218.166.13.106

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	1433/tcp 445/tcp... [2019-10-15]4pkt,2pt.(tcp)	2019-10-16 06:46:53

Comments on same subnet:

IP	Type	Details	Datetime
218.166.139.215	attack	Sep 21 17:01:31 ssh2 sshd[36026]: User root from 218-166-139-215.dynamic-ip.hinet.net not allowed because not listed in AllowUsers Sep 21 17:01:31 ssh2 sshd[36026]: Failed password for invalid user root from 218.166.139.215 port 49524 ssh2 Sep 21 17:01:31 ssh2 sshd[36026]: Connection closed by invalid user root 218.166.139.215 port 49524 [preauth] ...	2020-09-23 00:12:15
218.166.139.215	attackbotsspam	Sep 21 17:01:31 ssh2 sshd[36026]: User root from 218-166-139-215.dynamic-ip.hinet.net not allowed because not listed in AllowUsers Sep 21 17:01:31 ssh2 sshd[36026]: Failed password for invalid user root from 218.166.139.215 port 49524 ssh2 Sep 21 17:01:31 ssh2 sshd[36026]: Connection closed by invalid user root 218.166.139.215 port 49524 [preauth] ...	2020-09-22 16:15:08
218.166.139.215	attack	Sep 21 17:01:31 ssh2 sshd[36026]: User root from 218-166-139-215.dynamic-ip.hinet.net not allowed because not listed in AllowUsers Sep 21 17:01:31 ssh2 sshd[36026]: Failed password for invalid user root from 218.166.139.215 port 49524 ssh2 Sep 21 17:01:31 ssh2 sshd[36026]: Connection closed by invalid user root 218.166.139.215 port 49524 [preauth] ...	2020-09-22 08:17:32
218.166.137.228	attackspam	1598214886 - 08/23/2020 22:34:46 Host: 218.166.137.228/218.166.137.228 Port: 445 TCP Blocked	2020-08-24 05:23:49
218.166.137.42	attackbots	23/tcp 23/tcp 23/tcp [2020-01-27]3pkt	2020-01-28 07:52:06
218.166.132.101	attackbotsspam	[ER hit] Tried to deliver spam. Already well known.	2020-01-16 22:33:15
218.166.131.54	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-24 04:16:27
218.166.13.226	attackbotsspam	445/tcp [2019-09-29]1pkt	2019-09-30 07:23:53
218.166.138.215	attackbots	37215/tcp 37215/tcp 37215/tcp [2019-06-26/28]3pkt	2019-06-29 13:05:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.166.13.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1271
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;218.166.13.106.			IN	A

;; AUTHORITY SECTION:
.			579	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101501 1800 900 604800 86400

;; Query time: 414 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Oct 16 06:46:50 CST 2019
;; MSG SIZE  rcvd: 118

