122.51.125.104

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Guangzhou Haizhiguang Communication Technology Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-26T12:56:23Z and 2020-08-26T13:17:30Z	2020-08-26 21:42:36
attackbots	Aug 26 06:58:38 IngegnereFirenze sshd[7485]: Failed password for invalid user ec2-user from 122.51.125.104 port 60408 ssh2 ...	2020-08-26 16:15:59
attackbots	Aug 25 08:42:56 h2427292 sshd\[25419\]: Invalid user web from 122.51.125.104 Aug 25 08:42:56 h2427292 sshd\[25419\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.104 Aug 25 08:42:57 h2427292 sshd\[25419\]: Failed password for invalid user web from 122.51.125.104 port 50454 ssh2 ...	2020-08-25 16:19:07
attack	Aug 23 23:09:56 [host] sshd[14473]: Invalid user n Aug 23 23:09:56 [host] sshd[14473]: pam_unix(sshd: Aug 23 23:09:57 [host] sshd[14473]: Failed passwor	2020-08-24 05:28:13
attackspam	Aug 23 17:06:57 master sshd[19804]: Failed password for root from 122.51.125.104 port 38748 ssh2 Aug 23 17:12:55 master sshd[19913]: Failed password for root from 122.51.125.104 port 33662 ssh2 Aug 23 17:18:14 master sshd[19976]: Failed password for root from 122.51.125.104 port 56136 ssh2 Aug 23 17:20:48 master sshd[20051]: Failed password for invalid user delta from 122.51.125.104 port 53256 ssh2 Aug 23 17:23:18 master sshd[20057]: Failed password for root from 122.51.125.104 port 50378 ssh2 Aug 23 17:25:46 master sshd[20095]: Failed password for invalid user ftpuser from 122.51.125.104 port 47498 ssh2 Aug 23 17:28:14 master sshd[20103]: Failed password for root from 122.51.125.104 port 44622 ssh2 Aug 23 17:30:47 master sshd[20529]: Failed password for invalid user cookie from 122.51.125.104 port 41746 ssh2 Aug 23 17:33:18 master sshd[20535]: Failed password for invalid user ryuta from 122.51.125.104 port 38868 ssh2	2020-08-24 03:27:25
attack	Exploited Host.	2020-07-26 06:23:17
attack	Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-06-15 04:29:25
attack	2020-06-12T05:49:40.208858n23.at sshd[17715]: Invalid user services from 122.51.125.104 port 36090 2020-06-12T05:49:42.028404n23.at sshd[17715]: Failed password for invalid user services from 122.51.125.104 port 36090 ssh2 2020-06-12T05:57:03.591028n23.at sshd[24370]: Invalid user ackerjapan from 122.51.125.104 port 49188 ...	2020-06-12 13:56:04
attack	May 29 20:45:27 124388 sshd[4448]: Invalid user opensuse from 122.51.125.104 port 57726 May 29 20:45:27 124388 sshd[4448]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.104 May 29 20:45:27 124388 sshd[4448]: Invalid user opensuse from 122.51.125.104 port 57726 May 29 20:45:30 124388 sshd[4448]: Failed password for invalid user opensuse from 122.51.125.104 port 57726 ssh2 May 29 20:50:02 124388 sshd[5173]: Invalid user webadmin from 122.51.125.104 port 52532	2020-05-30 05:58:35
attack	$f2bV_matches	2020-05-28 01:44:42
attackspambots	Invalid user gsz from 122.51.125.104 port 58604	2020-05-24 17:06:05
attack	May 2 14:11:11 mail sshd[29609]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.104 May 2 14:11:13 mail sshd[29609]: Failed password for invalid user zq from 122.51.125.104 port 40252 ssh2 ...	2020-05-03 00:22:26
attackbots	2020-04-10T14:05:12.182852librenms sshd[28325]: Invalid user postgres from 122.51.125.104 port 39900 2020-04-10T14:05:14.122154librenms sshd[28325]: Failed password for invalid user postgres from 122.51.125.104 port 39900 ssh2 2020-04-10T14:11:41.063524librenms sshd[29057]: Invalid user deploy from 122.51.125.104 port 42322 ...	2020-04-10 20:42:08
attackspambots	Apr 6 05:44:23 ns381471 sshd[8779]: Failed password for root from 122.51.125.104 port 46684 ssh2	2020-04-06 19:29:17
attack	$f2bV_matches	2020-03-28 16:12:22
attackbotsspam	$f2bV_matches	2020-03-22 19:16:59
attackspambots	Attempted connection to port 22.	2020-03-20 05:25:28
attackspam	Mar 18 19:12:04 plusreed sshd[5496]: Invalid user pany from 122.51.125.104 ...	2020-03-19 10:22:11

