Homepage |  Multiple Tracking |  WHOIS |  News |  Contact Us Multiple IP Check |  WHOIS 
Get the flag & IP image for your site

221.192.199.49 is from China

An Internet Protocol address (IP address 221.192.199.49) is a numerical label that is allocated to a computer (can be any electronic device) which is part of a network (China Unicom Hebei province network) that utilises the Internet Protocol. Every IP address does the following: (1) location addressing and (2) host or network interface identification.


e.g. 209.62.45.34 IPv4/IPv6 format for an IP Address, or maxmind.com for a website

Compare to another IP
IP Address:221.192.199.49
IP Address Country:  China (CN)
IP Address Region:10 Hebei
IP Address City:Hebei
IP Postal Code
IP Address Area Code0
IP Metro Code0
IP Address Latitude:39.8897018433
IP Address Longitude:115.275001526
IP Address ISP: China Unicom Hebei province network
Organisation: China Unicom Hebei province network
IP Address Proxy:
IP Address Host:221.192.199.49
Map is loading...

We have 112 complaints about 221.192.199.49

Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Person is constant doing portscans - filed under Port Scanning
  94.213.202.12
26 days  ago
Someone is by or via this IP (221.192.199.49) trying to do port scans.

I ask you kindly to prevent this person to do such thing.

I'll also report this to our government
port scanning abusive behavior - filed under Port Scanning
  70.128.21.75
>1 month ago
yes i would like to stop by and report the following ip being used for scanning ports across the internet leaving dropped packed called in a router log. its been known to communicate with virus infected pcs and continue to try and attack a network even after its been formatted.
IP block - filed under Firewall Alert
  114.77.99.16
>1 month ago
Incoming block form Malwarebytes. Count at least 157 attempts over the past few days. Some people are only alive today because it's illegal to kill
hackers? - filed under Firewall Alert
  212.52.37.163
>1 month ago
Somebody is scanning your computer.
Your computer's TCP ports:
27977, 1080, 8085, and 8008 have been scanned from 221.192.199.49..

This is a firewall log. It happens every 2 hours
Mickey Mantle Jersey - filed under Form Post Hijacking
  74.125.112.80
>1 month ago
http://www.yankeesfansshop.com/36-mickey-mantle-jersey Mickey Mantle Jersey
http://www.yankeesfansshop.com/25-don-mattingly-jersey Don Mattingly Jersey
http://www.yankeesfansshop.com/48-thurman-munson-jersey Thurman Munson Jersey
http://www.yankeesfansshop.com/45-robinson-cano-jersey Robinson Cano Jersey
http://www.yankeesfansshop.com/13-andy-pettitte-jersey Andy Pettitte Jersey
http://www.yankeesfansshop.com/34-mariano-rivera-jersey Mariano Rivera Jersey
http://www.yankeesfansshop.com/44-reggie-jackson-jersey Reggie Jackson Jersey
http://www.yankeesfansshop.com/24-derek-jeter-jersey Derek Jeter Jersey
http://www.yankeesfansshop.com/23-curtis-granderson-jersey Curtis Granderson Jersey
http://www.yankeesfansshop.com/35-mark-teixeira-jersey Mark Teixeira Jersey
http://www.yankeesfansshop.com/14-babe-ruth-jersey Babe Ruth Jersey
http://www.yankeesfansshop.com/9-alex-rodriguez-jersey Alex Rodriguez Jersey
http://www.yankeesfansshop.com/10-alfonso-soriano-jersey Alfonso Soriano Jersey
http://www.yankeesfansshop.com/32-jorge-posada-jersey Jorge Posada Jersey
http://www.yankeesfansshop.com/46-roger-maris-jersey Roger Maris Jersey
http://www.yankeesfansshop.com/30-joe-dimaggio-jersey Joe DiMaggio Jersey
http://www.yankeesfansshop.com/19-c.c.-sabathia-jersey C.C. Sabathia Jersey
http://www.yankeesfansshop.com/17-bobby-abreu-jersey Bobby Abreu Jersey
http://www.yankeesfansshop.com/11-alfredo-aceves-jersey Alfredo Aceves Jersey
unsolicited access - filed under Hacking
  75.9.47.111
>1 month ago
persistent and multiple attempts to access computer. access has not been requested nor solicited from them..usually occurs when visiting a particular website/search engine so not sure if there's some correlation between the two
"Is this thing on? Testing Testing" - filed under Brute Force
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 3/10/12 01:48:04 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/10/12 01:48:04 AM
Number of ports that were scanned: 6
Highest port : 9000
Lowest port : 73
9000 1080 8118 2479 8088 73

And His Little Buddy:

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 3/10/12 02:39:30 AM
IP broadcast address : 76.227.65.191

"Eeeoooooh, Eeee Oooooh" - filed under Hacking
76.227.65.185
4 hr 10 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 3/9/12 07:32:35 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 07:32:35 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
1080 8000 9415 8085 8118 2301 6588

"Do Da, Do Da" - filed under Port Scanning
76.227.65.185
5 hr 10 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 3/9/12 05:43:23 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 05:43:23 PM
Number of ports that were scanned: 5
Highest port : 27977
Lowest port : 1080
9000 27977 1080 7212 6588

"^%%$@#$z" - filed under Brute Force
76.227.65.185
27 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 03:54:12 PM
IP broadcast address : 76.227.65.191

" %(#%#&*$(&'' - filed under Port Scanning
76.227.65.185
1 min ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 03:54:12 PM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 9415 8085 2301 8090 6588

"_______________" - filed under DNS Cache Poisoning
76.227.65.185
4 hr 56 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 12:15:55 PM
IP broadcast address : 76.227.65.191

]Subject is Empty" - filed under Brute Force
76.227.65.185
1 hr 34 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 10:26:25 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 58.218.199.227
Time at last attempt : 3/9/12 10:34:41 AM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 10:34:41 AM
IP broadcast address : 76.227.65.191
"Chinese Government Sponsored Hacking" - filed under Brute Force
76.227.65.185
3 hr 28 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 10
Time at last attempt : 3/9/12 08:37:30 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 08:37:30 AM
Number of ports that were scanned: 11
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8088 3246 8123 8008 7212
(Only the first 10 ports are recorded.)


This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

We have 98 complaints about 221.192.199.49
Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Register (optional) now in 1 minute and enjoy the following privileges:
- Hide your real IP address in the author field in comments
- Enjoy Captcha-free communication
- Receive e-mail alerts when fresh relevant complaints are posted or when your questions get answered

Category

Subject

Complaint

Reload Image

Captcha
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
76.227.65.185
5 days ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
92.9.206.150
10 days ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
62.194.100.185
10 days ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
"^%%$@#$z" - filed under Brute Force
76.227.65.185
5 hr 38 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 03:54:12 PM
IP broadcast address : 76.227.65.191
"Eeeoooooh, Eeee Oooooh" - filed under Hacking
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 3/9/12 07:32:35 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 07:32:35 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
1080 8000 9415 8085 8118 2301 6588

"Do Da, Do Da" - filed under Port Scanning
76.227.65.185
5 hr 10 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 3/9/12 05:43:23 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 05:43:23 PM
Number of ports that were scanned: 5
Highest port : 27977
Lowest port : 1080
9000 27977 1080 7212 6588

"^%%$@#$z" - filed under Brute Force
76.227.65.185
27 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 03:54:12 PM
IP broadcast address : 76.227.65.191

" %(#%#&*$(&'' - filed under Port Scanning
76.227.65.185
1 min ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 03:54:12 PM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 9415 8085 2301 8090 6588

"_______________" - filed under DNS Cache Poisoning
76.227.65.185
4 hr 56 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 12:15:55 PM
IP broadcast address : 76.227.65.191

]Subject is Empty" - filed under Brute Force
76.227.65.185
1 hr 34 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 10:26:25 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 58.218.199.227
Time at last attempt : 3/9/12 10:34:41 AM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 10:34:41 AM
IP broadcast address : 76.227.65.191
"Chinese Government Sponsored Hacking" - filed under Brute Force
76.227.65.185
3 hr 28 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 10
Time at last attempt : 3/9/12 08:37:30 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 08:37:30 AM
Number of ports that were scanned: 11
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8088 3246 8123 8008 7212
(Only the first 10 ports are recorded.)


This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

We have 98 complaints about 221.192.199.49
Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Register (optional) now in 1 minute and enjoy the following privileges:
- Hide your real IP address in the author field in comments
- Enjoy Captcha-free communication
- Receive e-mail alerts when fresh relevant complaints are posted or when your questions get answered

Category

Subject

Complaint

Reload Image

Captcha
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
76.227.65.185
5 days ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
92.9.206.150
10 days ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
62.194.100.185
10 days ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
"^%%$@#$z" - filed under Brute Force
76.227.65.185
5 hr 38 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 03:54:12 PM
IP broadcast address : 76.227.65.191

" %(#%#&*$(&'' - filed under Port Scanning
76.227.65.185
1 min ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 03:54:12 PM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 9415 8085 2301 8090 6588

"_______________" - filed under DNS Cache Poisoning
76.227.65.185
4 hr 56 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 12:15:55 PM
IP broadcast address : 76.227.65.191
"Do Da, Do Da" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 3/9/12 05:43:23 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 05:43:23 PM
Number of ports that were scanned: 5
Highest port : 27977
Lowest port : 1080
9000 27977 1080 7212 6588

"^%%$@#$z" - filed under Brute Force
76.227.65.185
27 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 03:54:12 PM
IP broadcast address : 76.227.65.191

" %(#%#&*$(&'' - filed under Port Scanning
76.227.65.185
1 min ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 03:54:12 PM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 9415 8085 2301 8090 6588

"_______________" - filed under DNS Cache Poisoning
76.227.65.185
4 hr 56 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 12:15:55 PM
IP broadcast address : 76.227.65.191

]Subject is Empty" - filed under Brute Force
76.227.65.185
1 hr 34 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 10:26:25 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 58.218.199.227
Time at last attempt : 3/9/12 10:34:41 AM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 10:34:41 AM
IP broadcast address : 76.227.65.191
"Chinese Government Sponsored Hacking" - filed under Brute Force
76.227.65.185
3 hr 28 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 10
Time at last attempt : 3/9/12 08:37:30 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 08:37:30 AM
Number of ports that were scanned: 11
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8088 3246 8123 8008 7212
(Only the first 10 ports are recorded.)


This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

We have 98 complaints about 221.192.199.49
Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Register (optional) now in 1 minute and enjoy the following privileges:
- Hide your real IP address in the author field in comments
- Enjoy Captcha-free communication
- Receive e-mail alerts when fresh relevant complaints are posted or when your questions get answered

Category

Subject

Complaint

Reload Image

Captcha
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
76.227.65.185
5 days ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
92.9.206.150
10 days ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
62.194.100.185
10 days ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
"^%%$@#$z" - filed under Brute Force
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 03:54:12 PM
IP broadcast address : 76.227.65.191

" %(#%#&*$(&'' - filed under Port Scanning
76.227.65.185
1 min ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 03:54:12 PM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 9415 8085 2301 8090 6588

"_______________" - filed under DNS Cache Poisoning
76.227.65.185
4 hr 56 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 12:15:55 PM
IP broadcast address : 76.227.65.191

]Subject is Empty" - filed under Brute Force
76.227.65.185
1 hr 34 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 10:26:25 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 58.218.199.227
Time at last attempt : 3/9/12 10:34:41 AM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 10:34:41 AM
IP broadcast address : 76.227.65.191
"Chinese Government Sponsored Hacking" - filed under Brute Force
76.227.65.185
3 hr 28 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 10
Time at last attempt : 3/9/12 08:37:30 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 08:37:30 AM
Number of ports that were scanned: 11
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8088 3246 8123 8008 7212
(Only the first 10 ports are recorded.)


