City: unknown
Region: unknown
Country: China
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 121.48.164.46 | attackbotsspam | srv02 SSH BruteForce Attacks 22 .. |
2020-08-31 20:55:40 |
| 121.48.164.46 | attackbots | Invalid user admin from 121.48.164.46 port 49704 |
2020-08-27 13:09:25 |
| 121.48.164.46 | attack | prod6 ... |
2020-08-26 22:51:27 |
| 121.48.164.31 | attackbotsspam | Invalid user marianela from 121.48.164.31 port 47902 |
2020-08-26 17:05:53 |
| 121.48.164.46 | attackbots | Lines containing failures of 121.48.164.46 Aug 21 10:11:27 smtp-out sshd[13196]: Did not receive identification string from 121.48.164.46 port 54078 Aug 21 10:11:45 smtp-out sshd[13223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.164.46 user=r.r Aug 21 10:11:46 smtp-out sshd[13223]: Failed password for r.r from 121.48.164.46 port 47352 ssh2 Aug 21 10:11:47 smtp-out sshd[13223]: Received disconnect from 121.48.164.46 port 47352:11: Normal Shutdown, Thank you for playing [preauth] Aug 21 10:11:47 smtp-out sshd[13223]: Disconnected from authenticating user r.r 121.48.164.46 port 47352 [preauth] Aug 21 10:12:15 smtp-out sshd[13231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.164.46 user=r.r Aug 21 10:12:17 smtp-out sshd[13231]: Failed password for r.r from 121.48.164.46 port 33212 ssh2 Aug 21 10:12:17 smtp-out sshd[13231]: Received disconnect from 121.48.164.46 port 3321........ ------------------------------ |
2020-08-23 21:10:35 |
| 121.48.164.46 | attackspam | Lines containing failures of 121.48.164.46 Aug 21 10:11:27 smtp-out sshd[13196]: Did not receive identification string from 121.48.164.46 port 54078 Aug 21 10:11:45 smtp-out sshd[13223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.164.46 user=r.r Aug 21 10:11:46 smtp-out sshd[13223]: Failed password for r.r from 121.48.164.46 port 47352 ssh2 Aug 21 10:11:47 smtp-out sshd[13223]: Received disconnect from 121.48.164.46 port 47352:11: Normal Shutdown, Thank you for playing [preauth] Aug 21 10:11:47 smtp-out sshd[13223]: Disconnected from authenticating user r.r 121.48.164.46 port 47352 [preauth] Aug 21 10:12:15 smtp-out sshd[13231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.164.46 user=r.r Aug 21 10:12:17 smtp-out sshd[13231]: Failed password for r.r from 121.48.164.46 port 33212 ssh2 Aug 21 10:12:17 smtp-out sshd[13231]: Received disconnect from 121.48.164.46 port 3321........ ------------------------------ |
2020-08-23 17:31:41 |
| 121.48.164.31 | attackspam | Aug 21 14:19:26 myvps sshd[19637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.164.31 Aug 21 14:19:28 myvps sshd[19637]: Failed password for invalid user vna from 121.48.164.31 port 38646 ssh2 Aug 21 14:34:09 myvps sshd[28838]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.164.31 ... |
2020-08-22 03:24:29 |
| 121.48.164.31 | attack | 20 attempts against mh-ssh on cloud |
2020-08-14 06:31:22 |
| 121.48.164.31 | attackbotsspam | Aug 11 23:55:16 web sshd[153741]: Failed password for root from 121.48.164.31 port 60966 ssh2 Aug 11 23:59:52 web sshd[153771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.48.164.31 user=root Aug 11 23:59:54 web sshd[153771]: Failed password for root from 121.48.164.31 port 34822 ssh2 ... |
2020-08-12 06:55:12 |
| 121.48.164.31 | attackbotsspam | Aug 8 10:48:16 melroy-server sshd[8315]: Failed password for root from 121.48.164.31 port 49078 ssh2 ... |
2020-08-08 19:23:51 |
