134.122.52.123

基本信息:

城市(city): Amsterdam

省份(region): North Holland

国家(country): Netherlands

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Jun 16 18:48:26 XXX sshd[46969]: Invalid user admin from 134.122.52.123 port 47876	2020-06-17 03:07:43
attack	Jun 16 00:56:45 ns381471 sshd[11894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.52.123 Jun 16 00:56:47 ns381471 sshd[11894]: Failed password for invalid user oscar from 134.122.52.123 port 51180 ssh2	2020-06-16 08:03:00

类型

评论内容

时间

attack

Jun 16 18:48:26 XXX sshd[46969]: Invalid user admin from 134.122.52.123 port 47876

2020-06-17 03:07:43

attack

Jun 16 00:56:45 ns381471 sshd[11894]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.52.123
Jun 16 00:56:47 ns381471 sshd[11894]: Failed password for invalid user oscar from 134.122.52.123 port 51180 ssh2

2020-06-16 08:03:00

相同子网IP讨论:

IP	类型	评论内容	时间
134.122.52.69	attack	Exploited Host.	2020-07-26 03:37:47
134.122.52.69	attack	SSH Authentication Attempts Exceeded	2020-03-17 08:19:04

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 134.122.52.123
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59695
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;134.122.52.123.			IN	A

;; AUTHORITY SECTION:
.			117	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061503 1800 900 604800 86400

;; Query time: 104 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Jun 16 08:02:57 CST 2020
;; MSG SIZE  rcvd: 118

HOST信息:

