218.161.8.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Taiwan, China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Scanning random ports - tries to find possible vulnerable services	2020-02-27 09:19:07

Comments on same subnet:

IP	Type	Details	Datetime
218.161.86.209	attack	1600727499 - 09/22/2020 00:31:39 Host: 218.161.86.209/218.161.86.209 Port: 23 TCP Blocked ...	2020-09-22 22:13:18
218.161.86.209	attackspambots	1600727499 - 09/22/2020 00:31:39 Host: 218.161.86.209/218.161.86.209 Port: 23 TCP Blocked ...	2020-09-22 14:19:13
218.161.86.209	attackspam	Found on CINS badguys / proto=6 . srcport=17151 . dstport=62668 . (3224)	2020-09-22 06:21:24
218.161.83.151	attackbots	Honeypot attack, port: 5555, PTR: 218-161-83-151.HINET-IP.hinet.net.	2020-09-17 21:58:49
218.161.83.151	attackbotsspam	Honeypot attack, port: 5555, PTR: 218-161-83-151.HINET-IP.hinet.net.	2020-09-17 14:08:16
218.161.83.151	attackbots	Honeypot attack, port: 5555, PTR: 218-161-83-151.HINET-IP.hinet.net.	2020-09-17 05:15:12
218.161.87.155	attack	Unwanted checking 80 or 443 port ...	2020-09-07 07:51:44
218.161.83.133	attackspambots	TCP (SYN) 218.161.83.133:647 -> port 23, len 40	2020-08-09 04:20:43
218.161.86.209	attackspambots	" "	2020-08-02 16:01:49
218.161.80.70	attackspambots	Unauthorised access (Jul 31) SRC=218.161.80.70 LEN=40 TTL=45 ID=55567 TCP DPT=23 WINDOW=62694 SYN	2020-07-31 23:28:17
218.161.85.97	attackbotsspam	Telnet Server BruteForce Attack	2020-07-06 21:11:12
218.161.85.97	attackspambots	unauthorized connection attempt	2020-07-01 17:59:44
218.161.81.14	attack	TCP (SYN) 218.161.81.14:17120 -> port 8080, len 44	2020-05-16 21:02:01
218.161.83.49	attackspam	port 23	2020-04-11 18:20:19
218.161.83.219	attackspam	2323/tcp 23/tcp [2020-03-18/04-05]2pkt	2020-04-06 04:46:15

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.161.8.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5992
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.161.8.242.			IN	A

;; AUTHORITY SECTION:
.			367	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022602 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 09:19:03 CST 2020
;; MSG SIZE  rcvd: 117

