122.96.28.149 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
122.96.28.198	attack	Vulnerability Scanner	2024-07-02 12:49:12
122.96.28.229	attackspam	Unauthorized connection attempt detected from IP address 122.96.28.229 to port 8118 [J]	2020-03-02 18:05:12
122.96.28.232	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54125f7fad2eed5b \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 \| CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 00:37:48

Type

Details

Datetime

122.96.28.198

attack

Vulnerability Scanner

2024-07-02 12:49:12

122.96.28.229

attackspam

Unauthorized connection attempt detected from IP address 122.96.28.229 to port 8118 [J]

2020-03-02 18:05:12

122.96.28.232

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 54125f7fad2eed5b | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.0 (Linux; U; Android 4.3; en-us; SM-N900T Build/JSS15J) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 | CF_DC: SJC. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 00:37:48

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.96.28.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39547
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;122.96.28.149.			IN	A

;; AUTHORITY SECTION:
.			435	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021301 1800 900 604800 86400

;; Query time: 16 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 14 06:59:21 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 149.28.96.122.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 149.28.96.122.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
181.177.119.34	attackbots	NAME : US-ITWO-LACNIC CIDR : 181.177.112.0/20 181.177.112.0/20 \| STATUS : 403 {Looking for resource vulnerabilities} DDoS Attack US - block certain countries :) IP: 181.177.119.34 Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-08 00:05:17
122.114.78.114	attack	Sep 7 14:27:48 www4 sshd\[5616\]: Invalid user pass from 122.114.78.114 Sep 7 14:27:48 www4 sshd\[5616\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.78.114 Sep 7 14:27:50 www4 sshd\[5616\]: Failed password for invalid user pass from 122.114.78.114 port 54148 ssh2 ...	2019-09-07 23:38:01
49.88.160.250	attackbots	SASL Brute Force	2019-09-07 23:15:56
132.145.162.191	attackspambots	Automatic report - SSH Brute-Force Attack	2019-09-08 00:01:46
213.157.50.108	attackbotsspam	Unauthorized connection attempt from IP address 213.157.50.108 on Port 445(SMB)	2019-09-08 00:03:23
106.12.121.40	attackspam	Sep 7 04:39:36 hpm sshd\[7199\]: Invalid user minecraft from 106.12.121.40 Sep 7 04:39:36 hpm sshd\[7199\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.121.40 Sep 7 04:39:38 hpm sshd\[7199\]: Failed password for invalid user minecraft from 106.12.121.40 port 54562 ssh2 Sep 7 04:43:05 hpm sshd\[7503\]: Invalid user vbox from 106.12.121.40 Sep 7 04:43:05 hpm sshd\[7503\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.121.40	2019-09-07 23:13:20
81.22.45.253	attack	Sep 7 17:17:10 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=81.22.45.253 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=61337 PROTO=TCP SPT=55285 DPT=9416 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-07 23:26:02
13.233.32.46	attackbotsspam	2019-09-07 21:48:10,087 fail2ban.actions [636]: NOTICE [sshd] Ban 13.233.32.46 2019-09-07 22:04:52,865 fail2ban.actions [636]: NOTICE [sshd] Ban 13.233.32.46 2019-09-07 22:14:59,059 fail2ban.actions [636]: NOTICE [sshd] Ban 13.233.32.46 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=13.233.32.46	2019-09-07 23:21:02
185.143.221.44	attack	Sep 7 12:45:28 lumpi kernel: INPUT:DROP:SPAMHAUS_EDROP:IN=eth0 OUT= MAC=52:54:a2:01:a5:04:d2:74:7f:6e:37:e3:08:00 SRC=185.143.221.44 DST=172.31.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=44533 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0 ...	2019-09-08 00:21:18
139.198.18.73	attack	Sep 7 05:07:05 hanapaa sshd\[3887\]: Invalid user 1qaz2wsx from 139.198.18.73 Sep 7 05:07:05 hanapaa sshd\[3887\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.73 Sep 7 05:07:07 hanapaa sshd\[3887\]: Failed password for invalid user 1qaz2wsx from 139.198.18.73 port 61634 ssh2 Sep 7 05:09:35 hanapaa sshd\[4224\]: Invalid user q1w2e3r4 from 139.198.18.73 Sep 7 05:09:35 hanapaa sshd\[4224\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.198.18.73	2019-09-07 23:36:34
176.255.147.129	attackspambots	Portscan detected	2019-09-07 23:52:56
173.249.49.99	attack	Sep 7 04:39:51 friendsofhawaii sshd\[15863\]: Invalid user 1 from 173.249.49.99 Sep 7 04:39:51 friendsofhawaii sshd\[15863\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.249.49.99 Sep 7 04:39:53 friendsofhawaii sshd\[15863\]: Failed password for invalid user 1 from 173.249.49.99 port 56020 ssh2 Sep 7 04:44:40 friendsofhawaii sshd\[16270\]: Invalid user 1q2w3e4r5t6y from 173.249.49.99 Sep 7 04:44:40 friendsofhawaii sshd\[16270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.249.49.99	2019-09-07 23:08:58
159.65.72.25	attackbots	Honeypot hit.	2019-09-07 23:35:06
194.44.48.50	attack	Sep 7 06:01:28 sachi sshd\[27413\]: Invalid user webadmin from 194.44.48.50 Sep 7 06:01:28 sachi sshd\[27413\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.44.48.50 Sep 7 06:01:30 sachi sshd\[27413\]: Failed password for invalid user webadmin from 194.44.48.50 port 42562 ssh2 Sep 7 06:05:42 sachi sshd\[27796\]: Invalid user student2 from 194.44.48.50 Sep 7 06:05:42 sachi sshd\[27796\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.44.48.50	2019-09-08 00:14:20
34.73.133.26	attackbotsspam	/phpMyAdmin/index.php	2019-09-08 00:12:23

Recently Reported IPs

122.96.28.126	122.96.28.158	122.96.28.36	122.97.154.111
122.97.154.251	123.0.26.233	123.10.130.21	123.1.186.135
123.10.131.191	123.10.131.233	123.10.133.249	123.10.141.184
123.10.136.206	123.10.16.110	123.10.170.192	123.10.175.43
123.10.187.155	123.10.198.133	123.10.209.215	123.10.21.58