This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

We have 98 complaints about 221.192.199.49
Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Register (optional) now in 1 minute and enjoy the following privileges:
- Hide your real IP address in the author field in comments
- Enjoy Captcha-free communication
- Receive e-mail alerts when fresh relevant complaints are posted or when your questions get answered

Category

Subject

Complaint

Reload Image

Captcha
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
76.227.65.185
5 days ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
92.9.206.150
10 days ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
62.194.100.185
10 days ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
" %(#%#&*$(&'' - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 03:54:12 PM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 9415 8085 2301 8090 6588

"_______________" - filed under DNS Cache Poisoning
76.227.65.185
4 hr 56 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 12:15:55 PM
IP broadcast address : 76.227.65.191

]Subject is Empty" - filed under Brute Force
76.227.65.185
1 hr 34 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 10:26:25 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 58.218.199.227
Time at last attempt : 3/9/12 10:34:41 AM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 10:34:41 AM
IP broadcast address : 76.227.65.191
"Chinese Government Sponsored Hacking" - filed under Brute Force
76.227.65.185
3 hr 28 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 10
Time at last attempt : 3/9/12 08:37:30 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 08:37:30 AM
Number of ports that were scanned: 11
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8088 3246 8123 8008 7212
(Only the first 10 ports are recorded.)


This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

We have 98 complaints about 221.192.199.49
Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Register (optional) now in 1 minute and enjoy the following privileges:
- Hide your real IP address in the author field in comments
- Enjoy Captcha-free communication
- Receive e-mail alerts when fresh relevant complaints are posted or when your questions get answered

Category

Subject

Complaint

Reload Image

Captcha
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
76.227.65.185
5 days ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
92.9.206.150
10 days ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
62.194.100.185
10 days ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
"_______________" - filed under DNS Cache Poisoning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 12:15:55 PM
IP broadcast address : 76.227.65.191

]Subject is Empty" - filed under Brute Force
76.227.65.185
1 hr 34 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 10:26:25 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 58.218.199.227
Time at last attempt : 3/9/12 10:34:41 AM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 10:34:41 AM
IP broadcast address : 76.227.65.191
"Chinese Government Sponsored Hacking" - filed under Brute Force
76.227.65.185
3 hr 28 min ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 10
Time at last attempt : 3/9/12 08:37:30 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 08:37:30 AM
Number of ports that were scanned: 11
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8088 3246 8123 8008 7212
(Only the first 10 ports are recorded.)


This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

We have 98 complaints about 221.192.199.49
Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Register (optional) now in 1 minute and enjoy the following privileges:
- Hide your real IP address in the author field in comments
- Enjoy Captcha-free communication
- Receive e-mail alerts when fresh relevant complaints are posted or when your questions get answered

Category

Subject

Complaint

Reload Image

Captcha
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
76.227.65.185
5 days ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
92.9.206.150
10 days ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
62.194.100.185
10 days ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/26/12 11:59:40 PM
IP broadcast address : 76.227.65.191
"Saki Haki" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/26/12 10:10:47 PM
IP broadcast address : 76.227.65.191
"Haki Saki" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 08:20:06 PM
Number of ports that were scanned: 19
Highest port : 9000
Lowest port : 1080
9000 8123 8088 8008 6588 1080 2301 3246 8000 8085
(Only the first 10 ports are recorded.)
"Haki Saki" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 20
Time at last attempt : 2/26/12 08:20:06 PM
IP broadcast address : 76.227.65.191
"64,000 to Go" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 18
Time at last attempt : 2/26/12 12:53:04 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 11:02:15 AM
Number of ports that were scanned: 27
Highest port : 9090
Lowest port : 1080
9000 1080 8118 9090 2301 8123 8090 2479 8008 3246
"Port Scanning" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 13
Time at last attempt : 2/26/12 09:12:45 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 09:12:45 AM
Number of ports that were scanned: 17
Highest port : 9000
Lowest port : 73
8000 8085 8090 2479 8088 73 8008 3246 6588 9000
"Rats Nest" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 9
Time at last attempt : 2/26/12 05:32:28 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 05:32:28 AM
Number of ports that were scanned: 9
Highest port : 9415
Lowest port : 3246
9000 6515 8000 9415 8085 9090 8090 3246 6588
"Rats Nest" - filed under Firewall Alert
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 2
Time at last attempt : 2/26/12 03:39:13 AM
IP broadcast address : 76.227.65.191
"Non-Stop Scanning" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 2/26/12 01:46:13 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 01:46:13 AM
Number of ports that were scanned: 5
Highest port : 8123
Lowest port : 3246
6515 8123 8090 3246 7212
"China Prowler" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
"Subject is Empty" - filed under Brute Force
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/9/12 10:26:25 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 58.218.199.227
Time at last attempt : 3/9/12 10:34:41 AM
Number of ports that were scanned: 5
Highest port : 8080
Lowest port : 80

Security alert type : IP Subnet Broadcast Amplification
IP source address : 58.218.199.227
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 3/9/12 10:34:41 AM
IP broadcast address : 76.227.65.191
"Chinese Government Sponsored Hacking" - filed under Brute Force
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 10
Time at last attempt : 3/9/12 08:37:30 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 3/9/12 08:37:30 AM
Number of ports that were scanned: 11
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8088 3246 8123 8008 7212
(Only the first 10 ports are recorded.)


This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

We have 98 complaints about 221.192.199.49
Is 221.192.199.49 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!

Register (optional) now in 1 minute and enjoy the following privileges:
- Hide your real IP address in the author field in comments
- Enjoy Captcha-free communication
- Receive e-mail alerts when fresh relevant complaints are posted or when your questions get answered

Category

Subject

Complaint

Reload Image

Captcha
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
76.227.65.185
5 days ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
92.9.206.150
10 days ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
62.194.100.185
10 days ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/26/12 11:59:40 PM
IP broadcast address : 76.227.65.191
"Saki Haki" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/26/12 10:10:47 PM
IP broadcast address : 76.227.65.191
"Haki Saki" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 08:20:06 PM
Number of ports that were scanned: 19
Highest port : 9000
Lowest port : 1080
9000 8123 8088 8008 6588 1080 2301 3246 8000 8085
(Only the first 10 ports are recorded.)
"Haki Saki" - filed under Firewall Alert
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 20
Time at last attempt : 2/26/12 08:20:06 PM
IP broadcast address : 76.227.65.191
"64,000 to Go" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 18
Time at last attempt : 2/26/12 12:53:04 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 11:02:15 AM
Number of ports that were scanned: 27
Highest port : 9090
Lowest port : 1080
9000 1080 8118 9090 2301 8123 8090 2479 8008 3246
"Port Scanning" - filed under Port Scanning
76.227.65.185
11 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 13
Time at last attempt : 2/26/12 09:12:45 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 09:12:45 AM
Number of ports that were scanned: 17
Highest port : 9000
Lowest port : 73
8000 8085 8090 2479 8088 73 8008 3246 6588 9000
"Rats Nest" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 9
Time at last attempt : 2/26/12 05:32:28 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 05:32:28 AM
Number of ports that were scanned: 9
Highest port : 9415
Lowest port : 3246
9000 6515 8000 9415 8085 9090 8090 3246 6588
"Rats Nest" - filed under Firewall Alert
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 2
Time at last attempt : 2/26/12 03:39:13 AM
IP broadcast address : 76.227.65.191
"Non-Stop Scanning" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 2/26/12 01:46:13 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 01:46:13 AM
Number of ports that were scanned: 5
Highest port : 8123
Lowest port : 3246
6515 8123 8090 3246 7212
"China Prowler" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/25/12 09:58:53 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 09:58:53 PM
Number of ports that were scanned: 6
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 9090 8088
"Continuous Harrassment" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/25/12 08:06:17 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 08:06:17 PM
Number of ports that were scanned: 6
Highest port : 9415
Lowest port : 6515
6515 8000 9415 8085 9090 7212
"China Peepers" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 2/25/12 06:15:16 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 06:15:16 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
9000 1080 9415 8085 2301 8123 8088

So, do I win something after reporting they've scanned over 100,000 ports?
"Chinese Tax Dollars at Work" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 2/25/12 04:25:18 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 04:25:18 PM
Number of ports that were scanned: 8
Highest port : 9090
Lowest port : 1080
1080 8000 8118 9090 2301 3246 7212 6588
"How many ports are there?" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 2/25/12 12:45:31 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 12:45:31 PM
Number of ports that were scanned: 5
Highest port : 9090
Lowest port : 73
8085 8118 9090 2301 73
"Hello, Is there anybody out there?" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 2/25/12 10:56:54 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 10:56:54 AM
Number of ports that were scanned: 7
Highest port : 27977
Lowest port : 73
9000 27977 1080 9415 8118 73 6588
"Continuous Scanning" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/25/12 09:06:01 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 09:06:01 AM
Number of ports that were scanned: 6
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 2479 7212
"port by port" - filed under Port Scanning
76.227.65.185
12 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 20
Time at last attempt : 2/25/12 07:17:01 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 05:28:30 AM
Number of ports that were scanned: 21
Highest port : 27977
Lowest port : 73
1080 6515 9415 73 3246 9000 27977 8008 9090 8123
"Constant Scanning" - filed under Port Scanning
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 5
Time at last attempt : 2/25/12 12:00:44 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 12:00:44 AM
Number of ports that were scanned: 5
Highest port : 9415
Lowest port : 2479
8000 9415 8123 2479 8008
"ScanMaster" - filed under Firewall Alert
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 3
Time at last attempt : 2/24/12 10:13:46 PM
IP broadcast address : 76.227.65.191

Hmmmm, what? no port scan?
"Ongoing" - filed under Port Scanning
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 5
Time at last attempt : 2/24/12 08:26:43 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 08:26:43 PM
Number of ports that were scanned: 5
Highest port : 9000
Lowest port : 2479
9000 8118 2479 7212 6588
"Very Consistent" - filed under Port Scanning
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 10
Time at last attempt : 2/24/12 06:39:29 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 06:39:29 PM
Number of ports that were scanned: 12
Highest port : 27977
Lowest port : 73
27977 8000 8118 9090 2301 2479 8088 73 8008 7212
"Duck & Cover" - filed under Port Scanning
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 2/24/12 04:51:44 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 04:51:44 PM
Number of ports that were scanned: 7
Highest port : 9090
Lowest port : 2301
6515 8085 8118 9090 2301 8123 8088

He hides and then pops his head up and scans, what's he look like ya might ask?

