216.118.251.94

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: CSL Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
216.118.251.2	attackspambots	Dovecot Invalid User Login Attempt.	2020-09-17 00:50:12
216.118.251.2	attack	(pop3d) Failed POP3 login from 216.118.251.2 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Sep 16 10:39:12 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=216.118.251.2, lip=5.63.12.44, session=	2020-09-16 17:04:23
216.118.251.2	attackspambots	Email login attempts - bad mail account name (POP3)	2020-08-25 13:38:59
216.118.251.2	attackspambots	(pop3d) Failed POP3 login from 216.118.251.2 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 23 16:52:21 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=216.118.251.2, lip=5.63.12.44, session=	2020-08-23 23:27:51
216.118.251.2	attackbotsspam	(pop3d) Failed POP3 login from 216.118.251.2 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Aug 4 16:24:39 ir1 dovecot[3110802]: pop3-login: Disconnected (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=216.118.251.2, lip=5.63.12.44, session=	2020-08-04 20:25:44

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#


NetRange:       216.118.224.0 - 216.118.255.255
CIDR:           216.118.224.0/19
NetName:        APNIC
NetHandle:      NET-216-118-224-0-1
Parent:         NET216 (NET-216-0-0-0-0)
NetType:        Early Registrations, Transferred to APNIC
OriginAS:       
Organization:   Asia Pacific Network Information Centre (APNIC)
RegDate:        2018-01-22
Updated:        2018-01-22
Ref:            https://rdap.arin.net/registry/ip/216.118.224.0

ResourceLink:  https://apps.db.ripe.net/db-web-ui/query
ResourceLink:  whois://whois.apnic.net


OrgName:        Asia Pacific Network Information Centre
OrgId:          APNIC
Address:        PO Box 3646
City:           South Brisbane
StateProv:      QLD
PostalCode:     4101
Country:        AU
RegDate:        
Updated:        2012-01-24
Ref:            https://rdap.arin.net/registry/entity/APNIC

ReferralServer:  whois://whois.apnic.net
ResourceLink:  http://wq.apnic.net/whois-search/static/search.html

OrgTechHandle: AWC12-ARIN
OrgTechName:   APNIC Whois Contact
OrgTechPhone:  +61 7 3858 3188 
OrgTechEmail:  search-apnic-not-arin@apnic.net
OrgTechRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN

OrgAbuseHandle: AWC12-ARIN
OrgAbuseName:   APNIC Whois Contact
OrgAbusePhone:  +61 7 3858 3188 
OrgAbuseEmail:  search-apnic-not-arin@apnic.net
OrgAbuseRef:    https://rdap.arin.net/registry/entity/AWC12-ARIN


#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#



Found a referral to whois.apnic.net.

% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '216.118.224.0 - 216.118.255.255'

% Abuse contact for '216.118.224.0 - 216.118.255.255' is 'abuse@netsec.com'

inetnum:        216.118.224.0 - 216.118.255.255
netname:        NETSEC-HK
descr:          Netsec Limited
country:        HK
org:            ORG-NASS1-AP
admin-c:        NN541-AP
tech-c:         NN541-AP
status:         ALLOCATED PORTABLE
abuse-c:        AH1002-AP
mnt-by:         APNIC-HM
mnt-lower:      MAINT-NETSEC-HK
mnt-routes:     MAINT-NETSEC-HK
mnt-irt:        IRT-HK-NETSEC
last-modified:  2025-03-14T06:45:24Z
source:         APNIC

irt:            IRT-HK-NETSEC
address:        RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong
e-mail:         noc@netsec.com
abuse-mailbox:  abuse@netsec.com
admin-c:        NN411-AP
tech-c:         NN411-AP
auth:           # Filtered
remarks:        noc@netsec.com was validated on 2025-11-25
remarks:        abuse@netsec.com was validated on 2026-03-25
mnt-by:         MAINT-HK-NETSEC
last-modified:  2026-03-25T03:18:33Z
source:         APNIC

organisation:   ORG-NASS1-AP
org-name:       Netsec Limited
org-type:       LIR
country:        HK
address:        RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha
phone:          +852-27511100
fax-no:         +852-27511199
e-mail:         noc@netsec.com
mnt-ref:        APNIC-HM
mnt-by:         APNIC-HM
last-modified:  2023-09-05T02:15:31Z
source:         APNIC

role:           ABUSE HKNETSEC
country:        ZZ
address:        RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha Wan, Kowloon, Hong Kong
phone:          +000000000
e-mail:         noc@netsec.com
admin-c:        NN411-AP
tech-c:         NN411-AP
nic-hdl:        AH1002-AP
remarks:        Generated from irt object IRT-HK-NETSEC
remarks:        noc@netsec.com was validated on 2025-11-25
remarks:        abuse@netsec.com was validated on 2026-03-25
abuse-mailbox:  abuse@netsec.com
mnt-by:         APNIC-ABUSE
last-modified:  2026-03-25T03:18:46Z
source:         APNIC

role:           NETSEC NOC
address:        Suite 1007, 10/F, The Bay Hub, 17 Kai Cheung Rd, Kowloon Bay
country:        HK
phone:          +85227511100
e-mail:         noc@netsec.com
admin-c:        NN541-AP
tech-c:         NN541-AP
nic-hdl:        NN541-AP
mnt-by:         MAINT-NETSEC-HK
last-modified:  2025-03-14T05:55:40Z
source:         APNIC

