220.134.9.104 - IPInfo

Basic Info

City: Taipei

Region: Taipei City

Country: Taiwan, China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 220.134.9.104 to port 23 [J]	2020-02-02 05:43:42

Comments on same subnet:

IP	Type	Details	Datetime
220.134.96.190	attackbotsspam	SMB Server BruteForce Attack	2020-09-01 09:23:13
220.134.94.109	attack	Unauthorised access (Aug 23) SRC=220.134.94.109 LEN=40 TTL=45 ID=58820 TCP DPT=23 WINDOW=13979 SYN	2020-08-23 17:06:01
220.134.90.138	attackspam	firewall-block, port(s): 9530/tcp	2020-08-09 02:52:10
220.134.96.190	attackspam	Unauthorized connection attempt from IP address 220.134.96.190 on Port 445(SMB)	2020-08-06 01:26:39
220.134.95.111	attackbots	Unauthorized connection attempt detected from IP address 220.134.95.111 to port 81	2020-07-25 20:05:46
220.134.99.17	attackspambots	Port probing on unauthorized port 85	2020-07-19 13:51:00
220.134.96.190	attack	Unauthorized connection attempt from IP address 220.134.96.190 on Port 445(SMB)	2020-06-26 07:24:18
220.134.95.140	attackbots	Telnet Server BruteForce Attack	2020-05-29 14:21:17
220.134.96.190	attackspambots	Scanning random ports - tries to find possible vulnerable services	2020-02-21 07:55:46
220.134.9.210	attack	Unauthorized connection attempt detected from IP address 220.134.9.210 to port 445	2020-02-13 03:04:32
220.134.9.210	attackbots	Unauthorized connection attempt detected from IP address 220.134.9.210 to port 445	2019-12-24 13:58:13

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.134.9.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12744
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.134.9.104.			IN	A

;; AUTHORITY SECTION:
.			507	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020020101 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 02 05:43:39 CST 2020
;; MSG SIZE  rcvd: 117

Host info

104.9.134.220.in-addr.arpa domain name pointer 220-134-9-104.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
104.9.134.220.in-addr.arpa	name = 220-134-9-104.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.196.110.170	attackspam	2019-06-29T10:40:27.350113test01.cajus.name sshd\[16395\]: Invalid user ftpuser from 5.196.110.170 port 52378 2019-06-29T10:40:27.367023test01.cajus.name sshd\[16395\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip170.ip-5-196-110.eu 2019-06-29T10:40:29.241836test01.cajus.name sshd\[16395\]: Failed password for invalid user ftpuser from 5.196.110.170 port 52378 ssh2	2019-06-29 18:16:28
40.117.229.31	attackbotsspam	Jun 29 08:39:07 unicornsoft sshd\[2393\]: Invalid user ol from 40.117.229.31 Jun 29 08:39:07 unicornsoft sshd\[2393\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.117.229.31 Jun 29 08:39:09 unicornsoft sshd\[2393\]: Failed password for invalid user ol from 40.117.229.31 port 50882 ssh2	2019-06-29 18:54:25
212.83.149.203	attack	\[2019-06-29 06:02:44\] NOTICE\[5148\] chan_sip.c: Registration from '"2222" \' failed for '212.83.149.203:5171' - Wrong password \[2019-06-29 06:02:44\] SECURITY\[5156\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-29T06:02:44.619-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="2222",SessionID="0x7f13a84dcfa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/212.83.149.203/5171",Challenge="3b5bf438",ReceivedChallenge="3b5bf438",ReceivedHash="dcd11eb00ffe1f7e66df28f04acbdca0" \[2019-06-29 06:02:44\] NOTICE\[5148\] chan_sip.c: Registration from '"1055" \' failed for '212.83.149.203:5149' - Wrong password \[2019-06-29 06:02:44\] SECURITY\[5156\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-06-29T06:02:44.718-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1055",SessionID="0x7f13a8e39958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4	2019-06-29 18:14:43
171.241.228.193	attackbots	Jun 29 07:53:12 master sshd[23575]: Failed password for invalid user admin from 171.241.228.193 port 47238 ssh2	2019-06-29 18:40:09
37.139.12.160	attack	port scan and connect, tcp 8080 (http-proxy)	2019-06-29 18:17:04
187.118.83.94	attack	Jun 29 09:13:29 master sshd[23686]: Failed password for invalid user admin from 187.118.83.94 port 58017 ssh2	2019-06-29 18:09:01
144.217.15.161	attack	Jun 29 11:17:47 vps647732 sshd[26569]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=144.217.15.161 Jun 29 11:17:50 vps647732 sshd[26569]: Failed password for invalid user chef from 144.217.15.161 port 35630 ssh2 ...	2019-06-29 18:44:06
94.23.248.69	attack	Automatic report - Web App Attack	2019-06-29 18:02:36
188.165.131.4	attack	WordPress login Brute force / Web App Attack on client site.	2019-06-29 18:50:13
178.32.57.140	attackbotsspam	178.32.57.140 - - \[29/Jun/2019:10:39:34 +0200\] "POST /wp-login.php HTTP/1.1" 200 2110 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 178.32.57.140 - - \[29/Jun/2019:10:39:35 +0200\] "POST /wp-login.php HTTP/1.1" 200 2113 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-06-29 18:45:38
112.213.103.74	attack	1433/tcp 2433/tcp 3433/tcp... [2019-06-29]5pkt,3pt.(tcp)	2019-06-29 18:19:39
106.13.105.77	attack	Jun 29 11:51:36 nextcloud sshd\[15292\]: Invalid user adminuser from 106.13.105.77 Jun 29 11:51:36 nextcloud sshd\[15292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.105.77 Jun 29 11:51:38 nextcloud sshd\[15292\]: Failed password for invalid user adminuser from 106.13.105.77 port 44116 ssh2 ...	2019-06-29 18:49:23
41.216.186.87	attack	SASL Brute Force	2019-06-29 18:18:09
110.77.216.178	attack	Jun 29 09:13:16 master sshd[23684]: Failed password for invalid user admin from 110.77.216.178 port 36805 ssh2	2019-06-29 18:14:24
95.211.255.69	attackspambots	3389BruteforceFW21	2019-06-29 18:11:29

Recently Reported IPs

146.85.132.197	66.227.168.9	165.120.202.125	250.114.174.165
59.6.80.131	113.122.56.223	1.28.114.207	220.7.244.68
125.115.191.5	95.239.30.82	113.121.42.58	113.124.87.191
186.191.231.36	153.91.63.22	111.254.40.136	80.229.247.20
105.168.94.1	46.32.104.170	174.135.165.144	217.112.142.112