121.48.163.200

Basic Info

City: Chengdu

Region: Sichuan

Country: China

Internet Service Provider: University of Electronic Science and Technology of China

Hostname: unknown

Organization: China Education and Research Network Center

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 2 22:35:52 jane sshd\[32495\]: Invalid user profile from 121.48.163.200 port 57906 Aug 2 22:35:52 jane sshd\[32495\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.200 Aug 2 22:35:54 jane sshd\[32495\]: Failed password for invalid user profile from 121.48.163.200 port 57906 ssh2 ...	2019-08-03 04:37:37
attack	Jul 22 07:02:52 localhost sshd\[27852\]: Invalid user arthur from 121.48.163.200 port 36880 Jul 22 07:02:52 localhost sshd\[27852\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.200 ...	2019-07-22 14:04:31
attack	May 6 18:22:11 server sshd\[164412\]: Invalid user noc from 121.48.163.200 May 6 18:22:11 server sshd\[164412\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.200 May 6 18:22:13 server sshd\[164412\]: Failed password for invalid user noc from 121.48.163.200 port 60460 ssh2 ...	2019-07-17 06:42:06
attackspambots	Jul 6 02:40:12 jane sshd\[15090\]: Invalid user lucie from 121.48.163.200 port 42894 Jul 6 02:40:12 jane sshd\[15090\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.200 Jul 6 02:40:15 jane sshd\[15090\]: Failed password for invalid user lucie from 121.48.163.200 port 42894 ssh2 ...	2019-07-06 08:53:30
attack	Mar 23 06:54:31 vtv3 sshd\[5415\]: Invalid user xl from 121.48.163.200 port 50318 Mar 23 06:54:31 vtv3 sshd\[5415\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.200 Mar 23 06:54:33 vtv3 sshd\[5415\]: Failed password for invalid user xl from 121.48.163.200 port 50318 ssh2 Mar 23 07:01:08 vtv3 sshd\[8444\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.200 user=root Mar 23 07:01:10 vtv3 sshd\[8444\]: Failed password for root from 121.48.163.200 port 39624 ssh2 Jul 4 15:57:23 vtv3 sshd\[8123\]: Invalid user www-admin from 121.48.163.200 port 56238 Jul 4 15:57:23 vtv3 sshd\[8123\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.200 Jul 4 15:57:25 vtv3 sshd\[8123\]: Failed password for invalid user www-admin from 121.48.163.200 port 56238 ssh2 Jul 4 16:06:34 vtv3 sshd\[12516\]: Invalid user fog from 121.48.163.200 port 48604 Jul 4 16:06:34 vt	2019-07-05 03:52:23

Comments on same subnet:

IP	Type	Details	Datetime
121.48.163.225	attackspam	Jun 5 04:42:04 itv-usvr-01 sshd[26868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 user=root Jun 5 04:42:06 itv-usvr-01 sshd[26868]: Failed password for root from 121.48.163.225 port 41584 ssh2 Jun 5 04:46:45 itv-usvr-01 sshd[27078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 user=root Jun 5 04:46:47 itv-usvr-01 sshd[27078]: Failed password for root from 121.48.163.225 port 41284 ssh2	2020-06-05 06:52:55
121.48.163.225	attackspam	Jun 1 01:05:28 ny01 sshd[14161]: Failed password for root from 121.48.163.225 port 58986 ssh2 Jun 1 01:09:49 ny01 sshd[14688]: Failed password for root from 121.48.163.225 port 57591 ssh2	2020-06-01 17:00:52
121.48.163.225	attackbotsspam	May 31 01:57:53 vps46666688 sshd[22537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 May 31 01:57:55 vps46666688 sshd[22537]: Failed password for invalid user devil from 121.48.163.225 port 55127 ssh2 ...	2020-05-31 14:20:24
121.48.163.225	attack	May 26 18:24:08 vps639187 sshd\[19498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 user=root May 26 18:24:09 vps639187 sshd\[19498\]: Failed password for root from 121.48.163.225 port 34067 ssh2 May 26 18:27:35 vps639187 sshd\[19521\]: Invalid user gjliang from 121.48.163.225 port 55665 May 26 18:27:35 vps639187 sshd\[19521\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 ...	2020-05-27 03:56:51
121.48.163.225	attackbotsspam	May 24 14:19:20 mockhub sshd[31105]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 May 24 14:19:22 mockhub sshd[31105]: Failed password for invalid user darias from 121.48.163.225 port 46675 ssh2 ...	2020-05-25 05:42:57
121.48.163.225	attack	May 22 14:04:18 localhost sshd\[13137\]: Invalid user jo from 121.48.163.225 May 22 14:04:18 localhost sshd\[13137\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 May 22 14:04:20 localhost sshd\[13137\]: Failed password for invalid user jo from 121.48.163.225 port 51301 ssh2 May 22 14:08:57 localhost sshd\[13387\]: Invalid user madmin from 121.48.163.225 May 22 14:08:57 localhost sshd\[13387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.163.225 ...	2020-05-23 01:18:27
121.48.163.225	attackbots	prod3 ...	2020-05-09 22:55:20
121.48.163.225	attackspambots	20 attempts against mh-ssh on install-test	2020-05-03 23:16:04

