111.242.208.211

Basic Info

City: unknown

Region: unknown

Country: Taiwan (Province of China)

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt from IP address 111.242.208.211 on Port 445(SMB)	2020-02-20 03:43:15

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.242.208.211
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60051
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.242.208.211.		IN	A

;; AUTHORITY SECTION:
.			262	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020021901 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 20 03:43:12 CST 2020
;; MSG SIZE  rcvd: 119

Host info

211.208.242.111.in-addr.arpa domain name pointer 111-242-208-211.dynamic-ip.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
211.208.242.111.in-addr.arpa	name = 111-242-208-211.dynamic-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
186.216.152.2	attack	Aug 25 21:10:47 itv-usvr-01 sshd[2917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.216.152.2 user=root Aug 25 21:10:48 itv-usvr-01 sshd[2917]: Failed password for root from 186.216.152.2 port 59044 ssh2 Aug 25 21:10:54 itv-usvr-01 sshd[2919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.216.152.2 user=root Aug 25 21:10:56 itv-usvr-01 sshd[2919]: Failed password for root from 186.216.152.2 port 59730 ssh2 Aug 25 21:11:01 itv-usvr-01 sshd[2921]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.216.152.2 user=root Aug 25 21:11:03 itv-usvr-01 sshd[2921]: Failed password for root from 186.216.152.2 port 60382 ssh2	2019-08-27 14:22:34
128.0.121.192	attackbots	$f2bV_matches	2019-08-27 14:43:15
115.50.165.83	attack	Unauthorised access (Aug 27) SRC=115.50.165.83 LEN=40 TTL=49 ID=4514 TCP DPT=8080 WINDOW=21418 SYN	2019-08-27 14:55:06
148.72.207.232	attackbotsspam	Aug 27 05:18:06 MK-Soft-VM4 sshd\[28774\]: Invalid user starbound from 148.72.207.232 port 59526 Aug 27 05:18:06 MK-Soft-VM4 sshd\[28774\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.72.207.232 Aug 27 05:18:09 MK-Soft-VM4 sshd\[28774\]: Failed password for invalid user starbound from 148.72.207.232 port 59526 ssh2 ...	2019-08-27 14:10:10
164.132.204.91	attack	2019-08-27T05:49:32.726474abusebot-8.cloudsearch.cf sshd\[30721\]: Invalid user louise from 164.132.204.91 port 58328	2019-08-27 14:12:29
182.61.33.47	attackbotsspam	$f2bV_matches	2019-08-27 14:26:26
112.206.44.14	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-08-27 14:42:21
54.36.148.23	attackspam	Automatic report - Banned IP Access	2019-08-27 14:53:00
202.43.148.108	attackbots	Aug 27 06:42:08 lnxded64 sshd[551]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.43.148.108	2019-08-27 14:25:54
163.172.13.168	attack	Aug 26 19:56:41 TORMINT sshd\[24860\]: Invalid user castis from 163.172.13.168 Aug 26 19:56:41 TORMINT sshd\[24860\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=163.172.13.168 Aug 26 19:56:43 TORMINT sshd\[24860\]: Failed password for invalid user castis from 163.172.13.168 port 33757 ssh2 ...	2019-08-27 14:44:49
177.19.30.94	attackspam	Unauthorized connection attempt from IP address 177.19.30.94 on Port 445(SMB)	2019-08-27 15:03:42
103.76.252.6	attackbots	Aug 26 18:33:43 web1 sshd\[5716\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.252.6 user=root Aug 26 18:33:45 web1 sshd\[5716\]: Failed password for root from 103.76.252.6 port 43457 ssh2 Aug 26 18:38:14 web1 sshd\[6145\]: Invalid user sybase from 103.76.252.6 Aug 26 18:38:14 web1 sshd\[6145\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.76.252.6 Aug 26 18:38:15 web1 sshd\[6145\]: Failed password for invalid user sybase from 103.76.252.6 port 51937 ssh2	2019-08-27 15:04:12
80.85.153.60	attackspambots	\[2019-08-27 02:07:28\] NOTICE\[1829\] chan_sip.c: Registration from '"3836" \' failed for '80.85.153.60:5065' - Wrong password \[2019-08-27 02:07:28\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-27T02:07:28.052-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="3836",SessionID="0x7f7b30be0af8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/80.85.153.60/5065",Challenge="2b62df48",ReceivedChallenge="2b62df48",ReceivedHash="e1c8f3321488c4278c5898cf45bfa185" \[2019-08-27 02:08:19\] NOTICE\[1829\] chan_sip.c: Registration from '"6536" \' failed for '80.85.153.60:5084' - Wrong password \[2019-08-27 02:08:19\] SECURITY\[1837\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-08-27T02:08:19.038-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6536",SessionID="0x7f7b302cefa8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/8	2019-08-27 14:15:00
211.144.114.26	attackbots	Aug 27 03:43:27 fr01 sshd[2977]: Invalid user charlotte from 211.144.114.26 Aug 27 03:43:27 fr01 sshd[2977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.144.114.26 Aug 27 03:43:27 fr01 sshd[2977]: Invalid user charlotte from 211.144.114.26 Aug 27 03:43:28 fr01 sshd[2977]: Failed password for invalid user charlotte from 211.144.114.26 port 55326 ssh2 Aug 27 03:47:26 fr01 sshd[4007]: Invalid user nadir from 211.144.114.26 ...	2019-08-27 14:21:53
13.66.192.66	attackbotsspam	[Aegis] @ 2019-08-27 06:38:59 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack	2019-08-27 14:29:06

Recently Reported IPs

192.241.226.132	139.195.246.78	103.10.230.171	190.79.101.161
172.40.48.6	102.114.111.43	114.237.188.8	173.93.45.211
92.246.84.70	157.218.27.31	2.215.114.126	178.77.62.118
90.237.137.168	122.193.178.75	50.183.74.213	83.120.84.56
50.123.117.10	132.248.177.251	28.39.116.87	59.110.153.94