220.134.173.50

Basic Info

City: Taichung

Region: Taichung City

Country: Taiwan, China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: Data Communication Business Group

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	SSH bruteforce (Triggered fail2ban)	2019-08-17 06:00:11

Comments on same subnet:

IP	Type	Details	Datetime
220.134.173.67	attack	Honeypot attack, port: 81, PTR: 220-134-173-67.HINET-IP.hinet.net.	2020-05-16 16:51:14
220.134.173.40	attackbotsspam	[portscan] tcp/23 [TELNET] *(RWIN=14087)(04301449)	2020-05-01 01:51:44
220.134.173.235	attackbots	" "	2020-03-27 01:02:21
220.134.173.132	attackbots	Honeypot attack, port: 23, PTR: 220-134-173-132.HINET-IP.hinet.net.	2019-09-24 08:17:46

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.134.173.50
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18842
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.134.173.50.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019081601 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 17 06:00:07 CST 2019
;; MSG SIZE  rcvd: 118

Host info

50.173.134.220.in-addr.arpa domain name pointer 220-134-173-50.HINET-IP.hinet.net.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
50.173.134.220.in-addr.arpa	name = 220-134-173-50.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.12.167.85	attackspambots	Unauthorized connection attempt detected from IP address 187.12.167.85 to port 2220 [J]	2020-02-05 02:54:11
222.190.143.206	attackspambots	2020-02-04T12:31:15.8598901495-001 sshd[63790]: Invalid user system from 222.190.143.206 port 40594 2020-02-04T12:31:15.8636551495-001 sshd[63790]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.143.206 2020-02-04T12:31:15.8598901495-001 sshd[63790]: Invalid user system from 222.190.143.206 port 40594 2020-02-04T12:31:18.2566651495-001 sshd[63790]: Failed password for invalid user system from 222.190.143.206 port 40594 ssh2 2020-02-04T12:33:11.9808151495-001 sshd[451]: Invalid user kojima from 222.190.143.206 port 56028 2020-02-04T12:33:11.9861781495-001 sshd[451]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.190.143.206 2020-02-04T12:33:11.9808151495-001 sshd[451]: Invalid user kojima from 222.190.143.206 port 56028 2020-02-04T12:33:14.6354771495-001 sshd[451]: Failed password for invalid user kojima from 222.190.143.206 port 56028 ssh2 2020-02-04T12:35:06.7618481495-001 sshd[2328]: Invalid ...	2020-02-05 02:44:13
59.153.74.43	attack	Unauthorized connection attempt detected from IP address 59.153.74.43 to port 2220 [J]	2020-02-05 02:52:54
134.209.34.195	attackbotsspam	2019-03-19 13:22:39 1h6DlO-0004cI-N0 SMTP connection from knowing.dakatco.com \(broad.equipopioneros.icu\) \[134.209.34.195\]:41760 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-19 13:23:53 1h6DmX-0004e6-Uo SMTP connection from knowing.dakatco.com \(phonology.equipopioneros.icu\) \[134.209.34.195\]:53441 I=\[193.107.90.29\]:25 closed by DROP in ACL 2019-03-19 13:25:30 1h6DoA-0004i4-PN SMTP connection from knowing.dakatco.com \(sulky.equipopioneros.icu\) \[134.209.34.195\]:39449 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:35:09 1h7KKA-0001K9-Uh SMTP connection from knowing.dakatco.com \(include.equipopioneros.icu\) \[134.209.34.195\]:46744 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:37:51 1h7KMp-0001Nq-78 SMTP connection from knowing.dakatco.com \(juggle.equipopioneros.icu\) \[134.209.34.195\]:59953 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-22 14:37:54 1h7KMs-0001Nx-7h SMTP connection from knowing.dakatco.com \(alligator.equipopioneros ...	2020-02-05 03:06:25
