1.161.16.172 - IPInfo

Basic Info

City: Taipei

Region: Taipei City

Country: Taiwan, China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorised access (Nov 2) SRC=1.161.16.172 LEN=52 PREC=0x20 TTL=115 ID=23971 DF TCP DPT=445 WINDOW=8192 SYN	2019-11-03 03:46:58

Comments on same subnet:

IP	Type	Details	Datetime
1.161.169.120	attackspam	1580914717 - 02/05/2020 15:58:37 Host: 1.161.169.120/1.161.169.120 Port: 445 TCP Blocked	2020-02-06 01:26:11
1.161.166.219	attack	Honeypot attack, port: 445, PTR: 1-161-166-219.dynamic-ip.hinet.net.	2020-01-15 01:22:07
1.161.161.240	attackspam	Nov 8 07:24:07 host proftpd[3004]: 0.0.0.0 (1.161.161.240[1.161.161.240]) - USER anonymous: no such user found from 1.161.161.240 [1.161.161.240] to 62.210.146.38:21 ...	2019-11-08 19:40:57
1.161.161.169	attackbotsspam	Fail2Ban - FTP Abuse Attempt	2019-09-07 21:16:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 1.161.16.172
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23712
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.161.16.172.			IN	A

;; AUTHORITY SECTION:
.			463	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110201 1800 900 604800 86400

;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Nov 03 03:46:55 CST 2019
;; MSG SIZE  rcvd: 116

Host info

172.16.161.1.in-addr.arpa domain name pointer 1-161-16-172.dynamic-ip.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
172.16.161.1.in-addr.arpa	name = 1-161-16-172.dynamic-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
31.20.92.192	attackspambots	fraudulent SSH attempt	2019-10-16 10:21:25
51.223.65.216	attack	" "	2019-10-16 10:02:46
139.155.44.100	attackbotsspam	Oct 15 21:43:40 MK-Soft-VM3 sshd[21064]: Failed password for root from 139.155.44.100 port 58142 ssh2 ...	2019-10-16 10:30:24
58.218.211.25	attack	Oct 15 23:49:28 MK-Soft-VM3 sshd[26462]: Failed password for root from 58.218.211.25 port 60304 ssh2 ...	2019-10-16 10:07:52
89.189.154.66	attackspambots	Invalid user ftpuser from 89.189.154.66 port 57384	2019-10-16 10:23:16
198.27.69.176	attack	Automated report (2019-10-15T19:48:40+00:00). Non-escaped characters in POST detected (bot indicator).	2019-10-16 10:12:10
54.175.110.204	attackbotsspam	by Amazon Technologies Inc.	2019-10-16 10:01:19
14.248.83.163	attack	Oct 16 04:09:16 vps691689 sshd[22408]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.83.163 Oct 16 04:09:17 vps691689 sshd[22408]: Failed password for invalid user www from 14.248.83.163 port 41926 ssh2 Oct 16 04:13:50 vps691689 sshd[22480]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.248.83.163 ...	2019-10-16 10:30:37
178.32.87.231	attackbots	WordPress XMLRPC scan :: 178.32.87.231 0.156 BYPASS [16/Oct/2019:06:47:54 1100] www.[censored_1] "POST /xmlrpc.php HTTP/1.1" 200 382 "https://www.[censored_1]/" "PHP/6.2.21"	2019-10-16 10:38:04
40.87.53.102	attack	40.87.53.102 - - [15/Oct/2019:21:48:04 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.87.53.102 - - [15/Oct/2019:21:48:04 +0200] "POST /wp-login.php HTTP/1.1" 200 1632 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.87.53.102 - - [15/Oct/2019:21:48:05 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.87.53.102 - - [15/Oct/2019:21:48:05 +0200] "POST /wp-login.php HTTP/1.1" 200 1607 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.87.53.102 - - [15/Oct/2019:21:48:05 +0200] "GET /wp-login.php HTTP/1.1" 200 1237 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 40.87.53.102 - - [15/Oct/2019:21:48:05 +0200] "POST /wp-login.php HTTP/1.1" 200 1608 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-10-16 10:33:20
77.247.110.8	attackspam	10/16/2019-02:40:34.754594 77.247.110.8 Protocol: 17 ET SCAN Sipvicious Scan	2019-10-16 10:39:58
190.42.37.2	attackbotsspam	Automatic report - Banned IP Access	2019-10-16 10:13:12
24.246.203.93	attack	fraudulent SSH attempt	2019-10-16 10:36:50
54.37.230.141	attackbotsspam	Oct 15 11:50:54 friendsofhawaii sshd\[32554\]: Invalid user thinkpad_r50e from 54.37.230.141 Oct 15 11:50:54 friendsofhawaii sshd\[32554\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.ip-54-37-230.eu Oct 15 11:50:57 friendsofhawaii sshd\[32554\]: Failed password for invalid user thinkpad_r50e from 54.37.230.141 port 40702 ssh2 Oct 15 11:54:31 friendsofhawaii sshd\[391\]: Invalid user leon from 54.37.230.141 Oct 15 11:54:31 friendsofhawaii sshd\[391\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.ip-54-37-230.eu	2019-10-16 10:12:33
49.88.112.72	attackbots	Oct 16 04:48:36 sauna sshd[227333]: Failed password for root from 49.88.112.72 port 40973 ssh2 ...	2019-10-16 10:04:23

Recently Reported IPs

21.138.197.5	197.87.170.79	120.13.30.22	106.209.152.27
249.81.248.13	171.249.164.225	105.63.115.158	239.157.96.198
186.110.144.192	196.49.111.116	45.136.108.14	168.69.18.33
123.240.192.121	192.170.221.104	197.217.22.36	177.200.66.239
86.111.230.37	57.22.66.215	142.165.28.190	162.40.223.52