219.145.2.18 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanxi (SN) Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	firewall-block, port(s): 1433/tcp	2020-06-15 17:53:32

Comments on same subnet:

IP	Type	Details	Datetime
219.145.221.106	attack	Unauthorized connection attempt detected from IP address 219.145.221.106 to port 1433	2020-05-30 04:42:47
219.145.246.128	attackspambots	Apr 14 01:25:16 ubuntu sshd[23525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.145.246.128 Apr 14 01:25:17 ubuntu sshd[23525]: Failed password for invalid user ubnt from 219.145.246.128 port 46157 ssh2 Apr 14 01:25:20 ubuntu sshd[23525]: Failed password for invalid user ubnt from 219.145.246.128 port 46157 ssh2 Apr 14 01:25:22 ubuntu sshd[23525]: Failed password for invalid user ubnt from 219.145.246.128 port 46157 ssh2	2019-10-09 02:38:44
219.145.246.248	attack	Honeypot attack, port: 23, PTR: PTR record not found	2019-07-01 18:52:56

Type

Details

Datetime

219.145.221.106

attack

Unauthorized connection attempt detected from IP address 219.145.221.106 to port 1433

2020-05-30 04:42:47

219.145.246.128

attackspambots

Apr 14 01:25:16 ubuntu sshd[23525]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.145.246.128
Apr 14 01:25:17 ubuntu sshd[23525]: Failed password for invalid user ubnt from 219.145.246.128 port 46157 ssh2
Apr 14 01:25:20 ubuntu sshd[23525]: Failed password for invalid user ubnt from 219.145.246.128 port 46157 ssh2
Apr 14 01:25:22 ubuntu sshd[23525]: Failed password for invalid user ubnt from 219.145.246.128 port 46157 ssh2

2019-10-09 02:38:44

219.145.246.248

attack

Honeypot attack, port: 23, PTR: PTR record not found

2019-07-01 18:52:56

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 219.145.2.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15961
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;219.145.2.18.			IN	A

;; AUTHORITY SECTION:
.			483	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020061500 1800 900 604800 86400

;; Query time: 37 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jun 15 17:53:27 CST 2020
;; MSG SIZE  rcvd: 116

Host info

;; connection timed out; no servers could be reached

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 18.2.145.219.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
162.243.128.186	attack	520/tcp 9990/tcp 2078/tcp... [2020-03-16/04-22]36pkt,26pt.(tcp),3pt.(udp)	2020-04-24 08:00:15
222.186.175.183	attack	Apr 24 06:09:31 ArkNodeAT sshd\[13605\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.183 user=root Apr 24 06:09:33 ArkNodeAT sshd\[13605\]: Failed password for root from 222.186.175.183 port 37128 ssh2 Apr 24 06:09:45 ArkNodeAT sshd\[13605\]: Failed password for root from 222.186.175.183 port 37128 ssh2	2020-04-24 12:16:00
39.104.120.8	attackbots	Apr 23 18:38:11 h2829583 sshd[21178]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.104.120.8	2020-04-24 08:20:38
61.160.96.90	attackspam	Apr 23 11:52:03 XXX sshd[60531]: Invalid user ha from 61.160.96.90 port 21245	2020-04-24 08:09:39
40.113.83.213	attack	2020-04-23T17:58:07Z - RDP login failed multiple times. (40.113.83.213)	2020-04-24 08:20:12
78.188.30.178	attack	20/4/23@12:38:15: FAIL: Alarm-Network address from=78.188.30.178 20/4/23@12:38:15: FAIL: Alarm-Network address from=78.188.30.178 ...	2020-04-24 08:15:50
202.134.0.9	attackspam	Multiport scan : 5 ports scanned 1604 2834 5472 18950 26265	2020-04-24 08:07:40
194.26.29.100	attackbotsspam	Apr 24 05:58:26 debian-2gb-nbg1-2 kernel: \[9959652.009868\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=194.26.29.100 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=38904 PROTO=TCP SPT=59563 DPT=5028 WINDOW=1024 RES=0x00 SYN URGP=0	2020-04-24 12:08:01
178.34.190.34	attackbots	Invalid user test2 from 178.34.190.34 port 19999	2020-04-24 12:10:01
222.186.30.57	attackspambots	Unauthorized connection attempt detected from IP address 222.186.30.57 to port 22 [T]	2020-04-24 12:17:14
106.75.78.135	attack	Port 8545 (Ethereum client) access denied	2020-04-24 08:02:17
192.47.67.94	attackbotsspam	Wordpress malicious attack:[sshd]	2020-04-24 12:16:26
66.147.244.172	attack	Automatic report - XMLRPC Attack	2020-04-24 12:06:09
188.166.251.87	attackspambots	Invalid user vc from 188.166.251.87 port 59013	2020-04-24 08:11:47
91.121.109.56	attackbotsspam	Invalid user je from 91.121.109.56 port 46180	2020-04-24 08:06:36

Recently Reported IPs

42.228.31.3	185.163.119.50	186.69.131.76	1.221.87.204
0.34.190.243	119.45.5.31	18.211.18.152	90.112.182.158
122.51.34.64	117.5.149.113	93.141.132.3	77.40.2.26
27.111.46.173	185.199.8.92	120.131.9.167	198.74.98.76
170.244.64.198	159.65.104.52	6.18.99.148	27.66.188.144