221.192.199.49 (DDISP-2717DBE3A)

Time To Live (TTL): 110
DNS name: DDISP-2717DBE3A
NetBios names (2)
DDISP-2717DBE3A <00> UNIQUE - Workstation service
WORKGROUP <00> GROUP - Domain name
User:
MAC: 00:E0:6F:0A:61:EF (TERAYON CORP.)
TCP ports (4)
21 ftp => File Transfer Protocol
80 http => World Wide Web HTTP
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Content-Length: 1193
Content-Type: text/html
Content-Location: http://221.192.199.49/iisstart.htm
Last-Modified: Fri, 21 Feb 2003 12:15:52 GMT
Accept-Ranges: bytes
ETag: "0ce1f9a2d9c21:961"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Feb 2012 16:23:26 GMT
Connection: close
1026 cap => Calender Access Protocol
3389 terminal => Terminal Services (Ms Remote Desktop)
UDP ports (7)
123 NTP => Network Time Protocol
137 netbios-ns => NetBios Name Service
138 netbios-dgm => NetBios Datagram Service
445 microsoft-ds => Microsoft-DS
500 isakmp => Isakmp
1434 ms-sql-s => Microsoft-SQL-Server
4500 ipsec-nat-t => IPsec NAT-Traversal

I'm sure he won't mind.........
"Cosmic Debris" - filed under Port Scanning
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/24/12 03:03:27 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 03:03:27 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
1080 6515 8000 9415 8085 8118 2479
"China China China" - filed under Port Scanning
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/24/12 12:24:34 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 12:24:34 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 2301
9415 8085 8118 9090 2301 8090 6588
"Intruder Alert" - filed under Firewall Alert
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 1
Time at last attempt : 2/24/12 10:37:34 AM
IP broadcast address : 76.227.65.191

Maybe his scanner's not working.........
"Guess" - filed under Port Scanning
76.227.65.185
13 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/24/12 08:50:16 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 08:50:16 AM
Number of ports that were scanned: 6
Highest port : 27977
Lowest port : 73
9000 27977 1080 8090 73 8008

This Clown thinks he's playing the Lottery.........
"Non-Stop Scanning" - filed under Port Scanning
76.227.65.185
14 days ago
I intend to post each & every infraction committed by this IP until cessation of this aggesion.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 9
Time at last attempt : 2/24/12 07:02:23 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 07:02:23 AM
Number of ports that were scanned: 8
Highest port : 9000
Lowest port : 73
9000 8123 8090 2479 8088 1080 8118 73
Causing Lag Spikes in Game Due to Port Used - filed under Port Scanning
62.49.7.5
14 days ago
Wed, 2012-02-22 02:16:36 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]
Wed, 2012-02-22 11:05:59 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]
Wed, 2012-02-22 13:16:58 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]

Mon, 2012-02-20 19:28:57 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]
"Trying to climb down the Chimney" - filed under Firewall Alert
76.227.65.185
14 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/23/12 08:16:43 PM
IP broadcast address : 76.227.65.191

The Plot Thickens!
"Persistent Scanning" - filed under Port Scanning
76.227.65.185
14 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 5
Time at last attempt : 2/23/12 04:50:39 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 04:50:39 PM
Number of ports that were scanned: 5
Highest port : 9415
Lowest port : 1080
1080 6515 9415 9090 8090
"Persistent Scanning" - filed under Port Scanning
76.227.65.185
14 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/23/12 02:55:56 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 02:55:56 PM
Number of ports that were scanned: 7
Highest port : 9090
Lowest port : 73
6515 9090 73 8008 3246 7212 6588
"Tapping on the Windows" - filed under Port Scanning
76.227.65.185
14 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 25
Time at last attempt : 2/23/12 12:15:13 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 06:46:14 AM
Number of ports that were scanned: 37
Highest port : 9415
Lowest port : 73
9000 8118 2479 8088 73 7212 1080 6515 9415 6588 ect. ect.ect.
port scanning and attempting to force HTTP errors - filed under HTTP Fraud
82.35.146.133
14 days ago
port scanning and attempting to force HTTP errors

2012-02-22 18:28:26.884141| 221.192.199.49 |/error/document|
2012-02-22 21:50:27.174795| 221.192.199.49 |/ip.php|
2012-02-22 21:50:27.286480| 221.192.199.49 |/error/document|
2012-02-22 23:36:30.778775| 221.192.199.49 |/proxyheader.php|
2012-02-22 23:36:30.889461| 221.192.199.49 |/error/document|
2012-02-23 08:28:40.138948| 221.192.199.49 |/proxyheader.php|
2012-02-23 08:28:40.258807| 221.192.199.49 |/error/document|
"Still There" - filed under Port Scanning
76.227.65.185
15 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 9
Time at last attempt : 2/23/12 01:35:11 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 01:35:11 AM
Number of ports that were scanned: 9
Highest port : 9415
Lowest port : 2479
9000 6515 9415 8118 2479 8085 8123 8090 6588
"Persistent" - filed under Port Scanning
76.227.65.185
15 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/22/12 09:54:55 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 09:54:55 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
1080 6515 8000 9415 8085 8008 7212
"Constant Hack" - filed under Port Scanning
76.227.65.185
15 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 10
Time at last attempt : 2/22/12 08:07:09 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 08:07:09 PM
Number of ports that were scanned: 9
Highest port : 9415
Lowest port : 2479
8085 9090 8123 2479 8088 3246 6515 9415 7212
constant port scans - filed under Port Scanning
69.5.145.109
15 days ago
this address is port scanning my machine perhaps 10 or 15 times per day. Scans are reported from my firewall software. Address is 221.192.199.49. Please note.
Scanning my ports about 10x per day - filed under Port Scanning
76.220.214.33
15 days ago
Scanning my ports about 10x per day

TCP scanned port list, 8090, 2479, 8088, 73, 8008

02/22/2012 02:24:47.912 Alert Intrusion Prevention Possible port scan detected

This email was generated by: SonicOS Enhanced 5.6.0.12-65o
"Endless" - filed under Port Scanning
76.227.65.185
15 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 8
Time at last attempt : 2/22/12 11:36:45 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 11:36:45 AM
Number of ports that were scanned: 8
Highest port : 9415
Lowest port : 1080
1080 6515 8000 9415 8085 8118 8123 6588
"Guess Who" - filed under Port Scanning
76.227.65.185
15 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 09:16:23 AM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8085 8088 3246

(Insert Derogatory Comment Here _____________)
"Piss Ant" - filed under Port Scanning
76.227.65.185
16 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 07:28:30 AM
Number of ports that were scanned: 5
Highest port : 9415
Lowest port : 6588
9000 9415 8085 8088 6588

Bay Ching Piss Ant!
"Ass Wipe" - filed under Firewall Alert
76.227.65.185
16 days ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 87
Time at last attempt : 2/22/12 05:40:20 AM
IP broadcast address : 76.227.65.191

Punk Fucking Chinc Assholes! (note-all derogatory references are aimed directly at the Chinese Goverment for whom I hold absolutely No Respect! Write that on your Fucking Wall!)
"Cock Sucker" - filed under Port Scanning
76.227.65.185
16 days ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/20/12 09:58:55 PM
Number of ports that were scanned: 163
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 9415 6588 2301 8090 8088

Enough already with these motherfucking Chinc Fucks!
221.192.199.49 - filed under Firewall Alert
76.123.98.61
19 days ago
How can we attack this guy and his ISP?
Unless this is State supported hacking we ought to be able to make life difficult for him.
today twice, Eset told me about port hack - filed under Port Scanning
andy2004
22 days ago
twice today in the past 30min i've had 2 port attacks from 2 address 221.192.199.49 and another 222.192 dont remember the other 2 numbers are the popup closed. considering this is a fresh install, and updated it shouldnt happen. These assholes should be taken down. loose the ability to go online for the rest of their natural short lives.
Detected Port Scanning attack - filed under Port Scanning
173.26.93.171
28 days ago
2/9/2012 5:53:30 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.0.116:8088 TCP
2/9/2012 11:37:16 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:8123 TCP
2/9/2012 8:28:36 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:8123 TCP
2/9/2012 5:20:47 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:808 TCP
2/9/2012 2:11:45 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:8088 TCP
2/8/2012 11:03:27 PM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:2301 TCP
2/7/2012 9:57:19 PM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.90:2301 TCP
2/7/2012 6:17:16 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.92:2301 TCP
2/7/2012 3:09:31 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.92:8008 TCP
2/7/2012 12:01:50 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.92:1080 TCP
2/6/2012 8:52:48 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.104:9090 TCP
2/5/2012 12:43:06 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.88.216:8000 TCP
2/4/2012 6:27:16 PM Detected Port Scanning attack 221.192.199.49:12200 173.29.88.216:8088 TCP
2/2/2012 6:58:32 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.126:8090 TCP
1/31/2012 1:21:01 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:7212 TCP
1/31/2012 10:13:11 AM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8118 TCP
1/31/2012 7:04:02 AM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:3246 TCP
1/31/2012 12:33:59 AM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8118 TCP
1/30/2012 9:13:36 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8118 TCP
1/30/2012 5:55:18 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8090 TCP
BT Modem/Router Firewall Reports SYN Flood Attack - filed under Sync Flood
Activeplan
>1 month ago
Our backup line modem router firewall daily report lists this IP address as being responsible for a SYN Flood attack yesterday (Wed 2nd February 2012)
continous attempts - filed under Port Scanning
76.102.89.179
>1 month ago
yesterday I reported this IP address attempt to do a portscan several times, today it again attempted to do it numerous times. this is getting to be a serious threat and very annoying
Constant ports scanning - filed under Port Scanning
76.102.89.179
>1 month ago
this IP address continues to ping my computer unrelentlessly throughout the day. It makes it difficult to concentrate on my work because it will never stop
Port attacks to svchost.exe - filed under Port Scanning
80.7.115.229
>1 month ago
Malwarebytes log

2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 9415, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 3246, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 8088, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 73, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 808, Process: svchost.exe)
2012/01/19 19:31:38 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 8085, Process: svchost.exe)
2012/01/19 19:31:38 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 73, Process: svchost.exe)
Keeps scanning - filed under Port Scanning
71.22.175.181
>1 month ago
scanning my computer alot i dont know if its bad but i dont appreciate it. please stop them it's very harrasing and idk what else to write because this has to be long.
hacking/ddoss attacks network packet injection sql - filed under DDOS
86.9.1.105
>1 month ago
please get these ip networks banned from my virgin media ip address...MY NAME IS AARON WATSON 22A STUART CRESCENT WINCHESTER SO224AU.
THEY KEEP ON PORT SPAMMING AND BRUTE FORCING ENTRY
China AGAIN - filed under Port Scanning
98.220.5.246
>1 month ago
Firewall catches but its really getting old. I have had 4 other IP's from China doing port scans in the last couple days. Well over 100 attempts over the last few days from this address and others from China. To the best of my knowledge I have no malware or virus in on my machine.
Port Scanning - filed under Port Scanning
173.80.81.63
>1 month ago
Im getting scanned on several different ports almost everyday from 221.192.199.49. This along with three other IP's from China are trying to gain access to my PC. This addy is coming up about once a hour.
attempting to log on to my computer - filed under Malware
68.10.173.192
>2 months ago
has been attempting to log on to my computer many times since I added extra level of protection I have been able to block it.... makes this attempt while I am using SKYPE
Attempts by chinese to access my PC - filed under Hacking
98.235.100.96
>2 months ago
Every day when i log in to my PC get warning from Malewarebytes program that
it blocked this IPO address 221.192.199.49 the CHINKS from Habei trying to gain access to my pc.They are out to over whelm us to cause as much havoc as they possibly can WHY?because they hate the USA and all it stands for.Use what ever defense that works for you against them,there is no other way to deal with it
attempting to gain access through numerous ports - filed under Hacking
173.11.25.117
>2 months ago
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 808
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 8123
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 7212
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 73
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 8088
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 1080
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 9000
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 9415
Port scanning - filed under Port Scanning
68.2.141.95
>2 months ago
Port Scanning 12/19/2011 7:09:07 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.0.10:8090 TCP continuous port scanning every few minutes. This has been happening for a couple months and is getting worse.
won't stop - filed under Port Scanning
74.84.108.245
>2 months ago
Non stop port scanning of network. Please do something to stop this as many other people on the net also have this issue. Bad IP.
Port scan - filed under Port Scanning
151.16.191.197
>3 months ago
Port scan at 9:25 CET 2011/12/05
I found this in my router's security log
TCP Packet - Source:221.192.199.49 Destination:<My ip address> - [PORT SCAN]
Now is back listed!
3 tries registered - filed under DDOS
84.144.224.233
>3 months ago
My router logged 3 tries from this IP address.

