218.62.88.29 is from China
An Internet Protocol address (IP address 218.62.88.29) is a numerical label that is allocated to a computer (can be any electronic device) which is part of a network (China Unicom Jilin province network) that utilises the Internet Protocol. Every IP address does the following: (1) location addressing and (2) host or network interface identification.
e.g. 209.62.45.34 IPv4/IPv6 format for an IP Address, or maxmind.com for a website
Compare to another IP
| IP Address: | 218.62.88.29 |
|---|---|
| IP Address Country: |  China (CN) |
| IP Address Region: | 05 Jilin |
| IP Address City: | Tumen |
| IP Postal Code | |
| IP Address Area Code | 0 |
| IP Metro Code | 0 |
| IP Address Latitude: | 42.9660987854 |
| IP Address Longitude: | 129.842498779 |
| IP Address ISP: | China Unicom Jilin province network |
| Organisation: | China Unicom Jilin province network |
| IP Address Proxy: | |
| IP Address Host: | 29.88.62.218.adsl-pool.jlccptt.net.cn |
Map is loading...
We have 9 complaints about 218.62.88.29
Is 218.62.88.29 misbehaving (engaging in SPAM, brute-force, DOS attack, phishing, or other fraud? Report the abuser now!
View WHOIS information for 218.62.88.29[Querying whois.apnic.net]
[whois.apnic.net]
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 218.62.88.29 - 218.62.88.29
netname: YJ-JINGYING-NETBAR
country: CN
descr: Yanji city ,JINGYING NETBAR,ANMIN STREET,JILIN PRONVINCE,CHINA
admin-c: XY371-AP
tech-c: XY371-AP
status: ASSIGNED NON-PORTABLE
changed: yixiaofan1@mail.jl.cn 20041112
mnt-by: MAINT-CNCGROUP-JL
source: APNIC
route: 218.62.0.0/17
descr: CNC Group CHINA169 Jilin Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC
person: xiaofan yi
nic-hdl: XY371-AP
e-mail: jhli_jl@mail.jl.cn
address: NO.8 Qingdao road,Changchun city,Jilin,China
phone: +86-431-2724533
fax-no: +86-431-5560816
country: CN
changed: jhli_jl@mail.jl.cn 20060626
mnt-by: MAINT-CNCGROUP-JL
source: APNIC
[whois.apnic.net]
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 218.62.88.29 - 218.62.88.29
netname: YJ-JINGYING-NETBAR
country: CN
descr: Yanji city ,JINGYING NETBAR,ANMIN STREET,JILIN PRONVINCE,CHINA
admin-c: XY371-AP
tech-c: XY371-AP
status: ASSIGNED NON-PORTABLE
changed: yixiaofan1@mail.jl.cn 20041112
mnt-by: MAINT-CNCGROUP-JL
source: APNIC
route: 218.62.0.0/17
descr: CNC Group CHINA169 Jilin Province Network
country: CN
origin: AS4837
mnt-by: MAINT-CNCGROUP-RR
changed: abuse@cnc-noc.net 20060118
source: APNIC
person: xiaofan yi
nic-hdl: XY371-AP
e-mail: jhli_jl@mail.jl.cn
address: NO.8 Qingdao road,Changchun city,Jilin,China
phone: +86-431-2724533
fax-no: +86-431-5560816
country: CN
changed: jhli_jl@mail.jl.cn 20060626
mnt-by: MAINT-CNCGROUP-JL
source: APNIC
15 Latest Attacks
89.108.127.160 - Site is a scam - filed under Fraud
one of the sites through this host, everingame.com has defrauded hundreds of users. http://www.scamb...
114.36.160.94 - mindless stuff - filed under Spam
Hacking attemps, spaming. He has inserted himeslf into our medical servicesrecipients. It has been r...
205.186.130.61 - email hijacking - filed under Hacking
This person has been logging into my gmail account and sent out spam emails to my entire contact lis...
202.104.197.118 - Attempted login to FTP - filed under Brute Force
Brute force attempts to log into my server FTP with the username "administrator."
A sim...
74.128.173.47 - Bet2day casino - filed under Spam
Same as the rest, spam mail every hour now on 3 of my emails. No way to unsubscribe and impossible t...
