120.92.34.142 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Beijing Kingsoft Cloud Internet Technology Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Oct 1 06:22:59 vps691689 sshd[25552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.142 Oct 1 06:23:02 vps691689 sshd[25552]: Failed password for invalid user adam from 120.92.34.142 port 59108 ssh2 ...	2019-10-01 15:58:36
attackspam	Invalid user just from 120.92.34.142 port 13474	2019-08-23 18:46:49

Type

Details

Datetime

attack

Oct  1 06:22:59 vps691689 sshd[25552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.142
Oct  1 06:23:02 vps691689 sshd[25552]: Failed password for invalid user adam from 120.92.34.142 port 59108 ssh2
...

2019-10-01 15:58:36

attackspam

Invalid user just from 120.92.34.142 port 13474

2019-08-23 18:46:49

Comments on same subnet:

IP	Type	Details	Datetime
120.92.34.203	attack	Oct 5 03:30:48 pornomens sshd\[10135\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root Oct 5 03:30:50 pornomens sshd\[10135\]: Failed password for root from 120.92.34.203 port 5996 ssh2 Oct 5 03:35:12 pornomens sshd\[10230\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root ...	2020-10-05 17:03:40
120.92.34.203	attack	Sep 22 22:37:11 php1 sshd\[2951\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root Sep 22 22:37:13 php1 sshd\[2951\]: Failed password for root from 120.92.34.203 port 63710 ssh2 Sep 22 22:39:29 php1 sshd\[3358\]: Invalid user larry from 120.92.34.203 Sep 22 22:39:29 php1 sshd\[3358\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 Sep 22 22:39:31 php1 sshd\[3358\]: Failed password for invalid user larry from 120.92.34.203 port 26876 ssh2	2020-09-23 21:15:31
120.92.34.203	attackspambots	IP blocked	2020-09-23 13:34:39
120.92.34.203	attackbots	Sep 22 18:04:55 ajax sshd[7728]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 Sep 22 18:04:56 ajax sshd[7728]: Failed password for invalid user dummy from 120.92.34.203 port 44526 ssh2	2020-09-23 05:23:09
120.92.34.203	attackbotsspam	$f2bV_matches	2020-08-31 16:33:44
120.92.34.203	attackbotsspam	Time: Mon Aug 24 20:13:22 2020 +0000 IP: 120.92.34.203 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Aug 24 20:00:03 ca-29-ams1 sshd[9860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root Aug 24 20:00:05 ca-29-ams1 sshd[9860]: Failed password for root from 120.92.34.203 port 63364 ssh2 Aug 24 20:09:41 ca-29-ams1 sshd[11440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root Aug 24 20:09:43 ca-29-ams1 sshd[11440]: Failed password for root from 120.92.34.203 port 50340 ssh2 Aug 24 20:13:17 ca-29-ams1 sshd[11967]: Invalid user ricoh from 120.92.34.203 port 45708	2020-08-25 06:06:30
120.92.34.203	attackbots	Aug 23 23:35:35 ip106 sshd[4858]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 Aug 23 23:35:37 ip106 sshd[4858]: Failed password for invalid user ragnarok from 120.92.34.203 port 45636 ssh2 ...	2020-08-24 05:37:03
120.92.34.203	attackbots	Aug 23 15:54:31 OPSO sshd\[27467\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root Aug 23 15:54:33 OPSO sshd\[27467\]: Failed password for root from 120.92.34.203 port 52454 ssh2 Aug 23 15:56:31 OPSO sshd\[27926\]: Invalid user panda from 120.92.34.203 port 6566 Aug 23 15:56:31 OPSO sshd\[27926\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 Aug 23 15:56:33 OPSO sshd\[27926\]: Failed password for invalid user panda from 120.92.34.203 port 6566 ssh2	2020-08-24 00:35:57
120.92.34.203	attackspambots	SSH bruteforce	2020-08-09 22:51:21
120.92.34.203	attackspambots	Aug 6 16:22:10 nextcloud sshd\[20912\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root Aug 6 16:22:12 nextcloud sshd\[20912\]: Failed password for root from 120.92.34.203 port 53384 ssh2 Aug 6 16:23:28 nextcloud sshd\[22524\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root	2020-08-07 02:40:10
120.92.34.203	attack	2020-08-03T16:17:16.299799linuxbox-skyline sshd[54149]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 user=root 2020-08-03T16:17:18.880462linuxbox-skyline sshd[54149]: Failed password for root from 120.92.34.203 port 37236 ssh2 ...	2020-08-04 06:39:31
