124.196.11.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shenzhen Ping An Communication Technology Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 22 09:37:56 nxxxxxxx sshd[7972]: Invalid user user from 124.196.11.2 Jul 22 09:37:56 nxxxxxxx sshd[7972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 Jul 22 09:37:58 nxxxxxxx sshd[7972]: Failed password for invalid user user from 124.196.11.2 port 12088 ssh2 Jul 22 09:37:59 nxxxxxxx sshd[7972]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth] Jul 22 09:42:28 nxxxxxxx sshd[8503]: Invalid user ding from 124.196.11.2 Jul 22 09:42:28 nxxxxxxx sshd[8503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 Jul 22 09:42:30 nxxxxxxx sshd[8503]: Failed password for invalid user ding from 124.196.11.2 port 39722 ssh2 Jul 22 09:42:31 nxxxxxxx sshd[8503]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth] Jul 22 09:47:06 nxxxxxxx sshd[9105]: Invalid user ubuntu from 124.196.11.2 Jul 22 09:47:06 nxxxxxxx sshd[9105]: pam_unix(sshd:auth): authenticatio........ -------------------------------	2020-07-24 03:12:44

Type

Details

Datetime

attack

Jul 22 09:37:56 nxxxxxxx sshd[7972]: Invalid user user from 124.196.11.2
Jul 22 09:37:56 nxxxxxxx sshd[7972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 
Jul 22 09:37:58 nxxxxxxx sshd[7972]: Failed password for invalid user user from 124.196.11.2 port 12088 ssh2
Jul 22 09:37:59 nxxxxxxx sshd[7972]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth]
Jul 22 09:42:28 nxxxxxxx sshd[8503]: Invalid user ding from 124.196.11.2
Jul 22 09:42:28 nxxxxxxx sshd[8503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 
Jul 22 09:42:30 nxxxxxxx sshd[8503]: Failed password for invalid user ding from 124.196.11.2 port 39722 ssh2
Jul 22 09:42:31 nxxxxxxx sshd[8503]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth]
Jul 22 09:47:06 nxxxxxxx sshd[9105]: Invalid user ubuntu from 124.196.11.2
Jul 22 09:47:06 nxxxxxxx sshd[9105]: pam_unix(sshd:auth): authenticatio........
-------------------------------

2020-07-24 03:12:44

Comments on same subnet:

IP	Type	Details	Datetime
124.196.11.6	attackspam	Jul 8 13:58:17 sip sshd[23375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6 Jul 8 13:58:19 sip sshd[23375]: Failed password for invalid user logger from 124.196.11.6 port 64477 ssh2 Jul 8 14:00:42 sip sshd[24229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6	2020-07-11 06:51:34
124.196.11.6	attackbotsspam	2020-07-07T23:12:53.166467snf-827550 sshd[21019]: Invalid user svn from 124.196.11.6 port 30742 2020-07-07T23:12:55.086451snf-827550 sshd[21019]: Failed password for invalid user svn from 124.196.11.6 port 30742 ssh2 2020-07-07T23:14:18.155019snf-827550 sshd[21021]: Invalid user scott from 124.196.11.6 port 44388 ...	2020-07-08 05:12:23
124.196.11.6	attack	Jul 4 02:10:34 pkdns2 sshd\[40439\]: Failed password for root from 124.196.11.6 port 42552 ssh2Jul 4 02:13:07 pkdns2 sshd\[40545\]: Invalid user webhost from 124.196.11.6Jul 4 02:13:10 pkdns2 sshd\[40545\]: Failed password for invalid user webhost from 124.196.11.6 port 60798 ssh2Jul 4 02:15:26 pkdns2 sshd\[40678\]: Invalid user danny from 124.196.11.6Jul 4 02:15:28 pkdns2 sshd\[40678\]: Failed password for invalid user danny from 124.196.11.6 port 16465 ssh2Jul 4 02:17:44 pkdns2 sshd\[40768\]: Invalid user bot from 124.196.11.6 ...	2020-07-04 07:53:37
124.196.11.6	attack	Jul 1 00:01:19 mail sshd[2443]: Failed password for postgres from 124.196.11.6 port 39602 ssh2 Jul 1 00:18:02 mail sshd[11227]: Failed password for root from 124.196.11.6 port 7545 ssh2 ...	2020-07-02 06:14:06
124.196.11.6	attackbotsspam	Failed password for invalid user node from 124.196.11.6 port 28290 ssh2	2020-06-27 20:42:54
124.196.11.6	attackbots	2020-06-23T19:20:42.766024+02:00 sshd[20140]: Failed password for root from 124.196.11.6 port 32411 ssh2	2020-06-24 02:57:28
124.196.11.6	attackspam	fail2ban/Jun 23 05:46:30 h1962932 sshd[7279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6 user=root Jun 23 05:46:32 h1962932 sshd[7279]: Failed password for root from 124.196.11.6 port 14660 ssh2 Jun 23 05:55:57 h1962932 sshd[8530]: Invalid user test from 124.196.11.6 port 59215 Jun 23 05:55:57 h1962932 sshd[8530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6 Jun 23 05:55:57 h1962932 sshd[8530]: Invalid user test from 124.196.11.6 port 59215 Jun 23 05:55:59 h1962932 sshd[8530]: Failed password for invalid user test from 124.196.11.6 port 59215 ssh2	2020-06-23 13:58:11
124.196.11.6	attackspambots	Jun 12 07:56:26 Invalid user admin from 124.196.11.6 port 35244	2020-06-12 16:45:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.196.11.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15074
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.196.11.2.			IN	A

