220.134.25.49 Threat Intelligence and Host Information

Share on:

General

This page contains threat intelligence information for the IPv4 address 220.134.25.49 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: Nextray, Port scan, SSH, Telnet, attack, bruteforce, cowrie, cyber security, digital ocean, ioc, login, malicious, phishing, scanner, telnet, vultr
  • View other sources: Spamhaus VirusTotal

  • Country: Taiwan
  • Network: AS3462 data communication business group
  • Noticed: 13 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Spain, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: 22319.com 66836.com www.22319.com www.22516.com 22516.com www.15311.com www.83799.com www.66836cc.com 66836hh.com www.66836bb.com www.66836hh.com www.66836pp.com 66836pp.com www.66836oo.com 66836oo.com www.42977.com www.06400.com 66836cc.com www.09400.com 42977.com 66836qq.com 83799.com 15311.com 66836aa.com www.66836qq.com www.66836aa.com www.66836gg.com 66836gg.com www.42077.com 42077.com 09400.com 66836bb.com www.66836.com www.15211.com 06400.com 15211.com 66836w.com 66836h.com 66836o.com 66836r.com 66836u.com 66836t.com 66836l.com 66836f.cc 66836a.cc 66836g.cc 66836c.cc 88360ccwww66836com.com 88350ccwww66836com.com 88340ccwww66836com.com 66836d.cc 66836e.cc www.06400.cc 06400a.com www.09400a.com 888168.cc h5h5.88340ccwww66836com.com 09400b.com www.09400b.com www.888168.cc www.15311a.com 06400b.com www.09400.cc www.888188.cc 66836e.com 66836x.com 09400a.com 09400.cc h5h5.88360ccwww66836com.com 06400.cc 66836k.com www.06400a.com www.15311b.com 66836c.com 66836g.com 15311a.com 66836a.com 66836b.com www.09400c.com 66836n.com www.06400c.com 66836f.com www.15311c.com 888188.cc 15311c.com www.06400b.com h5h5.88350ccwww66836com.com 09400c.com 15311b.com 66836m.com 66836s.com 06400c.com 66836q.com 2088296.com 2088290.com 2088r.vip 2088271.com 2088292.com 2088297.com 2088p.vip 2088295.com 2088275.com 2088v.vip 2088274.com 2088u.vip 2088x.vip 2088273.com 2088q.vip 2088w.vip 2088293.com 2088z.vip 2088o.vip 2088y.vip 2088t.vip 2088294.com 2088272.com 2088291.com 2088s.vip 2088289.com 2088453.com 2088451.com 2088452.com h020drc.yunjidns6.com w273nkb.yunjidns8.com

Malware Detected on Host

Count:

Map

Whois Information

  • inetnum: 116.128.0.0 - 116.191.255.255
  • netname: UNICOM
  • descr: China United Network Communications Corporation Limited
  • descr: No.21 Financial Street,Xicheng District, Beijing 100140 ,P.R.China
  • country: CN
  • admin-c: XZ67-AP
  • tech-c: XZ67-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-UNICOM-CN
  • last-modified: 2021-11-02T07:48:23Z
  • irt: IRT-UNICOM-CN
  • address: No.21 Financial Street,Xicheng District,
  • address: Beijing 100140 ,P.R.China
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: YW6851-AP
  • tech-c: YW6851-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-08-17T02:30:59Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Xiaomin Zhou
  • address: No.21 Financial Street,Xicheng District, Beijing 100140 ,P.R.China
  • country: CN
  • phone: +86-10-66259626
  • fax-no: +86-10-66259626
  • e-mail: [email protected]
  • nic-hdl: XZ67-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2009-06-17T02:45:23Z
  • route: 116.128.0.0/10
  • descr: China Unicom CHINA169 Network
  • country: CN
  • origin: AS4837
  • mnt-by: MAINT-CNCGROUP-RR
  • last-modified: 2017-10-20T06:12:02Z
  • a Telecom Co., Ltd.
  • address: Data-Bldg. 6F, No. 21, Sec. 21, Hsin-Yi Rd.,
  • address: Taipei Taiwan 100
  • country: TW
  • phone: +886 2 2322 3495
  • phone: +886 2 2322 3442
  • phone: +886 2 2344 3007
  • fax-no: +886 2 2344 2513
  • fax-no: +886 2 2395 5671
  • e-mail: [email protected]
  • nic-hdl: HN28-AP
  • mnt-by: MAINT-TW-TWNIC
  • last-modified: 2008-09-04T07:29:17Z
  • inetnum: 220.135.0.0 - 220.135.255.255
  • netname: HINET-NET
  • descr: Chunghwa Telecom Co.,Ltd.
  • descr: No.21-3, Sec. 1, Xinyi Rd., Taipei 10048, Taiwan, R.O.C.
  • descr: Taipei Taiwan
  • country: TW
  • admin-c: HN184-TW
  • tech-c: HN184-TW
  • mnt-by: MAINT-TW-TWNIC
  • changed: [email protected] 20030610
  • status: ASSIGNED NON-PORTABLE
  • person: HINET Network-Adm
  • address: CHTD, Chunghwa Telecom Co., Ltd.
  • address: Data-Bldg. 6F, No. 21, Sec. 1, Hsin-Yi Rd.,
  • address: Taipei Taiwan
  • country: TW
  • phone: +886-2-2322-3495
  • fax-no: +886-2-2344-2513
  • e-mail: [email protected]
  • nic-hdl: HN184-TW
  • changed: [email protected] 20130307