The DOS attack source was logged 3 times as:
TCP Packet - Source:221.192.199.49,12200

on Fri, 2011-11-25 13:41:10 UTC+1
Scanning ports as well as trying to connect many times. - filed under Port Scanning
68.150.179.111
>3 months ago
This guy from China appears to be scanning my ports while also trying to connect via port 12200. I would really appreciate thos annoying guy to get a life.
221.192.199.49 - filed under Hacking
85.84.54.156
>3 months ago
How many of you are using Malwarebyte?
You haven´t thought that this can be a strategy of Malware to convince us that their program is completely effective?
Maybe I'm wrong...
Re: 221.192.199.49
76.123.98.61
19 days ago
I was about to post the same question.
I have MB also.
Re: 221.192.199.49
76.227.65.185
13 days ago
You 2 are a couple of PinHeads! Are you perhaps working with this IP? Why would someone post a defensive statement regarding a hacker? This Listing of posts is for Complaints, the only defensive statement in here should be from the offending IP which has to date offered no explanation.
port scanning attacks - filed under Port Scanning
83.4.226.200
>4 months ago
2011-11-01 18:26:57 Detected Port Scanning attack 221.192.199.49:12200 1xx.1xx.x.x:8008 TCP they tried to scan my ports and they do it many times a day what can i do with it? need some help
Port scanning - filed under Port Scanning
82.242.106.64
>4 months ago
ils font chier les chinois
01/11/2011 15:04:59 Attaque par balayage de ports détectée 221.192.199.49:12200 192.168.0.1:73 TCP
01/11/2011 11:51:08 Attaque par balayage de ports détectée 221.192.199.49:12200 192.168.0.1:8000 TCP
31/10/2011 19:40:22 Attaque par balayage de ports détectée 221.192.199.49:12200 192.168.0.1:73 TCP
31/10/2011 22:30:05 Attaque par balayage de ports détectée 58.218.199.147:12200 192.168.0.1:9090 TCP
Malware software Blocking 221.192.199.49 for attempts at my 130 port - filed under Malware
128.211.237.64
>4 months ago
Computer running STUPID slow and not functioning correctly, installed some malware software which detected this IP trying to acces my computer. one two three four five
daily podt scans - filed under Port Scanning
99.245.50.69
>4 months ago
Your computer's TCP ports:
3246, 8090, 8008, and 8123 have been scanned from 221.192.199.49
9090, 2301, 8088, and 73 have been scanned from 221.192.199.49
3246, 8090, 8000, and 8008 have been scanned from 221.192.199.49
9415, 9000, 3246, and 808 have been scanned from 221.192.199.49
now daily 4 times per day. above is from yesterday
Port scanning, port scanning and more port scanning. - filed under Port Scanning
85.17.222.10
>4 months ago
Im getting scanned on several different ports almost everyday from 221.192.199.49 its annoying and theyre obviously up to no good. It would be nice if someone gave them a taste of their own medicine, whatever that medicine might be...
Please ban and make an order with a faulty user - filed under Port Scanning
195.116.17.142
>4 months ago
I have many reports about port scanning from 221.192.199.49. Please ban user which was trying to scan IP: 195.116.17.*. Looking forward for an answer. My addres is yku@op.pl.

Best regards,
Tomas Kaczynsky
Continuous port scanning of my firewall - filed under Port Scanning
71.183.63.8
>4 months ago
Nothing new - happens all the time from multiple Chinese ip addresses. I figured I'd document it for posterity. Working on something interesting for these Crackers :)
hacking - filed under Hacking
207.172.123.141
>4 months ago
221.192.199.49
Am receiving hacking from this IP address every single day.Today alone and it is only 9:07 a.m I have received 11 attempts.
I know this is China.
Malwarebytes is picking it up so do not know which port
Constant attacks - filed under Port Scanning
70.187.129.33
>5 months ago
ESET Smart Security has been warning me on a regular basis about Port scanning attacks from this IP. I am getting an attack once every few hours it seems.
I have been recieving multiple attempts from this ip address to access my network - filed under FTP Hacking
65.26.131.160
>5 months ago
it has been going on for the past few days now and I would appreciate it if they would stop trying to attack my router...
IP 221.192.199.49 port 12200 port scanning me constantly - filed under Port Scanning
71.89.61.25
>5 months ago
Getting ports scans from IP 221.192.199.49 port 12200 in blocks of 5 scans - each one with a different port being scanned about every 20 minutes. This has been happening for weeks. Can't we get this IP blocked at a high level. My ISP tells me it's "my problem" not theirs.
hacking attempts by 221.192.199.49 - filed under Hacking
24.163.57.111
>5 months ago
Constant Alert of 'Kernel Intrusion' from 221.192.199.49 to my PC almost every 10 minutes per day. Tries to enter my computer and get response. Add to black list.
what the fuck is up with 216.245.196.122? - filed under Port Scanning
66.214.186.127
>5 months ago
over the past few days my computer has been scanned constantly by IP 216.245.196.122 - apparently looking for an open port. . .
netgear router attack - filed under DDOS
80.229.35.37
>5 months ago
i have had a lot of attacks from this ip based somewhere in china for the past month or so they must be stopped, please stop them.
Port scanning - filed under Port Scanning
91.67.200.160
>5 months ago
1000's of port scans. Why does nothing happen to this ISP for allowing this?
1000's of port scans. Why does nothing happen to this ISP for allowing this?
1000's of port scans. Why does nothing happen to this ISP for allowing this?
Source port is 12200 and destination port is 8008 - filed under Port Scanning
72.200.147.238
>5 months ago
The details are: TCP connection request from 221.192.199.49:12200 to 72.200.147.238:8008 .

My router keeps blocking these incoming TCP connection attempts. Batch of 4 attempts on September 15, 2011
Suspicious HTTP GET requests - filed under Hacking
TS1000
>6 months ago
My server is receiving suspicious HTTP GET requests from 221.192.199.49 on TCP 2301. Some attempt to retrieve a web page from a server 218.83.152.252. See example below.

GET http://218.83.152.252/judge112233.php HTTP/1.1 Host: 218.83.152.252 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: */* Accept-Language: zh-cn Connection: Keep-Alive
221.192.199.49,12200 - filed under DDOS
71.181.214.40
>6 months ago
DOS attacks every day from these pricks. Why are they doing this? it doesn't really get them anywhere but in trouble. ...STUPID IDIOTS NEED TO GO AWAY
hacking me.. - filed under Hacking
142.177.235.69
>6 months ago
malwarebytes successful stopped this IP (221.192.199.49) from entering into my computer and putting files.. Put a stop to this shit. thanks you for handling this
DOS - filed under Firewall Alert
82.26.88.27
>7 months ago
Fri, Aug 5th 2011, 3:01pm, TCP Packet, Source:221.192.199.49, DOS attack, 4 times using 4 different local ports, remote port 12200.

No noticable effect, but logged in firewall
Regular scans of my system. - filed under Port Scanning
207.216.205.119
>7 months ago
Scans system from source 221.192.199.49:12200

Searching for ports 8085, 27977, 9090, 3128, 8008, 7212, 6588, 3246, 9000, 1080, 3128, 8088 & 73.

Another IP now on my system's blacklist.
attack from 221.192.199.49 - filed under Firewall Alert
86.103.144.122
>7 months ago
several connection attempts or attacks from IP adress 221.192.199.49 on destination ports: 7212, 73, 8008, 800, 8085 all TCP from TCP source port 12200
Complaint about 221.192.199.49 - filed under Port Scanning
85.178.184.183
>7 months ago
Constant Alert of 'Kernel Intrusion' from 221.192.199.49 to my router almost every 10 minutes per day. Tries to enter my computer and get response. Add to black list.
I found this in my router's security log - filed under Port Scanning
216.218.211.56
>1 year ago
Recently I have noticed an increase of foreign ips scanning my ports. This is one of them. Recent Security logs:

Wed Jun 2 20:44:47 2010
=>Found attack from 221.192.199.46.
Source port is 12200 and destination port is 8085 which use the TCP protocol.
Wed Jun 2 20:57:41 2010
=>Found attack from 187.103.17.2.
Source port is 1670 and destination port is 10181 which use the TCP protocol.
Wed Jun 2 21:00:13 2010
=>Found attack from 116.87.165.13.
Source port is 2069 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:00:43 2010
=>Found attack from 116.87.165.13.
Source port is 2069 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:02:35 2010
=>Found attack from 122.164.171.91.
Source port is 19029 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:04:07 2010
=>Found attack from 221.192.199.48.
Source port is 12200 and destination port is 8085 which use the TCP protocol.
Wed Jun 2 21:09:48 2010
=>Found attack from 122.164.171.91.
Source port is 21359 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:11:51 2010
=>Found attack from 221.192.199.49.
Source port is 12200 and destination port is 7212 which use the TCP protocol.
221.192.199.49 probing for open proxy - filed under Hacking
86.180.209.184
>1 year ago
221.192.199.49 and other Chinese IPs are checking for an open proxy on my web server ports 80 and 8080. Some trying to fetch my home page, possibly for email addresses or to exploit weaknesses. Keep coming back every few minutes ignoring my 403 Forbidden responses.
Kernel : Intrusion - filed under Firewall Alert
80.229.242.205
>1 year ago
Constant Alert of 'Kernel Intrusion' from src=221.192.199.49 to my router almost everyday; full up the syslog.

kernel: Intrusion -> IN=ppp_0_38_1 OUT= MAC= SRC=221.192.199.49 DST=xxx.xxx.xxx.xxx LEN=40 TOS=0x00 PREC=0x80 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=8080 WINDOW=8192 RES=0x00 SYN URGP=0

There are same situations on others;

