122.54.20.220 - IPInfo

Basic Info

City: Kidapawan

Region: Soccsksargen

Country: Philippines

Internet Service Provider: Southern Luzon State University

Hostname: unknown

Organization: Philippine Long Distance Telephone Company

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	"Account brute force using dictionary attack against Exchange Online"	2019-08-06 01:48:46

Comments on same subnet:

IP	Type	Details	Datetime
122.54.20.213	attack	(ftpd) Failed FTP login from 122.54.20.213 (PH/Philippines/122.54.20.213.static.pldt.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 13 13:28:23 ir1 pure-ftpd: (?@122.54.20.213) [WARNING] Authentication failed for user [admin@dirgodazazar.ir]	2020-08-13 17:13:30
122.54.20.213	attackbotsspam	Jul 29 20:21:49 server pure-ftpd: (?@122.54.20.213) [WARNING] Authentication failed for user [mdspowerwashing.site] Jul 29 20:21:59 server pure-ftpd: (?@122.54.20.213) [WARNING] Authentication failed for user [test@mdspowerwashing.site] Jul 29 20:22:06 server pure-ftpd: (?@122.54.20.213) [WARNING] Authentication failed for user [mdspowerwashing] ...	2020-07-30 02:22:25
122.54.20.213	attackbotsspam	Attempts to probe web pages for vulnerable PHP or other applications	2020-04-05 10:44:30
122.54.20.213	attack		2020-01-01 17:30:13
122.54.207.163	attackspam	Sun, 21 Jul 2019 07:36:41 +0000 likely compromised host or open proxy. ddos rate spidering	2019-07-21 21:00:31

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.54.20.220
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2073
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.54.20.220.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080501 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Aug 06 01:48:40 CST 2019
;; MSG SIZE  rcvd: 117

Host info

220.20.54.122.in-addr.arpa domain name pointer 122.54.20.220.static.pldt.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
220.20.54.122.in-addr.arpa	name = 122.54.20.220.static.pldt.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.48.47.37	attackspambots	firewall-block, port(s): 23/tcp	2019-12-16 16:50:14
40.92.68.73	attack	Dec 16 09:28:08 debian-2gb-vpn-nbg1-1 kernel: [856058.138977] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.68.73 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=28393 DF PROTO=TCP SPT=47254 DPT=25 WINDOW=0 RES=0x00 ACK RST URGP=0	2019-12-16 16:43:02
123.213.70.176	attackbotsspam	SPF Fail sender not permitted to send mail for @01com.com / Sent mail to target address hacked/leaked from abandonia in 2016	2019-12-16 16:48:31
104.211.216.173	attackbotsspam	Dec 16 08:28:12 sauna sshd[167084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.216.173 Dec 16 08:28:13 sauna sshd[167084]: Failed password for invalid user fj from 104.211.216.173 port 55252 ssh2 ...	2019-12-16 16:36:45
178.128.21.32	attackspam	Dec 16 09:10:26 srv206 sshd[5530]: Invalid user jonay from 178.128.21.32 ...	2019-12-16 16:49:28
106.12.192.129	attackspambots	2019-12-16T08:42:36.289005shield sshd\[23105\]: Invalid user nopass from 106.12.192.129 port 38268 2019-12-16T08:42:36.293509shield sshd\[23105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.129 2019-12-16T08:42:38.461815shield sshd\[23105\]: Failed password for invalid user nopass from 106.12.192.129 port 38268 ssh2 2019-12-16T08:49:11.741731shield sshd\[24727\]: Invalid user rox01 from 106.12.192.129 port 37498 2019-12-16T08:49:11.746359shield sshd\[24727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.192.129	2019-12-16 17:01:28
217.182.70.125	attack	Dec 16 09:27:41 tux-35-217 sshd\[4047\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.70.125 user=root Dec 16 09:27:44 tux-35-217 sshd\[4047\]: Failed password for root from 217.182.70.125 port 60099 ssh2 Dec 16 09:33:33 tux-35-217 sshd\[4108\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.70.125 user=root Dec 16 09:33:35 tux-35-217 sshd\[4108\]: Failed password for root from 217.182.70.125 port 34750 ssh2 ...	2019-12-16 16:59:33
134.209.178.109	attackspam	Dec 16 08:38:50 sd-53420 sshd\[7955\]: Invalid user 1q2w3e from 134.209.178.109 Dec 16 08:38:50 sd-53420 sshd\[7955\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.178.109 Dec 16 08:38:52 sd-53420 sshd\[7955\]: Failed password for invalid user 1q2w3e from 134.209.178.109 port 54348 ssh2 Dec 16 08:43:31 sd-53420 sshd\[9775\]: Invalid user www from 134.209.178.109 Dec 16 08:43:31 sd-53420 sshd\[9775\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.209.178.109 ...	2019-12-16 17:06:51
115.186.171.11	attackspambots	1576477665 - 12/16/2019 07:27:45 Host: 115.186.171.11/115.186.171.11 Port: 445 TCP Blocked	2019-12-16 17:04:10
118.99.89.166	attack	Scanning random ports - tries to find possible vulnerable services	2019-12-16 16:52:28
117.217.124.246	attackspam	Unauthorised access (Dec 16) SRC=117.217.124.246 LEN=52 TOS=0x08 TTL=109 ID=30950 DF TCP DPT=1433 WINDOW=8192 SYN	2019-12-16 16:47:21
222.186.175.163	attackbots	Dec 16 09:47:33 MK-Soft-VM5 sshd[12743]: Failed password for root from 222.186.175.163 port 24850 ssh2 Dec 16 09:47:37 MK-Soft-VM5 sshd[12743]: Failed password for root from 222.186.175.163 port 24850 ssh2 ...	2019-12-16 16:48:07
157.230.247.239	attackbotsspam	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.247.239 user=root Failed password for root from 157.230.247.239 port 36170 ssh2 Invalid user ,123 from 157.230.247.239 port 45562 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.247.239 Failed password for invalid user ,123 from 157.230.247.239 port 45562 ssh2	2019-12-16 16:58:57
121.132.141.161	attackspambots	log - Joomla Object Injection Remote Command Execution	2019-12-16 17:03:44
40.92.41.40	attackbots	Dec 16 09:28:04 debian-2gb-vpn-nbg1-1 kernel: [856054.699281] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=40.92.41.40 DST=78.46.192.101 LEN=52 TOS=0x02 PREC=0x00 TTL=104 ID=430 DF PROTO=TCP SPT=44576 DPT=25 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2019-12-16 16:47:36

Recently Reported IPs

65.217.152.149	5.97.17.40	134.154.220.17	122.102.29.43
121.173.238.41	223.204.147.192	121.173.203.197	190.101.54.119
121.138.155.41	103.109.244.192	121.134.131.38	130.81.157.175
3.252.38.101	121.122.54.102	73.10.162.31	92.11.89.87
121.122.50.157	217.200.105.159	2600:8801:2b80:173a:1884:d79:13c2:7c8f	159.2.165.225