122.51.80.104 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Guangzhou Haizhiguang Communication Technology Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH invalid-user multiple login attempts	2020-04-17 20:54:21

相同子网IP讨论:

IP	类型	评论内容	时间
122.51.80.81	attackspambots	Oct 13 15:12:52 onepixel sshd[2740060]: Failed password for invalid user gregory from 122.51.80.81 port 44814 ssh2 Oct 13 15:16:03 onepixel sshd[2740722]: Invalid user hirata from 122.51.80.81 port 50270 Oct 13 15:16:03 onepixel sshd[2740722]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.80.81 Oct 13 15:16:03 onepixel sshd[2740722]: Invalid user hirata from 122.51.80.81 port 50270 Oct 13 15:16:05 onepixel sshd[2740722]: Failed password for invalid user hirata from 122.51.80.81 port 50270 ssh2	2020-10-14 04:07:43
122.51.80.81	attackbotsspam	Oct 13 12:56:28 rancher-0 sshd[383270]: Invalid user dj from 122.51.80.81 port 56162 ...	2020-10-13 19:30:26
122.51.80.81	attackbots	Oct 4 17:45:59 scw-gallant-ride sshd[12576]: Failed password for root from 122.51.80.81 port 36924 ssh2	2020-10-05 02:43:53
122.51.80.81	attackbots	2020-10-04T02:34:00.7875951495-001 sshd[34857]: Invalid user aaron from 122.51.80.81 port 42874 2020-10-04T02:34:02.7442591495-001 sshd[34857]: Failed password for invalid user aaron from 122.51.80.81 port 42874 ssh2 2020-10-04T02:37:51.1472731495-001 sshd[35057]: Invalid user mfg from 122.51.80.81 port 52090 2020-10-04T02:37:51.1542411495-001 sshd[35057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.80.81 2020-10-04T02:37:51.1472731495-001 sshd[35057]: Invalid user mfg from 122.51.80.81 port 52090 2020-10-04T02:37:53.1469581495-001 sshd[35057]: Failed password for invalid user mfg from 122.51.80.81 port 52090 ssh2 ...	2020-10-04 18:26:52
122.51.80.94	attack	SMB Server BruteForce Attack	2020-09-26 07:40:25
122.51.80.94	attackspam	SMB Server BruteForce Attack	2020-09-26 00:53:55
122.51.80.94	attack	SMB Server BruteForce Attack	2020-09-25 16:29:39
122.51.80.81	attackspam	Sep 5 08:43:47 rotator sshd\[7564\]: Invalid user precious from 122.51.80.81Sep 5 08:43:49 rotator sshd\[7564\]: Failed password for invalid user precious from 122.51.80.81 port 38582 ssh2Sep 5 08:48:13 rotator sshd\[8327\]: Invalid user www from 122.51.80.81Sep 5 08:48:15 rotator sshd\[8327\]: Failed password for invalid user www from 122.51.80.81 port 57910 ssh2Sep 5 08:52:42 rotator sshd\[9093\]: Invalid user wocloud from 122.51.80.81Sep 5 08:52:43 rotator sshd\[9093\]: Failed password for invalid user wocloud from 122.51.80.81 port 49002 ssh2 ...	2020-09-05 21:03:54
122.51.80.81	attackspambots	Sep 4 18:36:50 rush sshd[19946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.80.81 Sep 4 18:36:51 rush sshd[19946]: Failed password for invalid user user from 122.51.80.81 port 43052 ssh2 Sep 4 18:38:36 rush sshd[20019]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.80.81 ...	2020-09-05 05:27:35
122.51.80.81	attack	Automatic Fail2ban report - Trying login SSH	2020-08-22 23:52:18
122.51.80.103	attackbotsspam	Aug 22 17:33:57 lunarastro sshd[17283]: Failed password for root from 122.51.80.103 port 56096 ssh2 Aug 22 17:46:18 lunarastro sshd[17732]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.80.103 Aug 22 17:46:21 lunarastro sshd[17732]: Failed password for invalid user usuario from 122.51.80.103 port 57118 ssh2	2020-08-22 21:41:53
122.51.80.103	attack	Aug 17 18:39:21 pve1 sshd[21020]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.80.103 Aug 17 18:39:23 pve1 sshd[21020]: Failed password for invalid user postgres from 122.51.80.103 port 42176 ssh2 ...	2020-08-18 01:34:07
122.51.80.81	attackspambots	$f2bV_matches	2020-08-10 08:09:29
122.51.80.81	attack	" "	2020-08-09 16:54:12
122.51.80.81	attackspam	Jul 31 22:31:13 eventyay sshd[20790]: Failed password for root from 122.51.80.81 port 39324 ssh2 Jul 31 22:32:34 eventyay sshd[20855]: Failed password for root from 122.51.80.81 port 53892 ssh2 ...	2020-08-01 04:59:13

