120.92.42.229 - IPInfo

Basic Info

City: unknown

Region: Beijing

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
120.92.42.123	attackbotsspam	Jun 29 00:59:47 journals sshd\[40445\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root Jun 29 00:59:48 journals sshd\[40445\]: Failed password for root from 120.92.42.123 port 20186 ssh2 Jun 29 01:03:13 journals sshd\[40781\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root Jun 29 01:03:15 journals sshd\[40781\]: Failed password for root from 120.92.42.123 port 63128 ssh2 Jun 29 01:06:45 journals sshd\[41131\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root ...	2020-06-29 06:29:00
120.92.42.123	attack	Wordpress malicious attack:[sshd]	2020-06-13 18:10:50
120.92.42.123	attackbotsspam	$f2bV_matches	2020-05-29 13:29:42
120.92.42.123	attack	SSH Brute-Forcing (server1)	2020-05-28 12:02:24
120.92.42.123	attack	May 27 13:50:47 mail sshd\[24368\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root May 27 13:50:49 mail sshd\[24368\]: Failed password for root from 120.92.42.123 port 63450 ssh2 May 27 13:54:23 mail sshd\[24388\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root ...	2020-05-27 22:39:42
120.92.42.123	attack	May 1 22:48:08 jane sshd[10783]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 May 1 22:48:10 jane sshd[10783]: Failed password for invalid user intern from 120.92.42.123 port 46704 ssh2 ...	2020-05-02 05:54:44
120.92.42.123	attackbots	Apr 24 09:06:42 NPSTNNYC01T sshd[11457]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 Apr 24 09:06:44 NPSTNNYC01T sshd[11457]: Failed password for invalid user xvf from 120.92.42.123 port 10158 ssh2 Apr 24 09:10:08 NPSTNNYC01T sshd[11734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 ...	2020-04-24 21:37:04
120.92.42.123	attack	"Unauthorized connection attempt on SSHD detected"	2020-04-23 01:50:16
120.92.42.123	attackspam	2020-04-11T17:36:52.247683abusebot-4.cloudsearch.cf sshd[2200]: Invalid user ida from 120.92.42.123 port 24646 2020-04-11T17:36:52.254338abusebot-4.cloudsearch.cf sshd[2200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 2020-04-11T17:36:52.247683abusebot-4.cloudsearch.cf sshd[2200]: Invalid user ida from 120.92.42.123 port 24646 2020-04-11T17:36:54.329316abusebot-4.cloudsearch.cf sshd[2200]: Failed password for invalid user ida from 120.92.42.123 port 24646 ssh2 2020-04-11T17:39:35.807197abusebot-4.cloudsearch.cf sshd[2347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root 2020-04-11T17:39:37.590893abusebot-4.cloudsearch.cf sshd[2347]: Failed password for root from 120.92.42.123 port 55722 ssh2 2020-04-11T17:42:10.401402abusebot-4.cloudsearch.cf sshd[2530]: Invalid user mysql from 120.92.42.123 port 22296 ...	2020-04-12 02:29:33
120.92.42.123	attackspambots	DATE:2020-04-11 10:22:20, IP:120.92.42.123, PORT:ssh SSH brute force auth (docker-dc)	2020-04-11 17:27:53
120.92.42.123	attackbotsspam	Apr 6 04:29:31 itv-usvr-01 sshd[29215]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root Apr 6 04:29:33 itv-usvr-01 sshd[29215]: Failed password for root from 120.92.42.123 port 13250 ssh2 Apr 6 04:32:52 itv-usvr-01 sshd[29382]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root Apr 6 04:32:54 itv-usvr-01 sshd[29382]: Failed password for root from 120.92.42.123 port 3106 ssh2 Apr 6 04:36:19 itv-usvr-01 sshd[29550]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 user=root Apr 6 04:36:22 itv-usvr-01 sshd[29550]: Failed password for root from 120.92.42.123 port 57476 ssh2	2020-04-06 08:47:58
120.92.42.123	attack	Mar 18 17:13:03 hosting180 sshd[17489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 Mar 18 17:13:03 hosting180 sshd[17489]: Invalid user weixin from 120.92.42.123 port 60708 Mar 18 17:13:05 hosting180 sshd[17489]: Failed password for invalid user weixin from 120.92.42.123 port 60708 ssh2 ...	2020-03-19 13:11:49
120.92.42.123	attackbots	Mar 7 22:13:41 124388 sshd[14587]: Failed password for root from 120.92.42.123 port 23512 ssh2 Mar 7 22:18:27 124388 sshd[14733]: Invalid user pi from 120.92.42.123 port 20950 Mar 7 22:18:27 124388 sshd[14733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.42.123 Mar 7 22:18:27 124388 sshd[14733]: Invalid user pi from 120.92.42.123 port 20950 Mar 7 22:18:28 124388 sshd[14733]: Failed password for invalid user pi from 120.92.42.123 port 20950 ssh2	2020-03-08 06:26:23

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 120.92.42.229
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23634
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;120.92.42.229.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019042901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 30 12:09:22 +08 2019
;; MSG SIZE  rcvd: 117

