122.51.113.137

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Guangzhou Haizhiguang Communication Technology Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Mar 23 06:03:03 NPSTNNYC01T sshd[10032]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Mar 23 06:03:06 NPSTNNYC01T sshd[10032]: Failed password for invalid user tar from 122.51.113.137 port 52150 ssh2 Mar 23 06:12:50 NPSTNNYC01T sshd[10500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 ...	2020-03-23 20:57:32
attack	2020-03-20T22:52:50.216247ns386461 sshd\[14543\]: Invalid user laojiang from 122.51.113.137 port 33156 2020-03-20T22:52:50.220860ns386461 sshd\[14543\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 2020-03-20T22:52:52.278933ns386461 sshd\[14543\]: Failed password for invalid user laojiang from 122.51.113.137 port 33156 ssh2 2020-03-20T23:09:45.086018ns386461 sshd\[30418\]: Invalid user chenhaixin from 122.51.113.137 port 44854 2020-03-20T23:09:45.089775ns386461 sshd\[30418\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 ...	2020-03-21 06:40:56
attackspam	Feb 21 11:29:52 web9 sshd\[11086\]: Invalid user ftp_user from 122.51.113.137 Feb 21 11:29:52 web9 sshd\[11086\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Feb 21 11:29:53 web9 sshd\[11086\]: Failed password for invalid user ftp_user from 122.51.113.137 port 58972 ssh2 Feb 21 11:32:14 web9 sshd\[11438\]: Invalid user ocean from 122.51.113.137 Feb 21 11:32:14 web9 sshd\[11438\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137	2020-02-22 05:39:57
attackbots	Unauthorized SSH login attempts	2020-02-11 05:30:28
attackbotsspam	Dec 13 11:45:01 vps691689 sshd[13058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Dec 13 11:45:03 vps691689 sshd[13058]: Failed password for invalid user bridgett from 122.51.113.137 port 50792 ssh2 ...	2019-12-13 19:24:18
attackspambots	$f2bV_matches	2019-12-12 22:19:02
attackspam	Dec 6 22:52:14 auw2 sshd\[10832\]: Invalid user orley from 122.51.113.137 Dec 6 22:52:14 auw2 sshd\[10832\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Dec 6 22:52:16 auw2 sshd\[10832\]: Failed password for invalid user orley from 122.51.113.137 port 46736 ssh2 Dec 6 23:00:05 auw2 sshd\[11572\]: Invalid user bryanna from 122.51.113.137 Dec 6 23:00:05 auw2 sshd\[11572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137	2019-12-07 17:16:34
attackbotsspam	Dec 4 05:49:21 OPSO sshd\[15324\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 user=root Dec 4 05:49:23 OPSO sshd\[15324\]: Failed password for root from 122.51.113.137 port 40372 ssh2 Dec 4 05:57:43 OPSO sshd\[17964\]: Invalid user home from 122.51.113.137 port 50638 Dec 4 05:57:43 OPSO sshd\[17964\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Dec 4 05:57:45 OPSO sshd\[17964\]: Failed password for invalid user home from 122.51.113.137 port 50638 ssh2	2019-12-04 13:17:08
attack	Nov 26 12:55:35 server sshd\[10877\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 user=root Nov 26 12:55:37 server sshd\[10877\]: Failed password for root from 122.51.113.137 port 53508 ssh2 Nov 26 13:29:48 server sshd\[18950\]: Invalid user tracy from 122.51.113.137 Nov 26 13:29:48 server sshd\[18950\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Nov 26 13:29:50 server sshd\[18950\]: Failed password for invalid user tracy from 122.51.113.137 port 42572 ssh2 ...	2019-11-26 19:40:59
attackspam	Nov 25 08:34:30 vpn01 sshd[4953]: Failed password for root from 122.51.113.137 port 56110 ssh2 ...	2019-11-25 15:45:25
attackspambots	Nov 24 21:47:39 webhost01 sshd[14559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Nov 24 21:47:41 webhost01 sshd[14559]: Failed password for invalid user alliance from 122.51.113.137 port 44398 ssh2 ...	2019-11-25 04:30:24
attackbots	Nov 23 08:36:53 OPSO sshd\[16697\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 user=admin Nov 23 08:36:55 OPSO sshd\[16697\]: Failed password for admin from 122.51.113.137 port 48458 ssh2 Nov 23 08:42:17 OPSO sshd\[17698\]: Invalid user jaume from 122.51.113.137 port 56164 Nov 23 08:42:17 OPSO sshd\[17698\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Nov 23 08:42:20 OPSO sshd\[17698\]: Failed password for invalid user jaume from 122.51.113.137 port 56164 ssh2	2019-11-23 16:00:21
attackspambots	Nov 23 06:08:41 OPSO sshd\[18834\]: Invalid user ftpuser from 122.51.113.137 port 36572 Nov 23 06:08:41 OPSO sshd\[18834\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Nov 23 06:08:44 OPSO sshd\[18834\]: Failed password for invalid user ftpuser from 122.51.113.137 port 36572 ssh2 Nov 23 06:13:33 OPSO sshd\[19740\]: Invalid user hollox from 122.51.113.137 port 44244 Nov 23 06:13:33 OPSO sshd\[19740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137	2019-11-23 13:21:53
attackspam	/var/log/messages:Nov 1 12:33:08 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1572611588.730:122181): pid=23470 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-server cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=23471 suid=74 rport=47678 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=122.51.113.137 terminal=? res=success' /var/log/messages:Nov 1 12:33:08 sanyalnet-cloud-vps audispd: node=sanyalnet-cloud-vps.freeddns.org type=CRYPTO_SESSION msg=audhostname(1572611588.734:122182): pid=23470 uid=0 auid=4294967295 ses=4294967295 msg='op=start direction=from-client cipher=aes256-ctr ksize=256 mac=hmac-sha1 pfs=ecdh-sha2-nistp256 spid=23471 suid=74 rport=47678 laddr=104.167.106.93 lport=23 exe="/usr/sbin/sshd" hostname=? addr=122.51.113.137 terminal=? res=success' /var/log/messages:Nov 1 12:33:10 sanyalnet-cloud-vps fail2ban.filter[1538]: INFO [sshd] F........ -------------------------------	2019-11-01 21:08:43
attackspam	Nov 1 13:10:49 taivassalofi sshd[7238]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.113.137 Nov 1 13:10:50 taivassalofi sshd[7238]: Failed password for invalid user oracle from 122.51.113.137 port 40134 ssh2 ...	2019-11-01 19:17:12

