122.51.21.93 - IPInfo

基本信息:

城市(city): Beijing

省份(region): Beijing

国家(country): China

运营商(isp): Guangzhou Haizhiguang Communication Technology Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Exploited Host.	2020-07-26 06:17:52
attackbots	(sshd) Failed SSH login from 122.51.21.93 (CN/China/-): 5 in the last 3600 secs	2020-04-05 04:29:59
attackspam	2020-04-03T08:31:48.747056struts4.enskede.local sshd\[7343\]: Invalid user qo from 122.51.21.93 port 35624 2020-04-03T08:31:48.756174struts4.enskede.local sshd\[7343\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 2020-04-03T08:31:52.100651struts4.enskede.local sshd\[7343\]: Failed password for invalid user qo from 122.51.21.93 port 35624 ssh2 2020-04-03T08:37:04.430673struts4.enskede.local sshd\[7450\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 user=root 2020-04-03T08:37:07.346208struts4.enskede.local sshd\[7450\]: Failed password for root from 122.51.21.93 port 33190 ssh2 ...	2020-04-03 16:58:24
attackspam	$f2bV_matches	2020-03-26 19:31:48
attackbotsspam	Mar 25 19:54:45 work-partkepr sshd\[23211\]: Invalid user pf from 122.51.21.93 port 35086 Mar 25 19:54:45 work-partkepr sshd\[23211\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 ...	2020-03-26 04:55:40
attackbots	Mar 08 01:43:04 askasleikir sshd[109854]: Failed password for root from 122.51.21.93 port 49194 ssh2 Mar 08 01:40:18 askasleikir sshd[109752]: Failed password for root from 122.51.21.93 port 48376 ssh2 Mar 08 01:35:35 askasleikir sshd[109554]: Failed password for root from 122.51.21.93 port 60660 ssh2	2020-03-08 18:07:00
attackspam	2020-03-04T12:19:02.449115 sshd[2244]: Invalid user edward from 122.51.21.93 port 50518 2020-03-04T12:19:02.463296 sshd[2244]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 2020-03-04T12:19:02.449115 sshd[2244]: Invalid user edward from 122.51.21.93 port 50518 2020-03-04T12:19:04.833085 sshd[2244]: Failed password for invalid user edward from 122.51.21.93 port 50518 ssh2 ...	2020-03-04 19:36:41
attack	Mar 2 21:00:20 nextcloud sshd\[10747\]: Invalid user cpaneleximscanner from 122.51.21.93 Mar 2 21:00:20 nextcloud sshd\[10747\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 Mar 2 21:00:22 nextcloud sshd\[10747\]: Failed password for invalid user cpaneleximscanner from 122.51.21.93 port 52154 ssh2	2020-03-03 04:50:21
attack	2020-02-12T00:44:37.7371511495-001 sshd[39872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 user=operator 2020-02-12T00:44:39.6794481495-001 sshd[39872]: Failed password for operator from 122.51.21.93 port 45890 ssh2 2020-02-12T00:47:17.3402381495-001 sshd[39986]: Invalid user rt from 122.51.21.93 port 34050 2020-02-12T00:47:17.3435551495-001 sshd[39986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 2020-02-12T00:47:17.3402381495-001 sshd[39986]: Invalid user rt from 122.51.21.93 port 34050 2020-02-12T00:47:18.9145751495-001 sshd[39986]: Failed password for invalid user rt from 122.51.21.93 port 34050 ssh2 2020-02-12T00:49:57.1981161495-001 sshd[40184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 user=root 2020-02-12T00:49:59.0699391495-001 sshd[40184]: Failed password for root from 122.51.21.93 port 50446 ssh2 2020- ...	2020-02-12 15:24:23
attackspambots	Feb 6 21:23:44 legacy sshd[15231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 Feb 6 21:23:47 legacy sshd[15231]: Failed password for invalid user uiu from 122.51.21.93 port 59814 ssh2 Feb 6 21:31:24 legacy sshd[15768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.21.93 ...	2020-02-07 04:33:56

相同子网IP讨论:

