122.228.20.145

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
122.228.208.113	attackspam	May 21 11:58:33 artelis kernel: [513656.322095] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=122.228.208.113 DST=167.99.196.43 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=7176 PROTO=TCP SPT=42250 DPT=9050 WINDOW=1024 RES=0x00 SYN URGP=0 May 21 11:59:18 artelis kernel: [513701.608483] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=122.228.208.113 DST=167.99.196.43 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=37769 PROTO=TCP SPT=42250 DPT=1080 WINDOW=1024 RES=0x00 SYN URGP=0 May 21 11:59:21 artelis kernel: [513703.959127] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=122.228.208.113 DST=167.99.196.43 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=62796 PROTO=TCP SPT=42250 DPT=8888 WINDOW=1024 RES=0x00 SYN URGP=0 May 21 11:59:30 artelis kernel: [513713.519868] [UFW BLOCK] IN=eth0 OUT= MAC=c2:45:3b:cb:6e:17:ec:38:73:0c:18:30:08:00 SRC=122.228.208.113 DST=167.99.196.43 LEN=40 TOS=0x00 PREC=0x00 TTL=238 ID=1008 PROTO=TCP SPT=42 ...	2020-05-21 20:57:26
122.228.208.113	botsattack	scan tcp port 6666	2020-05-11 10:06:45
122.228.208.113	attackbots	[MK-VM3] Blocked by UFW	2020-05-03 20:43:12
122.228.208.113	attackspambots	[MK-VM3] Blocked by UFW	2020-04-29 01:43:20
122.228.208.113	attackspambots	04/23/2020-12:45:44.604925 122.228.208.113 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-24 01:20:03
122.228.208.113	attackbots	04/11/2020-23:57:23.492165 122.228.208.113 Protocol: 6 ET SCAN NMAP -sS window 1024	2020-04-12 13:17:33
122.228.208.113	attackspam	Port scan on 3 port(s): 6666 8088 9050	2020-04-07 05:05:48
122.228.208.113	attackbotsspam	firewall-block, port(s): 8888/tcp, 9000/tcp, 9050/tcp	2020-02-24 17:33:39
122.228.208.113	attackspam	Multiport scan : 10 ports scanned 81 1080 3128 6666 8080 8081 8088 8123 9000 9050	2019-12-28 06:47:17
122.228.208.113	attackspambots	122.228.208.113 was recorded 5 times by 1 hosts attempting to connect to the following ports: 3128,81,6666,1080,8118. Incident counter (4h, 24h, all-time): 5, 52, 1703	2019-11-24 20:12:40
122.228.208.113	attackspambots	122.228.208.113 was recorded 5 times by 1 hosts attempting to connect to the following ports: 9050,8998,8088,81,808. Incident counter (4h, 24h, all-time): 5, 78, 1578	2019-11-22 20:43:50
122.228.208.113	attackbots	122.228.208.113 was recorded 5 times by 1 hosts attempting to connect to the following ports: 81,8088,8081,808,9999. Incident counter (4h, 24h, all-time): 5, 67, 1251	2019-11-18 13:46:19
122.228.208.113	attack	Port scan: Attack repeated for 24 hours	2019-11-18 01:16:55
122.228.208.113	attack	122.228.208.113 was recorded 5 times by 1 hosts attempting to connect to the following ports: 8081,6666,8888,8123,9000. Incident counter (4h, 24h, all-time): 5, 105, 951	2019-11-13 22:02:41
122.228.208.113	attack	[portscan] Port scan	2019-11-09 21:29:35

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.228.20.145
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 8161
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;122.228.20.145.			IN	A