173.9.198.249 - website was hacked 2 days ago - filed under FTP Hacking
2 days ago from this ip several of our websites we're hacked by logging on to our ftp webhosting ac...
66.147.240.186 - This IP is trying to logon my website - filed under Brute Force
Website: http://www.iphonesp.com.br/
Page: /administrator/index.php
Description: There was an unsu...
94.183.53.255 - Attacking Google account - filed under Hacking
Someone recently tried to sign in to your Google Account, XXXXX. We prevented the sign-in attempt in...
67.205.111.248 - 184.107.157.130 - filed under Hacking
this site keeps port scanning my IP addresses. i have him blocked but clearly theres a problem with...
72.21.194.32 - Risky connection blocked - filed under Malware
Looks to me like 72.21.194.32 is a server leased from Amazon's cloud services server farm by someon...
74.128.173.47 - unsubscribe bet2day from Ryan Hardy - filed under Spam
no way to unsubscribe to their unwanted mail about bet2day; looks to me a kind of spam or other non...
178.33.224.175 - Continuous ICMP ping id-0 to all our public facing IP Addresses - filed under Firewall Alert
[00001] 2012-05-14 18:09:02 [Root]system-critical-00441: ICMP ping id=0! From 178.33.224.175 to 66.2...
92.38.199.150 - Subject: Good Day: Unsolicited, unsigned for 'loan/investment' spam from Russia - filed under Spam
Unsolicited spam from webmaster@arclip.ru -user17662
Received: from s6.cishost.ru ([92.38.199.150])...
2012/05/16 20:18:16 +0300 DEOCAMDATARDS computer IP-BLOCK 77.78.228.62 (Type: incoming)
2012/05/16 2...
More Attacks
87.118.120.9 - Trying to brut force ftp account. - filed under Brute Force
this server is trying to brut force passwords on different ftp accounts on my server....
46.23.73.73 - http://secure.runescape.com-weblogin.ws/m=forums/forums.ws/13,14,914,63177163/reply.ws/ - filed under Phishing
fraud@antihotmail.com
-------------------------------
http://secure.runescape.com-weblogin.ws/m=for...
69.197.157.164 - Possible phishing - filed under Spam
This IP is spamming and possibly phishing by using the
domain name:scenescentral.com...
125.45.109.166,1 - Router reporting activity on various ports - filed under DDOS
Attack from 125.45.109.166 several times per day. I have no holes in my firewall so I wish these idi...
174.127.106.26 - http://eighteeneighty.com/fsv/1542196594842151238714213267887152165198745123197846165/ - filed under Phishing
fraud@antihotmail.com
-------------------------------
http://eighteeneighty.com/fsv/154219659484215...
91.213.157.33 - Cloning windows explorer stating viruses - filed under Spam
this is spam and attempting people to download spam. its hacking...
207.158.13.163 - http://ppbills.com/serv.infoupdates.de=session-9nx47abmrqThkz331149/dezlxg53smvuny2qe/mode=30226/webscr.php?cmd_=session.start - filed under Phishing
fraud@antihotmail.com
--------------------------------
http://ppbills.com/serv.infoupdates.de=sessi...
203.27.145.56 - SSH Dictionary attack - filed under Brute Force
Repeated attempts to login with invented - bogus - credentials. Probably an unwitting participant in...
123.30.110.121 - Various issues… - filed under Hacking
Thrown up as a low risk intrusion attempt by my firewall...
166.205.7.59 - someone else accesing my accounts - filed under Hacking
this number is accesing all my accounts and changing my password...
61.152.218.203 - FTP attack - filed under FTP Hacking
Same sucker here.
This cretin has been trying to access my private ftp server using brute force pass...
88.84.146.93 - repeated attempts to log on using non-existent user names - filed under Brute Force
Probably an unwitting participant in a Botnet, attempting an SSH dictionary attack...
121.11.86.58 - Possible DoS HGOD SynKiller Flooding - filed under Sync Flood
2010-03-08 17:47:33 Possible DoS HGOD SynKiller Flooding 121.11.86.58...
188.72.213.44 - Joomla Bruteforce - filed under Brute Force
This user (IP) has attempted several times to bruteforce into my Joomla backend.