http://www.google.co.uk/search?hl=ja&source=hp&q=221.192.199.49+intrusion&aq=f&aqi=&aql=&oq=&gs_rfai=
May 2 16:51:22 kernel: Intrusion detected from 221.192.199.49. Source port is 12200, and destination port is 8000 which use the TCP protocol. - filed under Firewall Alert
92.29.183.239
>1 year ago
Tried to gain access over the past 2 days about 6 times per day .
Sending .../fastenv to my webserver - filed under HTTP Fraud
80.225.112.63
>1 year ago
This IP is sending code to my webserver, preumably to find out the response. I've had to add it to my black list.
Source port is 12200 and destination port is 8000 - filed under Port Scanning
86.12.84.2
>1 year ago
About a hundred attempts at ports 8080 and 8000 over the past few days from CHINANET Hunan province network.
View WHOIS information for 221.192.199.49
15 Latest Attacks
61.176.192.45 - "Yet Another" - filed under Brute Force
Security alert type : IP Subnet Broadcast Amplification IP source address ...
2 hr 23 min ago
219.94.163.50 - http://www.ichisato.net/homes/cellotp.html - filed under Phishing
fraud@antihotmail.com ------------------------------ http://www.ichisato.net/homes/cellotp.html htt...
4 hr 45 min ago
221.112.61.210 - Repeated php hacking attempts on Apache web server - filed under Hacking
221.112.61.210 - - [09/Mar/2012:03:37:09 +0000] &quot;GET /web/index.php HTTP/1.1&quot; 404 469 &...
4 hr 57 min ago
195.97.97.219 - Repeated attempts at php hacking on webserver - filed under Hacking
195.97.97.219 - - [08/Mar/2012:10:46:52 +0000] &quot;GET //phpMyAdmin-2.6.1/ HTTP/1.1&quot; 404 47...
4 hr 59 min ago
202.103.52.147 - SIP Hacker - filed under Hacking
SIP Hacking from this IP Address trying to get through on Port 5060. March 8th 2012 - 9:58pm EST SI...
5 hr 1 min ago
95.211.136.81 - Is a SIP Hacker - filed under Hacking
SIP Hacking from this IP Address trying to get through on Port 5060. March 8th 2012 - 10:36pm EST S...
5 hr 6 min ago
173.236.47.98 - http://www.paypal.com.cgi.bin.webscr.cmd.login-submit.dispatch.5885d80a13c0db1f8e263663d3faee8d43b1bb6ca6e.adc31946416.umbria.me.uk/ - filed under Phishing
fraud@antihotmail.com ------------------------------ http://www.paypal.com.cgi.bin.webscr.cmd.login...
8 hr 3 min ago
186.216.175.59 - So called 'dating' site - filed under Spam
SPAM Badly targeted. Highly inappropriate morally corrupt and unwanted especially for very young per...
8 hr 13 min ago
64.38.5.34 - Intentos repetidos de violar seguridad FTP - filed under FTP Hacking
(000001) 02/03/2012 09:36:21 a.m. - (not logged in) (64.38.5.34)&gt; USER Administrator (000001) 02/...
8 hr 47 min ago
195.3.147.99 - hacker - filed under Hacking
Constant malware attempts!!! Everytime I turn on the computer it's happening! Browser even redirec...
8 hr 48 min ago
194.54.80.150 - hackers - filed under Hacking
Constant malware attempts!!! Everytime I turn on the computer it's happening! Browser even redirec...
8 hr 50 min ago
113.10.155.220 - http://us.battle.net.wowaccount.in/login/en/index.asp?ref=https://us.battle.net/account/management/index.xml&app=bam - filed under Phishing
fraud@antihotmail.com -------------------------------- http://us.battle.net.wowaccount.in/login/en/...
8 hr 57 min ago
189.113.2.23 - http://paypal.com.cegi.bins.webscr.rmd.logining.submit.dispatch.e1as5d4a65sd6a5s4da56sds.brazilfacile.com.br/b504971396137dbdaf79b5a737571248/ - filed under Phishing
fraud@antihotmail.com ------------------------------ http://paypal.com.cegi.bins.webscr.rmd.loginin...
9 hr 3 min ago
109.236.84.123 - Phishing/ddos/malware... - filed under Hacking
This ip doing many shit like phishing DDOS hack attack malware drop maybe we can stop ip with this c...
9 hr 6 min ago
70.91.161.61 - Thousands of attempts to remotley login to SBS server - filed under Brute Force
This IP address has attempted thousands of times to crack our system using names that dont exist, an...
9 hr 10 min ago
More Attacks
70.38.11.22 - http://paskinfo.com/ww1.paypal.de=session-sg79bxn6f5ulrc424432/fraud-prevention.paypal.de/cgi-bin/load.servers/cmd_login=k3mcbylxq9g6snp/gr75670/cmd=_home_country_lang.x=true/date=20110824/webscr_prim.html - filed under Phishing
fraud@antihotmail.com ------------------------------- http://paskinfo.com/ww1.paypal.de=session-sg7...
>6 months ago
123.116.128.149 - NMAP XMAS Scan - filed under Port Scanning
Norton advised me that the above IP, 123.116.128.149, has targeted my computer with the NMAP XMAS Sc...
>3 years ago
190.54.35.179 - ftp attack - filed under FTP Hacking
this ip address was trying to connect to my ftp server on port 21, and appeared in my router log....
>2 years ago
72.13.95.3 - http://www.postepay.it.otstea.thuisbezorgd.de/online/ - filed under Phishing
fraud@antihotmail.com ------------------------------ http://www.postepay.it.otstea.thuisbezorgd.de/...
>2 months ago
61.128.252.9 - Scanning for open TCP Port 2967 - filed under Brute Force
Running a scan through a complete class-c networks searching for a machines with an open tcp port 29...
>1 year ago
84.246.224.229 - Lot's of failed attemts in Mailserver Logfile - filed under Brute Force
Tried to access to our mailserver! Tries several passwords since last friday. Looks like a zombie to...
>1 year ago
61.139.105.163 - port scanning again - filed under Port Scanning
Router firewall just detected a port scan from this ip addy...
>2 years ago
60.195.250.56 - Tried to connect - filed under FTP Hacking
Actually he only connected, and disconnected a few seconds later from my FTP-server. Nothing wrong, ...
>2 years ago
211.94.189.94 - Trying to hack into the FTP Server - filed under Hacking
Trying to logon as Administrator...
>2 years ago
218.23.37.51 - network attack from ip 218.23.37.51 - filed under SQL Injection
Kaspersky blocked attempt from ip address 218.23.37.51 to inject Intrusion.Win.MSSQL.worm.Helkern th...
>2 years ago
151.12.11.2 - trying to access folders on our domain - filed under Directory Harvest
port scanning and folder scanning to access folders on our domain...
>1 year ago
202.103.30.24 - very strong bruteforcing - filed under Brute Force
Feb 29 16:55:12 saraksh sshd[4639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid...
8 days ago
211.244.4.102 - ftp brute-force attack - filed under Brute Force
ftp brute-force attack...
>3 years ago
118.129.166.213 - Too many login attempts - filed under FTP Hacking
Brute force attempt....
>1 year ago
190.145.0.34 - repeated attempts to log on using non-existent user names - filed under Brute Force
SSH dictionary attack, possibly from an unwitting member of a botnet...
>2 years ago
61.139.105.163 - Port scanning - filed under Port Scanning
I have been on DMZ. Suck my firewall!...
>2 years ago
58.53.128.68 - Ckucskzj - filed under Malware
this is be cool 8)...
>2 years ago
206.161.121.5 - Tough stuff - filed under Malware
Got a nasty virus, finally got Malware Bytes onto my PC and got most of it removed. However, now Mal...
>2 months ago
173.212.247.106 - SSH Dictionary attack - filed under Brute Force
probably another unwitting botnet dupe...
>2 years ago
177.36.128.187 - Phishing & Spam Attempts "FW: 5 direitos que temos e não são divulgados" - filed under Spam
SPAM email trying to impersonate well a public well known and trusted entity. Delivered-To: #######...
>4 months ago
218.23.37.51 - Intrusion.Win.MSSQL.worm.Helkern Absent - filed under Firewall Alert
6/28/2009 1:41:47 PM Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP from 61.145.123.141 to l...
>2 years ago
78.159.96.17 - he tri to hack me - filed under Firewall Alert
my firewall count him...
>3 years ago
216.240.151.113 - its trying to install some exe in my computer - filed under Hacking
when i brows my computer an message show your computer in risk you must install an anti virus and wh...
>3 years ago
88.198.45.205 - repeated attempts to log on using non-existent user names - filed under Brute Force
Probably an unwitting participant in a Botnet, attempting an SSH dictionary attack...
>2 years ago
210.211.98.33 - SSH Attack - filed under Brute Force
Brute force attack on SSH. The log from Feb 1st 2011 03:59:46 (CET) says: &quot;Failed password for...
16 days ago
"Chinese Government Sponsored Hacking" - filed under Firewall Alert
  76.227.65.185
>2 months ago
This IP is working in collaboration with the IP 58.218.199.227

They are scanning for any & all open ports, then they come in with
spam, redirects, virus's and try to steal your personal information.

These attacks are quite obviously sponsored by the Government
of China, as the "Great Fire Wall" should easily prevent such activities.

The fact that this IP originates from the Capitol City should tell you
something.

Nothing is being done about this and nothing will be done about this
because Governments No longer respect the people who created the
Great Nations of the World.

Until the people take back control of the Governments of the World
Nothing Will Change.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 3/3/12 06:04:39 PM
IP broadcast address : 76.227.65.191
221.192.199.49 - filed under Brute Force
  92.9.206.150
>2 months ago
Firewall log:
I noticed this in my security log this evening Feb 27 23:07:16 user.alert kernel: LANDATTACKIN=ppp_0_38_1 OUT= MAC= attack detected from 221.192.199.49 117
port scanning - filed under Port Scanning
  62.194.100.185
>2 months ago
There are numerous attempt of port scanning on my firewall with the mentioned ip address. Evrytime it is from port 12200 to different ports on my firewall

"Closing" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/27/12 05:25:00 AM
IP broadcast address : 76.227.65.191

The IP 221.192.199.49 is well known for being a bot that scans computers setting them up for attack by other bots in the group and recruiting new bots. In all likelihood this is being run by the Chinese Government, which would explain why all these complaints have been ignored.
I will not bother reporting to this website any longer as there has been no action taken. The Offender has been in operation for over a year acting with full impunity.
So Good Luck to you all, I will continue to have this situation averted utilizing other websites that are more sincere about what they insinuate they're purpose to be. Thanks!
"Little Bitch Chink" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/27/12 03:37:27 AM
Number of ports that were scanned: 8
Highest port : 8088
Lowest port : 73
1080 2301 2479 8088 73 8008 3246 7212

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 3
Time at last attempt : 2/27/12 01:49:51 AM
IP broadcast address : 76.227.65.191

"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"
"AssHole Chink Fuck" "AssHole Chink Fuck" "AssHole Chink Fuck"

"Continuous Harrassment" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/26/12 11:59:40 PM
IP broadcast address : 76.227.65.191
"Saki Haki" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/26/12 10:10:47 PM
IP broadcast address : 76.227.65.191
"Haki Saki" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 08:20:06 PM
Number of ports that were scanned: 19
Highest port : 9000
Lowest port : 1080
9000 8123 8088 8008 6588 1080 2301 3246 8000 8085
(Only the first 10 ports are recorded.)
"Haki Saki" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 20
Time at last attempt : 2/26/12 08:20:06 PM
IP broadcast address : 76.227.65.191
"64,000 to Go" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 18
Time at last attempt : 2/26/12 12:53:04 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 11:02:15 AM
Number of ports that were scanned: 27
Highest port : 9090
Lowest port : 1080
9000 1080 8118 9090 2301 8123 8090 2479 8008 3246
"Port Scanning" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 13
Time at last attempt : 2/26/12 09:12:45 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 09:12:45 AM
Number of ports that were scanned: 17
Highest port : 9000
Lowest port : 73
8000 8085 8090 2479 8088 73 8008 3246 6588 9000
"Rats Nest" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 9
Time at last attempt : 2/26/12 05:32:28 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 05:32:28 AM
Number of ports that were scanned: 9
Highest port : 9415
Lowest port : 3246
9000 6515 8000 9415 8085 9090 8090 3246 6588
"Rats Nest" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 2
Time at last attempt : 2/26/12 03:39:13 AM
IP broadcast address : 76.227.65.191
"Non-Stop Scanning" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 2/26/12 01:46:13 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/26/12 01:46:13 AM
Number of ports that were scanned: 5
Highest port : 8123
Lowest port : 3246
6515 8123 8090 3246 7212
"China Prowler" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/25/12 09:58:53 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 09:58:53 PM
Number of ports that were scanned: 6
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 9090 8088
"Continuous Harrassment" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/25/12 08:06:17 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 08:06:17 PM
Number of ports that were scanned: 6
Highest port : 9415
Lowest port : 6515
6515 8000 9415 8085 9090 7212
"China Peepers" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 2/25/12 06:15:16 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 06:15:16 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
9000 1080 9415 8085 2301 8123 8088

So, do I win something after reporting they've scanned over 100,000 ports?
"Chinese Tax Dollars at Work" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 8
Time at last attempt : 2/25/12 04:25:18 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 04:25:18 PM
Number of ports that were scanned: 8
Highest port : 9090
Lowest port : 1080
1080 8000 8118 9090 2301 3246 7212 6588
"How many ports are there?" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 5
Time at last attempt : 2/25/12 12:45:31 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 12:45:31 PM
Number of ports that were scanned: 5
Highest port : 9090
Lowest port : 73
8085 8118 9090 2301 73
"Hello, Is there anybody out there?" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 2/25/12 10:56:54 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 10:56:54 AM
Number of ports that were scanned: 7
Highest port : 27977
Lowest port : 73
9000 27977 1080 9415 8118 73 6588
"Continuous Scanning" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/25/12 09:06:01 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 09:06:01 AM
Number of ports that were scanned: 6
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 2479 7212
"port by port" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 20
Time at last attempt : 2/25/12 07:17:01 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 05:28:30 AM
Number of ports that were scanned: 21
Highest port : 27977
Lowest port : 73
1080 6515 9415 73 3246 9000 27977 8008 9090 8123
"Constant Scanning" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 5
Time at last attempt : 2/25/12 12:00:44 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/25/12 12:00:44 AM
Number of ports that were scanned: 5
Highest port : 9415
Lowest port : 2479
8000 9415 8123 2479 8008
"ScanMaster" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 3
Time at last attempt : 2/24/12 10:13:46 PM
IP broadcast address : 76.227.65.191

Hmmmm, what? no port scan?
"Ongoing" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 5
Time at last attempt : 2/24/12 08:26:43 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 08:26:43 PM
Number of ports that were scanned: 5
Highest port : 9000
Lowest port : 2479
9000 8118 2479 7212 6588
"Very Consistent" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 10
Time at last attempt : 2/24/12 06:39:29 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 06:39:29 PM
Number of ports that were scanned: 12
Highest port : 27977
Lowest port : 73
27977 8000 8118 9090 2301 2479 8088 73 8008 7212
"Duck & Cover" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 7
Time at last attempt : 2/24/12 04:51:44 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 04:51:44 PM
Number of ports that were scanned: 7
Highest port : 9090
Lowest port : 2301
6515 8085 8118 9090 2301 8123 8088

He hides and then pops his head up and scans, what's he look like ya might ask?

