Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attackspam
2019-11-22T13:57:20.292Z CLOSE host=58.220.2.92 port=60986 fd=5 time=30.003 bytes=54
2019-11-22T13:57:20.292Z CLOSE host=58.220.2.92 port=60990 fd=6 time=30.002 bytes=46
2019-11-22T13:57:20.294Z CLOSE host=58.220.2.92 port=60978 fd=7 time=30.001 bytes=41
2019-11-22T13:57:20.295Z CLOSE host=58.220.2.92 port=60982 fd=8 time=30.002 bytes=44
2019-11-22T13:57:20.302Z CLOSE host=58.220.2.92 port=60992 fd=9 time=30.001 bytes=19
...
2020-03-13 02:54:36
attackspam
SSH brute-force: detected 6 distinct usernames within a 24-hour window.
2019-11-22 23:03:33
Comments on same subnet:
IP Type Details Datetime
58.220.248.122 attackspam
08/06/2020-09:21:36.340580 58.220.248.122 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433
2020-08-07 02:20:10
58.220.248.187 attack
firewall-block, port(s): 1433/tcp
2020-08-05 01:07:07
58.220.25.2 attackbotsspam
firewall-block, port(s): 1433/tcp
2020-04-12 18:15:18
58.220.249.130 attackbots
SIP/5060 Probe, BF, Hack -
2020-04-08 02:20:05
58.220.220.92 attackspambots
IP reached maximum auth failures
2020-04-07 17:03:03
58.220.249.130 attackspambots
SIP/5060 Probe, BF, Hack -
2020-04-04 20:42:13
58.220.249.130 attackbotsspam
33900/tcp 57858/tcp 33889/tcp...
[2020-02-03/03-30]50pkt,24pt.(tcp)
2020-03-31 02:21:27
58.220.249.130 attackspam
firewall-block, port(s): 33895/tcp
2020-03-17 09:52:09
58.220.249.130 attackbots
firewall-block, port(s): 33896/tcp
2020-03-17 03:08:08
58.220.249.130 attackbots
firewall-block, port(s): 3398/tcp
2020-03-05 09:01:28
58.220.244.106 attackspambots
Honeypot attack, port: 5555, PTR: PTR record not found
2020-02-21 20:17:45
58.220.201.87 attackbotsspam
unauthorized connection attempt
2020-02-16 21:42:32
58.220.234.18 attack
Brute force attempt
2020-02-16 03:14:32
58.220.253.253 attack
Automatic report - Banned IP Access
2020-02-14 23:54:56
58.220.234.18 attackspam
IMAP brute force
...
2020-02-06 03:25:04
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 58.220.2.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15316
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;58.220.2.92.			IN	A

;; AUTHORITY SECTION:
.			431	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112200 1800 900 604800 86400

;; Query time: 112 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Nov 22 23:03:29 CST 2019
;; MSG SIZE  rcvd: 115
Host info
Host 92.2.220.58.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 92.2.220.58.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
222.186.3.80 attack
[mysql-auth] MySQL auth attack
2020-10-06 15:14:02
64.227.94.175 attack
Brute force attempt
2020-10-06 15:19:07
212.64.95.187 attackspam
frenzy
2020-10-06 15:12:01
162.142.125.22 attack
 TCP (SYN) 162.142.125.22:52573 -> port 11211, len 44
2020-10-06 14:40:16
45.172.234.137 attackbots
mail auth brute force
2020-10-06 14:48:03
203.110.89.230 attack
Dovecot Invalid User Login Attempt.
2020-10-06 15:00:05
151.80.183.134 attack
Invalid user stock from 151.80.183.134 port 47774
2020-10-06 14:59:15
88.207.113.101 attackspambots
C1,WP GET /wp-login.php
2020-10-06 15:22:01
190.202.34.34 attackspam
1601930501 - 10/05/2020 22:41:41 Host: 190.202.34.34/190.202.34.34 Port: 445 TCP Blocked
...
2020-10-06 15:08:37
106.53.9.163 attack
Oct  6 12:00:43 itv-usvr-02 sshd[22627]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.163  user=root
Oct  6 12:04:41 itv-usvr-02 sshd[22782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.163  user=root
Oct  6 12:08:21 itv-usvr-02 sshd[22880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.53.9.163  user=root
2020-10-06 14:55:17
20.185.81.158 attack
Icarus honeypot on github
2020-10-06 15:06:39
106.13.215.17 attackbots
Oct  5 22:37:46 router sshd[10573]: Failed password for root from 106.13.215.17 port 43220 ssh2
Oct  5 22:39:37 router sshd[10612]: Failed password for root from 106.13.215.17 port 43114 ssh2
...
2020-10-06 15:13:34
45.148.10.15 attackbots
Triggered by Fail2Ban at Ares web server
2020-10-06 15:08:05
45.167.10.23 attack
mail auth brute force
2020-10-06 14:50:54
27.157.90.107 attackspam
Oct  5 23:08:22 srv01 postfix/smtpd\[12943\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:06 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:18 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:34 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Oct  5 23:22:52 srv01 postfix/smtpd\[31850\]: warning: unknown\[27.157.90.107\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
...
2020-10-06 15:00:31

Recently Reported IPs

122.246.242.124 240e:fc:c3e3:de00:d545:206e:1e57:cad 24.244.132.35 68.35.125.215
54.236.242.9 113.77.131.224 117.211.211.126 123.9.203.185
27.76.83.239 123.160.246.72 196.191.159.210 41.60.233.107
176.235.215.247 163.179.218.185 61.132.170.209 106.57.23.173
221.225.183.205 60.160.143.233 228.121.103.76 186.225.184.102