220.134.49.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Republic of China (ROC)

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.134.49.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24134
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;220.134.49.2.			IN	A

;; AUTHORITY SECTION:
.			257	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 11:35:44 CST 2022
;; MSG SIZE  rcvd: 105

Host info

2.49.134.220.in-addr.arpa domain name pointer 220-134-49-2.hinet-ip.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
2.49.134.220.in-addr.arpa	name = 220-134-49-2.hinet-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
122.194.229.54	attack	fail2ban -- 122.194.229.54 ...	2020-10-05 20:28:50
131.213.160.53	attackspambots	Found on CINS badguys / proto=6 . srcport=17485 . dstport=23 Telnet . (3564)	2020-10-05 20:14:11
106.52.47.236	attack	Oct 5 10:20:33 ns3033917 sshd[20456]: Failed password for root from 106.52.47.236 port 37074 ssh2 Oct 5 10:26:20 ns3033917 sshd[20532]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.47.236 user=root Oct 5 10:26:22 ns3033917 sshd[20532]: Failed password for root from 106.52.47.236 port 40074 ssh2 ...	2020-10-05 20:15:59
96.126.103.73	attackspambots	Unauthorized connection attempt, Score = 100 , Banned for 15 Days	2020-10-05 19:48:58
176.101.193.34	attack	1601844116 - 10/04/2020 22:41:56 Host: 176.101.193.34/176.101.193.34 Port: 445 TCP Blocked	2020-10-05 20:13:45
149.72.1.74	attackspam	2020-10-04 15:23:25.990872-0500 localhost smtpd[1892]: NOQUEUE: reject: RCPT from unknown[149.72.1.74]: 450 4.7.25 Client host rejected: cannot find your hostname, [149.72.1.74]; from= to= proto=ESMTP helo=	2020-10-05 20:06:38
113.31.105.250	attackbots	Oct 5 12:35:44 vps639187 sshd\[16262\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.105.250 user=root Oct 5 12:35:46 vps639187 sshd\[16262\]: Failed password for root from 113.31.105.250 port 59140 ssh2 Oct 5 12:37:41 vps639187 sshd\[16282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.31.105.250 user=root ...	2020-10-05 19:57:51
27.193.173.150	attackspam	[H1] Blocked by UFW	2020-10-05 19:47:43
113.16.195.189	attack	port scan and connect, tcp 6379 (redis)	2020-10-05 20:03:39
139.162.112.248	attackbotsspam	scans 2 times in preceeding hours on the ports (in chronological order) 8080 8080	2020-10-05 20:15:14
187.101.140.232	attackbotsspam	445/tcp 1433/tcp... [2020-08-28/10-04]7pkt,2pt.(tcp)	2020-10-05 20:17:21
220.85.104.202	attackspambots	Oct 5 08:53:29 OPSO sshd\[28235\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.104.202 user=root Oct 5 08:53:32 OPSO sshd\[28235\]: Failed password for root from 220.85.104.202 port 5897 ssh2 Oct 5 08:57:30 OPSO sshd\[28847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.104.202 user=root Oct 5 08:57:31 OPSO sshd\[28847\]: Failed password for root from 220.85.104.202 port 55540 ssh2 Oct 5 09:01:36 OPSO sshd\[29493\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.85.104.202 user=root	2020-10-05 20:29:37
217.79.178.53	attack	CMS (WordPress or Joomla) login attempt.	2020-10-05 20:01:29
161.8.18.218	attack	srvr3: (mod_security) mod_security (id:920350) triggered by 161.8.18.218 (US/-/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/05 13:26:14 [error] 253312#0: 1012 [client 161.8.18.218] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160189717425.582943"] [ref "o0,11v21,11"], client: 161.8.18.218, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-10-05 20:01:50
162.158.158.207	attack	srv02 DDoS Malware Target(80:http) ..	2020-10-05 19:51:07

Recently Reported IPs

117.162.180.73	164.90.236.172	88.230.110.59	168.181.63.244
104.237.144.84	200.194.37.36	118.172.176.46	211.36.150.160
37.189.251.210	171.116.200.121	41.77.137.114	179.165.40.24
46.70.223.87	69.75.140.157	1.55.60.34	69.14.69.207
123.14.67.255	190.119.167.11	97.93.70.4	123.8.94.24