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.51.80.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5515
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.51.80.104.			IN	A

;; AUTHORITY SECTION:
.			573	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041701 1800 900 604800 86400

;; Query time: 90 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 17 20:54:16 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 104.80.51.122.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.80.51.122.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
2.78.57.243	attackspam	Sep 9 01:01:50 TORMINT sshd\[11645\]: Invalid user developer from 2.78.57.243 Sep 9 01:01:50 TORMINT sshd\[11645\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.78.57.243 Sep 9 01:01:53 TORMINT sshd\[11645\]: Failed password for invalid user developer from 2.78.57.243 port 54706 ssh2 ...	2019-09-09 13:08:56
106.12.105.10	attackspam	Sep 9 07:00:38 SilenceServices sshd[16342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.10 Sep 9 07:00:40 SilenceServices sshd[16342]: Failed password for invalid user nagios from 106.12.105.10 port 43918 ssh2 Sep 9 07:06:00 SilenceServices sshd[18352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.105.10	2019-09-09 13:17:44
106.13.54.207	attackbotsspam	Sep 9 05:39:24 nextcloud sshd\[16611\]: Invalid user user from 106.13.54.207 Sep 9 05:39:24 nextcloud sshd\[16611\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.54.207 Sep 9 05:39:25 nextcloud sshd\[16611\]: Failed password for invalid user user from 106.13.54.207 port 36682 ssh2 ...	2019-09-09 12:32:03
222.92.189.76	attackbots	Sep 9 06:41:21 localhost sshd\[7964\]: Invalid user temp1 from 222.92.189.76 port 11849 Sep 9 06:41:21 localhost sshd\[7964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.92.189.76 Sep 9 06:41:22 localhost sshd\[7964\]: Failed password for invalid user temp1 from 222.92.189.76 port 11849 ssh2	2019-09-09 12:55:31
45.136.109.39	attack	Port scan: Attack repeated for 24 hours	2019-09-09 12:30:54
217.32.246.90	attackbotsspam	Sep 8 22:23:35 eventyay sshd[6416]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.32.246.90 Sep 8 22:23:38 eventyay sshd[6416]: Failed password for invalid user insserver from 217.32.246.90 port 41020 ssh2 Sep 8 22:29:03 eventyay sshd[6527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.32.246.90 ...	2019-09-09 12:24:35
219.138.156.233	attackbots	Sep 9 07:17:12 lukav-desktop sshd\[5146\]: Invalid user admin from 219.138.156.233 Sep 9 07:17:12 lukav-desktop sshd\[5146\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.138.156.233 Sep 9 07:17:14 lukav-desktop sshd\[5146\]: Failed password for invalid user admin from 219.138.156.233 port 45341 ssh2 Sep 9 07:23:49 lukav-desktop sshd\[5182\]: Invalid user user from 219.138.156.233 Sep 9 07:23:49 lukav-desktop sshd\[5182\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.138.156.233	2019-09-09 12:38:57
218.92.0.190	attackbots	Sep 9 06:41:25 dcd-gentoo sshd[31936]: User root from 218.92.0.190 not allowed because none of user's groups are listed in AllowGroups Sep 9 06:41:28 dcd-gentoo sshd[31936]: error: PAM: Authentication failure for illegal user root from 218.92.0.190 Sep 9 06:41:25 dcd-gentoo sshd[31936]: User root from 218.92.0.190 not allowed because none of user's groups are listed in AllowGroups Sep 9 06:41:28 dcd-gentoo sshd[31936]: error: PAM: Authentication failure for illegal user root from 218.92.0.190 Sep 9 06:41:25 dcd-gentoo sshd[31936]: User root from 218.92.0.190 not allowed because none of user's groups are listed in AllowGroups Sep 9 06:41:28 dcd-gentoo sshd[31936]: error: PAM: Authentication failure for illegal user root from 218.92.0.190 Sep 9 06:41:28 dcd-gentoo sshd[31936]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.190 port 20875 ssh2 ...	2019-09-09 12:47:35
