220.161.243.166

Basic Info

City: Putian

Region: Fujian

Country: China

Internet Service Provider: ChinaNet Fujian Province Network

Hostname: unknown

Organization: No.31,Jin-rong Street

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jul 19 18:27:55 mxgate1 postfix/postscreen[5008]: CONNECT from [220.161.243.166]:54995 to [176.31.12.44]:25 Jul 19 18:27:55 mxgate1 postfix/dnsblog[5155]: addr 220.161.243.166 listed by domain zen.spamhaus.org as 127.0.0.11 Jul 19 18:27:55 mxgate1 postfix/dnsblog[5155]: addr 220.161.243.166 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 19 18:27:55 mxgate1 postfix/dnsblog[5156]: addr 220.161.243.166 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 19 18:27:55 mxgate1 postfix/dnsblog[5157]: addr 220.161.243.166 listed by domain b.barracudacentral.org as 127.0.0.2 Jul 19 18:28:01 mxgate1 postfix/postscreen[5008]: DNSBL rank 4 for [220.161.243.166]:54995 Jul x@x Jul 19 18:28:02 mxgate1 postfix/postscreen[5008]: HANGUP after 0.93 from [220.161.243.166]:54995 in tests after SMTP handshake Jul 19 18:28:02 mxgate1 postfix/postscreen[5008]: DISCONNECT [220.161.243.166]:54995 Jul 19 18:28:02 mxgate1 postfix/postscreen[5008]: CONNECT from [220.161.243.166]:55069 to [176.31.1........ -------------------------------	2019-07-20 03:40:46

Type

Details

Datetime

attackspam

Jul 19 18:27:55 mxgate1 postfix/postscreen[5008]: CONNECT from [220.161.243.166]:54995 to [176.31.12.44]:25
Jul 19 18:27:55 mxgate1 postfix/dnsblog[5155]: addr 220.161.243.166 listed by domain zen.spamhaus.org as 127.0.0.11
Jul 19 18:27:55 mxgate1 postfix/dnsblog[5155]: addr 220.161.243.166 listed by domain zen.spamhaus.org as 127.0.0.4
Jul 19 18:27:55 mxgate1 postfix/dnsblog[5156]: addr 220.161.243.166 listed by domain cbl.abuseat.org as 127.0.0.2
Jul 19 18:27:55 mxgate1 postfix/dnsblog[5157]: addr 220.161.243.166 listed by domain b.barracudacentral.org as 127.0.0.2
Jul 19 18:28:01 mxgate1 postfix/postscreen[5008]: DNSBL rank 4 for [220.161.243.166]:54995
Jul x@x
Jul 19 18:28:02 mxgate1 postfix/postscreen[5008]: HANGUP after 0.93 from [220.161.243.166]:54995 in tests after SMTP handshake
Jul 19 18:28:02 mxgate1 postfix/postscreen[5008]: DISCONNECT [220.161.243.166]:54995
Jul 19 18:28:02 mxgate1 postfix/postscreen[5008]: CONNECT from [220.161.243.166]:55069 to [176.31.1........
-------------------------------

2019-07-20 03:40:46

Comments on same subnet:

IP	Type	Details	Datetime
220.161.243.36	attack	Unauthorized connection attempt detected from IP address 220.161.243.36 to port 6656 [T]	2020-01-27 03:14:05

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 220.161.243.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28389
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;220.161.243.166.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019071900 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 20 03:40:41 CST 2019
;; MSG SIZE  rcvd: 119