IP	类型	评论内容	时间
122.51.213.238	attackspambots	(sshd) Failed SSH login from 122.51.213.238 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 13 18:16:03 server sshd[25565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.213.238 user=root Oct 13 18:16:04 server sshd[25565]: Failed password for root from 122.51.213.238 port 58878 ssh2 Oct 13 18:31:07 server sshd[29277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.213.238 user=root Oct 13 18:31:08 server sshd[29277]: Failed password for root from 122.51.213.238 port 38664 ssh2 Oct 13 18:35:31 server sshd[30383]: Invalid user ino from 122.51.213.238 port 55814	2020-10-14 07:38:32
122.51.213.238	attackspambots	fail2ban: brute force SSH detected	2020-10-02 02:32:21
122.51.213.238	attackbotsspam	Oct 1 07:04:03 inter-technics sshd[19027]: Invalid user soft from 122.51.213.238 port 47332 Oct 1 07:04:03 inter-technics sshd[19027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.213.238 Oct 1 07:04:03 inter-technics sshd[19027]: Invalid user soft from 122.51.213.238 port 47332 Oct 1 07:04:05 inter-technics sshd[19027]: Failed password for invalid user soft from 122.51.213.238 port 47332 ssh2 Oct 1 07:07:41 inter-technics sshd[19322]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.213.238 user=root Oct 1 07:07:43 inter-technics sshd[19322]: Failed password for root from 122.51.213.238 port 56182 ssh2 ...	2020-10-01 18:41:25
122.51.214.44	attackbots	Sep 30 21:28:34 IngegnereFirenze sshd[9503]: Failed password for invalid user george from 122.51.214.44 port 36874 ssh2 ...	2020-10-01 08:16:50
122.51.214.44	attackbots	Sep 30 15:30:50 scw-gallant-ride sshd[2657]: Failed password for root from 122.51.214.44 port 53884 ssh2	2020-10-01 00:48:28
122.51.214.44	attack	Sep 28 00:40:15 minden010 sshd[9263]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.214.44 Sep 28 00:40:17 minden010 sshd[9263]: Failed password for invalid user test2 from 122.51.214.44 port 37758 ssh2 Sep 28 00:45:47 minden010 sshd[11154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.214.44 ...	2020-09-28 07:45:39
122.51.214.44	attackbotsspam	Sep 27 15:25:51 sigma sshd\[9409\]: Invalid user rajat from 122.51.214.44Sep 27 15:25:53 sigma sshd\[9409\]: Failed password for invalid user rajat from 122.51.214.44 port 46672 ssh2 ...	2020-09-28 00:19:21
122.51.218.122	attackspam	Sep 23 02:06:53 r.ca sshd[14063]: Failed password for root from 122.51.218.122 port 41826 ssh2	2020-09-23 22:21:40
122.51.218.122	attack	Sep 23 02:06:53 r.ca sshd[14063]: Failed password for root from 122.51.218.122 port 41826 ssh2	2020-09-23 14:40:15
122.51.218.122	attackspambots	SSH Brute-Forcing (server2)	2020-09-23 06:30:56
122.51.211.131	attack	2020-09-16 11:18:50 server sshd[75984]: Failed password for invalid user a1b2 from 122.51.211.131 port 47370 ssh2	2020-09-19 03:16:58
122.51.211.249	attack	DATE:2020-09-18 18:19:31, IP:122.51.211.249, PORT:ssh SSH brute force auth (docker-dc)	2020-09-19 02:55:08
122.51.211.131	attackbots	2020-09-17 UTC: (30x) - D,app-ohras,brayden,cal,dates,gitlab-prometheus,gunnar,helpdesk,hfbx,lp,packer,printul,root(18x)	2020-09-18 19:18:19
122.51.211.249	attack	Sep 18 05:24:47 gw1 sshd[19647]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.211.249 Sep 18 05:24:49 gw1 sshd[19647]: Failed password for invalid user qhsupport from 122.51.211.249 port 52982 ssh2 ...	2020-09-18 18:57:50
122.51.218.122	attackspam	Sep 16 11:59:09 raspberrypi sshd[2633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.218.122 user=root Sep 16 11:59:11 raspberrypi sshd[2633]: Failed password for invalid user root from 122.51.218.122 port 59276 ssh2 ...	2020-09-16 23:50:43

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.51.21.93
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7040
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.51.21.93.			IN	A