120.92.34.203	attackbots	Invalid user oswbb from 120.92.34.203 port 46030	2020-07-31 05:45:55
120.92.34.203	attackbots	Jul 20 23:47:09 nextcloud sshd\[19387\]: Invalid user xiaowu from 120.92.34.203 Jul 20 23:47:09 nextcloud sshd\[19387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 Jul 20 23:47:11 nextcloud sshd\[19387\]: Failed password for invalid user xiaowu from 120.92.34.203 port 19396 ssh2	2020-07-21 06:17:05
120.92.34.203	attack	Jul 16 16:32:40 piServer sshd[1524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 Jul 16 16:32:42 piServer sshd[1524]: Failed password for invalid user syslog from 120.92.34.203 port 54154 ssh2 Jul 16 16:38:06 piServer sshd[2210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.34.203 ...	2020-07-17 04:22:12
120.92.34.203	attackbotsspam	Unauthorized access to SSH at 27/Jun/2020:20:46:30 +0000.	2020-06-28 04:46:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.34.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23874
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.34.142.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082300 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 23 18:46:42 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 142.34.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 142.34.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.201.44.50	attackspam	DE - - [24/Apr/2020:16:18:06 +0300] POST /wp-login.php HTTP/1.1 200 4795 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 15:41:05
110.8.67.146	attack	Fail2Ban - SSH Bruteforce Attempt	2020-04-25 15:51:43
36.91.76.171	attack	Invalid user mv from 36.91.76.171 port 59600	2020-04-25 16:16:07
72.45.150.226	attack	Invalid user postgres from 72.45.150.226 port 45846	2020-04-25 16:10:51
82.79.223.50	attack	Automatic report - Banned IP Access	2020-04-25 15:57:28
104.131.203.173	attackbots	25.04.2020 06:28:59 - Wordpress fail Detected by ELinOX-ALM	2020-04-25 15:52:08
62.28.253.197	attack	Invalid user admin from 62.28.253.197 port 21798	2020-04-25 16:02:26
37.49.230.131	attackbotsspam	2020-04-25 10:00:15 dovecot_login authenticator failed for $User$ \[37.49.230.131\]: 535 Incorrect authentication data $set_id=ftpuser@ift.org.ua$2020-04-25 10:00:36 dovecot_login authenticator failed for $User$ \[37.49.230.131\]: 535 Incorrect authentication data $set_id=copier@ift.org.ua$2020-04-25 10:02:30 dovecot_login authenticator failed for $User$ \[37.49.230.131\]: 535 Incorrect authentication data $set_id=test@ift.org.ua$ ...	2020-04-25 15:59:41
86.29.27.122	attackbots	Automatic report - Port Scan Attack	2020-04-25 15:44:01
61.161.250.202	attackbotsspam	2020-04-25T08:34:02.423837v220200467592115444 sshd[23443]: Invalid user ry from 61.161.250.202 port 60256 2020-04-25T08:34:02.431974v220200467592115444 sshd[23443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.161.250.202 2020-04-25T08:34:02.423837v220200467592115444 sshd[23443]: Invalid user ry from 61.161.250.202 port 60256 2020-04-25T08:34:04.122965v220200467592115444 sshd[23443]: Failed password for invalid user ry from 61.161.250.202 port 60256 ssh2 2020-04-25T08:37:00.784236v220200467592115444 sshd[23555]: User root from 61.161.250.202 not allowed because not listed in AllowUsers ...	2020-04-25 15:51:04
58.210.190.30	attack	Invalid user admin from 58.210.190.30 port 48908	2020-04-25 16:01:31
50.63.161.42	attack	MYH,DEF GET /wp-login.php	2020-04-25 16:22:46
121.204.166.240	attackbots	Apr 25 07:05:42 * sshd[24704]: Failed password for root from 121.204.166.240 port 48328 ssh2	2020-04-25 15:53:54
13.56.67.199	attackspambots	US - - [24/Apr/2020:20:17:49 +0300] POST /wp-login.php HTTP/1.1 200 4795 - Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:62.0 Gecko/20100101 Firefox/62.0	2020-04-25 15:48:23
123.20.181.232	attack	Brute force attempt	2020-04-25 16:24:33

Recently Reported IPs

113.204.228.66	113.173.36.66	15.138.122.180	76.153.61.92
118.111.126.102	85.143.78.201	104.209.39.215	104.40.18.45
98.251.250.117	50.112.234.175	179.146.116.24	46.166.173.154
196.60.7.112	33.120.125.66	27.10.180.188	178.111.253.240
93.134.82.230	123.174.125.101	218.28.238.165	42.190.213.222