% Information related to '216.118.251.0/24AS45753'

route:          216.118.251.0/24
origin:         AS45753
descr:          Netsec Limited
                RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha
mnt-by:         MAINT-NETSEC-HK
last-modified:  2021-11-29T08:36:59Z
source:         APNIC

% Information related to '216.118.251.0/24AS9744'

route:          216.118.251.0/24
origin:         AS9744
descr:          Netsec Limited
                RM 2607-08, 26/F, Billion Plaza, 8 Cheung Yue St, Cheung Sha
mnt-by:         MAINT-NETSEC-HK
last-modified:  2021-11-29T07:58:36Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.36-SNAPSHOT (WHOIS-AU5)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 216.118.251.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 48046
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;216.118.251.94.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026040602 1800 900 604800 86400

;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Apr 07 09:00:18 CST 2026
;; MSG SIZE  rcvd: 107

Host info

b'Host 94.251.118.216.in-addr.arpa not found: 2(SERVFAIL)
'

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 94.251.118.216.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
185.209.0.91	attack	Dec 28 14:18:38 debian-2gb-nbg1-2 kernel: \[1191836.383232\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.91 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=22732 PROTO=TCP SPT=54735 DPT=43000 WINDOW=1024 RES=0x00 SYN URGP=0	2019-12-28 22:08:22
50.201.228.238	attack	Unauthorized connection attempt detected from IP address 50.201.228.238 to port 445	2019-12-28 21:45:20
49.234.86.229	attack	Invalid user yeohoon from 49.234.86.229 port 59142	2019-12-28 21:50:35
80.69.56.106	attackspam	1577513976 - 12/28/2019 07:19:36 Host: 80.69.56.106/80.69.56.106 Port: 445 TCP Blocked	2019-12-28 22:07:09
210.242.67.17	attackbots	Dec 28 13:47:54 sd-53420 sshd\[4950\]: Invalid user rpm from 210.242.67.17 Dec 28 13:47:54 sd-53420 sshd\[4950\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.242.67.17 Dec 28 13:47:56 sd-53420 sshd\[4950\]: Failed password for invalid user rpm from 210.242.67.17 port 49462 ssh2 Dec 28 13:51:16 sd-53420 sshd\[6385\]: User root from 210.242.67.17 not allowed because none of user's groups are listed in AllowGroups Dec 28 13:51:16 sd-53420 sshd\[6385\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=210.242.67.17 user=root ...	2019-12-28 21:50:10
106.12.26.160	attack	Invalid user git from 106.12.26.160 port 54502	2019-12-28 22:05:47
187.189.233.198	attack	Honeypot attack, port: 445, PTR: fixed-187-189-233-198.totalplay.net.	2019-12-28 22:06:13
118.24.107.39	attack	Dec 28 15:01:20 master sshd[28874]: Failed password for invalid user server from 118.24.107.39 port 55512 ssh2	2019-12-28 22:07:44
223.71.139.99	attack	Invalid user merete from 223.71.139.99 port 52628	2019-12-28 22:18:14
178.62.26.232	attackbotsspam	178.62.26.232 - - \[28/Dec/2019:08:57:40 +0100\] "POST /wp-login.php HTTP/1.0" 200 3080 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 178.62.26.232 - - \[28/Dec/2019:08:57:50 +0100\] "POST /wp-login.php HTTP/1.0" 200 3039 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 178.62.26.232 - - \[28/Dec/2019:08:57:53 +0100\] "POST /wp-login.php HTTP/1.0" 200 3048 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"	2019-12-28 21:59:02
142.93.231.15	attackspambots	Automatic report - XMLRPC Attack	2019-12-28 22:24:03
49.207.141.163	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 28-12-2019 07:50:09.	2019-12-28 22:00:10
59.126.37.77	attackbots	Honeypot attack, port: 23, PTR: 59-126-37-77.HINET-IP.hinet.net.	2019-12-28 21:45:56
101.79.62.143	attackspambots	Invalid user home from 101.79.62.143 port 44679	2019-12-28 22:23:24
37.49.229.170	attackspambots	Port scan on 3 port(s): 4091 5091 6091	2019-12-28 21:49:41

Recently Reported IPs

213.89.250.79	107.170.46.98	104.199.4.112	2606:4700:10::6816:395
110.77.187.167	2606:4700:10::6814:6514	2606:4700:10::ac43:1456	2606:4700:10::6814:8433
2606:4700:10::6816:4095	2606:4700:10::6816:3613	2606:4700:10::6816:4876	160.212.200.55
150.233.122.82	103.27.179.237	2606:4700:10::6814:5934	2606:4700:10::6814:8411
2606:4700:10::6814:9113	2606:4700:10::6814:5805	2606:4700:10::6814:7871	2606:4700:10::6816:4764