124.196.11.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shenzhen Ping An Communication Technology Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Jul 22 09:37:56 nxxxxxxx sshd[7972]: Invalid user user from 124.196.11.2 Jul 22 09:37:56 nxxxxxxx sshd[7972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 Jul 22 09:37:58 nxxxxxxx sshd[7972]: Failed password for invalid user user from 124.196.11.2 port 12088 ssh2 Jul 22 09:37:59 nxxxxxxx sshd[7972]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth] Jul 22 09:42:28 nxxxxxxx sshd[8503]: Invalid user ding from 124.196.11.2 Jul 22 09:42:28 nxxxxxxx sshd[8503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 Jul 22 09:42:30 nxxxxxxx sshd[8503]: Failed password for invalid user ding from 124.196.11.2 port 39722 ssh2 Jul 22 09:42:31 nxxxxxxx sshd[8503]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth] Jul 22 09:47:06 nxxxxxxx sshd[9105]: Invalid user ubuntu from 124.196.11.2 Jul 22 09:47:06 nxxxxxxx sshd[9105]: pam_unix(sshd:auth): authenticatio........ -------------------------------	2020-07-24 03:12:44

Type

Details

Datetime

attack

Jul 22 09:37:56 nxxxxxxx sshd[7972]: Invalid user user from 124.196.11.2
Jul 22 09:37:56 nxxxxxxx sshd[7972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 
Jul 22 09:37:58 nxxxxxxx sshd[7972]: Failed password for invalid user user from 124.196.11.2 port 12088 ssh2
Jul 22 09:37:59 nxxxxxxx sshd[7972]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth]
Jul 22 09:42:28 nxxxxxxx sshd[8503]: Invalid user ding from 124.196.11.2
Jul 22 09:42:28 nxxxxxxx sshd[8503]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.2 
Jul 22 09:42:30 nxxxxxxx sshd[8503]: Failed password for invalid user ding from 124.196.11.2 port 39722 ssh2
Jul 22 09:42:31 nxxxxxxx sshd[8503]: Received disconnect from 124.196.11.2: 11: Bye Bye [preauth]
Jul 22 09:47:06 nxxxxxxx sshd[9105]: Invalid user ubuntu from 124.196.11.2
Jul 22 09:47:06 nxxxxxxx sshd[9105]: pam_unix(sshd:auth): authenticatio........
-------------------------------

2020-07-24 03:12:44

Comments on same subnet:

IP	Type	Details	Datetime
124.196.11.6	attackspam	Jul 8 13:58:17 sip sshd[23375]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6 Jul 8 13:58:19 sip sshd[23375]: Failed password for invalid user logger from 124.196.11.6 port 64477 ssh2 Jul 8 14:00:42 sip sshd[24229]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6	2020-07-11 06:51:34
124.196.11.6	attackbotsspam	2020-07-07T23:12:53.166467snf-827550 sshd[21019]: Invalid user svn from 124.196.11.6 port 30742 2020-07-07T23:12:55.086451snf-827550 sshd[21019]: Failed password for invalid user svn from 124.196.11.6 port 30742 ssh2 2020-07-07T23:14:18.155019snf-827550 sshd[21021]: Invalid user scott from 124.196.11.6 port 44388 ...	2020-07-08 05:12:23
124.196.11.6	attack	Jul 4 02:10:34 pkdns2 sshd\[40439\]: Failed password for root from 124.196.11.6 port 42552 ssh2Jul 4 02:13:07 pkdns2 sshd\[40545\]: Invalid user webhost from 124.196.11.6Jul 4 02:13:10 pkdns2 sshd\[40545\]: Failed password for invalid user webhost from 124.196.11.6 port 60798 ssh2Jul 4 02:15:26 pkdns2 sshd\[40678\]: Invalid user danny from 124.196.11.6Jul 4 02:15:28 pkdns2 sshd\[40678\]: Failed password for invalid user danny from 124.196.11.6 port 16465 ssh2Jul 4 02:17:44 pkdns2 sshd\[40768\]: Invalid user bot from 124.196.11.6 ...	2020-07-04 07:53:37
124.196.11.6	attack	Jul 1 00:01:19 mail sshd[2443]: Failed password for postgres from 124.196.11.6 port 39602 ssh2 Jul 1 00:18:02 mail sshd[11227]: Failed password for root from 124.196.11.6 port 7545 ssh2 ...	2020-07-02 06:14:06
124.196.11.6	attackbotsspam	Failed password for invalid user node from 124.196.11.6 port 28290 ssh2	2020-06-27 20:42:54
124.196.11.6	attackbots	2020-06-23T19:20:42.766024+02:00 sshd[20140]: Failed password for root from 124.196.11.6 port 32411 ssh2	2020-06-24 02:57:28
124.196.11.6	attackspam	fail2ban/Jun 23 05:46:30 h1962932 sshd[7279]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6 user=root Jun 23 05:46:32 h1962932 sshd[7279]: Failed password for root from 124.196.11.6 port 14660 ssh2 Jun 23 05:55:57 h1962932 sshd[8530]: Invalid user test from 124.196.11.6 port 59215 Jun 23 05:55:57 h1962932 sshd[8530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.196.11.6 Jun 23 05:55:57 h1962932 sshd[8530]: Invalid user test from 124.196.11.6 port 59215 Jun 23 05:55:59 h1962932 sshd[8530]: Failed password for invalid user test from 124.196.11.6 port 59215 ssh2	2020-06-23 13:58:11
124.196.11.6	attackspambots	Jun 12 07:56:26 Invalid user admin from 124.196.11.6 port 35244	2020-06-12 16:45:52

