216.118.251.254

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: CSL Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
216.118.251.2	attackspambots	Dovecot Invalid User Login Attempt.	2020-09-17 00:50:12
216.118.251.2	attack	(pop3d) Failed POP3 login from 216.118.251.2 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 16 10:39:12 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=216.118.251.2, lip=5.63.12.44, session=	2020-09-16 17:04:23
216.118.251.2	attackspambots	Email login attempts - bad mail account name (POP3)	2020-08-25 13:38:59
216.118.251.2	attackspambots	(pop3d) Failed POP3 login from 216.118.251.2 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 23 16:52:21 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=216.118.251.2, lip=5.63.12.44, session=	2020-08-23 23:27:51
216.118.251.2	attackbotsspam	(pop3d) Failed POP3 login from 216.118.251.2 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 4 16:24:39 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=216.118.251.2, lip=5.63.12.44, session=	2020-08-04 20:25:44

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       216.118.224.0 - 216.118.255.255
CIDR:           216.118.224.0/19
NetName:        APNIC
NetHandle:      NET-216-118-224-0-1
Parent:         NET216 (NET-216-0-0-0-0)
NetType:        Early Registrations, Transferred to APNIC
OriginAS:       
Organization:   Asia Pacific Network Information Centre (APNIC)
RegDate:        2018-01-22
Updated:        2018-01-22
Ref:            https://rdap.arin.net/registry/ip/216.118.224.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois://whois.apnic.net


OrgName:        Asia Pacific Network Information Centre
OrgId:          APNIC
Address:        PO Box 3646
City:           South Brisbane
StateProv:      QLD
PostalCode:     4101
Country:        AU
RegDate:        
Updated:        2012-01-24
Ref:            https://rdap.arin.net/registry/entity/APNIC

ReferralServer:  whois://whois.apnic.net
ResourceLink:  http://wq.apnic.net/whois-search/static/search.html

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName:   APNIC Whois Contact
OrgAbusePhone:  +61 7 3858 3188 
OrgAbuseEmail:  search-apnic-not-arin@apnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3188 
OrgTechEmail:  search-apnic-not-arin@apnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.apnic.net.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '216.118.224.0 - 216.118.255.255'

% Abuse contact for '216.118.224.0 - 216.118.255.255' is 'abuse@netsec.com'

inetnum:        216.118.224.0 - 216.118.255.255
netname:        NETSEC-HK
descr:          Netsec Limited
country:        HK
org:            ORG-NASS1-AP
admin-c:        NN541-AP
tech-c:         NN541-AP
status:         ALLOCATED PORTABLE
abuse-c:        AH1002-AP
mnt-by:         APNIC-HM
mnt-lower:      MAINT-NETSEC-HK
mnt-routes:     MAINT-NETSEC-HK
mnt-irt:        IRT-HK-NETSEC
last-modified:  2025-03-14T06:45:24Z
source:         APNIC

irt:            IRT-HK-NETSEC
address:        RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong
e-mail:         noc@netsec.com
abuse-mailbox:  abuse@netsec.com
admin-c:        NN411-AP
tech-c:         NN411-AP
auth:           # Filtered
remarks:        abuse@netsec.com was validated on 2025-09-18
remarks:        noc@netsec.com was validated on 2025-11-25
mnt-by:         MAINT-HK-NETSEC
last-modified:  2025-11-25T06:20:12Z
source:         APNIC

organisation:   ORG-NASS1-AP
org-name:       Netsec Limited
org-type:       LIR
country:        HK
address:        RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha
phone:          +852-27511100
fax-no:         +852-27511199
e-mail:         noc@netsec.com
mnt-ref:        APNIC-HM
mnt-by:         APNIC-HM
last-modified:  2023-09-05T02:15:31Z
source:         APNIC

role:           ABUSE HKNETSEC
country:        ZZ
address:        RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong
phone:          +000000000
e-mail:         noc@netsec.com
admin-c:        NN411-AP
tech-c:         NN411-AP
nic-hdl:        AH1002-AP
remarks:        Generated from irt object IRT-HK-NETSEC
remarks:        abuse@netsec.com was validated on 2025-09-18
remarks:        noc@netsec.com was validated on 2025-11-25
abuse-mailbox:  abuse@netsec.com
mnt-by:         APNIC-ABUSE
last-modified:  2025-11-25T06:20:44Z
source:         APNIC

role:           NETSEC NOC
address:        Suite 1007, 10/F, The Bay Hub, 17 Kai Cheung Rd, Kowloon Bay
country:        HK
phone:          +85227511100
e-mail:         noc@netsec.com
admin-c:        NN541-AP
tech-c:         NN541-AP
nic-hdl:        NN541-AP
mnt-by:         MAINT-NETSEC-HK
last-modified:  2025-03-14T05:55:40Z
source:         APNIC

% Information related to '216.118.251.0/24AS45753'

route:          216.118.251.0/24
origin:         AS45753
descr:          Netsec Limited
                RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha
mnt-by:         MAINT-NETSEC-HK
last-modified:  2021-11-29T08:36:59Z
source:         APNIC

% Information related to '216.118.251.0/24AS9744'

route:          216.118.251.0/24
origin:         AS9744
descr:          Netsec Limited
                RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha
mnt-by:         MAINT-NETSEC-HK
last-modified:  2021-11-29T07:58:36Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.118.251.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4765
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;216.118.251.254.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026030400 1800 900 604800 86400

;; Query time: 8 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 04 21:31:15 CST 2026
;; MSG SIZE  rcvd: 108

