120.92.2.48 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Kingsoft Cloud Internet Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	(sshd) Failed SSH login from 120.92.2.48 (CN/China/-): 5 in the last 3600 secs	2020-08-18 18:58:53
attackspambots	Jul 28 01:05:50 rancher-0 sshd[616082]: Invalid user yangjiayang from 120.92.2.48 port 7196 ...	2020-07-28 07:49:58
attackbotsspam	Jun 22 05:51:52 piServer sshd[16142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 Jun 22 05:51:54 piServer sshd[16142]: Failed password for invalid user shop from 120.92.2.48 port 64173 ssh2 Jun 22 05:55:56 piServer sshd[16766]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 ...	2020-06-22 12:00:31
attackspam	Invalid user user from 120.92.2.48 port 55484	2020-06-20 19:06:51
attackspambots	Jun 18 17:40:04: Invalid user zookeeper from 120.92.2.48 port 9475	2020-06-19 07:38:44
attack	Jun 9 13:43:28 localhost sshd[55487]: Invalid user admin from 120.92.2.48 port 4002 Jun 9 13:43:28 localhost sshd[55487]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 Jun 9 13:43:28 localhost sshd[55487]: Invalid user admin from 120.92.2.48 port 4002 Jun 9 13:43:30 localhost sshd[55487]: Failed password for invalid user admin from 120.92.2.48 port 4002 ssh2 Jun 9 13:48:34 localhost sshd[55990]: Invalid user lky2 from 120.92.2.48 port 31134 ...	2020-06-09 21:57:44
attack	Jun 8 16:50:48 firewall sshd[18074]: Failed password for invalid user ftptest from 120.92.2.48 port 43756 ssh2 Jun 8 16:52:12 firewall sshd[18139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 user=root Jun 8 16:52:13 firewall sshd[18139]: Failed password for root from 120.92.2.48 port 54398 ssh2 ...	2020-06-09 03:57:58
attackbotsspam	2020-05-28T03:49:28.348857abusebot-8.cloudsearch.cf sshd[22968]: Invalid user nfs from 120.92.2.48 port 22064 2020-05-28T03:49:28.357973abusebot-8.cloudsearch.cf sshd[22968]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 2020-05-28T03:49:28.348857abusebot-8.cloudsearch.cf sshd[22968]: Invalid user nfs from 120.92.2.48 port 22064 2020-05-28T03:49:30.288251abusebot-8.cloudsearch.cf sshd[22968]: Failed password for invalid user nfs from 120.92.2.48 port 22064 ssh2 2020-05-28T03:53:57.286037abusebot-8.cloudsearch.cf sshd[23284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.48 user=root 2020-05-28T03:53:59.481643abusebot-8.cloudsearch.cf sshd[23284]: Failed password for root from 120.92.2.48 port 49394 ssh2 2020-05-28T03:58:45.925933abusebot-8.cloudsearch.cf sshd[23524]: Invalid user butter from 120.92.2.48 port 12257 ...	2020-05-28 12:03:05
attackspambots	Apr 29 10:55:58 server sshd[31591]: Failed password for invalid user ean from 120.92.2.48 port 50027 ssh2 Apr 29 11:06:56 server sshd[40499]: Failed password for invalid user uuu from 120.92.2.48 port 18111 ssh2 Apr 29 11:09:23 server sshd[42404]: Failed password for invalid user tmm from 120.92.2.48 port 31302 ssh2	2020-04-29 17:12:06
attackbots	2020-04-22 07:45:48,041 fail2ban.actions: WARNING [ssh] Ban 120.92.2.48	2020-04-22 15:46:47
attack	Mar 31 00:53:31 ws22vmsma01 sshd[237274]: Failed password for root from 120.92.2.48 port 37345 ssh2 ...	2020-03-31 14:03:01

Comments on same subnet:

IP	Type	Details	Datetime
120.92.2.217	attack	Unauthorized SSH login attempts	2020-08-26 22:51:59
120.92.210.196	attackspambots	Invalid user postgres from 120.92.210.196 port 47610	2020-08-25 21:21:09
120.92.2.217	attackbots	Aug 24 14:34:58 h2779839 sshd[31002]: Invalid user user from 120.92.2.217 port 25178 Aug 24 14:34:58 h2779839 sshd[31002]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 Aug 24 14:34:58 h2779839 sshd[31002]: Invalid user user from 120.92.2.217 port 25178 Aug 24 14:35:00 h2779839 sshd[31002]: Failed password for invalid user user from 120.92.2.217 port 25178 ssh2 Aug 24 14:38:36 h2779839 sshd[31063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 user=root Aug 24 14:38:37 h2779839 sshd[31063]: Failed password for root from 120.92.2.217 port 60752 ssh2 Aug 24 14:42:09 h2779839 sshd[31155]: Invalid user kyang from 120.92.2.217 port 31896 Aug 24 14:42:09 h2779839 sshd[31155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.2.217 Aug 24 14:42:09 h2779839 sshd[31155]: Invalid user kyang from 120.92.2.217 port 31896 Aug 24 14:42:11 h277983 ...	2020-08-24 23:54:13
120.92.2.217	attackbots	SSH_scan	2020-08-16 16:13:35
120.92.210.196	attack	Failed password for root from 120.92.210.196 port 60054 ssh2	2020-08-09 18:17:14
120.92.210.196	attack	Aug 2 06:39:41 eventyay sshd[22911]: Failed password for root from 120.92.210.196 port 42072 ssh2 Aug 2 06:43:14 eventyay sshd[23051]: Failed password for root from 120.92.210.196 port 16868 ssh2 ...	2020-08-02 12:49:49
120.92.209.229	attackspam	Jul 29 01:16:04 ny01 sshd[30771]: Failed password for root from 120.92.209.229 port 1634 ssh2 Jul 29 01:20:52 ny01 sshd[31328]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229 Jul 29 01:20:54 ny01 sshd[31328]: Failed password for invalid user jianhaoc from 120.92.209.229 port 54174 ssh2	2020-07-29 13:27:46
120.92.209.229	attackbotsspam	Jul 27 20:50:55 jane sshd[10204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229 Jul 27 20:50:57 jane sshd[10204]: Failed password for invalid user tammy from 120.92.209.229 port 41494 ssh2 ...	2020-07-28 03:15:40
120.92.2.217	attackbotsspam	Invalid user johanna from 120.92.2.217 port 48912	2020-07-27 07:21:46
120.92.210.196	attackbotsspam	$f2bV_matches	2020-07-26 12:51:49
120.92.209.229	attackbotsspam	Jul 23 15:42:46 Ubuntu-1404-trusty-64-minimal sshd\[2569\]: Invalid user ada from 120.92.209.229 Jul 23 15:42:46 Ubuntu-1404-trusty-64-minimal sshd\[2569\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229 Jul 23 15:42:49 Ubuntu-1404-trusty-64-minimal sshd\[2569\]: Failed password for invalid user ada from 120.92.209.229 port 12302 ssh2 Jul 23 15:54:26 Ubuntu-1404-trusty-64-minimal sshd\[14547\]: Invalid user knk from 120.92.209.229 Jul 23 15:54:26 Ubuntu-1404-trusty-64-minimal sshd\[14547\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.209.229	2020-07-24 01:49:18
120.92.209.229	attackspam	2020-07-22T17:55:20.238238morrigan.ad5gb.com sshd[1104953]: Invalid user dasusr1 from 120.92.209.229 port 54326 2020-07-22T17:55:22.461670morrigan.ad5gb.com sshd[1104953]: Failed password for invalid user dasusr1 from 120.92.209.229 port 54326 ssh2	2020-07-23 07:22:31
120.92.210.196	attack	DATE:2020-07-17 18:54:06,IP:120.92.210.196,MATCHES:10,PORT:ssh	2020-07-18 04:16:27
120.92.210.196	attack	Jul 13 00:24:37 piServer sshd[24665]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.210.196 Jul 13 00:24:39 piServer sshd[24665]: Failed password for invalid user sxx from 120.92.210.196 port 15614 ssh2 Jul 13 00:28:45 piServer sshd[25228]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.210.196 ...	2020-07-13 07:23:47
120.92.213.60	attackspam	Invalid user marcey from 120.92.213.60 port 8056	2020-07-12 01:21:18