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '121.48.0.0 - 121.49.255.255'
% Abuse contact for '121.48.0.0 - 121.49.255.255' is 'abuse@cernet.edu.cn'
inetnum: 121.48.0.0 - 121.49.255.255
netname: CDR-CERNET
descr: China Education and Research Network
descr: Chengdu Regional Network
country: CN
admin-c: CER-AP
tech-c: CER-AP
abuse-c: AC1685-AP
status: ALLOCATED PORTABLE
remarks: origin AS4538
remarks: confederation
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-lower: MAINT-CERNET-AP
mnt-routes: MAINT-CERNET-AP
mnt-irt: IRT-CERNET-AP
last-modified: 2020-09-03T09:16:00Z
source: APNIC
irt: IRT-CERNET-AP
address: Network Research Center,
address: Main Bldg, Tsinghua Univ
address: Beijing 100084, China
phone: +86-10-62784301
fax-no: +86-10-62785933
e-mail: abuse@cernet.edu.cn
abuse-mailbox: abuse@cernet.edu.cn
admin-c: CER-AP
tech-c: CER-AP
auth: # Filtered
remarks: timezone GMT+8
remarks: http://www.ccert.edu.cn
remarks: abuse@cernet.edu.cn was validated on 2025-08-15
mnt-by: MAINT-CERNET-AP
last-modified: 2025-09-04T00:59:41Z
source: APNIC
role: ABUSE CERNETAP
country: ZZ
address: Network Research Center,
address: Main Bldg, Tsinghua Univ
address: Beijing 100084, China
phone: +86-10-62784301
e-mail: abuse@cernet.edu.cn
admin-c: CER-AP
tech-c: CER-AP
nic-hdl: AC1685-AP
remarks: Generated from irt object IRT-CERNET-AP
remarks: abuse@cernet.edu.cn was validated on 2025-08-15
abuse-mailbox: abuse@cernet.edu.cn
mnt-by: APNIC-ABUSE
last-modified: 2025-08-15T09:38:28Z
source: APNIC
role: CERNET Helpdesk
address: CERNET Center
address: Beijing 100084, China
country: CN
phone: +86-10-6278-4049
fax-no: +86-10-6278-5933
e-mail: helpdesk@cernet.edu.cn
remarks: abuse@cernet.edu.cn
admin-c: XL1-CN
tech-c: SZ2-AP
nic-hdl: CER-AP
mnt-by: MAINT-CERNET-AP
last-modified: 2020-09-03T09:14:12Z
source: APNIC
% Information related to '121.48.0.0/16AS4538'
route: 121.48.0.0/16
descr: CERNET
origin: AS4538
mnt-by: MAINT-CERNET-AP
last-modified: 2009-01-05T03:10:57Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.34 (WHOIS-AU4); <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.48.164.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19322
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;121.48.164.157. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025111000 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Nov 10 22:26:38 CST 2025
;; MSG SIZE rcvd: 107b'Host 157.164.48.121.in-addr.arpa not found: 2(SERVFAIL)
';; Got SERVFAIL reply from 183.60.83.19, trying next server
Server: 183.60.82.98
Address: 183.60.82.98#53
** server can't find 157.164.48.121.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.55.179.132 | attackbotsspam | Lines containing failures of 45.55.179.132 Apr 1 16:59:01 shared11 sshd[15019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.179.132 user=r.r Apr 1 16:59:04 shared11 sshd[15019]: Failed password for r.r from 45.55.179.132 port 51804 ssh2 Apr 1 16:59:04 shared11 sshd[15019]: Received disconnect from 45.55.179.132 port 51804:11: Bye Bye [preauth] Apr 1 16:59:04 shared11 sshd[15019]: Disconnected from authenticating user r.r 45.55.179.132 port 51804 [preauth] Apr 1 17:18:54 shared11 sshd[22607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.179.132 user=r.r Apr 1 17:18:56 shared11 sshd[22607]: Failed password for r.r from 45.55.179.132 port 15445 ssh2 Apr 1 17:18:56 shared11 sshd[22607]: Received disconnect from 45.55.179.132 port 15445:11: Bye Bye [preauth] Apr 1 17:18:56 shared11 sshd[22607]: Disconnected from authenticating user r.r 45.55.179.132 port 15445 [preauth........ ------------------------------ |
2020-04-02 04:00:57 |
