202.104.122.149

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	$f2bV_matches	2019-10-21 15:32:36
attackbots	Invalid user test2 from 202.104.122.149 port 45334 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Failed password for invalid user test2 from 202.104.122.149 port 45334 ssh2 Invalid user superadmin from 202.104.122.149 port 45310 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149	2019-10-18 19:20:27
attackspam	Oct 17 08:01:48 server sshd\[16498\]: Invalid user ubnt from 202.104.122.149 Oct 17 08:01:48 server sshd\[16498\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Oct 17 08:01:50 server sshd\[16498\]: Failed password for invalid user ubnt from 202.104.122.149 port 45728 ssh2 Oct 17 08:29:36 server sshd\[25072\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 user=root Oct 17 08:29:37 server sshd\[25072\]: Failed password for root from 202.104.122.149 port 50176 ssh2 ...	2019-10-17 14:46:51
attack	Oct 6 08:02:47 xtremcommunity sshd\[239758\]: Invalid user Asdf!@\# from 202.104.122.149 port 50662 Oct 6 08:02:47 xtremcommunity sshd\[239758\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 Oct 6 08:02:49 xtremcommunity sshd\[239758\]: Failed password for invalid user Asdf!@\# from 202.104.122.149 port 50662 ssh2 Oct 6 08:07:21 xtremcommunity sshd\[240035\]: Invalid user p0o9i8u7y6t5r4e3w2q1 from 202.104.122.149 port 47576 Oct 6 08:07:21 xtremcommunity sshd\[240035\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.104.122.149 ...	2019-10-06 20:20:10

Comments on same subnet:

IP	Type	Details	Datetime
202.104.122.147	attackspam	frenzy	2020-07-06 20:16:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.104.122.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2848
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.104.122.149.		IN	A

;; AUTHORITY SECTION:
.			539	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100600 1800 900 604800 86400