Host 123.52.122.134.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 123.52.122.134.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
222.186.190.92	attackspambots	Dec 19 02:10:09 plusreed sshd[14221]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.92 user=root Dec 19 02:10:11 plusreed sshd[14221]: Failed password for root from 222.186.190.92 port 60148 ssh2 ...	2019-12-19 15:19:02
189.4.28.99	attackspam	Dec 19 07:47:06 vps691689 sshd[15421]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.4.28.99 Dec 19 07:47:08 vps691689 sshd[15421]: Failed password for invalid user stockhaus from 189.4.28.99 port 36982 ssh2 ...	2019-12-19 15:20:02
111.92.107.73	attackbotsspam	[munged]::443 111.92.107.73 - - [19/Dec/2019:07:29:09 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 111.92.107.73 - - [19/Dec/2019:07:29:11 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 111.92.107.73 - - [19/Dec/2019:07:29:12 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 111.92.107.73 - - [19/Dec/2019:07:29:13 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 111.92.107.73 - - [19/Dec/2019:07:29:14 +0100] "POST /[munged]: HTTP/1.1" 200 12239 "http://[munged]:/[munged]:" "Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0" [munged]::443 111.92.107.73 - - [19/Dec/2019:07:2	2019-12-19 15:12:46
148.70.223.115	attackspam	Dec 19 07:22:18 eventyay sshd[2851]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.223.115 Dec 19 07:22:19 eventyay sshd[2851]: Failed password for invalid user varisco from 148.70.223.115 port 54134 ssh2 Dec 19 07:29:59 eventyay sshd[3077]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.223.115 ...	2019-12-19 14:49:04
171.84.6.86	attackbots	Dec 19 07:16:44 vtv3 sshd[4705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.84.6.86 Dec 19 07:16:46 vtv3 sshd[4705]: Failed password for invalid user cups from 171.84.6.86 port 60074 ssh2 Dec 19 07:23:37 vtv3 sshd[7727]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.84.6.86 Dec 19 07:35:32 vtv3 sshd[13895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.84.6.86 Dec 19 07:35:34 vtv3 sshd[13895]: Failed password for invalid user rpc from 171.84.6.86 port 48878 ssh2 Dec 19 07:41:36 vtv3 sshd[16593]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.84.6.86 Dec 19 07:53:44 vtv3 sshd[22062]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=171.84.6.86 Dec 19 07:53:46 vtv3 sshd[22062]: Failed password for invalid user ment508 from 171.84.6.86 port 36076 ssh2 Dec 19 08:00:03 vtv3 sshd[24928]: F	2019-12-19 14:54:37
78.21.141.184	attackbots	Dec 19 07:29:47 sxvn sshd[3510893]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.21.141.184	2019-12-19 14:57:24
178.16.175.146	attackspambots	2019-12-19T07:24:00.782302vps751288.ovh.net sshd\[26210\]: Invalid user server from 178.16.175.146 port 23283 2019-12-19T07:24:00.794268vps751288.ovh.net sshd\[26210\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.16.175.146 2019-12-19T07:24:02.631101vps751288.ovh.net sshd\[26210\]: Failed password for invalid user server from 178.16.175.146 port 23283 ssh2 2019-12-19T07:29:35.946710vps751288.ovh.net sshd\[26248\]: Invalid user jenkins from 178.16.175.146 port 14626 2019-12-19T07:29:35.958190vps751288.ovh.net sshd\[26248\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.16.175.146	2019-12-19 15:02:27
180.242.182.6	attackspambots	1576736999 - 12/19/2019 07:29:59 Host: 180.242.182.6/180.242.182.6 Port: 445 TCP Blocked	2019-12-19 14:48:23
213.32.22.239	attackspam	Dec 19 06:40:17 game-panel sshd[12184]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.22.239 Dec 19 06:40:18 game-panel sshd[12184]: Failed password for invalid user youyou from 213.32.22.239 port 47890 ssh2 Dec 19 06:45:36 game-panel sshd[12333]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.32.22.239	2019-12-19 14:52:38
106.13.112.117	attackbotsspam	Dec 19 06:23:10 localhost sshd\[19626\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.117 user=mysql Dec 19 06:23:12 localhost sshd\[19626\]: Failed password for mysql from 106.13.112.117 port 35446 ssh2 Dec 19 06:29:51 localhost sshd\[19864\]: Invalid user shown from 106.13.112.117 port 33424 Dec 19 06:29:51 localhost sshd\[19864\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.112.117 Dec 19 06:29:53 localhost sshd\[19864\]: Failed password for invalid user shown from 106.13.112.117 port 33424 ssh2 ...	2019-12-19 14:53:03
216.189.145.128	attack	$f2bV_matches	2019-12-19 14:54:07
222.186.180.8	attack	Dec 19 08:07:00 * sshd[30087]: Failed password for root from 222.186.180.8 port 55880 ssh2 Dec 19 08:07:13 * sshd[30087]: error: maximum authentication attempts exceeded for root from 222.186.180.8 port 55880 ssh2 [preauth]	2019-12-19 15:09:49
50.236.62.30	attackspam	Dec 19 02:07:26 ny01 sshd[7364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.236.62.30 Dec 19 02:07:28 ny01 sshd[7364]: Failed password for invalid user test from 50.236.62.30 port 35778 ssh2 Dec 19 02:12:55 ny01 sshd[7927]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=50.236.62.30	2019-12-19 15:26:50
202.230.143.53	attackbotsspam	(sshd) Failed SSH login from 202.230.143.53 (-): 5 in the last 3600 secs	2019-12-19 15:29:17
103.26.40.145	attack	Dec 19 01:43:46 linuxvps sshd\[28588\]: Invalid user quercia from 103.26.40.145 Dec 19 01:43:46 linuxvps sshd\[28588\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.40.145 Dec 19 01:43:49 linuxvps sshd\[28588\]: Failed password for invalid user quercia from 103.26.40.145 port 58627 ssh2 Dec 19 01:50:55 linuxvps sshd\[33431\]: Invalid user ident from 103.26.40.145 Dec 19 01:50:55 linuxvps sshd\[33431\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.26.40.145	2019-12-19 15:02:41

最近上报的IP列表

180.83.136.112	68.183.153.106	3.27.209.246	168.0.219.81
170.140.173.8	119.70.231.238	63.60.226.207	187.209.39.127
142.90.121.163	85.194.7.31	217.182.147.99	139.96.76.207
70.131.80.89	107.139.91.83	92.237.4.184	208.119.86.71
184.226.209.250	111.227.227.1	122.83.246.249	156.204.98.94