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.2.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5236
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.2.48.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020033001 1800 900 604800 86400

;; Query time: 53 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 31 14:02:56 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 48.2.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.2.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
94.102.49.193	attackspambots	firewall-block, port(s): 55554/tcp	2020-03-03 15:50:53
69.119.140.197	attackspambots	Honeypot attack, port: 81, PTR: ool-45778cc5.dyn.optonline.net.	2020-03-03 16:00:31
178.88.115.126	attackspambots	Mar 2 21:38:48 hanapaa sshd\[23173\]: Invalid user rabbitmq from 178.88.115.126 Mar 2 21:38:48 hanapaa sshd\[23173\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.88.115.126 Mar 2 21:38:51 hanapaa sshd\[23173\]: Failed password for invalid user rabbitmq from 178.88.115.126 port 57216 ssh2 Mar 2 21:46:19 hanapaa sshd\[23745\]: Invalid user webmaster from 178.88.115.126 Mar 2 21:46:19 hanapaa sshd\[23745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.88.115.126	2020-03-03 16:06:23
201.141.194.182	attackbots	SSH authentication failure x 6 reported by Fail2Ban ...	2020-03-03 16:14:48
187.110.208.2	attackspam	Telnet Server BruteForce Attack	2020-03-03 16:09:04
116.196.82.80	attackbots	Mar 2 22:03:02 web1 sshd\[9224\]: Invalid user admin1 from 116.196.82.80 Mar 2 22:03:02 web1 sshd\[9224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.82.80 Mar 2 22:03:04 web1 sshd\[9224\]: Failed password for invalid user admin1 from 116.196.82.80 port 51496 ssh2 Mar 2 22:09:04 web1 sshd\[9816\]: Invalid user ubuntu from 116.196.82.80 Mar 2 22:09:04 web1 sshd\[9816\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=116.196.82.80	2020-03-03 16:23:49
182.76.40.234	attackspam	Honeypot attack, port: 445, PTR: nsg-static-234.40.76.182-airtel.com.	2020-03-03 16:15:01
181.95.106.97	attack	DATE:2020-03-03 05:55:12, IP:181.95.106.97, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2020-03-03 16:20:12
45.80.65.122	attackspambots	Mar 3 05:55:23 163-172-32-151 sshd[15716]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.80.65.122 user=root Mar 3 05:55:25 163-172-32-151 sshd[15716]: Failed password for root from 45.80.65.122 port 46240 ssh2 ...	2020-03-03 16:15:24
114.221.16.242	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2020-03-03 15:46:59
95.179.192.9	attack	Automatic report - WordPress Brute Force	2020-03-03 16:07:12
85.100.120.5	attackbots	Honeypot attack, port: 81, PTR: 85.100.120.5.dynamic.ttnet.com.tr.	2020-03-03 15:59:35
37.134.114.77	attackspambots	Mar 3 05:55:23 163-172-32-151 sshd[15685]: Invalid user ec2-user from 37.134.114.77 port 60608 ...	2020-03-03 16:17:00
46.103.47.252	attack	Telnet Server BruteForce Attack	2020-03-03 16:13:24
111.200.54.170	attack	" "	2020-03-03 15:47:19

Recently Reported IPs

123.17.85.228	42.119.117.216	77.55.210.188	167.71.160.126
129.56.48.114	51.178.53.238	192.183.168.73	60.193.90.236
248.26.39.168	19.75.108.168	235.35.28.12	105.93.192.56
39.49.145.144	2601:589:4480:a5a0:84b2:5a83:9c77:56fe	23.235.137.0	208.95.75.158
68.197.23.253	135.221.77.178	184.112.90.60	41.220.53.53