Comments on same subnet:

IP	Type	Details	Datetime
122.51.125.71	attack	Invalid user nick from 122.51.125.71 port 56326	2020-09-29 05:05:24
122.51.125.71	attack	Time: Sat Sep 26 14:07:19 2020 +0000 IP: 122.51.125.71 (CN/China/-) Failures: 5 (sshd) Interval: 3600 seconds Blocked: Permanent Block [LF_SSHD] Log entries: Sep 26 13:59:24 activeserver sshd[16073]: Invalid user victor from 122.51.125.71 port 45546 Sep 26 13:59:26 activeserver sshd[16073]: Failed password for invalid user victor from 122.51.125.71 port 45546 ssh2 Sep 26 14:04:47 activeserver sshd[24295]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 user=root Sep 26 14:04:49 activeserver sshd[24295]: Failed password for root from 122.51.125.71 port 44088 ssh2 Sep 26 14:07:16 activeserver sshd[28153]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 user=root	2020-09-28 21:24:11
122.51.125.71	attackspambots	Invalid user nick from 122.51.125.71 port 39710	2020-09-28 13:30:01
122.51.125.71	attack	(sshd) Failed SSH login from 122.51.125.71 (CN/China/-): 5 in the last 3600 secs	2020-09-27 03:53:08
122.51.125.71	attackbots	Sep 26 12:59:40 host sshd[27994]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 user=root Sep 26 12:59:42 host sshd[27994]: Failed password for root from 122.51.125.71 port 59442 ssh2 ...	2020-09-26 19:54:42
122.51.125.71	attack	Aug 26 00:37:36 host sshd[21822]: Invalid user web1 from 122.51.125.71 port 34382 ...	2020-08-26 07:35:57
122.51.125.71	attack	Aug 22 14:59:00 PorscheCustomer sshd[11316]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 Aug 22 14:59:02 PorscheCustomer sshd[11316]: Failed password for invalid user deployer from 122.51.125.71 port 48874 ssh2 Aug 22 14:59:41 PorscheCustomer sshd[11324]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 ...	2020-08-22 22:25:42
122.51.125.71	attack	Aug 17 11:26:33 ws22vmsma01 sshd[172956]: Failed password for root from 122.51.125.71 port 58330 ssh2 Aug 17 11:39:39 ws22vmsma01 sshd[207152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 ...	2020-08-18 04:24:01
122.51.125.71	attackspam	20 attempts against mh-ssh on echoip	2020-08-10 20:55:49
122.51.125.71	attackbotsspam	Invalid user dino from 122.51.125.71 port 57706	2020-07-13 13:02:36
122.51.125.71	attackbots	Invalid user dino from 122.51.125.71 port 57706	2020-07-12 21:25:01
122.51.125.71	attackspambots	$f2bV_matches	2020-07-01 07:34:15
122.51.125.71	attackspam	$f2bV_matches	2020-06-30 21:47:14
122.51.125.71	attackbotsspam	(sshd) Failed SSH login from 122.51.125.71 (CN/China/-): 5 in the last 3600 secs	2020-06-07 12:51:57
122.51.125.71	attack	Jun 4 15:09:15 nextcloud sshd\[6238\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 user=root Jun 4 15:09:17 nextcloud sshd\[6238\]: Failed password for root from 122.51.125.71 port 45402 ssh2 Jun 4 15:13:09 nextcloud sshd\[12763\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.125.71 user=root	2020-06-05 00:13:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.51.125.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55128
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.51.125.104.			IN	A

