IP address

Search at other sites:

.402122.152.221.239

Shodan(more info)

Passive DNS

IP blacklists

blocklist.de SSH

122.152.221.239 is listed on the blocklist.de SSH blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing SSH attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-06-12 04:05:00.323000
Was present on blacklist at: 2026-06-08 04:05, 2026-06-08 10:05, 2026-06-08 16:05, 2026-06-08 22:05, 2026-06-09 04:05, 2026-06-09 10:05, 2026-06-09 16:05, 2026-06-09 22:05, 2026-06-10 04:05, 2026-06-10 10:05, 2026-06-10 16:05, 2026-06-10 22:05, 2026-06-11 04:05, 2026-06-11 10:05, 2026-06-11 16:05, 2026-06-11 22:05, 2026-06-12 04:05

Echelon SSH bruteforce

122.152.221.239 is listed on the Echelon SSH bruteforce blacklist.

Description: Multiple SSH authentication attempts detected
Type of feed: primary (feed detail page)

Last checked at: 2026-06-09 09:35:00.318000
Was present on blacklist at: 2026-06-08 09:35, 2026-06-09 09:35

Threat categories

TL	Role	Category	Details
59	src	login	protocol: ssh port: 22
46	src	scan	port: 22
25	dst	malware_distribution
25	src	botnet_drone

---

Warden events (149)

2026-06-12

AttemptLogin (node.368407): 1

ReconScanning (node.ce2b59): 2

2026-06-11

ReconScanning (node.ce2b59): 14

AttemptLogin (node.368407): 2

AttemptLogin (node.4dc198): 1

2026-06-10

ReconScanning (node.ce2b59): 19

AttemptLogin (node.ce2b59): 1

AttemptLogin (node.368407): 4

2026-06-09

ReconScanning (node.ce2b59): 15

AttemptLogin (node.ce2b59): 1

2026-06-08

ReconScanning (node.ce2b59): 19

IntrusionUserCompromise (node.eef996): 1

Malware (node.eef996): 1

AttemptLogin (node.eef996): 1

AttemptLogin (node.368407): 4

2026-06-07

AttemptLogin (node.4dc198): 5

ReconScanning (node.ce2b59): 13

IntrusionUserCompromise (node.40929a): 1

2026-06-06

ReconScanning (node.ce2b59): 1

AttemptLogin (node.4dc198): 1

2026-06-05

ReconScanning (node.ce2b59): 3

AttemptLogin (node.4dc198): 2

2026-06-04

AttemptLogin (node.368407): 5

ReconScanning (node.ce2b59): 12

2026-06-03

AttemptLogin (node.ce2b59): 2

AttemptLogin (node.368407): 9

AttemptLogin (node.4dc198): 3

2026-06-02

AttemptLogin (node.4dc198): 1

ReconScanning (node.ce2b59): 1

AttemptLogin (node.368407): 4

DShield reports (IP summary, reports)

2026-06-04

Number of reports: 11

Distinct targets: 3

Origin AS

AS45090 - CNNIC-TENCENT-NET-AP

BGP Prefix

122.152.220.0/23

geo

China, Shanghai

🕑 Asia/Shanghai

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

122.152.192.0 - 122.152.255.255

last_activity

2026-06-12 02:43:30

last_warden_event

2026-06-12 02:43:30

rep

0.40190684280066036

reserved_range

0

ts_added

2026-06-02 15:17:23.420000

ts_last_update

2026-06-12 04:07:15.189000

Warden event timeline

DShield event timeline

Presence on blacklists