;; Query time: 54 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 06 20:20:06 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 149.122.104.202.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.122.104.202.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
165.22.114.237	attackspam	2019-11-04T06:51:34.741385abusebot.cloudsearch.cf sshd\[18632\]: Invalid user 1415926 from 165.22.114.237 port 42008	2019-11-04 17:40:41
103.243.107.92	attackspam	Lines containing failures of 103.243.107.92 Nov 4 06:52:04 hwd04 sshd[1914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.243.107.92 user=r.r Nov 4 06:52:05 hwd04 sshd[1914]: Failed password for r.r from 103.243.107.92 port 37252 ssh2 Nov 4 06:52:05 hwd04 sshd[1914]: Received disconnect from 103.243.107.92 port 37252:11: Bye Bye [preauth] Nov 4 06:52:05 hwd04 sshd[1914]: Disconnected from authenticating user r.r 103.243.107.92 port 37252 [preauth] Nov 4 07:05:03 hwd04 sshd[2452]: Invalid user xy from 103.243.107.92 port 50137 Nov 4 07:05:03 hwd04 sshd[2452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.243.107.92 Nov 4 07:05:05 hwd04 sshd[2452]: Failed password for invalid user xy from 103.243.107.92 port 50137 ssh2 Nov 4 07:05:05 hwd04 sshd[2452]: Received disconnect from 103.243.107.92 port 50137:11: Bye Bye [preauth] Nov 4 07:05:05 hwd04 sshd[2452]: Disconnected fro........ ------------------------------	2019-11-04 18:11:08
69.70.65.118	attack	Nov 4 12:10:06 server sshd\[8858\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=modemcable118.65-70-69.static.videotron.ca user=root Nov 4 12:10:08 server sshd\[8858\]: Failed password for root from 69.70.65.118 port 20782 ssh2 Nov 4 12:30:57 server sshd\[14137\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=modemcable118.65-70-69.static.videotron.ca user=root Nov 4 12:30:59 server sshd\[14137\]: Failed password for root from 69.70.65.118 port 8801 ssh2 Nov 4 12:34:32 server sshd\[14745\]: Invalid user djlhc111com from 69.70.65.118 Nov 4 12:34:32 server sshd\[14745\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=modemcable118.65-70-69.static.videotron.ca ...	2019-11-04 17:57:02
180.106.83.17	attack	Nov 4 10:34:08 icinga sshd[6254]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.106.83.17 Nov 4 10:34:10 icinga sshd[6254]: Failed password for invalid user 7654321 from 180.106.83.17 port 48842 ssh2 ...	2019-11-04 18:13:21
173.212.219.135	attack	Automatic report - Banned IP Access	2019-11-04 18:14:39
51.68.136.168	attack	SSH Brute Force, server-1 sshd[3495]: Failed password for invalid user bruce from 51.68.136.168 port 43490 ssh2	2019-11-04 18:08:33
165.22.112.45	attackbotsspam	Lines containing failures of 165.22.112.45 Nov 4 01:22:11 zabbix sshd[2204]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.45 user=r.r Nov 4 01:22:13 zabbix sshd[2204]: Failed password for r.r from 165.22.112.45 port 45856 ssh2 Nov 4 01:22:13 zabbix sshd[2204]: Received disconnect from 165.22.112.45 port 45856:11: Bye Bye [preauth] Nov 4 01:22:13 zabbix sshd[2204]: Disconnected from authenticating user r.r 165.22.112.45 port 45856 [preauth] Nov 4 01:33:11 zabbix sshd[3175]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.112.45 user=r.r Nov 4 01:33:13 zabbix sshd[3175]: Failed password for r.r from 165.22.112.45 port 33954 ssh2 Nov 4 01:33:13 zabbix sshd[3175]: Received disconnect from 165.22.112.45 port 33954:11: Bye Bye [preauth] Nov 4 01:33:13 zabbix sshd[3175]: Disconnected from authenticating user r.r 165.22.112.45 port 33954 [preauth] Nov 4 01:36:31 zabbix........ ------------------------------	2019-11-04 18:10:11
85.172.13.206	attackbotsspam	pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.172.13.206 user=root Failed password for root from 85.172.13.206 port 43775 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.172.13.206 user=root Failed password for root from 85.172.13.206 port 48902 ssh2 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.172.13.206 user=root	2019-11-04 17:51:56
91.207.40.43	attack	Nov 3 23:10:20 tdfoods sshd\[18929\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.207.40.43 user=root Nov 3 23:10:21 tdfoods sshd\[18929\]: Failed password for root from 91.207.40.43 port 55598 ssh2 Nov 3 23:14:41 tdfoods sshd\[19295\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.207.40.43 user=root Nov 3 23:14:43 tdfoods sshd\[19295\]: Failed password for root from 91.207.40.43 port 37626 ssh2 Nov 3 23:19:03 tdfoods sshd\[19654\]: Invalid user test from 91.207.40.43	2019-11-04 17:42:00
54.37.159.50	attack	$f2bV_matches	2019-11-04 18:08:17
222.186.173.201	attackspambots	Oct 31 03:39:25 microserver sshd[56869]: Failed none for root from 222.186.173.201 port 10218 ssh2 Oct 31 03:39:26 microserver sshd[56869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Oct 31 03:39:28 microserver sshd[56869]: Failed password for root from 222.186.173.201 port 10218 ssh2 Oct 31 03:39:32 microserver sshd[56869]: Failed password for root from 222.186.173.201 port 10218 ssh2 Oct 31 03:39:36 microserver sshd[56869]: Failed password for root from 222.186.173.201 port 10218 ssh2 Oct 31 04:35:15 microserver sshd[64290]: Failed none for root from 222.186.173.201 port 27188 ssh2 Oct 31 04:35:17 microserver sshd[64290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.201 user=root Oct 31 04:35:19 microserver sshd[64290]: Failed password for root from 222.186.173.201 port 27188 ssh2 Oct 31 04:35:22 microserver sshd[64290]: Failed password for root from 222.186.173.201 port 27188 ssh2	2019-11-04 17:43:57
92.118.37.99	attack	Automatic report - Port Scan	2019-11-04 17:40:13
222.186.175.167	attack	Nov 4 10:53:38 legacy sshd[2597]: Failed password for root from 222.186.175.167 port 35548 ssh2 Nov 4 10:53:53 legacy sshd[2597]: error: maximum authentication attempts exceeded for root from 222.186.175.167 port 35548 ssh2 [preauth] Nov 4 10:54:04 legacy sshd[2605]: Failed password for root from 222.186.175.167 port 39154 ssh2 ...	2019-11-04 17:54:25
209.177.94.56	attackbots	Nov 4 10:48:19 localhost sshd\[29532\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.177.94.56 user=root Nov 4 10:48:21 localhost sshd\[29532\]: Failed password for root from 209.177.94.56 port 49744 ssh2 Nov 4 10:48:23 localhost sshd\[29532\]: Failed password for root from 209.177.94.56 port 49744 ssh2	2019-11-04 17:55:31
79.137.86.205	attackspam	2019-11-04T09:12:01.720252abusebot-4.cloudsearch.cf sshd\[23188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=205.ip-79-137-86.eu user=root	2019-11-04 17:51:25

Recently Reported IPs

11.202.53.20	221.0.231.187	159.65.232.153	109.251.62.46
187.73.205.82	176.61.155.104	115.55.87.29	89.46.108.209
116.196.118.104	162.243.13.195	21.185.253.29	204.48.20.229
58.87.114.103	87.2.218.73	69.119.219.232	80.88.90.86
63.223.95.185	171.88.42.250	90.24.80.95	30.25.198.165