122.227.42.48 - IPInfo

Basic Info

City: unknown

Region: Zhejiang

Country: China

Internet Service Provider: Jinhua Telecom Co. Ltd IDC Center

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	TCP (SYN) 122.227.42.48:55110 -> port 1433, len 40	2020-08-07 03:26:41
attackspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-05-03 06:04:02
attack	Unauthorized connection attempt detected from IP address 122.227.42.48 to port 1433 [T]	2020-03-24 23:16:16
attack	unauthorized connection attempt	2020-02-16 20:51:22
attackspambots	port scan and connect, tcp 1433 (ms-sql-s)	2020-01-11 00:35:04
attack	10/13/2019-13:43:30.189526 122.227.42.48 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2019-10-14 04:08:54

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.227.42.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11017
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.227.42.48.			IN	A

;; AUTHORITY SECTION:
.			207	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101301 1800 900 604800 86400

;; Query time: 91 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 14 04:08:51 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 48.42.227.122.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 48.42.227.122.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
92.222.80.59	attack	Jun 29 01:25:55 bouncer sshd\[362\]: Invalid user ahmed from 92.222.80.59 port 38134 Jun 29 01:25:55 bouncer sshd\[362\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=92.222.80.59 Jun 29 01:25:57 bouncer sshd\[362\]: Failed password for invalid user ahmed from 92.222.80.59 port 38134 ssh2 ...	2019-06-29 08:02:01
199.249.230.110	attackbotsspam	Jun 29 01:26:05 vps sshd[28828]: Failed password for root from 199.249.230.110 port 58375 ssh2 Jun 29 01:26:09 vps sshd[28828]: Failed password for root from 199.249.230.110 port 58375 ssh2 Jun 29 01:26:12 vps sshd[28828]: Failed password for root from 199.249.230.110 port 58375 ssh2 Jun 29 01:26:15 vps sshd[28828]: Failed password for root from 199.249.230.110 port 58375 ssh2 ...	2019-06-29 07:54:11
54.38.82.14	attackbots	Jun 28 20:13:16 vps200512 sshd\[26641\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 user=root Jun 28 20:13:18 vps200512 sshd\[26641\]: Failed password for root from 54.38.82.14 port 42711 ssh2 Jun 28 20:13:18 vps200512 sshd\[26643\]: Invalid user admin from 54.38.82.14 Jun 28 20:13:18 vps200512 sshd\[26643\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 Jun 28 20:13:20 vps200512 sshd\[26643\]: Failed password for invalid user admin from 54.38.82.14 port 44245 ssh2	2019-06-29 08:23:57
184.168.27.36	attackbotsspam	184.168.27.36 - - [28/Jun/2019:14:16:14 -0500] "GET /new/wp-includes/wlwmanifest.xml HTTP/1.1" 301 258 - "-" "-"	2019-06-29 08:06:44
62.210.185.4	attack	Sql/code injection probe	2019-06-29 07:54:33
5.196.7.123	attack	Jun 29 01:36:43 mail sshd\[23607\]: Invalid user nao from 5.196.7.123 port 33220 Jun 29 01:36:43 mail sshd\[23607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.7.123 Jun 29 01:36:44 mail sshd\[23607\]: Failed password for invalid user nao from 5.196.7.123 port 33220 ssh2 Jun 29 01:38:12 mail sshd\[23755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=5.196.7.123 user=mysql Jun 29 01:38:15 mail sshd\[23755\]: Failed password for mysql from 5.196.7.123 port 49974 ssh2	2019-06-29 07:50:37
210.13.193.179	attack	Jun 28 19:23:00 vps200512 sshd\[25990\]: Invalid user teamspeak from 210.13.193.179 Jun 28 19:23:00 vps200512 sshd\[25990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.13.193.179 Jun 28 19:23:02 vps200512 sshd\[25990\]: Failed password for invalid user teamspeak from 210.13.193.179 port 37350 ssh2 Jun 28 19:24:58 vps200512 sshd\[26001\]: Invalid user vncuser from 210.13.193.179 Jun 28 19:24:58 vps200512 sshd\[26001\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.13.193.179	2019-06-29 08:19:14
113.10.156.189	attackspambots	Invalid user oracle from 113.10.156.189 port 35282	2019-06-29 08:05:42
191.53.194.241	attack	Jun 28 18:25:09 mailman postfix/smtpd[7481]: warning: unknown[191.53.194.241]: SASL PLAIN authentication failed: authentication failure	2019-06-29 08:15:12
117.215.222.199	attackspam	Unauthorised access (Jun 29) SRC=117.215.222.199 LEN=44 TTL=52 ID=9658 TCP DPT=23 WINDOW=53339 SYN	2019-06-29 07:44:03
115.144.178.100	attackbots	SMB Server BruteForce Attack	2019-06-29 08:18:52
196.41.14.226	attack	Return-Path: Received: from boge-rubber-plastics.com ([196.41.14.226])	2019-06-29 07:46:11
115.203.120.9	attackspambots	2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x 2019-06-29 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=115.203.120.9	2019-06-29 08:07:17
51.15.160.63	attackspam	Port Scan detected from 51.15.160.63 (FR/France/51-15-160-63.rev.poneytelecom.eu). 4 hits in the last 215 seconds	2019-06-29 08:17:12
183.87.35.162	attackspambots	SSH Brute Force	2019-06-29 08:01:22

Recently Reported IPs

79.107.210.108	13.42.238.22	3.169.183.243	106.13.87.145
198.83.135.210	211.158.2.9	101.80.160.8	179.90.39.41
75.110.69.182	97.239.249.45	41.148.247.232	45.20.87.201
179.252.176.132	93.225.127.51	69.210.255.129	206.173.70.182
163.46.114.230	111.126.111.194	75.19.191.127	65.79.156.102