;; AUTHORITY SECTION:
.			554	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031801 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Mar 19 10:22:06 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 104.125.51.122.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.125.51.122.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
42.231.162.205	attackspambots	SASL Brute Force	2019-07-25 11:38:39
120.10.149.153	attack	Autoban 120.10.149.153 AUTH/CONNECT	2019-07-25 11:32:39
188.143.91.142	attackspambots	Jul 24 21:49:40 aat-srv002 sshd[7562]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.143.91.142 Jul 24 21:49:42 aat-srv002 sshd[7562]: Failed password for invalid user sandy from 188.143.91.142 port 53184 ssh2 Jul 24 21:54:08 aat-srv002 sshd[7731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.143.91.142 Jul 24 21:54:10 aat-srv002 sshd[7731]: Failed password for invalid user mm from 188.143.91.142 port 50459 ssh2 ...	2019-07-25 11:16:29
185.11.69.2	attackbotsspam	Automatic report - Port Scan Attack	2019-07-25 11:51:44
122.55.90.45	attack	2019-07-25T04:04:13.277836 sshd[5780]: Invalid user student from 122.55.90.45 port 42812 2019-07-25T04:04:13.291342 sshd[5780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.55.90.45 2019-07-25T04:04:13.277836 sshd[5780]: Invalid user student from 122.55.90.45 port 42812 2019-07-25T04:04:15.671835 sshd[5780]: Failed password for invalid user student from 122.55.90.45 port 42812 ssh2 2019-07-25T04:09:57.525789 sshd[5828]: Invalid user team from 122.55.90.45 port 40427 ...	2019-07-25 11:32:18
123.193.48.182	attackspambots	Jul 25 04:55:14 mail sshd\[28723\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.193.48.182 user=root Jul 25 04:55:16 mail sshd\[28723\]: Failed password for root from 123.193.48.182 port 36432 ssh2 Jul 25 05:01:53 mail sshd\[29974\]: Invalid user frank from 123.193.48.182 port 59374 Jul 25 05:01:53 mail sshd\[29974\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.193.48.182 Jul 25 05:01:55 mail sshd\[29974\]: Failed password for invalid user frank from 123.193.48.182 port 59374 ssh2	2019-07-25 11:09:47
91.217.197.26	attack	Automatic report - Banned IP Access	2019-07-25 11:41:51
151.80.140.166	attack	Jul 25 05:30:14 lnxweb61 sshd[19833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.140.166	2019-07-25 11:41:28
41.32.215.74	attackspam	firewall-block, port(s): 23/tcp	2019-07-25 11:25:47
191.242.167.204	attackbots	firewall-block, port(s): 8080/tcp	2019-07-25 11:14:47
218.5.244.218	attack	2019-07-25T05:08:07.336357cavecanem sshd[23360]: Invalid user webadmin from 218.5.244.218 port 45081 2019-07-25T05:08:07.338846cavecanem sshd[23360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.5.244.218 2019-07-25T05:08:07.336357cavecanem sshd[23360]: Invalid user webadmin from 218.5.244.218 port 45081 2019-07-25T05:08:09.057322cavecanem sshd[23360]: Failed password for invalid user webadmin from 218.5.244.218 port 45081 ssh2 2019-07-25T05:12:46.450550cavecanem sshd[29357]: Invalid user jira from 218.5.244.218 port 65230 2019-07-25T05:12:46.454788cavecanem sshd[29357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.5.244.218 2019-07-25T05:12:46.450550cavecanem sshd[29357]: Invalid user jira from 218.5.244.218 port 65230 2019-07-25T05:12:48.809064cavecanem sshd[29357]: Failed password for invalid user jira from 218.5.244.218 port 65230 ssh2 2019-07-25T05:17:11.608282cavecanem sshd[2890]: Invali ...	2019-07-25 11:28:37
91.67.35.152	attackbotsspam	Jul 25 04:53:51 lnxmail61 sshd[8371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=91.67.35.152	2019-07-25 11:39:45
184.105.139.81	attackbotsspam	firewall-block, port(s): 177/udp	2019-07-25 11:16:09
54.38.55.227	attackbotsspam	Jul 25 04:00:27 mail sshd\[8481\]: Invalid user admin from 54.38.55.227\ Jul 25 04:00:30 mail sshd\[8481\]: Failed password for invalid user admin from 54.38.55.227 port 46970 ssh2\ Jul 25 04:05:06 mail sshd\[8519\]: Invalid user 8 from 54.38.55.227\ Jul 25 04:05:07 mail sshd\[8519\]: Failed password for invalid user 8 from 54.38.55.227 port 43704 ssh2\ Jul 25 04:09:40 mail sshd\[8575\]: Invalid user cbs from 54.38.55.227\ Jul 25 04:09:42 mail sshd\[8575\]: Failed password for invalid user cbs from 54.38.55.227 port 40436 ssh2\	2019-07-25 11:40:55
36.157.255.14	attackspam	Bruteforce from 36.157.255.14	2019-07-25 11:08:26

Recently Reported IPs

222.252.30.90	170.247.41.74	181.143.228.170	87.251.74.10
124.121.30.82	162.243.132.6	156.198.208.150	89.46.214.161
79.182.6.59	114.35.144.59	41.239.181.222	27.147.220.151
45.141.156.203	82.254.10.37	204.188.223.170	41.239.98.130
14.172.142.151	162.243.128.45	98.159.99.11	41.36.173.165