202.119.81.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Nanjing University of Science & Technology

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 01:27:28

Comments on same subnet:

IP	Type	Details	Datetime
202.119.81.138	attackbots	Jun 1 18:01:18 ws25vmsma01 sshd[219863]: Failed password for root from 202.119.81.138 port 55539 ssh2 ...	2020-06-02 03:09:25
202.119.81.138	attackspam	SSH Brute-Force reported by Fail2Ban	2020-05-22 18:31:12
202.119.81.229	attackspambots	May 6 23:25:27 server sshd[35478]: Failed password for invalid user yosa from 202.119.81.229 port 48640 ssh2 May 6 23:26:05 server sshd[35976]: Failed password for invalid user alexis from 202.119.81.229 port 52586 ssh2 May 6 23:26:24 server sshd[36198]: Failed password for invalid user m from 202.119.81.229 port 54350 ssh2	2020-05-07 07:02:36
202.119.81.138	attackspam	May 6 05:02:44 mockhub sshd[27436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.81.138 May 6 05:02:45 mockhub sshd[27436]: Failed password for invalid user tm from 202.119.81.138 port 44665 ssh2 ...	2020-05-06 20:04:28
202.119.81.138	attack	May 4 17:23:55 NPSTNNYC01T sshd[8543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.81.138 May 4 17:23:56 NPSTNNYC01T sshd[8543]: Failed password for invalid user user1 from 202.119.81.138 port 34654 ssh2 May 4 17:26:28 NPSTNNYC01T sshd[8716]: Failed password for root from 202.119.81.138 port 50626 ssh2 ...	2020-05-05 05:44:34
202.119.81.138	attack	May 2 03:53:33 hgb10502 sshd[18699]: Invalid user dbuser from 202.119.81.138 port 36967 May 2 03:53:34 hgb10502 sshd[18699]: Failed password for invalid user dbuser from 202.119.81.138 port 36967 ssh2 May 2 03:53:34 hgb10502 sshd[18699]: Received disconnect from 202.119.81.138 port 36967:11: Bye Bye [preauth] May 2 03:53:34 hgb10502 sshd[18699]: Disconnected from 202.119.81.138 port 36967 [preauth] May 2 04:12:14 hgb10502 sshd[20625]: Invalid user ddd from 202.119.81.138 port 43293 May 2 04:12:16 hgb10502 sshd[20625]: Failed password for invalid user ddd from 202.119.81.138 port 43293 ssh2 May 2 04:12:16 hgb10502 sshd[20625]: Received disconnect from 202.119.81.138 port 43293:11: Bye Bye [preauth] May 2 04:12:16 hgb10502 sshd[20625]: Disconnected from 202.119.81.138 port 43293 [preauth] May 2 04:16:16 hgb10502 sshd[20966]: Invalid user tomas from 202.119.81.138 port 36028 May 2 04:16:19 hgb10502 sshd[20966]: Failed password for invalid user tomas from 202.119......... -------------------------------	2020-05-03 15:42:47
202.119.81.229	attackspambots	(sshd) Failed SSH login from 202.119.81.229 (CN/China/-): 5 in the last 3600 secs	2020-04-19 05:59:25
202.119.81.229	attackbotsspam	Mar 23 04:57:34 pornomens sshd\[15746\]: Invalid user babyboy from 202.119.81.229 port 47438 Mar 23 04:57:34 pornomens sshd\[15746\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.81.229 Mar 23 04:57:37 pornomens sshd\[15746\]: Failed password for invalid user babyboy from 202.119.81.229 port 47438 ssh2 ...	2020-03-23 13:33:59
202.119.81.229	attackbotsspam	Jan 27 06:08:26 pi sshd[3970]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.81.229 Jan 27 06:08:27 pi sshd[3970]: Failed password for invalid user lc from 202.119.81.229 port 43138 ssh2	2020-03-20 03:16:33
202.119.81.229	attack	Unauthorized connection attempt detected from IP address 202.119.81.229 to port 2220 [J]	2020-01-29 06:58:29
202.119.81.229	attackspambots	Unauthorized connection attempt detected from IP address 202.119.81.229 to port 2220 [J]	2020-01-19 18:07:00
202.119.81.229	attackbotsspam	$f2bV_matches	2020-01-14 07:02:27
202.119.81.229	attackspambots	Jan 3 14:18:56 firewall sshd[25352]: Invalid user carter from 202.119.81.229 Jan 3 14:18:58 firewall sshd[25352]: Failed password for invalid user carter from 202.119.81.229 port 58298 ssh2 Jan 3 14:21:28 firewall sshd[25402]: Invalid user xbf from 202.119.81.229 ...	2020-01-04 01:33:08
202.119.81.229	attackspambots	ssh failed login	2019-12-21 05:29:57
202.119.81.229	attackspam	Dec 18 21:00:11 nextcloud sshd\[4849\]: Invalid user boiko from 202.119.81.229 Dec 18 21:00:11 nextcloud sshd\[4849\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.119.81.229 Dec 18 21:00:13 nextcloud sshd\[4849\]: Failed password for invalid user boiko from 202.119.81.229 port 39524 ssh2 ...	2019-12-19 04:42:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 202.119.81.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64907
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;202.119.81.2.			IN	A