Host info

106.13.166.218.in-addr.arpa domain name pointer 218-166-13-106.dynamic-ip.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
106.13.166.218.in-addr.arpa	name = 218-166-13-106.dynamic-ip.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
187.12.167.85	attack	2020-07-14T15:12:45.039707mail.standpoint.com.ua sshd[28852]: Invalid user hijab from 187.12.167.85 port 46770 2020-07-14T15:12:45.042146mail.standpoint.com.ua sshd[28852]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.167.85 2020-07-14T15:12:45.039707mail.standpoint.com.ua sshd[28852]: Invalid user hijab from 187.12.167.85 port 46770 2020-07-14T15:12:47.278229mail.standpoint.com.ua sshd[28852]: Failed password for invalid user hijab from 187.12.167.85 port 46770 ssh2 2020-07-14T15:16:21.047501mail.standpoint.com.ua sshd[29346]: Invalid user uni from 187.12.167.85 port 38102 ...	2020-07-14 20:23:53
116.55.99.11	attackbotsspam	Port probing on unauthorized port 445	2020-07-14 19:54:36
123.206.111.27	attackbots	Jul 14 14:23:21 lukav-desktop sshd\[31516\]: Invalid user olivier from 123.206.111.27 Jul 14 14:23:21 lukav-desktop sshd\[31516\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.111.27 Jul 14 14:23:22 lukav-desktop sshd\[31516\]: Failed password for invalid user olivier from 123.206.111.27 port 43904 ssh2 Jul 14 14:27:45 lukav-desktop sshd\[31583\]: Invalid user biable from 123.206.111.27 Jul 14 14:27:45 lukav-desktop sshd\[31583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.111.27	2020-07-14 19:50:22
51.83.33.88	attackspam	$f2bV_matches	2020-07-14 20:19:46
115.159.91.202	attackbots	Lines containing failures of 115.159.91.202 Jul 14 05:38:27 shared11 sshd[11900]: Invalid user vue from 115.159.91.202 port 59476 Jul 14 05:38:27 shared11 sshd[11900]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.159.91.202 Jul 14 05:38:29 shared11 sshd[11900]: Failed password for invalid user vue from 115.159.91.202 port 59476 ssh2 Jul 14 05:38:29 shared11 sshd[11900]: Received disconnect from 115.159.91.202 port 59476:11: Bye Bye [preauth] Jul 14 05:38:29 shared11 sshd[11900]: Disconnected from invalid user vue 115.159.91.202 port 59476 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=115.159.91.202	2020-07-14 19:51:07
46.38.150.47	attackbotsspam	2020-07-14 15:05:51 dovecot_login authenticator failed for $User$ \[46.38.150.47\]: 535 Incorrect authentication data $set_id=nasir@ift.org.ua$2020-07-14 15:06:19 dovecot_login authenticator failed for $User$ \[46.38.150.47\]: 535 Incorrect authentication data $set_id=apps@ift.org.ua$2020-07-14 15:06:49 dovecot_login authenticator failed for $User$ \[46.38.150.47\]: 535 Incorrect authentication data $set_id=server39@ift.org.ua$ ...	2020-07-14 20:18:02
218.75.210.46	attackbotsspam	Jul 14 14:55:01 pkdns2 sshd\[26588\]: Invalid user yogesh from 218.75.210.46Jul 14 14:55:03 pkdns2 sshd\[26588\]: Failed password for invalid user yogesh from 218.75.210.46 port 23847 ssh2Jul 14 14:57:27 pkdns2 sshd\[26749\]: Invalid user mm from 218.75.210.46Jul 14 14:57:30 pkdns2 sshd\[26749\]: Failed password for invalid user mm from 218.75.210.46 port 59383 ssh2Jul 14 14:59:50 pkdns2 sshd\[26854\]: Invalid user jill from 218.75.210.46Jul 14 14:59:52 pkdns2 sshd\[26854\]: Failed password for invalid user jill from 218.75.210.46 port 34693 ssh2 ...	2020-07-14 20:16:31
139.59.59.102	attackbotsspam	Jul 14 13:59:55 debian-2gb-nbg1-2 kernel: \[16986565.028490\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=139.59.59.102 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=9541 PROTO=TCP SPT=59311 DPT=5822 WINDOW=1024 RES=0x00 SYN URGP=0	2020-07-14 20:11:27
14.221.177.148	attackspam	Jul 13 20:48:38 pl3server sshd[4309]: Invalid user jflores from 14.221.177.148 port 48060 Jul 13 20:48:38 pl3server sshd[4309]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.221.177.148 Jul 13 20:48:40 pl3server sshd[4309]: Failed password for invalid user jflores from 14.221.177.148 port 48060 ssh2 Jul 13 20:48:41 pl3server sshd[4309]: Received disconnect from 14.221.177.148 port 48060:11: Bye Bye [preauth] Jul 13 20:48:41 pl3server sshd[4309]: Disconnected from 14.221.177.148 port 48060 [preauth] Jul 13 21:15:29 pl3server sshd[32452]: Invalid user maestro from 14.221.177.148 port 48122 Jul 13 21:15:29 pl3server sshd[32452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.221.177.148 Jul 13 21:15:31 pl3server sshd[32452]: Failed password for invalid user maestro from 14.221.177.148 port 48122 ssh2 Jul 13 21:15:31 pl3server sshd[32452]: Received disconnect from 14.221.177.148 port 48........ -------------------------------	2020-07-14 19:52:13
189.210.249.225	attack	DATE:2020-07-14 13:59:40, IP:189.210.249.225, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-07-14 20:21:33
41.40.132.200	attackspam	Honeypot attack, port: 445, PTR: host-41.40.132.200.tedata.net.	2020-07-14 20:14:36
85.248.227.165	attack	11 attempts against mh-misc-ban on sonic	2020-07-14 19:46:50
164.132.41.67	attackbots	2020-07-14T11:50:41.751241shield sshd\[12641\]: Invalid user mailman from 164.132.41.67 port 54033 2020-07-14T11:50:41.760439shield sshd\[12641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.ip-164-132-41.eu 2020-07-14T11:50:43.573927shield sshd\[12641\]: Failed password for invalid user mailman from 164.132.41.67 port 54033 ssh2 2020-07-14T11:53:48.632709shield sshd\[12923\]: Invalid user lisa from 164.132.41.67 port 51968 2020-07-14T11:53:48.641085shield sshd\[12923\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.ip-164-132-41.eu	2020-07-14 19:55:29
192.241.233.29	attackbotsspam	TCP (SYN) 192.241.233.29:44879 -> port 22, len 40	2020-07-14 19:55:45
40.114.34.95	attack	Jul 14 08:03:42 r.ca sshd[19909]: Failed password for invalid user play from 40.114.34.95 port 27640 ssh2	2020-07-14 20:24:36

Recently Reported IPs

8.72.50.44	119.46.8.182	138.204.226.147	16.159.7.219
97.232.242.39	93.56.167.72	204.157.25.199	236.181.71.227
36.70.159.29	72.239.231.116	18.190.77.122	65.119.138.67
106.54.242.134	61.74.109.55	77.42.108.14	104.245.145.53
77.42.112.15	62.210.214.160	39.64.193.37	67.205.183.187