Host info

Host 254.251.118.216.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 254.251.118.216.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
70.82.54.251	attackspambots	$f2bV_matches_ltvn	2019-09-06 20:32:07
23.251.128.200	attackspambots	" "	2019-09-06 20:51:40
1.24.226.226	attackbots	SSH bruteforce (Triggered fail2ban) Sep 6 05:48:10 dev1 sshd[175436]: error: maximum authentication attempts exceeded for invalid user admin from 1.24.226.226 port 53494 ssh2 [preauth] Sep 6 05:48:10 dev1 sshd[175436]: Disconnecting invalid user admin 1.24.226.226 port 53494: Too many authentication failures [preauth]	2019-09-06 20:38:14
167.71.203.148	attackspambots	Sep 6 10:16:15 mail sshd[9919]: Invalid user steam from 167.71.203.148 Sep 6 10:16:15 mail sshd[9919]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.203.148 Sep 6 10:16:15 mail sshd[9919]: Invalid user steam from 167.71.203.148 Sep 6 10:16:17 mail sshd[9919]: Failed password for invalid user steam from 167.71.203.148 port 41564 ssh2 Sep 6 10:25:58 mail sshd[11018]: Invalid user smbuser from 167.71.203.148 ...	2019-09-06 20:48:23
118.68.105.223	attackbotsspam	Honeypot hit.	2019-09-06 20:27:45
71.66.168.146	attackbotsspam	Sep 6 02:30:09 hiderm sshd\[17449\]: Invalid user oracle from 71.66.168.146 Sep 6 02:30:09 hiderm sshd\[17449\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.66.168.146 Sep 6 02:30:11 hiderm sshd\[17449\]: Failed password for invalid user oracle from 71.66.168.146 port 3466 ssh2 Sep 6 02:35:10 hiderm sshd\[17882\]: Invalid user tsbot from 71.66.168.146 Sep 6 02:35:10 hiderm sshd\[17882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=71.66.168.146	2019-09-06 20:46:46
165.22.6.195	attackspambots	Sep 6 02:30:57 php1 sshd\[26980\]: Invalid user steam from 165.22.6.195 Sep 6 02:30:57 php1 sshd\[26980\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.6.195 Sep 6 02:30:59 php1 sshd\[26980\]: Failed password for invalid user steam from 165.22.6.195 port 38310 ssh2 Sep 6 02:35:15 php1 sshd\[27321\]: Invalid user user22 from 165.22.6.195 Sep 6 02:35:15 php1 sshd\[27321\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.6.195	2019-09-06 20:44:25
213.202.211.200	attackspam	Sep 6 14:34:01 localhost sshd\[15291\]: Invalid user gitolite from 213.202.211.200 port 55350 Sep 6 14:34:01 localhost sshd\[15291\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=213.202.211.200 Sep 6 14:34:04 localhost sshd\[15291\]: Failed password for invalid user gitolite from 213.202.211.200 port 55350 ssh2	2019-09-06 20:41:42
157.230.42.28	attack	Sep 5 21:48:44 tdfoods sshd\[13923\]: Invalid user guest from 157.230.42.28 Sep 5 21:48:44 tdfoods sshd\[13923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.28 Sep 5 21:48:45 tdfoods sshd\[13923\]: Failed password for invalid user guest from 157.230.42.28 port 34300 ssh2 Sep 5 21:53:32 tdfoods sshd\[14318\]: Invalid user password from 157.230.42.28 Sep 5 21:53:32 tdfoods sshd\[14318\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.28	2019-09-06 20:23:49
51.158.101.121	attackspam	Sep 6 01:41:09 lcdev sshd\[15868\]: Invalid user odoo from 51.158.101.121 Sep 6 01:41:09 lcdev sshd\[15868\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.101.121 Sep 6 01:41:12 lcdev sshd\[15868\]: Failed password for invalid user odoo from 51.158.101.121 port 56322 ssh2 Sep 6 01:45:45 lcdev sshd\[16234\]: Invalid user support from 51.158.101.121 Sep 6 01:45:45 lcdev sshd\[16234\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.158.101.121	2019-09-06 20:16:22
37.193.120.109	attackbotsspam	ssh failed login	2019-09-06 20:49:38
185.175.93.14	attackbotsspam	" "	2019-09-06 20:37:04
52.162.237.22	attackbots	Sep 6 14:28:01 SilenceServices sshd[31005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.162.237.22 Sep 6 14:28:03 SilenceServices sshd[31005]: Failed password for invalid user ubuntu from 52.162.237.22 port 33642 ssh2 Sep 6 14:33:20 SilenceServices sshd[690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.162.237.22	2019-09-06 20:40:43
165.22.64.118	attackbots	Sep 6 02:36:17 kapalua sshd\[12050\]: Invalid user csserver from 165.22.64.118 Sep 6 02:36:17 kapalua sshd\[12050\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.64.118 Sep 6 02:36:19 kapalua sshd\[12050\]: Failed password for invalid user csserver from 165.22.64.118 port 33128 ssh2 Sep 6 02:40:30 kapalua sshd\[12558\]: Invalid user db2admin from 165.22.64.118 Sep 6 02:40:30 kapalua sshd\[12558\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.64.118	2019-09-06 20:48:51
148.251.10.183	attack	Automatic report - Banned IP Access	2019-09-06 21:01:37

Recently Reported IPs

103.203.48.102	74.7.241.63	74.7.241.168	2606:4700:10::6814:5747
2606:4700:10::6816:4587	2606:4700:10::6816:1944	2606:4700:10::6814:8234	2606:4700:10::6814:6962
2606:4700:10::6814:7902	2606:4700:10::6814:6669	159.69.20.63	217.142.185.182
2606:4700:10::6814:7816	2606:4700:10::6816:3041	2606:4700:10::6816:219	109.162.246.187
2606:4700:10::6816:4756	2606:4700:10::6816:4462	2606:4700:10::ac43:2391	2606:4700:10::6814:8336