;; AUTHORITY SECTION:
.			581	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020401 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 05 04:04:39 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 93.21.51.122.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 93.21.51.122.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
46.41.140.71	attack	Sep 15 04:00:22 rush sshd[25450]: Failed password for root from 46.41.140.71 port 37432 ssh2 Sep 15 04:04:18 rush sshd[25615]: Failed password for root from 46.41.140.71 port 59778 ssh2 ...	2020-09-15 18:24:07
58.250.0.73	attackspam	failed root login	2020-09-15 18:37:59
104.248.130.10	attackspambots	Fail2Ban Ban Triggered (2)	2020-09-15 18:15:42
217.148.212.142	attack	Sep 15 10:28:36 email sshd\[1400\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.148.212.142 user=root Sep 15 10:28:38 email sshd\[1400\]: Failed password for root from 217.148.212.142 port 33114 ssh2 Sep 15 10:33:29 email sshd\[2313\]: Invalid user brazil from 217.148.212.142 Sep 15 10:33:29 email sshd\[2313\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.148.212.142 Sep 15 10:33:31 email sshd\[2313\]: Failed password for invalid user brazil from 217.148.212.142 port 44916 ssh2 ...	2020-09-15 18:40:24
185.120.28.19	attackspam	2020-09-14 UTC: (2x) - ,root	2020-09-15 18:15:17
27.254.95.199	attackbots	Sep 15 11:16:03 nextcloud sshd\[25145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.95.199 user=nagios Sep 15 11:16:06 nextcloud sshd\[25145\]: Failed password for nagios from 27.254.95.199 port 39383 ssh2 Sep 15 11:20:56 nextcloud sshd\[31406\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.95.199 user=root	2020-09-15 18:14:29
154.180.78.59	attack	200x100MB request	2020-09-15 18:23:38
45.129.33.154	attackbotsspam	"Persistent port scanning"	2020-09-15 18:24:40
212.119.190.162	attackbots	(sshd) Failed SSH login from 212.119.190.162 (RU/Russia/smtp.swedmobil.ru): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 15 05:53:00 optimus sshd[30417]: Invalid user wordpress from 212.119.190.162 Sep 15 05:53:01 optimus sshd[30417]: Failed password for invalid user wordpress from 212.119.190.162 port 65270 ssh2 Sep 15 05:53:56 optimus sshd[30820]: Invalid user wordpress from 212.119.190.162 Sep 15 05:53:58 optimus sshd[30820]: Failed password for invalid user wordpress from 212.119.190.162 port 60866 ssh2 Sep 15 05:57:54 optimus sshd[32203]: Failed password for root from 212.119.190.162 port 62949 ssh2	2020-09-15 18:43:22
188.214.12.220	attackbots	trying to access non-authorized port	2020-09-15 18:28:13
103.145.13.205	attackspambots	[2020-09-15 04:49:42] NOTICE[1239][C-00003f21] chan_sip.c: Call from '' (103.145.13.205:5071) to extension '9011972594801698' rejected because extension not found in context 'public'. [2020-09-15 04:49:42] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-15T04:49:42.774-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011972594801698",SessionID="0x7f4d480d6c18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.13.205/5071",ACLName="no_extension_match" [2020-09-15 04:57:36] NOTICE[1239][C-00003f30] chan_sip.c: Call from '' (103.145.13.205:5070) to extension '+972594801698' rejected because extension not found in context 'public'. [2020-09-15 04:57:36] SECURITY[1264] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-09-15T04:57:36.372-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+972594801698",SessionID="0x7f4d481972d8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/10 ...	2020-09-15 18:13:23
112.85.42.173	attack	Sep 15 12:25:50 server sshd[62549]: Failed none for root from 112.85.42.173 port 26267 ssh2 Sep 15 12:25:53 server sshd[62549]: Failed password for root from 112.85.42.173 port 26267 ssh2 Sep 15 12:25:56 server sshd[62549]: Failed password for root from 112.85.42.173 port 26267 ssh2	2020-09-15 18:27:38
128.199.107.111	attackspam	Invalid user kabincha from 128.199.107.111 port 51830	2020-09-15 18:06:32
49.255.93.10	attackbotsspam	$f2bV_matches	2020-09-15 18:38:28
179.106.144.3	attackbots	Unauthorized connection attempt from IP address 179.106.144.3 on Port 445(SMB)	2020-09-15 18:30:43

最近上报的IP列表

85.234.206.51	126.75.18.255	85.137.137.236	172.199.156.93
151.16.52.6	108.20.46.37	207.200.137.82	39.247.249.116
149.157.12.174	82.207.207.105	129.63.195.233	172.69.70.131
182.84.167.2	70.59.244.110	95.6.87.197	96.70.139.30
149.236.104.83	42.87.3.144	200.96.87.56	132.157.66.66