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 124.196.11.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15074
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;124.196.11.2.			IN	A

;; AUTHORITY SECTION:
.			176	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020072301 1800 900 604800 86400

;; Query time: 12 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 03:12:40 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 2.11.196.124.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.11.196.124.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
174.219.133.11	attackspambots	Brute forcing email accounts	2020-03-09 07:08:40
117.131.199.234	attackspambots	1433/tcp 1433/tcp 1433/tcp... [2020-01-22/03-08]5pkt,1pt.(tcp)	2020-03-09 07:37:07
208.167.249.67	attack	Mar 8 23:59:10 vps647732 sshd[2824]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=208.167.249.67 Mar 8 23:59:12 vps647732 sshd[2824]: Failed password for invalid user hadoop from 208.167.249.67 port 53228 ssh2 ...	2020-03-09 07:04:49
221.214.210.42	attack	1433/tcp 1433/tcp 1433/tcp... [2020-01-09/03-08]5pkt,1pt.(tcp)	2020-03-09 07:35:41
198.100.146.67	attackspam	Mar 08 17:13:04 askasleikir sshd[19875]: Failed password for invalid user bugzilla from 198.100.146.67 port 54686 ssh2	2020-03-09 07:08:12
51.68.65.174	attack	SASL PLAIN auth failed: ruser=...	2020-03-09 07:30:32
100.35.205.75	attackbots	suspicious action Sun, 08 Mar 2020 18:31:55 -0300	2020-03-09 07:29:28
111.67.207.70	attackbots	Mar 8 23:48:30 vps647732 sshd[2649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.67.207.70 Mar 8 23:48:32 vps647732 sshd[2649]: Failed password for invalid user alesiashavel from 111.67.207.70 port 43322 ssh2 ...	2020-03-09 07:12:16
66.70.130.152	attackbotsspam	Mar 9 00:11:05 pornomens sshd\[2497\]: Invalid user fujino from 66.70.130.152 port 44042 Mar 9 00:11:05 pornomens sshd\[2497\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.130.152 Mar 9 00:11:08 pornomens sshd\[2497\]: Failed password for invalid user fujino from 66.70.130.152 port 44042 ssh2 ...	2020-03-09 07:11:28
192.241.231.232	attackbotsspam	firewall-block, port(s): 4911/tcp	2020-03-09 07:24:43
35.196.8.137	attackbots	$f2bV_matches	2020-03-09 07:09:55
222.186.15.158	attackspambots	Mar 8 23:59:21 srv01 sshd[1855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root Mar 8 23:59:24 srv01 sshd[1855]: Failed password for root from 222.186.15.158 port 54345 ssh2 Mar 8 23:59:25 srv01 sshd[1855]: Failed password for root from 222.186.15.158 port 54345 ssh2 Mar 8 23:59:21 srv01 sshd[1855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root Mar 8 23:59:24 srv01 sshd[1855]: Failed password for root from 222.186.15.158 port 54345 ssh2 Mar 8 23:59:25 srv01 sshd[1855]: Failed password for root from 222.186.15.158 port 54345 ssh2 Mar 8 23:59:21 srv01 sshd[1855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.15.158 user=root Mar 8 23:59:24 srv01 sshd[1855]: Failed password for root from 222.186.15.158 port 54345 ssh2 Mar 8 23:59:25 srv01 sshd[1855]: Failed password for root from 222.186.15.158 po ...	2020-03-09 07:01:51
37.49.230.92	attackspambots	Mar 8 23:38:28 debian-2gb-nbg1-2 kernel: \[5966262.364739\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=37.49.230.92 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=58761 PROTO=TCP SPT=47099 DPT=5038 WINDOW=1024 RES=0x00 SYN URGP=0	2020-03-09 07:02:56
162.144.49.165	attackbotsspam	Automatic report - WordPress Brute Force	2020-03-09 07:09:05
45.151.254.218	attack	08.03.2020 23:35:38 Connection to port 5060 blocked by firewall	2020-03-09 07:28:41

Recently Reported IPs

37.223.6.16	34.74.165.215	190.171.133.10	155.15.1.220
156.215.130.172	219.85.43.69	157.133.76.253	115.73.214.72
113.246.213.244	159.209.56.118	104.131.7.116	61.231.83.145
180.79.211.156	199.241.100.76	80.98.80.176	190.26.99.78
195.89.107.177	174.216.140.151	47.152.59.40	36.155.147.140