140.246.39.128	attackbotsspam	Sep 9 00:53:42 ny01 sshd[3034]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.39.128 Sep 9 00:53:44 ny01 sshd[3034]: Failed password for invalid user sinusbot from 140.246.39.128 port 38578 ssh2 Sep 9 00:56:53 ny01 sshd[4001]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.246.39.128	2019-09-09 13:02:18
84.17.20.102	attackbotsspam	Automatic report - Banned IP Access	2019-09-09 13:11:09
103.52.52.23	attack	Sep 9 06:55:57 legacy sshd[28312]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.52.52.23 Sep 9 06:55:59 legacy sshd[28312]: Failed password for invalid user csgoserver from 103.52.52.23 port 40084 ssh2 Sep 9 07:01:10 legacy sshd[28436]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.52.52.23 ...	2019-09-09 13:10:35
92.63.194.90	attackspam	2019-09-09T11:52:50.076257enmeeting.mahidol.ac.th sshd\[10354\]: Invalid user admin from 92.63.194.90 port 38684 2019-09-09T11:52:50.090173enmeeting.mahidol.ac.th sshd\[10354\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.63.194.90 2019-09-09T11:52:52.255337enmeeting.mahidol.ac.th sshd\[10354\]: Failed password for invalid user admin from 92.63.194.90 port 38684 ssh2 ...	2019-09-09 13:05:44
51.89.29.64	attack	Lines containing failures of 51.89.29.64 Sep 9 00:05:26 vps9 sshd[9447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.29.64 user=postgres Sep 9 00:05:28 vps9 sshd[9447]: Failed password for postgres from 51.89.29.64 port 54612 ssh2 Sep 9 00:05:28 vps9 sshd[9447]: Received disconnect from 51.89.29.64 port 54612:11: Bye Bye [preauth] Sep 9 00:05:28 vps9 sshd[9447]: Disconnected from authenticating user postgres 51.89.29.64 port 54612 [preauth] Sep 9 00:11:11 vps9 sshd[11985]: Invalid user mc from 51.89.29.64 port 37618 Sep 9 00:11:13 vps9 sshd[11985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.89.29.64 Sep 9 00:11:15 vps9 sshd[11985]: Failed password for invalid user mc from 51.89.29.64 port 37618 ssh2 Sep 9 00:11:15 vps9 sshd[11985]: Received disconnect from 51.89.29.64 port 37618:11: Bye Bye [preauth] Sep 9 00:11:15 vps9 sshd[11985]: Disconnected from invalid user ........ ------------------------------	2019-09-09 12:57:11
52.163.221.85	attackspam	Sep 9 01:01:13 plusreed sshd[7375]: Invalid user support from 52.163.221.85 ...	2019-09-09 13:18:13
142.93.232.222	attackspambots	Sep 8 18:52:45 tdfoods sshd\[23868\]: Invalid user git from 142.93.232.222 Sep 8 18:52:45 tdfoods sshd\[23868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.232.222 Sep 8 18:52:47 tdfoods sshd\[23868\]: Failed password for invalid user git from 142.93.232.222 port 60632 ssh2 Sep 8 18:58:27 tdfoods sshd\[24447\]: Invalid user server from 142.93.232.222 Sep 8 18:58:27 tdfoods sshd\[24447\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.232.222	2019-09-09 13:03:36

最近上报的IP列表

125.139.129.201	61.51.183.48	65.171.161.61	24.184.19.240
178.117.107.48	34.98.255.198	175.94.125.5	210.67.190.164
115.229.45.83	76.173.226.25	246.194.9.53	206.203.52.243
92.244.83.39	123.194.162.100	14.12.68.43	164.45.126.136
241.11.138.252	200.41.123.59	15.96.221.200	150.109.127.191