| 45.136.108.85 | attackspambots | 01.04.2020 18:40:27 SSH access blocked by firewall |
2020-04-02 03:37:50 |
| 13.250.234.242 | attack | xmlrpc attack |
2020-04-02 04:08:27 |
| 94.67.211.232 | attackbotsspam | Telnet/23 MH Probe, Scan, BF, Hack - |
2020-04-02 03:48:37 |
| 111.229.215.25 | attack | 2020-04-01T17:15:51.369624v22018076590370373 sshd[26441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.215.25 2020-04-01T17:15:51.364493v22018076590370373 sshd[26441]: Invalid user alarm from 111.229.215.25 port 47756 2020-04-01T17:15:53.410910v22018076590370373 sshd[26441]: Failed password for invalid user alarm from 111.229.215.25 port 47756 ssh2 2020-04-01T17:21:13.846488v22018076590370373 sshd[31223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.215.25 user=root 2020-04-01T17:21:15.426942v22018076590370373 sshd[31223]: Failed password for root from 111.229.215.25 port 45618 ssh2 ... |
2020-04-02 03:50:16 |
| 115.159.153.180 | attack | leo_www |
2020-04-02 03:55:18 |
| 181.49.211.238 | attackspam | Apr 1 18:07:03 ewelt sshd[19702]: Invalid user go from 181.49.211.238 port 57826 Apr 1 18:07:03 ewelt sshd[19702]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.49.211.238 Apr 1 18:07:03 ewelt sshd[19702]: Invalid user go from 181.49.211.238 port 57826 Apr 1 18:07:06 ewelt sshd[19702]: Failed password for invalid user go from 181.49.211.238 port 57826 ssh2 ... |
2020-04-02 03:50:48 |
| 123.185.3.145 | attackbotsspam | 1585744103 - 04/01/2020 14:28:23 Host: 123.185.3.145/123.185.3.145 Port: 445 TCP Blocked |
2020-04-02 04:05:18 |
| 45.133.99.8 | attackbots | 2020-04-01 21:50:31 dovecot_login authenticator failed for \(\[45.133.99.8\]\) \[45.133.99.8\]: 535 Incorrect authentication data \(set_id=support@nophost.com\) 2020-04-01 21:50:40 dovecot_login authenticator failed for \(\[45.133.99.8\]\) \[45.133.99.8\]: 535 Incorrect authentication data 2020-04-01 21:50:50 dovecot_login authenticator failed for \(\[45.133.99.8\]\) \[45.133.99.8\]: 535 Incorrect authentication data 2020-04-01 21:50:58 dovecot_login authenticator failed for \(\[45.133.99.8\]\) \[45.133.99.8\]: 535 Incorrect authentication data 2020-04-01 21:51:12 dovecot_login authenticator failed for \(\[45.133.99.8\]\) \[45.133.99.8\]: 535 Incorrect authentication data |
2020-04-02 03:53:45 |
| 51.91.157.114 | attackbotsspam | Attempted connection to port 22. |
2020-04-02 03:55:41 |
| 41.210.128.37 | attackbotsspam | $f2bV_matches |
2020-04-02 03:56:11 |
| 221.163.8.108 | attack | SSH bruteforce (Triggered fail2ban) |
2020-04-02 04:00:08 |
| 51.159.35.94 | attackbots | 2020-04-01T20:48:45.520756librenms sshd[19706]: Failed password for root from 51.159.35.94 port 40064 ssh2 2020-04-01T20:54:21.839929librenms sshd[20271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.159.35.94 user=root 2020-04-01T20:54:23.990045librenms sshd[20271]: Failed password for root from 51.159.35.94 port 52160 ssh2 ... |
2020-04-02 03:44:14 |
| 49.232.86.244 | attackspambots | Apr 1 18:05:05 host sshd[60138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.232.86.244 user=root Apr 1 18:05:08 host sshd[60138]: Failed password for root from 49.232.86.244 port 51350 ssh2 ... |
2020-04-02 04:18:39 |
| 180.106.81.168 | attack | IP blocked |
2020-04-02 03:57:44 |