Host info

Host 229.42.92.120.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 229.42.92.120.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.254.146.167	attack	Jul 20 06:16:54 server01 sshd\[28139\]: Invalid user prios from 182.254.146.167 Jul 20 06:16:54 server01 sshd\[28139\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.254.146.167 Jul 20 06:16:56 server01 sshd\[28139\]: Failed password for invalid user prios from 182.254.146.167 port 34690 ssh2 ...	2019-07-20 11:39:48
159.65.141.6	attackbotsspam	159.65.141.6 - - [20/Jul/2019:03:35:08 +0200] "POST [munged]wp-login.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 0.000	2019-07-20 11:42:53
120.24.44.35	attackbotsspam	DATE:2019-07-20 03:35:19, IP:120.24.44.35, PORT:ssh brute force auth on SSH service (patata)	2019-07-20 11:38:19
185.222.211.246	attackbots	Jul 20 04:59:54 relay postfix/smtpd\[3956\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.246\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\ Jul 20 04:59:54 relay postfix/smtpd\[3956\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.246\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\ Jul 20 04:59:54 relay postfix/smtpd\[3956\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.246\]: 554 5.7.1 \: Relay access denied\; from=\ to=\ proto=ESMTP helo=\ Jul 20 04:59:54 relay postfix/smtpd\[3956\]: NOQUEUE: reject: RCPT from unknown\[185.222.211.246\]: 554 5.7.1 \: Relay access denied\; from=\	2019-07-20 11:49:40
103.81.63.18	attack	445/tcp 445/tcp 445/tcp... [2019-06-22/07-20]15pkt,1pt.(tcp)	2019-07-20 12:22:44
185.222.211.3	attack	SASL Brute Force	2019-07-20 11:55:40
37.59.104.76	attackbotsspam	Jul 20 05:46:58 v22018076622670303 sshd\[6669\]: Invalid user oliver from 37.59.104.76 port 37074 Jul 20 05:46:58 v22018076622670303 sshd\[6669\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.59.104.76 Jul 20 05:47:00 v22018076622670303 sshd\[6669\]: Failed password for invalid user oliver from 37.59.104.76 port 37074 ssh2 ...	2019-07-20 12:24:36
117.50.17.253	attackspam	Jul 20 08:38:28 areeb-Workstation sshd\[18845\]: Invalid user gu from 117.50.17.253 Jul 20 08:38:28 areeb-Workstation sshd\[18845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.17.253 Jul 20 08:38:30 areeb-Workstation sshd\[18845\]: Failed password for invalid user gu from 117.50.17.253 port 24694 ssh2 ...	2019-07-20 11:25:44
103.252.33.46	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-20 12:18:17
60.248.130.106	attackspambots	Unauthorised access (Jul 20) SRC=60.248.130.106 LEN=40 PREC=0x20 TTL=243 ID=23846 TCP DPT=445 WINDOW=1024 SYN	2019-07-20 11:23:47
94.191.29.221	attack	Feb 2 10:28:17 vtv3 sshd\[31140\]: Invalid user Administrator from 94.191.29.221 port 53506 Feb 2 10:28:17 vtv3 sshd\[31140\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.29.221 Feb 2 10:28:20 vtv3 sshd\[31140\]: Failed password for invalid user Administrator from 94.191.29.221 port 53506 ssh2 Feb 2 10:34:14 vtv3 sshd\[32630\]: Invalid user zabbix from 94.191.29.221 port 57002 Feb 2 10:34:14 vtv3 sshd\[32630\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.29.221 Feb 20 03:58:21 vtv3 sshd\[6492\]: Invalid user cms from 94.191.29.221 port 33302 Feb 20 03:58:21 vtv3 sshd\[6492\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.191.29.221 Feb 20 03:58:23 vtv3 sshd\[6492\]: Failed password for invalid user cms from 94.191.29.221 port 33302 ssh2 Feb 20 04:05:36 vtv3 sshd\[8983\]: Invalid user ttt from 94.191.29.221 port 51742 Feb 20 04:05:36 vtv3 sshd\[8983\]:	2019-07-20 11:22:32
159.89.31.136	attackbots	MagicSpam Rule: block_rbl_lists (spam.spamrats.com); Spammer IP: 159.89.31.136	2019-07-20 12:00:25
206.189.208.157	attack	MagicSpam Rule: block_rbl_lists (b.barracudacentral.org); Spammer IP: 206.189.208.157	2019-07-20 11:47:36
186.202.136.245	attackspambots	www.geburtshaus-fulda.de 186.202.136.245 \[20/Jul/2019:04:25:53 +0200\] "POST /wp-login.php HTTP/1.1" 200 5786 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 186.202.136.245 \[20/Jul/2019:04:25:55 +0200\] "POST /wp-login.php HTTP/1.1" 200 5790 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-07-20 11:32:04
77.35.3.74	attack	1,00-03/03 [bc02/m11] concatform PostRequest-Spammer scoring: Durban01	2019-07-20 11:37:08

Recently Reported IPs

67.215.99.42	69.120.199.164	120.92.19.174	105.22.135.37
67.217.151.100	182.106.60.105	120.92.159.112	52.199.135.118
67.78.121.34	120.92.141.204	50.199.236.17	67.78.162.194
130.86.83.140	202.138.241.31	81.23.187.22	120.89.72.59
91.9.173.42	103.206.230.2	222.239.8.247	68.174.15.223