Luckily I have a p...
98.227.19.60 - HackAttack: [SPI:Illegal connection state attack] - filed under Firewall Alert
May 6 15:05:00 HackAttack: [SPI:Illegal connection state attack] ICMP packer from [nas0] 98.227.19....
173.83.118.2 - Repeated Spam on Game Forms and the Violation of the Users Agreement. - filed under Fraud
Fraud, false advertisement, theft. They claim to be in the BBB and many other "certified"...
189.19.206.152 - Flower page-Flox - filed under Sync Flood
return to the top BOUGAINVILLEA (Paper Flower) These plants require as much light as possible even f...
202.99.11.99 - Worm Helkern - filed under SQL Injection
Detected: Intrusion.Win.MSSQL.worm.Helkern
Detected: Intrusion.Win.MSSQL.worm.Helkern Absent UDP fr...
85.95.225.49 - http://wvvw.paypal.com-us.cgi-bin.webscr-cmd.login-submit.dispatch.5.5885d80a13c0db1f8e263663d3faee8dcbcd55a50598f04d927139403.erbaykereste.com.tr/4062d9f2a8fcc3e0648026fda025140c/login.php?cmd=_login-run&dispatch=5885d80a13c0db1f1ff80d546411d7f8a8350 - filed under Phishing
fraud@antihotmail.com
------------------------------
http://wvvw.paypal.com-us.cgi-bin.webscr-cmd.l...
219.148.1.91 - Attack - filed under SQL Injection
02:40:16.080 Alert Intrusion Prevention IPS Prevention Alert: VIRUS SQL Slammer Activity, SID: 1870,...
178.183.230.191 - Mail Server Brute Force - filed under Brute Force
Mail Server Brute Force & Too many request on my DNS Server ~1hour:30min
22:13:17 Request fro...
195.3.147.99 - 195.3.147.99 - filed under Firewall Alert
Repeated attempts to gain accesss. Blocked by Malwarebytes as malicious Website. Port 5428 Chrome.ex...
188.191.170.235 - Fw: Viagra©-Cia1is©-Levitra©-8O%-0ff - filed under Spam
Netherlands SPAMMER
IPv4 address:188.191.170.235
Reverse DNS:188.191.170.235
RIR:ARIN
Country:Nethe...
123.213.119.217 - Trying to brute an ftp - filed under FTP Hacking
It's still at it trying to brute force my ftp. It's a tiny ftp with one user I threw up for fun, s...
(001987) 11/23/2009 20:56:32 PM - (not logged in) (218.62.88.29)> USER Admin
(001987) 11/23/2009 20:56:32 PM - (not logged in) (218.62.88.29)> 331 Password required for admin
(001987) 11/23/2009 20:56:38 PM - (not logged in) (218.62.88.29)> USER Admin
(001987) 11/23/2009 20:56:38 PM - (not logged in) (218.62.88.29)> 331 Password required for admin
(001987) 11/23/2009 20:56:46 PM - (not logged in) (218.62.88.29)> USER Admin
(001987) 11/23/2009 20:56:46 PM - (not logged in) (218.62.88.29)> 331 Password required for admin
(001987) 11/23/2009 20:56:54 PM - (not logged in) (218.62.88.29)> PASS *
(001987) 11/23/2009 20:56:54 PM - (not logged in) (218.62.88.29)> 530 Login or password incorrect!
(001987) 11/23/2009 20:57:17 PM - (not logged in) (218.62.88.29)> PASS *
(001987) 11/23/2009 20:57:17 PM - (not logged in) (218.62.88.29)> 530 Login or password incorrect!
(001987) 11/23/2009 20:57:27 PM - (not logged in) (218.62.88.29)> 421 Login time exceeded. Closing control connection.
secure.1:Aug 31 16:29:45 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:29:54 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:00 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:09 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:18 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:27 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:33 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:42 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:51 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:30:59 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:31:06 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:31:14 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:31:23 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:31:31 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
secure.1:Aug 31 16:31:38 ix vsftpd: pam_unix(vsftpd:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=218.62.88.29
Both of the services fingerprints indicate that these are being used as zombies, added to the fact that the vulnerabilities on these boxes are very obvious.