219.246.34.120

Basic Info

City: Lanzhou

Region: Gansu

Country: China

Internet Service Provider: Lanzhou University

Hostname: unknown

Organization: CERNET2 IX at Lanzhou University

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	/var/log/messages:Jul 10 20:12:27 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1562789547.377:2086): pid=24615 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=24616 suid=74 rport=46920 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=219.246.34.120 terminal=? res=success' /var/log/messages:Jul 10 20:12:27 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1562789547.381:2087): pid=24615 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=24616 suid=74 rport=46920 laddr=104.167.106.93 lport=22 exe="/usr/sbin/sshd" hostname=? addr=219.246.34.120 terminal=? res=success' /var/log/messages:Jul 10 20:12:28 sanyalnet-cloud-vps fail2ban.filter[5325]: INFO [sshd] Found........ -------------------------------	2019-07-12 03:05:05

Type

Details

Datetime

attackbots

/var/log/messages:Jul 10 20:12:27 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1562789547.377:2086): pid=24615 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=24616 suid=74 rport=46920 laddr=104.167.106.93 lport=22  exe="/usr/sbin/sshd" hostname=? addr=219.246.34.120 terminal=? res=success'
/var/log/messages:Jul 10 20:12:27 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1562789547.381:2087): pid=24615 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=24616 suid=74 rport=46920 laddr=104.167.106.93 lport=22  exe="/usr/sbin/sshd" hostname=? addr=219.246.34.120 terminal=? res=success'
/var/log/messages:Jul 10 20:12:28 sanyalnet-cloud-vps fail2ban.filter[5325]: INFO [sshd] Found........
-------------------------------

2019-07-12 03:05:05

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.246.34.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14445
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.246.34.120.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Jul 12 03:04:59 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 120.34.246.219.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 120.34.246.219.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
118.69.104.208	attack	Unauthorized connection attempt detected from IP address 118.69.104.208 to port 23 [J]	2020-02-01 17:53:08
186.231.101.167	attackbotsspam	Unauthorized connection attempt detected from IP address 186.231.101.167 to port 1433 [J]	2020-02-01 18:16:19
218.241.229.57	attackspam	Unauthorized connection attempt detected from IP address 218.241.229.57 to port 1433 [T]	2020-02-01 18:14:38
120.41.187.56	attackbotsspam	Unauthorized connection attempt detected from IP address 120.41.187.56 to port 8080 [J]	2020-02-01 18:23:29
47.106.170.86	attackbots	Unauthorized connection attempt detected from IP address 47.106.170.86 to port 1433 [T]	2020-02-01 18:04:50
115.94.26.74	attackspam	Honeypot attack, port: 4567, PTR: PTR record not found	2020-02-01 17:53:24
114.225.41.116	attackbots	Unauthorized connection attempt detected from IP address 114.225.41.116 to port 1433 [J]	2020-02-01 17:54:42
42.81.122.86	attack	Unauthorized connection attempt detected from IP address 42.81.122.86 to port 23 [J]	2020-02-01 18:07:23
101.108.183.214	attackbots	Unauthorized connection attempt detected from IP address 101.108.183.214 to port 445 [T]	2020-02-01 17:58:54
47.110.238.74	attack	Unauthorized connection attempt detected from IP address 47.110.238.74 to port 8080 [J]	2020-02-01 18:04:29
112.113.225.79	attackbotsspam	Unauthorized connection attempt detected from IP address 112.113.225.79 to port 8443 [T]	2020-02-01 17:56:03
120.41.187.197	attackspambots	Unauthorized connection attempt detected from IP address 120.41.187.197 to port 80 [J]	2020-02-01 18:23:01
36.39.12.228	attackbots	Unauthorized connection attempt detected from IP address 36.39.12.228 to port 23 [T]	2020-02-01 18:08:04
54.180.117.32	attackspam	Unauthorized connection attempt detected from IP address 54.180.117.32 to port 80 [T]	2020-02-01 18:03:06
144.76.225.78	attackspambots	Unauthorized connection attempt detected from IP address 144.76.225.78 to port 3389 [T]	2020-02-01 18:20:37

Recently Reported IPs

146.198.96.237	76.158.46.215	64.86.186.35	76.178.159.193
151.234.66.209	5.19.188.10	181.138.14.232	92.215.215.189
150.95.181.45	64.109.83.8	64.33.222.218	147.139.123.254
190.185.183.253	92.70.63.69	221.105.3.183	148.70.2.5
46.56.227.128	49.116.210.30	2003:dd:af1b:e46:d04:41d2:59fb:4782	103.73.160.151