105.228.13.128

Basic Info

City: unknown

Region: unknown

Country: South Africa

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
105.228.136.148	attack	Unauthorised access (Nov 4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=24614 DF TCP DPT=445 WINDOW=8192 SYN Unauthorised access (Nov 4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=19497 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-04 16:40:40
105.228.132.223	attack	TCP Port: 25 _ invalid blocked abuseat-org zen-spamhaus _ _ _ _ (1254)	2019-06-26 02:37:12

Type

Details

Datetime

105.228.136.148

attack

Unauthorised access (Nov  4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=24614 DF TCP DPT=445 WINDOW=8192 SYN 
Unauthorised access (Nov  4) SRC=105.228.136.148 LEN=52 TOS=0x14 TTL=111 ID=19497 DF TCP DPT=445 WINDOW=8192 SYN

2019-11-04 16:40:40

105.228.132.223

attack

TCP Port: 25 _    invalid blocked abuseat-org zen-spamhaus _  _  _ _ (1254)

2019-06-26 02:37:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 105.228.13.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25395
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;105.228.13.128.			IN	A

;; AUTHORITY SECTION:
.			475	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 14:22:43 CST 2022
;; MSG SIZE  rcvd: 107

Host info

128.13.228.105.in-addr.arpa domain name pointer 13-228-105-128.north.dsl.telkomsa.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
128.13.228.105.in-addr.arpa	name = 13-228-105-128.north.dsl.telkomsa.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
170.231.59.123	attackspam	Automatic report - SSH Brute-Force Attack	2019-11-26 09:03:16
196.223.152.38	attackbotsspam	Unauthorized connection attempt from IP address 196.223.152.38 on Port 445(SMB)	2019-11-26 08:38:10
49.70.207.187	attackbotsspam	Lines containing failures of 49.70.207.187 Nov 25 23:06:46 * sshd[85687]: Invalid user tshostnamesior from 49.70.207.187 port 39902 Nov 25 23:06:46 * sshd[85687]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Nov 25 23:06:49 * sshd[85687]: Failed password for invalid user tshostnamesior from 49.70.207.187 port 39902 ssh2 Nov 25 23:06:49 * sshd[85687]: Received disconnect from 49.70.207.187 port 39902:11: Bye Bye [preauth] Nov 25 23:06:49 * sshd[85687]: Disconnected from invalid user tshostnamesior 49.70.207.187 port 39902 [preauth] Nov 25 23:31:29 * sshd[87274]: Invalid user vara from 49.70.207.187 port 40227 Nov 25 23:31:29 * sshd[87274]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.70.207.187 Nov 25 23:31:31 * sshd[87274]: Failed password for invalid user vara from 49.70.207.187 port 40227 ssh2 Nov 25 23:31:31 *** sshd[87274]: Received disconnect from 4........ ------------------------------	2019-11-26 08:41:49
101.187.104.248	attack	port scan/probe/communication attempt; port 23	2019-11-26 08:53:55
69.25.27.108	attackspam	TCP Port Scanning	2019-11-26 08:42:54
79.117.24.251	attack	PHI,WP GET /wp-login.php GET /wp-login.php	2019-11-26 08:53:38
186.46.57.230	attack	Unauthorized connection attempt from IP address 186.46.57.230 on Port 445(SMB)	2019-11-26 08:40:05
112.53.236.57	attack	port scan/probe/communication attempt; port 23	2019-11-26 08:36:28
222.186.175.182	attackspambots	Nov 26 01:59:20 dcd-gentoo sshd[25169]: User root from 222.186.175.182 not allowed because none of user's groups are listed in AllowGroups Nov 26 01:59:23 dcd-gentoo sshd[25169]: error: PAM: Authentication failure for illegal user root from 222.186.175.182 Nov 26 01:59:20 dcd-gentoo sshd[25169]: User root from 222.186.175.182 not allowed because none of user's groups are listed in AllowGroups Nov 26 01:59:23 dcd-gentoo sshd[25169]: error: PAM: Authentication failure for illegal user root from 222.186.175.182 Nov 26 01:59:20 dcd-gentoo sshd[25169]: User root from 222.186.175.182 not allowed because none of user's groups are listed in AllowGroups Nov 26 01:59:23 dcd-gentoo sshd[25169]: error: PAM: Authentication failure for illegal user root from 222.186.175.182 Nov 26 01:59:23 dcd-gentoo sshd[25169]: Failed keyboard-interactive/pam for invalid user root from 222.186.175.182 port 20922 ssh2 ...	2019-11-26 09:03:43
140.255.7.144	attackbotsspam	2019-11-25 16:44:36 dovecot_login authenticator failed for (qagnwrh.com) [140.255.7.144]:64246 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2019-11-25 16:44:44 dovecot_login authenticator failed for (qagnwrh.com) [140.255.7.144]:49722 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) 2019-11-25 16:44:56 dovecot_login authenticator failed for (qagnwrh.com) [140.255.7.144]:52352 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=ler@lerctr.org) ...	2019-11-26 08:49:54
129.146.147.62	attack	Automatic report - Banned IP Access	2019-11-26 09:05:30
218.77.107.6	attackbotsspam	Port 1433 Scan	2019-11-26 09:04:30
104.211.242.189	attackspam	$f2bV_matches	2019-11-26 08:33:49
42.118.242.189	attackspam	Lines containing failures of 42.118.242.189 Nov 25 02:07:37 smtp-out sshd[3598]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.242.189 user=r.r Nov 25 02:07:39 smtp-out sshd[3598]: Failed password for r.r from 42.118.242.189 port 43632 ssh2 Nov 25 02:07:40 smtp-out sshd[3598]: Received disconnect from 42.118.242.189 port 43632:11: Bye Bye [preauth] Nov 25 02:07:40 smtp-out sshd[3598]: Disconnected from authenticating user r.r 42.118.242.189 port 43632 [preauth] Nov 25 02:27:33 smtp-out sshd[4272]: Invalid user temp from 42.118.242.189 port 46290 Nov 25 02:27:33 smtp-out sshd[4272]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.118.242.189 Nov 25 02:27:35 smtp-out sshd[4272]: Failed password for invalid user temp from 42.118.242.189 port 46290 ssh2 Nov 25 02:27:35 smtp-out sshd[4272]: Received disconnect from 42.118.242.189 port 46290:11: Bye Bye [preauth] Nov 25 02:27:35 smtp-........ ------------------------------	2019-11-26 08:27:20
222.186.175.202	attackspam	Nov 26 01:37:09 v22018076622670303 sshd\[30958\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.202 user=root Nov 26 01:37:11 v22018076622670303 sshd\[30958\]: Failed password for root from 222.186.175.202 port 52450 ssh2 Nov 26 01:37:15 v22018076622670303 sshd\[30958\]: Failed password for root from 222.186.175.202 port 52450 ssh2 ...	2019-11-26 08:40:39

Recently Reported IPs

105.228.13.149	105.228.13.69	105.228.125.116	105.228.13.223
105.228.130.123	105.228.130.155	105.228.135.127	105.228.13.66
105.228.132.254	105.228.14.42	105.228.138.94	105.228.14.54
105.228.139.189	105.228.140.234	105.228.141.116	105.228.140.117
106.111.37.215	105.229.53.21	105.229.35.234	105.229.47.197