuntu-1404-trusty-64-minimal sshd\[2569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229 Jul 23 15:42:49 Ubuntu-1404-trusty-64-minimal sshd\[2569\]: Failed password for invalid user ada from 120.92.209.229 port 12302 ssh2 Jul 23 15:54:26 Ubuntu-1404-trusty-64-minimal sshd\[14547\]: Invalid user knk from 120.92.209.229 Jul 23 15:54:26 Ubuntu-1404-trusty-64-minimal sshd\[14547\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229	2020-07-24 01:49:18
120.92.209.229	attackspam	2020-07-22T17:55:20.238238morrigan.ad5gb.com sshd[1104953]: Invalid user dasusr1 from 120.92.209.229 port 54326 2020-07-22T17:55:22.461670morrigan.ad5gb.com sshd[1104953]: Failed password for invalid user dasusr1 from 120.92.209.229 port 54326 ssh2	2020-07-23 07:22:31
120.92.210.196	attack	DATE:2020-07-17 18:54:06,IP:120.92.210.196,MATCHES:10,PORT:ssh	2020-07-18 04:16:27
120.92.210.196	attack	Jul 13 00:24:37 piServer sshd[24665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.210.196 Jul 13 00:24:39 piServer sshd[24665]: Failed password for invalid user sxx from 120.92.210.196 port 15614 ssh2 Jul 13 00:28:45 piServer sshd[25228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.210.196 ...	2020-07-13 07:23:47
120.92.213.60	attackspam	Invalid user marcey from 120.92.213.60 port 8056	2020-07-12 01:21:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.2.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5236
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.2.48.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033001 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 14:02:56 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 48.2.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.2.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
59.126.27.102	attackbots	Unauthorized connection attempt detected from IP address 59.126.27.102 to port 23 [J]	2020-01-06 18:30:15
178.216.248.36	attackbots	Jan 6 09:53:17 master sshd[10266]: Failed password for invalid user support from 178.216.248.36 port 57032 ssh2 Jan 6 09:54:06 master sshd[10268]: Failed password for invalid user calla from 178.216.248.36 port 34410 ssh2 Jan 6 09:54:48 master sshd[10270]: Failed password for invalid user odoo from 178.216.248.36 port 39340 ssh2 Jan 6 09:55:38 master sshd[10274]: Failed password for invalid user ztc from 178.216.248.36 port 44270 ssh2 Jan 6 09:56:22 master sshd[10276]: Failed password for invalid user adamek from 178.216.248.36 port 49190 ssh2 Jan 6 09:57:07 master sshd[10278]: Failed password for invalid user data from 178.216.248.36 port 54120 ssh2 Jan 6 09:57:52 master sshd[10282]: Failed password for invalid user ts3srv from 178.216.248.36 port 59044 ssh2 Jan 6 09:58:33 master sshd[10284]: Failed password for invalid user tester from 178.216.248.36 port 35744 ssh2 Jan 6 09:59:15 master sshd[10288]: Failed password for invalid user operator from 178.216.248.36 port 40668 ssh2 Jan 6 09:59:55 maste	2020-01-06 18:45:16
220.182.47.116	attack	Unauthorized connection attempt detected from IP address 220.182.47.116 to port 8088 [J]	2020-01-06 18:36:07
222.186.30.31	attack	06.01.2020 10:09:16 SSH access blocked by firewall	2020-01-06 18:14:43
1.52.238.49	attackspambots	Unauthorized connection attempt detected from IP address 1.52.238.49 to port 23 [J]	2020-01-06 18:35:25
95.237.225.22	attackbots	Unauthorized connection attempt detected from IP address 95.237.225.22 to port 8081 [J]	2020-01-06 18:26:41
183.106.83.96	attack	Unauthorized connection attempt detected from IP address 183.106.83.96 to port 4567 [J]	2020-01-06 18:20:28
84.241.56.76	attackbots	Unauthorized connection attempt detected from IP address 84.241.56.76 to port 1433 [J]	2020-01-06 18:07:27
59.25.197.134	attackspambots	Unauthorized connection attempt detected from IP address 59.25.197.134 to port 2220 [J]	2020-01-06 18:09:59
193.234.95.10	attackspambots	Unauthorized connection attempt detected from IP address 193.234.95.10 to port 5555 [J]	2020-01-06 18:42:08
218.204.132.211	attack	Unauthorized connection attempt detected from IP address 218.204.132.211 to port 23 [T]	2020-01-06 18:37:15
49.235.161.202	attackbotsspam	Unauthorized connection attempt detected from IP address 49.235.161.202 to port 2220 [J]	2020-01-06 18:32:27
51.77.230.125	attack	Unauthorized connection attempt detected from IP address 51.77.230.125 to port 2220 [J]	2020-01-06 18:10:14
45.174.157.2	attack	Unauthorized connection attempt detected from IP address 45.174.157.2 to port 80 [J]	2020-01-06 18:33:08
211.154.163.67	attack	Unauthorized connection attempt detected from IP address 211.154.163.67 to port 1433 [J]	2020-01-06 18:38:33

Recently Reported IPs

123.17.85.228	42.119.117.216	77.55.210.188	167.71.160.126
129.56.48.114	51.178.53.238	192.183.168.73	60.193.90.236
248.26.39.168	19.75.108.168	235.35.28.12	105.93.192.56
39.49.145.144	2601:589:4480:a5a0:84b2:5a83:9c77:56fe	23.235.137.0	208.95.75.158
68.197.23.253	135.221.77.178	184.112.90.60	41.220.53.53