Host info

166.243.161.220.in-addr.arpa domain name pointer 166.243.161.220.broad.nd.fj.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
166.243.161.220.in-addr.arpa	name = 166.243.161.220.broad.nd.fj.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.237	attackbotsspam	Aug 31 10:24:58 aat-srv002 sshd[17828]: Failed password for root from 112.85.42.237 port 39234 ssh2 Aug 31 10:25:00 aat-srv002 sshd[17828]: Failed password for root from 112.85.42.237 port 39234 ssh2 Aug 31 10:25:04 aat-srv002 sshd[17828]: Failed password for root from 112.85.42.237 port 39234 ssh2 Aug 31 10:25:43 aat-srv002 sshd[17841]: Failed password for root from 112.85.42.237 port 34797 ssh2 ...	2019-08-31 23:47:14
46.188.125.66	attackbots	Honeypot attack, port: 445, PTR: broadband-46-188-125-66.2com.net.	2019-08-31 23:42:26
80.241.221.145	attackspam	Aug 29 20:27:32 itv-usvr-01 sshd[7925]: Invalid user ftp4 from 80.241.221.145 Aug 29 20:27:32 itv-usvr-01 sshd[7925]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.221.145 Aug 29 20:27:32 itv-usvr-01 sshd[7925]: Invalid user ftp4 from 80.241.221.145 Aug 29 20:27:34 itv-usvr-01 sshd[7925]: Failed password for invalid user ftp4 from 80.241.221.145 port 49836 ssh2 Aug 29 20:34:20 itv-usvr-01 sshd[8187]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.241.221.145 user=root Aug 29 20:34:22 itv-usvr-01 sshd[8187]: Failed password for root from 80.241.221.145 port 35534 ssh2	2019-08-31 23:53:56
36.110.118.79	attackspam	Aug 31 01:50:17 hcbb sshd\[13438\]: Invalid user ftp from 36.110.118.79 Aug 31 01:50:17 hcbb sshd\[13438\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.110.118.79 Aug 31 01:50:20 hcbb sshd\[13438\]: Failed password for invalid user ftp from 36.110.118.79 port 18771 ssh2 Aug 31 01:53:20 hcbb sshd\[13707\]: Invalid user webmaster from 36.110.118.79 Aug 31 01:53:20 hcbb sshd\[13707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.110.118.79	2019-09-01 00:23:15
93.91.57.20	attackbotsspam	trying to connect to the Pop3 Server	2019-08-31 23:26:29
148.70.1.210	attack	Aug 31 14:32:17 mail sshd\[25273\]: Failed password for invalid user mysql from 148.70.1.210 port 47026 ssh2 Aug 31 14:49:49 mail sshd\[25575\]: Invalid user bremen from 148.70.1.210 port 60206 ...	2019-08-31 23:46:03
129.204.40.157	attackspam	Aug 31 05:43:58 aiointranet sshd\[31652\]: Invalid user test123 from 129.204.40.157 Aug 31 05:43:58 aiointranet sshd\[31652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.40.157 Aug 31 05:44:00 aiointranet sshd\[31652\]: Failed password for invalid user test123 from 129.204.40.157 port 34718 ssh2 Aug 31 05:49:56 aiointranet sshd\[32230\]: Invalid user honey from 129.204.40.157 Aug 31 05:49:56 aiointranet sshd\[32230\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.40.157	2019-09-01 00:27:06
41.249.200.242	attackspam	(From hamza.hkm.20@gmail.com) Hello, My name is Hamza! After months of trial and failure, I think I have figured out how to get chiropractors qualified leads using Facebook ads! To prove my worth I provide a 7-day free trial where I run Facebook ads that will generate your business tremendous quality leads at a minimal cost. And after the 7-days, if you are happy with my results I'd love to get a simple testimonial in exchange. Does this sound like something you'd be interested in?	2019-09-01 00:24:18
110.164.205.133	attackspambots	Aug 31 17:11:36 rotator sshd\[14652\]: Invalid user configure from 110.164.205.133Aug 31 17:11:38 rotator sshd\[14652\]: Failed password for invalid user configure from 110.164.205.133 port 3361 ssh2Aug 31 17:16:31 rotator sshd\[15455\]: Invalid user informix from 110.164.205.133Aug 31 17:16:33 rotator sshd\[15455\]: Failed password for invalid user informix from 110.164.205.133 port 20973 ssh2Aug 31 17:21:24 rotator sshd\[16268\]: Invalid user lian from 110.164.205.133Aug 31 17:21:26 rotator sshd\[16268\]: Failed password for invalid user lian from 110.164.205.133 port 50467 ssh2 ...	2019-08-31 23:22:34
68.183.203.211	attackspambots	Aug 31 11:37:54 MK-Soft-VM4 sshd\[21945\]: Invalid user PDV from 68.183.203.211 port 58866 Aug 31 11:37:54 MK-Soft-VM4 sshd\[21945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.203.211 Aug 31 11:37:56 MK-Soft-VM4 sshd\[21945\]: Failed password for invalid user PDV from 68.183.203.211 port 58866 ssh2 ...	2019-09-01 00:33:18
187.173.199.88	attackspambots	Honeypot attack, port: 23, PTR: dsl-187-173-199-88-dyn.prod-infinitum.com.mx.	2019-08-31 23:54:20
178.128.124.49	attackspambots	Aug 31 05:43:38 web1 sshd\[18314\]: Invalid user test from 178.128.124.49 Aug 31 05:43:38 web1 sshd\[18314\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.124.49 Aug 31 05:43:40 web1 sshd\[18314\]: Failed password for invalid user test from 178.128.124.49 port 35339 ssh2 Aug 31 05:48:36 web1 sshd\[18758\]: Invalid user john from 178.128.124.49 Aug 31 05:48:36 web1 sshd\[18758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.124.49	2019-08-31 23:55:22
167.71.5.95	attack	Aug 31 16:51:14 v22019058497090703 sshd[25145]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.5.95 Aug 31 16:51:16 v22019058497090703 sshd[25145]: Failed password for invalid user monitor from 167.71.5.95 port 47836 ssh2 Aug 31 16:55:29 v22019058497090703 sshd[25449]: Failed password for root from 167.71.5.95 port 36484 ssh2 ...	2019-09-01 00:06:41
139.155.77.133	attackbotsspam	Aug 31 14:43:23 MK-Soft-VM5 sshd\[16364\]: Invalid user vds123 from 139.155.77.133 port 52162 Aug 31 14:43:23 MK-Soft-VM5 sshd\[16364\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.77.133 Aug 31 14:43:26 MK-Soft-VM5 sshd\[16364\]: Failed password for invalid user vds123 from 139.155.77.133 port 52162 ssh2 ...	2019-08-31 23:31:20
180.76.238.70	attack	Aug 31 15:32:53 mail sshd\[26142\]: Failed password for invalid user silva from 180.76.238.70 port 36344 ssh2 Aug 31 15:51:44 mail sshd\[26416\]: Invalid user web from 180.76.238.70 port 49432 ...	2019-09-01 00:17:34

Recently Reported IPs

192.220.170.3	109.72.223.249	47.112.112.154	27.173.196.0
171.236.141.147	2600:1f18:65b9:df03:b83a:812e:e96a:d692	32.148.87.182	50.221.111.132
160.71.17.41	41.202.79.38	218.10.109.145	122.35.11.191
90.16.142.24	144.217.194.18	156.215.8.70	170.164.229.234
89.79.134.173	5.126.181.78	49.48.250.248	171.106.166.243