;; AUTHORITY SECTION:
.			188	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022202 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Feb 23 13:19:40 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 145.20.228.122.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 145.20.228.122.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
176.31.182.125	attackbotsspam	2020-07-26T14:02:47.079805shield sshd\[7881\]: Invalid user master from 176.31.182.125 port 49495 2020-07-26T14:02:47.091579shield sshd\[7881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.182.125 2020-07-26T14:02:48.582907shield sshd\[7881\]: Failed password for invalid user master from 176.31.182.125 port 49495 ssh2 2020-07-26T14:05:52.098524shield sshd\[8498\]: Invalid user nobe from 176.31.182.125 port 36817 2020-07-26T14:05:52.111242shield sshd\[8498\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.182.125	2020-07-26 23:52:41
218.146.20.61	attackspambots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-07-27 00:18:14
112.85.42.238	attackbotsspam	Jul 26 16:11:34 jumpserver sshd[253187]: Failed password for root from 112.85.42.238 port 47904 ssh2 Jul 26 16:12:41 jumpserver sshd[253191]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.238 user=root Jul 26 16:12:43 jumpserver sshd[253191]: Failed password for root from 112.85.42.238 port 18280 ssh2 ...	2020-07-27 00:13:37
222.186.180.147	attackbots	Jul 26 12:20:10 NPSTNNYC01T sshd[17097]: Failed password for root from 222.186.180.147 port 18878 ssh2 Jul 26 12:20:24 NPSTNNYC01T sshd[17097]: error: maximum authentication attempts exceeded for root from 222.186.180.147 port 18878 ssh2 [preauth] Jul 26 12:20:31 NPSTNNYC01T sshd[17106]: Failed password for root from 222.186.180.147 port 19694 ssh2 ...	2020-07-27 00:27:24
188.163.109.153	attackbots	contact form SPAM BOT (403)	2020-07-27 00:05:12
97.101.118.179	attackbotsspam	Telnet Server BruteForce Attack	2020-07-27 00:22:02
14.142.143.138	attackspambots	Jul 26 21:24:33 gw1 sshd[4479]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.142.143.138 Jul 26 21:24:35 gw1 sshd[4479]: Failed password for invalid user admin from 14.142.143.138 port 51488 ssh2 ...	2020-07-27 00:27:00
180.76.142.19	attack	Jul 26 14:04:10 haigwepa sshd[22943]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.76.142.19 Jul 26 14:04:12 haigwepa sshd[22943]: Failed password for invalid user fgt from 180.76.142.19 port 53128 ssh2 ...	2020-07-27 00:17:12
137.74.206.80	attackbots	137.74.206.80 - - [26/Jul/2020:14:57:25 +0200] "GET /wp-login.php HTTP/1.1" 200 5738 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 137.74.206.80 - - [26/Jul/2020:14:57:26 +0200] "POST /wp-login.php HTTP/1.1" 200 5989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 137.74.206.80 - - [26/Jul/2020:14:57:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-07-27 00:03:15
109.94.120.2	attack	Port probing on unauthorized port 8080	2020-07-26 23:47:16
67.230.51.241	attackbotsspam	Automatic report - Port Scan Attack	2020-07-26 23:51:29
119.5.183.206	attack	Lines containing failures of 119.5.183.206 Jul 26 07:50:07 neweola postfix/smtpd[32642]: connect from unknown[119.5.183.206] Jul 26 07:50:10 neweola postfix/smtpd[32642]: lost connection after AUTH from unknown[119.5.183.206] Jul 26 07:50:10 neweola postfix/smtpd[32642]: disconnect from unknown[119.5.183.206] helo=1 auth=0/1 commands=1/2 Jul 26 07:50:15 neweola postfix/smtpd[32642]: connect from unknown[119.5.183.206] Jul 26 07:50:18 neweola postfix/smtpd[32642]: lost connection after AUTH from unknown[119.5.183.206] Jul 26 07:50:18 neweola postfix/smtpd[32642]: disconnect from unknown[119.5.183.206] helo=1 auth=0/1 commands=1/2 Jul 26 07:50:20 neweola postfix/smtpd[32642]: connect from unknown[119.5.183.206] Jul 26 07:50:23 neweola postfix/smtpd[32642]: lost connection after AUTH from unknown[119.5.183.206] Jul 26 07:50:23 neweola postfix/smtpd[32642]: disconnect from unknown[119.5.183.206] helo=1 auth=0/1 commands=1/2 Jul 26 07:50:26 neweola postfix/smtpd[32642]: conne........ ------------------------------	2020-07-27 00:02:54
119.236.85.45	attack	SSH Honeypot -> SSH Bruteforce / Login	2020-07-27 00:11:02
178.128.218.56	attackspam	Jul 26 17:13:55 pornomens sshd\[10105\]: Invalid user data from 178.128.218.56 port 35400 Jul 26 17:13:55 pornomens sshd\[10105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.218.56 Jul 26 17:13:56 pornomens sshd\[10105\]: Failed password for invalid user data from 178.128.218.56 port 35400 ssh2 ...	2020-07-27 00:24:35
146.115.100.130	attackspam	Fail2Ban Ban Triggered	2020-07-27 00:19:56

Recently Reported IPs

122.225.105.47	122.228.200.108	122.234.10.187	122.248.192.183
122.248.225.9	122.252.248.171	122.248.43.101	122.234.22.166
122.252.249.26	122.254.34.26	122.248.215.28	122.248.220.79
122.252.253.10	122.255.60.44	122.4.55.151	122.28.52.55
122.51.18.235	122.5.63.214	122.55.28.9	122.9.56.136