134.209.32.184	attackbots	2019-03-03 17:16:28 1h0Tmu-0003Zb-3I SMTP connection from barometer.excelarabi.com \(cattle.sabkefarda.host\) \[134.209.32.184\]:33127 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-03 17:16:42 1h0Tn8-0003ae-0X SMTP connection from barometer.excelarabi.com \(alert.sabkefarda.host\) \[134.209.32.184\]:48779 I=\[193.107.88.166\]:25 closed by DROP in ACL 2019-03-03 17:17:25 1h0Tnp-0003bn-Aj SMTP connection from barometer.excelarabi.com \(suspect.sabkefarda.host\) \[134.209.32.184\]:48321 I=\[193.107.88.166\]:25 closed by DROP in ACL ...	2020-02-05 03:07:16
112.85.42.176	attackbotsspam	Feb 4 19:49:32 minden010 sshd[24811]: Failed password for root from 112.85.42.176 port 41260 ssh2 Feb 4 19:49:44 minden010 sshd[24811]: Failed password for root from 112.85.42.176 port 41260 ssh2 Feb 4 19:49:47 minden010 sshd[24811]: Failed password for root from 112.85.42.176 port 41260 ssh2 Feb 4 19:49:47 minden010 sshd[24811]: error: maximum authentication attempts exceeded for root from 112.85.42.176 port 41260 ssh2 [preauth] ...	2020-02-05 02:55:54
51.77.137.211	attackbots	Feb 4 19:11:19 lnxmysql61 sshd[20709]: Failed password for root from 51.77.137.211 port 53688 ssh2 Feb 4 19:11:19 lnxmysql61 sshd[20709]: Failed password for root from 51.77.137.211 port 53688 ssh2	2020-02-05 02:43:06
190.151.105.182	attackbotsspam	Feb 4 06:23:13 mockhub sshd[7899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.151.105.182 Feb 4 06:23:14 mockhub sshd[7899]: Failed password for invalid user otrs from 190.151.105.182 port 41730 ssh2 ...	2020-02-05 02:40:04
92.118.160.29	attack	Unauthorized connection attempt detected from IP address 92.118.160.29 to port 8443 [J]	2020-02-05 03:12:10
139.129.58.9	attackspam	Automatic report - XMLRPC Attack	2020-02-05 03:02:33
104.248.205.67	attack	Unauthorized connection attempt detected from IP address 104.248.205.67 to port 2220 [J]	2020-02-05 02:34:50
51.83.76.88	attackbots	Unauthorized connection attempt detected from IP address 51.83.76.88 to port 2220 [J]	2020-02-05 03:05:01
106.12.61.168	attack	Feb 4 18:59:27 vps58358 sshd\[6383\]: Invalid user 123456 from 106.12.61.168Feb 4 18:59:28 vps58358 sshd\[6383\]: Failed password for invalid user 123456 from 106.12.61.168 port 50396 ssh2Feb 4 19:04:09 vps58358 sshd\[6401\]: Invalid user taras from 106.12.61.168Feb 4 19:04:11 vps58358 sshd\[6401\]: Failed password for invalid user taras from 106.12.61.168 port 33114 ssh2Feb 4 19:08:31 vps58358 sshd\[6423\]: Invalid user sobols from 106.12.61.168Feb 4 19:08:33 vps58358 sshd\[6423\]: Failed password for invalid user sobols from 106.12.61.168 port 41160 ssh2 ...	2020-02-05 02:41:01
189.133.153.18	attackbots	DATE:2020-02-04 14:48:23, IP:189.133.153.18, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-02-05 02:39:36
169.239.159.52	attackbots	Feb 4 14:49:18 grey postfix/smtpd\[23104\]: NOQUEUE: reject: RCPT from unknown\[169.239.159.52\]: 554 5.7.1 Service unavailable\; Client host \[169.239.159.52\] blocked using cbl.abuseat.org\; Blocked - see http://www.abuseat.org/lookup.cgi\?ip=169.239.159.52\; from=\ to=\ proto=ESMTP helo=\<\[169.239.159.52\]\> ...	2020-02-05 02:43:29

Recently Reported IPs

74.210.143.53	180.250.113.117	77.39.253.139	124.156.161.12
14.254.76.144	4.16.253.10	100.252.85.217	90.48.218.209
89.226.91.47	106.12.89.171	200.194.24.135	137.122.243.54
63.17.204.211	103.127.64.214	183.159.157.216	122.87.174.254
218.202.180.31	138.204.143.165	91.44.155.42	16.175.69.75