221.192.199.49 (DDISP-2717DBE3A)

Time To Live (TTL): 110
DNS name: DDISP-2717DBE3A
NetBios names (2)
DDISP-2717DBE3A <00> UNIQUE - Workstation service
WORKGROUP <00> GROUP - Domain name
User:
MAC: 00:E0:6F:0A:61:EF (TERAYON CORP.)
TCP ports (4)
21 ftp => File Transfer Protocol
80 http => World Wide Web HTTP
HEAD / HTTP/1.0
HTTP/1.1 200 OK
Content-Length: 1193
Content-Type: text/html
Content-Location: http://221.192.199.49/iisstart.htm
Last-Modified: Fri, 21 Feb 2003 12:15:52 GMT
Accept-Ranges: bytes
ETag: "0ce1f9a2d9c21:961"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 24 Feb 2012 16:23:26 GMT
Connection: close
1026 cap => Calender Access Protocol
3389 terminal => Terminal Services (Ms Remote Desktop)
UDP ports (7)
123 NTP => Network Time Protocol
137 netbios-ns => NetBios Name Service
138 netbios-dgm => NetBios Datagram Service
445 microsoft-ds => Microsoft-DS
500 isakmp => Isakmp
1434 ms-sql-s => Microsoft-SQL-Server
4500 ipsec-nat-t => IPsec NAT-Traversal

I'm sure he won't mind.........
"Cosmic Debris" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/24/12 03:03:27 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 03:03:27 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
1080 6515 8000 9415 8085 8118 2479
"China China China" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/24/12 12:24:34 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 12:24:34 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 2301
9415 8085 8118 9090 2301 8090 6588
"Intruder Alert" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 1
Time at last attempt : 2/24/12 10:37:34 AM
IP broadcast address : 76.227.65.191

Maybe his scanner's not working.........
"Guess" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 6
Time at last attempt : 2/24/12 08:50:16 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 08:50:16 AM
Number of ports that were scanned: 6
Highest port : 27977
Lowest port : 73
9000 27977 1080 8090 73 8008

This Clown thinks he's playing the Lottery.........
"Non-Stop Scanning" - filed under Port Scanning
  76.227.65.185
>2 months ago
I intend to post each & every infraction committed by this IP until cessation of this aggesion.

Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 9
Time at last attempt : 2/24/12 07:02:23 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/24/12 07:02:23 AM
Number of ports that were scanned: 8
Highest port : 9000
Lowest port : 73
9000 8123 8090 2479 8088 1080 8118 73
Causing Lag Spikes in Game Due to Port Used - filed under Port Scanning
  62.49.7.5
>2 months ago
Wed, 2012-02-22 02:16:36 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]
Wed, 2012-02-22 11:05:59 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]
Wed, 2012-02-22 13:16:58 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]

Mon, 2012-02-20 19:28:57 - TCP Packet - Source:221.192.199.49,12200 Destination:62.49.7.5,27977 -
[SWTOR 2 rule not match]
"Trying to climb down the Chimney" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 4
Time at last attempt : 2/23/12 08:16:43 PM
IP broadcast address : 76.227.65.191

The Plot Thickens!
"Persistent Scanning" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 5
Time at last attempt : 2/23/12 04:50:39 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 04:50:39 PM
Number of ports that were scanned: 5
Highest port : 9415
Lowest port : 1080
1080 6515 9415 9090 8090
"Persistent Scanning" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/23/12 02:55:56 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 02:55:56 PM
Number of ports that were scanned: 7
Highest port : 9090
Lowest port : 73
6515 9090 73 8008 3246 7212 6588
"Tapping on the Windows" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
IP destination address : 76.227.65.191
Number of attempts : 25
Time at last attempt : 2/23/12 12:15:13 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 06:46:14 AM
Number of ports that were scanned: 37
Highest port : 9415
Lowest port : 73
9000 8118 2479 8088 73 7212 1080 6515 9415 6588 ect. ect.ect.
port scanning and attempting to force HTTP errors - filed under HTTP Fraud
  82.35.146.133
>2 months ago
port scanning and attempting to force HTTP errors

2012-02-22 18:28:26.884141| 221.192.199.49 |/error/document|
2012-02-22 21:50:27.174795| 221.192.199.49 |/ip.php|
2012-02-22 21:50:27.286480| 221.192.199.49 |/error/document|
2012-02-22 23:36:30.778775| 221.192.199.49 |/proxyheader.php|
2012-02-22 23:36:30.889461| 221.192.199.49 |/error/document|
2012-02-23 08:28:40.138948| 221.192.199.49 |/proxyheader.php|
2012-02-23 08:28:40.258807| 221.192.199.49 |/error/document|
"Still There" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 9
Time at last attempt : 2/23/12 01:35:11 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/23/12 01:35:11 AM
Number of ports that were scanned: 9
Highest port : 9415
Lowest port : 2479
9000 6515 9415 8118 2479 8085 8123 8090 6588
"Persistent" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 7
Time at last attempt : 2/22/12 09:54:55 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 09:54:55 PM
Number of ports that were scanned: 7
Highest port : 9415
Lowest port : 1080
1080 6515 8000 9415 8085 8008 7212
"Constant Hack" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 10
Time at last attempt : 2/22/12 08:07:09 PM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 08:07:09 PM
Number of ports that were scanned: 9
Highest port : 9415
Lowest port : 2479
8085 9090 8123 2479 8088 3246 6515 9415 7212
constant port scans - filed under Port Scanning
  69.5.145.109
>2 months ago
this address is port scanning my machine perhaps 10 or 15 times per day. Scans are reported from my firewall software. Address is 221.192.199.49. Please note.
Scanning my ports about 10x per day - filed under Port Scanning
  76.220.214.33
>2 months ago
Scanning my ports about 10x per day

TCP scanned port list, 8090, 2479, 8088, 73, 8008

02/22/2012 02:24:47.912 Alert Intrusion Prevention Possible port scan detected

This email was generated by: SonicOS Enhanced 5.6.0.12-65o
"Endless" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 8
Time at last attempt : 2/22/12 11:36:45 AM
IP broadcast address : 76.227.65.191

Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 11:36:45 AM
Number of ports that were scanned: 8
Highest port : 9415
Lowest port : 1080
1080 6515 8000 9415 8085 8118 8123 6588
"Guess Who" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 09:16:23 AM
Number of ports that were scanned: 8
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 8085 8088 3246

(Insert Derogatory Comment Here _____________)
"Piss Ant" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/22/12 07:28:30 AM
Number of ports that were scanned: 5
Highest port : 9415
Lowest port : 6588
9000 9415 8085 8088 6588

Bay Ching Piss Ant!
"Ass Wipe" - filed under Firewall Alert
  76.227.65.185
>2 months ago
Security alert type : IP Subnet Broadcast Amplification
IP source address : 221.192.199.49
Number of attempts : 87
Time at last attempt : 2/22/12 05:40:20 AM
IP broadcast address : 76.227.65.191

Punk Fucking Chinc Assholes! (note-all derogatory references are aimed directly at the Chinese Goverment for whom I hold absolutely No Respect! Write that on your Fucking Wall!)
"Cock Sucker" - filed under Port Scanning
  76.227.65.185
>2 months ago
Security alert type : Port Scan
Protocol type : TCP
IP source address : 221.192.199.49
Time at last attempt : 2/20/12 09:58:55 PM
Number of ports that were scanned: 163
Highest port : 27977
Lowest port : 1080
9000 27977 1080 6515 8000 9415 6588 2301 8090 8088

Enough already with these motherfucking Chinc Fucks!
221.192.199.49 - filed under Firewall Alert
  76.123.98.61
>2 months ago
How can we attack this guy and his ISP?
Unless this is State supported hacking we ought to be able to make life difficult for him.
today twice, Eset told me about port hack - filed under Port Scanning
  andy2004
>3 months ago
twice today in the past 30min i've had 2 port attacks from 2 address 221.192.199.49 and another 222.192 dont remember the other 2 numbers are the popup closed. considering this is a fresh install, and updated it shouldnt happen. These assholes should be taken down. loose the ability to go online for the rest of their natural short lives.
Detected Port Scanning attack - filed under Port Scanning
  173.26.93.171
>3 months ago
2/9/2012 5:53:30 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.0.116:8088 TCP
2/9/2012 11:37:16 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:8123 TCP
2/9/2012 8:28:36 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:8123 TCP
2/9/2012 5:20:47 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:808 TCP
2/9/2012 2:11:45 AM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:8088 TCP
2/8/2012 11:03:27 PM Detected Port Scanning attack 221.192.199.49:12200 173.27.157.166:2301 TCP
2/7/2012 9:57:19 PM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.90:2301 TCP
2/7/2012 6:17:16 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.92:2301 TCP
2/7/2012 3:09:31 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.92:8008 TCP
2/7/2012 12:01:50 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.9.92:1080 TCP
2/6/2012 8:52:48 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.104:9090 TCP
2/5/2012 12:43:06 AM Detected Port Scanning attack 221.192.199.49:12200 173.29.88.216:8000 TCP
2/4/2012 6:27:16 PM Detected Port Scanning attack 221.192.199.49:12200 173.29.88.216:8088 TCP
2/2/2012 6:58:32 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.126:8090 TCP
1/31/2012 1:21:01 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:7212 TCP
1/31/2012 10:13:11 AM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8118 TCP
1/31/2012 7:04:02 AM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:3246 TCP
1/31/2012 12:33:59 AM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8118 TCP
1/30/2012 9:13:36 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8118 TCP
1/30/2012 5:55:18 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.1.144:8090 TCP
BT Modem/Router Firewall Reports SYN Flood Attack - filed under Sync Flood
  Activeplan
>3 months ago
Our backup line modem router firewall daily report lists this IP address as being responsible for a SYN Flood attack yesterday (Wed 2nd February 2012)
continous attempts - filed under Port Scanning
  76.102.89.179
>3 months ago
yesterday I reported this IP address attempt to do a portscan several times, today it again attempted to do it numerous times. this is getting to be a serious threat and very annoying
Constant ports scanning - filed under Port Scanning
  76.102.89.179
>3 months ago
this IP address continues to ping my computer unrelentlessly throughout the day. It makes it difficult to concentrate on my work because it will never stop
Port attacks to svchost.exe - filed under Port Scanning
  80.7.115.229
>3 months ago
Malwarebytes log