Host info

242.8.161.218.in-addr.arpa domain name pointer 218-161-8-242.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
242.8.161.218.in-addr.arpa	name = 218-161-8-242.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
60.29.241.2	attackbotsspam	Sep 5 11:04:03 lnxmysql61 sshd[9773]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.29.241.2 Sep 5 11:04:04 lnxmysql61 sshd[9773]: Failed password for invalid user user from 60.29.241.2 port 21355 ssh2 Sep 5 11:08:39 lnxmysql61 sshd[10291]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.29.241.2	2019-09-05 17:12:43
202.229.120.90	attack	Sep 5 09:40:07 web8 sshd\[7132\]: Invalid user testuser from 202.229.120.90 Sep 5 09:40:07 web8 sshd\[7132\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.229.120.90 Sep 5 09:40:09 web8 sshd\[7132\]: Failed password for invalid user testuser from 202.229.120.90 port 57136 ssh2 Sep 5 09:44:40 web8 sshd\[9282\]: Invalid user postgres from 202.229.120.90 Sep 5 09:44:40 web8 sshd\[9282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.229.120.90	2019-09-05 17:51:33
54.240.14.147	attackspam	Attempt to login to email server on SMTP service on 05-09-2019 09:34:42.	2019-09-05 17:13:16
188.165.55.33	attackbotsspam	Sep 5 11:24:44 dedicated sshd[5173]: Invalid user steam from 188.165.55.33 port 30185	2019-09-05 17:38:31
141.98.81.111	attackbotsspam	Sep 5 04:34:51 ny01 sshd[2144]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.111 Sep 5 04:34:52 ny01 sshd[2145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.111 Sep 5 04:34:52 ny01 sshd[2144]: Failed password for invalid user admin from 141.98.81.111 port 40678 ssh2	2019-09-05 16:56:43
142.4.204.122	attack	Sep 4 22:52:38 php1 sshd\[4224\]: Invalid user kuaisuweb from 142.4.204.122 Sep 4 22:52:39 php1 sshd\[4224\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.204.122 Sep 4 22:52:40 php1 sshd\[4224\]: Failed password for invalid user kuaisuweb from 142.4.204.122 port 60560 ssh2 Sep 4 22:57:15 php1 sshd\[4593\]: Invalid user testing from 142.4.204.122 Sep 4 22:57:15 php1 sshd\[4593\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.4.204.122	2019-09-05 17:02:20
125.165.105.19	attackspam	Unauthorized connection attempt from IP address 125.165.105.19 on Port 445(SMB)	2019-09-05 17:14:51
60.12.17.39	attackbotsspam	09/05/2019-04:34:25.541369 60.12.17.39 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 58	2019-09-05 17:31:58
129.204.202.89	attack	$f2bV_matches	2019-09-05 16:53:16
123.135.127.85	attackspambots	Portscan or hack attempt detected by psad/fwsnort	2019-09-05 17:41:33
112.85.42.171	attackbots	Sep 5 10:37:47 MK-Soft-Root2 sshd\[32115\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.171 user=root Sep 5 10:37:49 MK-Soft-Root2 sshd\[32115\]: Failed password for root from 112.85.42.171 port 36139 ssh2 Sep 5 10:37:52 MK-Soft-Root2 sshd\[32115\]: Failed password for root from 112.85.42.171 port 36139 ssh2 ...	2019-09-05 17:07:58
41.76.149.212	attack	Sep 5 09:06:10 hcbbdb sshd\[27331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.76.149.212 user=root Sep 5 09:06:11 hcbbdb sshd\[27331\]: Failed password for root from 41.76.149.212 port 47016 ssh2 Sep 5 09:11:11 hcbbdb sshd\[27910\]: Invalid user webadmin from 41.76.149.212 Sep 5 09:11:11 hcbbdb sshd\[27910\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.76.149.212 Sep 5 09:11:13 hcbbdb sshd\[27910\]: Failed password for invalid user webadmin from 41.76.149.212 port 58886 ssh2	2019-09-05 17:27:22
139.99.144.191	attack	Sep 5 12:11:50 server sshd\[21292\]: Invalid user dspace@123 from 139.99.144.191 port 34626 Sep 5 12:11:50 server sshd\[21292\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191 Sep 5 12:11:52 server sshd\[21292\]: Failed password for invalid user dspace@123 from 139.99.144.191 port 34626 ssh2 Sep 5 12:17:16 server sshd\[29850\]: Invalid user 123456 from 139.99.144.191 port 49264 Sep 5 12:17:16 server sshd\[29850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.144.191	2019-09-05 17:25:29
27.76.83.197	attackbotsspam	Unauthorized connection attempt from IP address 27.76.83.197 on Port 445(SMB)	2019-09-05 17:03:10
178.20.41.83	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-09-05 17:28:47

Recently Reported IPs

141.62.1.222	249.120.33.196	131.90.129.139	74.46.253.68
51.43.83.66	13.88.5.119	162.217.100.217	161.243.37.88
201.162.236.93	213.193.11.168	213.145.3.64	213.136.76.226
213.103.130.25	213.79.91.102	213.16.152.127	213.14.65.130
212.164.238.189	212.158.152.48	212.129.18.55	212.118.18.183