;; AUTHORITY SECTION:
.			176	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072301 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 03:12:40 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 2.11.196.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.11.196.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.112.154.159	attackspam	Failed password for root from 193.112.154.159 port 54894 ssh2	2020-06-09 13:23:33
112.85.42.237	attackspambots	Jun 9 01:48:20 NPSTNNYC01T sshd[29038]: Failed password for root from 112.85.42.237 port 55626 ssh2 Jun 9 01:49:17 NPSTNNYC01T sshd[29116]: Failed password for root from 112.85.42.237 port 29659 ssh2 Jun 9 01:49:19 NPSTNNYC01T sshd[29116]: Failed password for root from 112.85.42.237 port 29659 ssh2 ...	2020-06-09 14:03:37
62.197.252.82	attackbots	$f2bV_matches	2020-06-09 13:41:14
51.91.102.99	attackspam	Jun 9 05:43:34 ns382633 sshd\[17977\]: Invalid user admin from 51.91.102.99 port 41436 Jun 9 05:43:34 ns382633 sshd\[17977\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.102.99 Jun 9 05:43:36 ns382633 sshd\[17977\]: Failed password for invalid user admin from 51.91.102.99 port 41436 ssh2 Jun 9 05:55:52 ns382633 sshd\[20358\]: Invalid user enterprise from 51.91.102.99 port 53184 Jun 9 05:55:53 ns382633 sshd\[20358\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.102.99	2020-06-09 13:43:33
118.27.24.127	attackspambots	2020-06-09T03:55:43.596744server.espacesoutien.com sshd[6991]: Invalid user qj from 118.27.24.127 port 47344 2020-06-09T03:55:43.613857server.espacesoutien.com sshd[6991]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.27.24.127 2020-06-09T03:55:43.596744server.espacesoutien.com sshd[6991]: Invalid user qj from 118.27.24.127 port 47344 2020-06-09T03:55:45.943585server.espacesoutien.com sshd[6991]: Failed password for invalid user qj from 118.27.24.127 port 47344 ssh2 ...	2020-06-09 13:47:34
180.69.27.26	attackbotsspam	Failed password for invalid user cpw from 180.69.27.26 port 55988 ssh2	2020-06-09 13:59:44
84.241.7.77	attack	Jun 9 06:29:16 haigwepa sshd[32477]: Failed password for root from 84.241.7.77 port 34442 ssh2 ...	2020-06-09 13:43:06
189.101.43.170	attackbotsspam	DATE:2020-06-09 05:55:41, IP:189.101.43.170, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-09 13:47:18
41.73.213.148	attackspam	$f2bV_matches	2020-06-09 13:47:59
103.63.212.164	attackbots	Jun 9 05:51:21 [host] sshd[5896]: pam_unix(sshd:a Jun 9 05:51:23 [host] sshd[5896]: Failed password Jun 9 05:56:22 [host] sshd[6180]: Invalid user wu	2020-06-09 13:23:18
106.13.167.77	attackspam	Jun 9 06:59:20 [host] sshd[8882]: Invalid user we Jun 9 06:59:20 [host] sshd[8882]: pam_unix(sshd:a Jun 9 06:59:21 [host] sshd[8882]: Failed password	2020-06-09 13:25:19
222.186.31.83	attack	SSH Brute Force	2020-06-09 13:26:02
192.35.168.225	attackspam	Port Scan detected! ...	2020-06-09 13:40:00
79.166.24.153	attackbots	IP 79.166.24.153 attacked honeypot on port: 1433 at 6/9/2020 4:56:10 AM	2020-06-09 13:22:18
118.89.108.152	attackspambots	Jun 9 07:56:20 ift sshd\[35175\]: Invalid user wangxt from 118.89.108.152Jun 9 07:56:22 ift sshd\[35175\]: Failed password for invalid user wangxt from 118.89.108.152 port 34230 ssh2Jun 9 07:57:16 ift sshd\[35213\]: Invalid user deployer from 118.89.108.152Jun 9 07:57:18 ift sshd\[35213\]: Failed password for invalid user deployer from 118.89.108.152 port 45848 ssh2Jun 9 07:58:20 ift sshd\[35246\]: Failed password for root from 118.89.108.152 port 57472 ssh2 ...	2020-06-09 14:01:43

Recently Reported IPs

37.223.6.16	34.74.165.215	190.171.133.10	155.15.1.220
156.215.130.172	219.85.43.69	157.133.76.253	115.73.214.72
113.246.213.244	159.209.56.118	104.131.7.116	61.231.83.145
180.79.211.156	199.241.100.76	80.98.80.176	190.26.99.78
195.89.107.177	174.216.140.151	47.152.59.40	36.155.147.140