;; AUTHORITY SECTION:
.			479	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 01:27:23 CST 2020
;; MSG SIZE  rcvd: 116

Host info

Host 2.81.119.202.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 2.81.119.202.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.74.137.212	attackspambots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-25 13:43:05
117.27.154.20	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-25 13:28:41
116.62.95.204	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-25 13:41:47
5.135.185.27	attackbots	$f2bV_matches	2019-10-25 13:25:45
14.166.75.11	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 25-10-2019 04:55:17.	2019-10-25 13:50:45
182.84.124.8	attackspam	Automatic report - Banned IP Access	2019-10-25 13:06:27
81.106.220.20	attack	Oct 25 00:51:58 firewall sshd[24449]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.106.220.20 user=root Oct 25 00:52:00 firewall sshd[24449]: Failed password for root from 81.106.220.20 port 43273 ssh2 Oct 25 00:56:01 firewall sshd[24539]: Invalid user ubnt from 81.106.220.20 ...	2019-10-25 13:03:35
14.235.152.59	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 25-10-2019 04:55:18.	2019-10-25 13:48:48
14.244.2.88	attack	Attempt to attack host OS, exploiting network vulnerabilities, on 25-10-2019 04:55:18.	2019-10-25 13:47:51
92.118.161.25	attack	8333/tcp 593/tcp 3389/tcp... [2019-08-27/10-25]68pkt,43pt.(tcp),6pt.(udp)	2019-10-25 13:07:45
131.221.34.226	attackbots	Invalid user teamspeak from 131.221.34.226 port 44664	2019-10-25 13:27:17
172.68.38.60	attackbots	10/25/2019-05:55:46.919723 172.68.38.60 Protocol: 6 SURICATA TLS invalid record/traffic	2019-10-25 13:15:04
152.32.99.21	attackbots	445/tcp 445/tcp 445/tcp [2019-09-07/10-25]3pkt	2019-10-25 13:47:27
116.7.74.145	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 25-10-2019 04:55:15.	2019-10-25 13:53:52
88.255.251.93	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 25-10-2019 04:55:21.	2019-10-25 13:43:34

Recently Reported IPs

196.123.77.151	197.5.145.2	196.52.43.5	195.9.217.4
195.181.94.1	175.15.247.250	177.73.224.173	208.105.24.66
222.168.195.162	194.228.151.5	5.11.38.49	157.14.117.240
122.237.24.54	179.163.79.125	40.42.47.129	214.21.181.92
194.180.224.2	93.140.9.131	89.57.27.191	195.88.51.253