2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 9415, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 3246, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 8088, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 73, Process: svchost.exe)
2012/01/19 16:21:54 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 808, Process: svchost.exe)
2012/01/19 19:31:38 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 8085, Process: svchost.exe)
2012/01/19 19:31:38 GMT <compname> <logon> IP-BLOCK 221.192.199.49 (Type: incoming, Port: 73, Process: svchost.exe)
Keeps scanning - filed under Port Scanning
  71.22.175.181
>4 months ago
scanning my computer alot i dont know if its bad but i dont appreciate it. please stop them it's very harrasing and idk what else to write because this has to be long.
hacking/ddoss attacks network packet injection sql - filed under DDOS
  86.9.1.105
>4 months ago
please get these ip networks banned from my virgin media ip address...MY NAME IS AARON WATSON 22A STUART CRESCENT WINCHESTER SO224AU.
THEY KEEP ON PORT SPAMMING AND BRUTE FORCING ENTRY
China AGAIN - filed under Port Scanning
  98.220.5.246
>4 months ago
Firewall catches but its really getting old. I have had 4 other IP's from China doing port scans in the last couple days. Well over 100 attempts over the last few days from this address and others from China. To the best of my knowledge I have no malware or virus in on my machine.
Port Scanning - filed under Port Scanning
  173.80.81.63
>4 months ago
Im getting scanned on several different ports almost everyday from 221.192.199.49. This along with three other IP's from China are trying to gain access to my PC. This addy is coming up about once a hour.
attempting to log on to my computer - filed under Malware
  68.10.173.192
>4 months ago
has been attempting to log on to my computer many times since I added extra level of protection I have been able to block it.... makes this attempt while I am using SKYPE
Attempts by chinese to access my PC - filed under Hacking
  98.235.100.96
>4 months ago
Every day when i log in to my PC get warning from Malewarebytes program that
it blocked this IPO address 221.192.199.49 the CHINKS from Habei trying to gain access to my pc.They are out to over whelm us to cause as much havoc as they possibly can WHY?because they hate the USA and all it stands for.Use what ever defense that works for you against them,there is no other way to deal with it
attempting to gain access through numerous ports - filed under Hacking
  173.11.25.117
>4 months ago
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 808
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 8123
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 7212
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 73
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 8088
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 1080
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 9000
[INFO] Sun Dec 18 08:54:57 2011 Blocked incoming TCP connection request from 221.192.199.49:12200 to port 9415
Port scanning - filed under Port Scanning
  68.2.141.95
>4 months ago
Port Scanning 12/19/2011 7:09:07 PM Detected Port Scanning attack 221.192.199.49:12200 192.168.0.10:8090 TCP continuous port scanning every few minutes. This has been happening for a couple months and is getting worse.
won't stop - filed under Port Scanning
  74.84.108.245
>4 months ago
Non stop port scanning of network. Please do something to stop this as many other people on the net also have this issue. Bad IP.
Port scan - filed under Port Scanning
  151.16.191.197
>5 months ago
Port scan at 9:25 CET 2011/12/05
I found this in my router's security log
TCP Packet - Source:221.192.199.49 Destination:<My ip address> - [PORT SCAN]
Now is back listed!
3 tries registered - filed under DDOS
  84.144.224.233
>5 months ago
My router logged 3 tries from this IP address.

The DOS attack source was logged 3 times as:
TCP Packet - Source:221.192.199.49,12200

on Fri, 2011-11-25 13:41:10 UTC+1
Scanning ports as well as trying to connect many times. - filed under Port Scanning
  68.150.179.111
>5 months ago
This guy from China appears to be scanning my ports while also trying to connect via port 12200. I would really appreciate thos annoying guy to get a life.
221.192.199.49 - filed under Hacking
  85.84.54.156
>6 months ago
How many of you are using Malwarebyte?
You haven´t thought that this can be a strategy of Malware to convince us that their program is completely effective?
Maybe I'm wrong...
Re: 221.192.199.49
 76.123.98.61
>2 months ago
I was about to post the same question.
I have MB also.
Re: 221.192.199.49
 76.227.65.185
>2 months ago
You 2 are a couple of PinHeads! Are you perhaps working with this IP? Why would someone post a defensive statement regarding a hacker? This Listing of posts is for Complaints, the only defensive statement in here should be from the offending IP which has to date offered no explanation.
port scanning attacks - filed under Port Scanning
  83.4.226.200
>6 months ago
2011-11-01 18:26:57 Detected Port Scanning attack 221.192.199.49:12200 1xx.1xx.x.x:8008 TCP they tried to scan my ports and they do it many times a day what can i do with it? need some help
Port scanning - filed under Port Scanning
  82.242.106.64
>6 months ago
ils font chier les chinois
01/11/2011 15:04:59 Attaque par balayage de ports détectée 221.192.199.49:12200 192.168.0.1:73 TCP
01/11/2011 11:51:08 Attaque par balayage de ports détectée 221.192.199.49:12200 192.168.0.1:8000 TCP
31/10/2011 19:40:22 Attaque par balayage de ports détectée 221.192.199.49:12200 192.168.0.1:73 TCP
31/10/2011 22:30:05 Attaque par balayage de ports détectée 58.218.199.147:12200 192.168.0.1:9090 TCP
Malware software Blocking 221.192.199.49 for attempts at my 130 port - filed under Malware
  128.211.237.64
>6 months ago
Computer running STUPID slow and not functioning correctly, installed some malware software which detected this IP trying to acces my computer. one two three four five
daily podt scans - filed under Port Scanning
  99.245.50.69
>6 months ago
Your computer's TCP ports:
3246, 8090, 8008, and 8123 have been scanned from 221.192.199.49
9090, 2301, 8088, and 73 have been scanned from 221.192.199.49
3246, 8090, 8000, and 8008 have been scanned from 221.192.199.49
9415, 9000, 3246, and 808 have been scanned from 221.192.199.49
now daily 4 times per day. above is from yesterday
Port scanning, port scanning and more port scanning. - filed under Port Scanning
  85.17.222.10
>6 months ago
Im getting scanned on several different ports almost everyday from 221.192.199.49 its annoying and theyre obviously up to no good. It would be nice if someone gave them a taste of their own medicine, whatever that medicine might be...
Please ban and make an order with a faulty user - filed under Port Scanning
  195.116.17.142
>6 months ago
I have many reports about port scanning from 221.192.199.49. Please ban user which was trying to scan IP: 195.116.17.*. Looking forward for an answer. My addres is yku@op.pl.

Best regards,
Tomas Kaczynsky
Continuous port scanning of my firewall - filed under Port Scanning
  71.183.63.8
>6 months ago
Nothing new - happens all the time from multiple Chinese ip addresses. I figured I'd document it for posterity. Working on something interesting for these Crackers :)
hacking - filed under Hacking
  207.172.123.141
>7 months ago
221.192.199.49
Am receiving hacking from this IP address every single day.Today alone and it is only 9:07 a.m I have received 11 attempts.
I know this is China.
Malwarebytes is picking it up so do not know which port
Constant attacks - filed under Port Scanning
  70.187.129.33
>7 months ago
ESET Smart Security has been warning me on a regular basis about Port scanning attacks from this IP. I am getting an attack once every few hours it seems.
I have been recieving multiple attempts from this ip address to access my network - filed under FTP Hacking
  65.26.131.160
>7 months ago
it has been going on for the past few days now and I would appreciate it if they would stop trying to attack my router...
IP 221.192.199.49 port 12200 port scanning me constantly - filed under Port Scanning
  71.89.61.25
>7 months ago
Getting ports scans from IP 221.192.199.49 port 12200 in blocks of 5 scans - each one with a different port being scanned about every 20 minutes. This has been happening for weeks. Can't we get this IP blocked at a high level. My ISP tells me it's "my problem" not theirs.
hacking attempts by 221.192.199.49 - filed under Hacking
  24.163.57.111
>7 months ago
Constant Alert of 'Kernel Intrusion' from 221.192.199.49 to my PC almost every 10 minutes per day. Tries to enter my computer and get response. Add to black list.
what the fuck is up with 216.245.196.122? - filed under Port Scanning
  66.214.186.127
>7 months ago
over the past few days my computer has been scanned constantly by IP 216.245.196.122 - apparently looking for an open port. . .
netgear router attack - filed under DDOS
  80.229.35.37
>7 months ago
i have had a lot of attacks from this ip based somewhere in china for the past month or so they must be stopped, please stop them.
Port scanning - filed under Port Scanning
  91.67.200.160
>8 months ago
1000's of port scans. Why does nothing happen to this ISP for allowing this?
1000's of port scans. Why does nothing happen to this ISP for allowing this?
1000's of port scans. Why does nothing happen to this ISP for allowing this?
Source port is 12200 and destination port is 8008 - filed under Port Scanning
  72.200.147.238
>8 months ago
The details are: TCP connection request from 221.192.199.49:12200 to 72.200.147.238:8008 .

My router keeps blocking these incoming TCP connection attempts. Batch of 4 attempts on September 15, 2011
Suspicious HTTP GET requests - filed under Hacking
  TS1000
>8 months ago
My server is receiving suspicious HTTP GET requests from 221.192.199.49 on TCP 2301. Some attempt to retrieve a web page from a server 218.83.152.252. See example below.

GET http://218.83.152.252/judge112233.php HTTP/1.1 Host: 218.83.152.252 User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1) Accept: */* Accept-Language: zh-cn Connection: Keep-Alive
221.192.199.49,12200 - filed under DDOS
  71.181.214.40
>9 months ago
DOS attacks every day from these pricks. Why are they doing this? it doesn't really get them anywhere but in trouble. ...STUPID IDIOTS NEED TO GO AWAY
hacking me.. - filed under Hacking
  142.177.235.69
>9 months ago
malwarebytes successful stopped this IP (221.192.199.49) from entering into my computer and putting files.. Put a stop to this shit. thanks you for handling this
DOS - filed under Firewall Alert
  82.26.88.27
>9 months ago
Fri, Aug 5th 2011, 3:01pm, TCP Packet, Source:221.192.199.49, DOS attack, 4 times using 4 different local ports, remote port 12200.

No noticable effect, but logged in firewall
Regular scans of my system. - filed under Port Scanning
  207.216.205.119
>9 months ago
Scans system from source 221.192.199.49:12200

Searching for ports 8085, 27977, 9090, 3128, 8008, 7212, 6588, 3246, 9000, 1080, 3128, 8088 & 73.