Whois info:

Dig info:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.48.163.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36801
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.48.163.200.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040100 1800 900 604800 86400

;; Query time: 13 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Tue Apr 02 00:11:52 +08 2019
;; MSG SIZE  rcvd: 118

Host info

Host 200.163.48.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 200.163.48.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
114.238.5.79	attackbots	CN China - Failures: 20 ftpd	2019-11-13 01:32:54
218.211.169.103	attackspambots	"Fail2Ban detected SSH brute force attempt"	2019-11-13 01:54:57
100.27.33.191	attackbots	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/100.27.33.191/ US - 1H : (208) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : US NAME ASN : ASN14618 IP : 100.27.33.191 CIDR : 100.24.0.0/13 PREFIX COUNT : 433 UNIQUE IP COUNT : 19526400 ATTACKS DETECTED ASN14618 : 1H - 1 3H - 1 6H - 2 12H - 7 24H - 13 DateTime : 2019-11-12 15:39:01 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-11-13 01:27:13
69.70.65.118	attackspam	2019-11-12T17:11:32.219945abusebot-6.cloudsearch.cf sshd\[23322\]: Invalid user loob from 69.70.65.118 port 59367	2019-11-13 01:23:00
185.175.93.18	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-13 01:35:18
207.38.90.9	attack	Portscan or hack attempt detected by psad/fwsnort	2019-11-13 01:37:32
185.143.223.212	attackspambots	firewall-block, port(s): 35066/tcp, 35359/tcp, 35867/tcp, 35871/tcp, 35932/tcp	2019-11-13 01:55:18
36.235.215.86	attackbots	Honeypot attack, port: 23, PTR: 36-235-215-86.dynamic-ip.hinet.net.	2019-11-13 01:32:37
185.209.0.6	attackspambots	RDP Bruteforce	2019-11-13 01:57:26
222.186.30.59	attackbots	Nov 12 18:41:56 SilenceServices sshd[23187]: Failed password for root from 222.186.30.59 port 13008 ssh2 Nov 12 18:41:58 SilenceServices sshd[23187]: Failed password for root from 222.186.30.59 port 13008 ssh2 Nov 12 18:42:01 SilenceServices sshd[23187]: Failed password for root from 222.186.30.59 port 13008 ssh2	2019-11-13 01:52:01
58.76.223.206	attackspam	Nov 11 23:05:37 : SSH login attempts with invalid user	2019-11-13 01:15:24
37.49.230.19	attack	firewall-block, port(s): 5061/udp	2019-11-13 01:48:42
220.143.51.175	attack	Honeypot attack, port: 23, PTR: 220-143-51-175.dynamic-ip.hinet.net.	2019-11-13 01:54:39
218.92.0.202	attackspambots	Nov 12 15:38:36 MK-Soft-Root1 sshd[20098]: Failed password for root from 218.92.0.202 port 35573 ssh2 Nov 12 15:38:39 MK-Soft-Root1 sshd[20098]: Failed password for root from 218.92.0.202 port 35573 ssh2 ...	2019-11-13 01:43:01
163.172.209.25	attackbots	2019-11-12T17:43:17.801853abusebot-3.cloudsearch.cf sshd\[29620\]: Invalid user user from 163.172.209.25 port 35744	2019-11-13 01:53:03

Recently Reported IPs

91.231.128.58	187.1.22.66	46.152.150.216	14.198.6.164
185.153.196.151	69.65.113.139	202.57.52.214	178.128.201.124
62.140.234.199	59.120.19.72	27.72.72.88	172.217.14.196
162.243.145.44	62.110.229.5	2.183.97.9	110.46.15.135
62.101.104.138	2.95.206.58	202.141.254.102	51.77.56.2