Comments on same subnet:

IP	Type	Details	Datetime
122.51.113.156	attack	Brute forcing RDP port 3389	2020-07-29 12:55:09
122.51.113.108	attackspambots	Port scan detected on ports: 1433[TCP], 1433[TCP], 65529[TCP]	2020-04-17 23:22:28

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.51.113.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.51.113.137.			IN	A

;; AUTHORITY SECTION:
.			295	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110100 1800 900 604800 86400

;; Query time: 530 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 01 19:17:06 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 137.113.51.122.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 137.113.51.122.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.235.133.228	attack	(sshd) Failed SSH login from 49.235.133.228 (CN/China/Guangdong/Shenzhen/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 12 12:37:19 atlas sshd[10357]: Invalid user user from 49.235.133.228 port 51764 Oct 12 12:37:20 atlas sshd[10357]: Failed password for invalid user user from 49.235.133.228 port 51764 ssh2 Oct 12 12:45:49 atlas sshd[12727]: Invalid user cactiuser from 49.235.133.228 port 53460 Oct 12 12:45:52 atlas sshd[12727]: Failed password for invalid user cactiuser from 49.235.133.228 port 53460 ssh2 Oct 12 12:50:49 atlas sshd[13915]: Invalid user carlo from 49.235.133.228 port 47266	2020-10-13 01:37:08
122.152.198.104	attackbots	Invalid user opensips from 122.152.198.104 port 38514	2020-10-13 01:30:12
140.250.144.125	attackbotsspam	20 attempts against mh-ssh on wood	2020-10-13 01:51:25
42.119.80.176	attackspam	SSH login attempts.	2020-10-13 02:01:39
122.155.202.93	attack	Invalid user hollowaye from 122.155.202.93 port 46714	2020-10-13 01:50:26
120.53.223.186	attackspambots	SSH login attempts.	2020-10-13 01:48:19
37.224.51.251	attack	Bruteforce detected by fail2ban	2020-10-13 01:58:43
46.32.252.84	attack	Oct 12 14:34:18 itv-usvr-01 sshd[15556]: Invalid user lucian from 46.32.252.84	2020-10-13 01:53:59
212.70.149.83	attack	Oct 12 19:53:27 relay postfix/smtpd\[21098\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 19:53:52 relay postfix/smtpd\[13138\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 19:54:18 relay postfix/smtpd\[21520\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 19:54:43 relay postfix/smtpd\[21098\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 12 19:55:08 relay postfix/smtpd\[21098\]: warning: unknown\[212.70.149.83\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-13 01:56:19
106.13.227.104	attackspam	Brute-force attempt banned	2020-10-13 01:41:37
218.92.0.212	attackbotsspam	Oct 12 19:25:32 dev0-dcde-rnet sshd[25043]: Failed password for root from 218.92.0.212 port 43466 ssh2 Oct 12 19:25:47 dev0-dcde-rnet sshd[25043]: error: maximum authentication attempts exceeded for root from 218.92.0.212 port 43466 ssh2 [preauth] Oct 12 19:25:53 dev0-dcde-rnet sshd[25050]: Failed password for root from 218.92.0.212 port 7824 ssh2	2020-10-13 02:00:41
177.131.167.57	attackbots	Unauthorized connection attempt from IP address 177.131.167.57 on Port 445(SMB)	2020-10-13 02:00:16
107.158.176.234	attackbots	Automatic report	2020-10-13 02:04:10
91.189.217.248	attackspambots	Attempted Brute Force (dovecot)	2020-10-13 02:04:42
187.194.140.228	attackbotsspam	SMB Server BruteForce Attack	2020-10-13 01:43:50

Recently Reported IPs

72.125.242.32	190.159.97.101	125.153.14.153	208.83.28.247
186.17.85.106	202.147.199.130	63.238.197.95	51.107.255.196
249.108.9.3	26.39.220.241	103.233.172.207	19.51.127.44
140.141.65.88	17.225.66.176	78.47.207.68	180.177.37.47
82.57.198.188	33.194.21.161	104.178.148.166	232.216.254.193