221.164.18.208

Basic Info

City: Busan

Region: Busan

Country: South Korea

Internet Service Provider: KT Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	firewall-block, port(s): 5555/tcp	2019-12-29 05:02:48

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 221.164.18.208
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11985
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;221.164.18.208.			IN	A

;; AUTHORITY SECTION:
.			465	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122800 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 29 05:02:45 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 208.18.164.221.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 208.18.164.221.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
120.253.40.221	attack	Attempts against SMTP/SSMTP	2020-04-12 04:08:01
202.74.40.156	attack	Apr 11 15:06:02 www5 sshd\[56516\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.74.40.156 user=root Apr 11 15:06:04 www5 sshd\[56516\]: Failed password for root from 202.74.40.156 port 56022 ssh2 Apr 11 15:12:23 www5 sshd\[57607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.74.40.156 user=root ...	2020-04-12 04:01:48
1.47.97.73	attackspam	1586607199 - 04/11/2020 14:13:19 Host: 1.47.97.73/1.47.97.73 Port: 445 TCP Blocked	2020-04-12 03:30:46
49.81.23.238	attack	port scan and connect, tcp 22 (ssh)	2020-04-12 03:43:07
82.146.54.216	attackbots	fell into ViewStateTrap:paris	2020-04-12 04:06:43
197.214.16.75	attack	Dovecot Invalid User Login Attempt.	2020-04-12 04:04:57
138.68.26.48	attackspam	Brute-force attempt banned	2020-04-12 04:13:36
116.52.41.29	attackbotsspam	116.52.41.29 - - \[11/Apr/2020:14:12:07 +0200\] "GET http://api.gxout.com/proxy/check.aspx HTTP/1.1" 400 666 "http://api.gxout.com/proxy/check.aspx" "Mozilla/4.0 \(compatible\; MSIE 6.0\; Windows NT 5.1\)" ...	2020-04-12 04:12:43
179.199.84.115	attack	Automatic report - Port Scan Attack	2020-04-12 03:31:30
110.43.34.139	attack	Apr 11 19:21:30 terminus sshd[9304]: Invalid user dspace from 110.43.34.139 port 3620 Apr 11 19:21:30 terminus sshd[9304]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.43.34.139 Apr 11 19:21:31 terminus sshd[9304]: Failed password for invalid user dspace from 110.43.34.139 port 3620 ssh2 Apr 11 19:26:19 terminus sshd[9342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.43.34.139 user=r.r Apr 11 19:26:21 terminus sshd[9342]: Failed password for r.r from 110.43.34.139 port 55392 ssh2 Apr 11 19:31:12 terminus sshd[9379]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=110.43.34.139 user=r.r ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=110.43.34.139	2020-04-12 03:37:21
222.186.30.57	attack	Apr 11 16:50:05 firewall sshd[30228]: Failed password for root from 222.186.30.57 port 24611 ssh2 Apr 11 16:50:08 firewall sshd[30228]: Failed password for root from 222.186.30.57 port 24611 ssh2 Apr 11 16:50:10 firewall sshd[30228]: Failed password for root from 222.186.30.57 port 24611 ssh2 ...	2020-04-12 03:51:36
91.212.38.210	attackbots	91.212.38.210 was recorded 9 times by 8 hosts attempting to connect to the following ports: 5060. Incident counter (4h, 24h, all-time): 9, 27, 541	2020-04-12 04:11:52
106.13.135.76	attackspam	Invalid user ubuntu from 106.13.135.76 port 54612	2020-04-12 04:08:45
112.215.113.10	attackspam	Invalid user applmgr from 112.215.113.10 port 54082	2020-04-12 03:44:47
219.233.49.240	attack	DATE:2020-04-11 14:12:54, IP:219.233.49.240, PORT:1433 MSSQL brute force auth on honeypot server (epe-honey1-hq)	2020-04-12 03:49:57

Recently Reported IPs

54.87.163.175	142.77.48.215	66.65.37.143	109.24.238.54
13.247.115.88	128.12.46.67	92.128.243.160	183.73.137.251
206.67.132.242	114.38.182.245	190.189.111.35	113.172.244.79
82.237.235.207	157.230.227.71	49.235.227.231	82.74.95.203
201.17.135.13	52.79.67.134	206.189.137.118	178.128.255.198