Another IP now on my system's blacklist.
attack from 221.192.199.49 - filed under Firewall Alert
  86.103.144.122
>9 months ago
several connection attempts or attacks from IP adress 221.192.199.49 on destination ports: 7212, 73, 8008, 800, 8085 all TCP from TCP source port 12200
Complaint about 221.192.199.49 - filed under Port Scanning
  85.178.184.183
>9 months ago
Constant Alert of 'Kernel Intrusion' from 221.192.199.49 to my router almost every 10 minutes per day. Tries to enter my computer and get response. Add to black list.
I found this in my router's security log - filed under Port Scanning
  216.218.211.56
>1 year ago
Recently I have noticed an increase of foreign ips scanning my ports. This is one of them. Recent Security logs:

Wed Jun 2 20:44:47 2010
=>Found attack from 221.192.199.46.
Source port is 12200 and destination port is 8085 which use the TCP protocol.
Wed Jun 2 20:57:41 2010
=>Found attack from 187.103.17.2.
Source port is 1670 and destination port is 10181 which use the TCP protocol.
Wed Jun 2 21:00:13 2010
=>Found attack from 116.87.165.13.
Source port is 2069 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:00:43 2010
=>Found attack from 116.87.165.13.
Source port is 2069 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:02:35 2010
=>Found attack from 122.164.171.91.
Source port is 19029 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:04:07 2010
=>Found attack from 221.192.199.48.
Source port is 12200 and destination port is 8085 which use the TCP protocol.
Wed Jun 2 21:09:48 2010
=>Found attack from 122.164.171.91.
Source port is 21359 and destination port is 63091 which use the TCP protocol.
Wed Jun 2 21:11:51 2010
=>Found attack from 221.192.199.49.
Source port is 12200 and destination port is 7212 which use the TCP protocol.
221.192.199.49 probing for open proxy - filed under Hacking
  86.180.209.184
>1 year ago
221.192.199.49 and other Chinese IPs are checking for an open proxy on my web server ports 80 and 8080. Some trying to fetch my home page, possibly for email addresses or to exploit weaknesses. Keep coming back every few minutes ignoring my 403 Forbidden responses.
Kernel : Intrusion - filed under Firewall Alert
  80.229.242.205
>2 years ago
Constant Alert of 'Kernel Intrusion' from src=221.192.199.49 to my router almost everyday; full up the syslog.

kernel: Intrusion -> IN=ppp_0_38_1 OUT= MAC= SRC=221.192.199.49 DST=xxx.xxx.xxx.xxx LEN=40 TOS=0x00 PREC=0x80 TTL=115 ID=256 DF PROTO=TCP SPT=12200 DPT=8080 WINDOW=8192 RES=0x00 SYN URGP=0

There are same situations on others;

http://www.google.co.uk/search?hl=ja&source=hp&q=221.192.199.49+intrusion&aq=f&aqi=&aql=&oq=&gs_rfai=
May 2 16:51:22 kernel: Intrusion detected from 221.192.199.49. Source port is 12200, and destination port is 8000 which use the TCP protocol. - filed under Firewall Alert
  92.29.183.239
>2 years ago
Tried to gain access over the past 2 days about 6 times per day .
Sending .../fastenv to my webserver - filed under HTTP Fraud
  80.225.112.63
>2 years ago
This IP is sending code to my webserver, preumably to find out the response. I've had to add it to my black list.
Source port is 12200 and destination port is 8000 - filed under Port Scanning
  86.12.84.2
>2 years ago
About a hundred attempts at ports 8080 and 8000 over the past few days from CHINANET Hunan province network.
View WHOIS information for 221.192.199.49
[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-4]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

inetnum: 221.192.0.0 - 221.195.255.255
netname: UNICOM-HE
descr: China Unicom Hebei Province Network
descr: China Unicom
country: CN
admin-c: CH1302-AP
tech-c: KL984-AP
remarks: service provider
mnt-by: APNIC-HM
mnt-lower: MAINT-CNCGROUP-HE
mnt-routes: MAINT-CNCGROUP-RR
status: ALLOCATED PORTABLE
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20040329
changed: hm-changed@apnic.net 20060124
changed: hm-changed@apnic.net 20060125
changed: hm-changed@apnic.net 20080314
changed: hm-changed@apnic.net 20090508
source: APNIC

route: 221.192.0.0/14
descr: CNC Group CHINA169 Hebei Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC

person: ChinaUnicom Hostmaster
nic-hdl: CH1302-AP
e-mail: abuse@chinaunicom.cn
address: No.21,Jin-Rong Street
address: Beijing,100140
address: P.R.China
phone: +86-10-66259940
fax-no: +86-10-66259764
country: CN
changed: abuse@chinaunicom.cn 20090408
mnt-by: MAINT-CNCGROUP
source: APNIC

person: Kong Lingfei
nic-hdl: KL984-AP
e-mail: konglf5@chinaunicom.cn
address: 45, Guang An Street, Shi Jiazhuang City, HeBei Province,050011,CN
phone: +86-311-86681601
fax-no: +86-311-86689210
country: cn
changed: konglf5@chinaunicom.cn 20090206
mnt-by: MAINT-CNCGROUP-HE
source: APNIC


15 Latest Attacks
89.108.127.160 - Site is a scam - filed under Fraud
one of the sites through this host, everingame.com has defrauded hundreds of users. http://www.scamb...
1 hr 57 min  ago
114.36.160.94 - mindless stuff - filed under Spam
Hacking attemps, spaming. He has inserted himeslf into our medical servicesrecipients. It has been r...
2 hr 20 min  ago
205.186.130.61 - email hijacking - filed under Hacking
This person has been logging into my gmail account and sent out spam emails to my entire contact lis...
2 hr 20 min  ago
202.104.197.118 - Attempted login to FTP - filed under Brute Force
Brute force attempts to log into my server FTP with the username &quot;administrator.&quot; A sim...
2 hr 49 min  ago
74.128.173.47 - Bet2day casino - filed under Spam
Same as the rest, spam mail every hour now on 3 of my emails. No way to unsubscribe and impossible t...
3 hr 47 min  ago
173.9.198.249 - website was hacked 2 days ago - filed under FTP Hacking
2 days ago from this ip several of our websites we're hacked by logging on to our ftp webhosting ac...
3 hr 59 min  ago
66.147.240.186 - This IP is trying to logon my website - filed under Brute Force
Website: http://www.iphonesp.com.br/ Page: /administrator/index.php Description: There was an unsu...
4 hr 29 min  ago
94.183.53.255 - Attacking Google account - filed under Hacking
Someone recently tried to sign in to your Google Account, XXXXX. We prevented the sign-in attempt in...
5 hr 2 min  ago
67.205.111.248 - 184.107.157.130 - filed under Hacking
this site keeps port scanning my IP addresses. i have him blocked but clearly theres a problem with...
5 hr 33 min  ago
72.21.194.32 - Risky connection blocked - filed under Malware
Looks to me like 72.21.194.32 is a server leased from Amazon's cloud services server farm by someon...
6 hr 5 min  ago
74.128.173.47 - unsubscribe bet2day from Ryan Hardy - filed under Spam
no way to unsubscribe to their unwanted mail about bet2day; looks to me a kind of spam or other non...
6 hr 40 min  ago
178.33.224.175 - Continuous ICMP ping id-0 to all our public facing IP Addresses - filed under Firewall Alert
[00001] 2012-05-14 18:09:02 [Root]system-critical-00441: ICMP ping id=0! From 178.33.224.175 to 66.2...
7 hr 13 min  ago
92.38.199.150 - Subject: Good Day: Unsolicited, unsigned for 'loan/investment' spam from Russia - filed under Spam
Unsolicited spam from webmaster@arclip.ru -user17662 Received: from s6.cishost.ru ([92.38.199.150])...
7 hr 20 min  ago
77.78.228.62 - malware - filed under Malware
2012/05/16 20:18:16 +0300 DEOCAMDATARDS computer IP-BLOCK 77.78.228.62 (Type: incoming) 2012/05/16 2...
8 hr 20 min  ago
200.107.124.36 - spam - filed under Spam
Spam 200.107.124.36 &quot;From rrenat31391@mail.ru Wed May 16 19:06:25 2012 DKIM-Signature: v=1; ...
8 hr 41 min  ago
More Attacks
91.213.157.46 - Tried telling me that my comp. was full of viruses and malware . - filed under Fraud
Wanted me to run a scan and then try to sell me software to get rid of the viruses and malware that ...
>2 years ago
202.99.11.99 - 04/04/2009 04:04: Intrusion.Win.MSSQL.worm.Helkern - filed under Port Scanning
04/04/2009 04:04:51 UDP from 10.13.3.61 to local port 1434 Absent Detected: Intrusion.Win.MSSQL.worm...
>3 years ago
71.234.213.246 - Spam - filed under Brute Force
I am receiving verbally abusive messages from the above IP address....
>3 years ago
161.58.164.121 - Trying to extract passwords/PINs ... - filed under Phishing
The Co-operative Bank p.l.c. - Security Alert! We employ a range of security measures to protect...
>2 years ago
189.19.206.152 - free playboy pics - filed under Spam
http://btuner.com/modlogan/50/college-invasion.html college invasion, elfkvu, http://recreationcent...
>1 year ago
213.175.223.132 - http://paypal.com.usa.cgi.bin.webscr.cmd.flow.session.lohzumu98pjkwkwudgtj3ie6btlub.online775885d80a13c0db1f8e263663d3.californiagirlslyrics.com/cef577a4f74467647e79943bb5d219d2/confirm.php?cmd=_updat_login-run&dispatch=5885d80a13c0db1fb6947b0aeae66f - filed under Phishing
fraud@antihotmail.com ------------------------------- http://paypal.com.usa.cgi.bin.webscr.cmd.flow...
>1 month ago
222.180.37.14 - This IP is attempting access to port 117 - 6000 - filed under Port Scanning
blocked by firewall in my router....
>3 years ago
220.98.179.191 - Hack - filed under Hacking
This ip just tried to hack into my gmail account. Lucky me that he is dumb. Be careful and change yo...
17 hr 28 min  ago
83.244.78.191 - Attempt to access banking details ... - filed under Phishing
... as follows:- Tax Refund Notification After the last annual calculations of your fiscal ...
>2 years ago
122.226.149.58 - failed attempts to log into NAS - filed under Brute Force
IP [122.226.149.58] had 5 failed login attempts within 30 minutes, and has been blocked at Sun May ...
>2 years ago
174.127.105.75 - http://www.hoteldekache.com/images/maquinetapremiada/cielo.com.br/cadastro/cielo.com.br/ - filed under Phishing
fraud@antihotmail.com ------------------------------ http://www.hoteldekache.com/images/maquinetapr...
>7 months ago
83.143.217.250 - fraud and virus - filed under Fraud
send a invitation with message malicious....
>2 years ago
222.73.115.47 - System break attempt - filed under SQL Injection
They were attempts to find database administration tools like phpmyadmin. From log: 222.73.115.47 ...
>2 months ago
60.54.192.246 - USER Administrator - filed under FTP Hacking
IP 60.54.192.246 tried to login as admin several times with different passwords...
>2 years ago
60.12.251.47 - BFA - filed under Brute Force
Attempted to gain access to FTP site by continuously logging into 'Administrator' with various dif...
>3 months ago
68.118.33.105 - Internet Fraudlent Identity Use - filed under Fraud
This person is creating email addresses in my name, creating myspace pages about me. Making fraudlen...
>3 years ago
66.7.195.240 - http://order.service.pp.com.cgi.bin.webscr.cmd.login.submit.dispatch.c0db1f8e263663d3faee8d4028a44feca2.chaviri.com/cfa383cff45264fba34e8c2813c51370/webscr.html?cmd=5885d80a13c0db1f22d2300ef60a67593b79a4d03747447e6b625328d36121a16e05a94116961fb3bb54a48a5e - filed under Phishing
fraud@antihotmail.com ------------------------------- http://order.service.pp.com.cgi.bin.webscr.cm...
>1 month ago
222.239.255.43 - inbound malware probe - filed under Malware
217.207.140.164...
>4 years ago
67.49.25.200 - Fraudulent Debit Card Charges - filed under Fraud
Hello, my name is Alex Landis, and my bank debit card was fradulently charged, so I contacted the me...
>3 years ago
66.43.27.23 - attempt to access port - filed under Port Scanning
Attempted to access port 3550...
>4 years ago
76.74.248.79 - Send them to jail - filed under Spam
I agree. Send these guys to jail. It is the only way to stop them....
>3 years ago
189.19.206.152 - preteen model galleries - filed under SQL Injection
http://energywercs.org/images/690/index.html kijiji peterborough, iknnk, http://internetbusinessblo...
>1 year ago
203.123.205.107 - Scanning my ports repeatedly - filed under Port Scanning
This is the message my firewall gives me: Somebody is scanning your computer. Your computer's T...
>3 years ago
202.112.118.29 - ftp attack - filed under FTP Hacking
this ip address tried to loginto my ftp server, and what a suprise, its from china, here is the log ...
>2 years ago
83.64.19.250 - repeated attempts to log on using non-existent user names - filed under Brute Force
The machine is probably an unwitting participant in a botnet, the attack is sometimes described as a...
>2 years ago