58.218.199.250 I have tracert'd this ip. He's bouncing through Dallas and Los Angeles. Idk about trying to hack into my computer but i just recently found this ip (he is using ip's in my town to ddos me too) in my router's history log of all packets received/sent. He is notice ably slowing down my internet.
Still active... Quelqu'un a lancé une analyse sur votre ordinateur. Les ports TCP 8090, 8008, 8118, 73 et 8123 de votre ordinateur ont été analysés à partir de 58.218.199.250.
58.218.199.250 this clown keeps trying to get into my system. anyway we I can burn him alive?
The person behined this domaine is now in jail faceing a 10yr strech due to other matters
The guy behined this domaine is now in jail faceing a 10yr strech due to other matters
This IP has been port scanning for weeks and has been reported to the ISP.
This guy attempted to scan my ports 5 times for the past 2 months! I really hope somebody is gonna do something for that!... What about the local police?
This guy tried to hack my PC yesterday, but it's not the first time it happens, coming from this place in China. Can any body stop this?!
58.218.199.250 - - [02/Mar/2013:09:40:14 -0800] "GET http://59.53.91.9/proxy/judge.php HTTP/1.1" 403 217 58.218.199.250 - - [02/Mar/2013:16:00:06 -0800] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [04/Mar/2013:02:45:11 -0800] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [04/Mar/2013:05:51:43 -0800] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [04/Mar/2013:08:57:41 -0800] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [04/Mar/2013:12:03:52 -0800] "GET http://59.53.91.9/proxy/judge.php HTTP/1.1" 403 217 58.218.199.250 - - [04/Mar/2013:15:11:11 -0800] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [06/Mar/2013:02:14:30 -0800] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 208 58.218.199.250 - - [06/Mar/2013:15:02:05 -0800] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [06/Mar/2013:18:14:11 -0800] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 208 58.218.199.250 - - [06/Mar/2013:21:34:13 -0800] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [08/Mar/2013:07:21:52 -0800] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 208 58.218.199.250 - - [08/Mar/2013:18:40:11 -0800] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 208 58.218.199.250 - - [09/Mar/2013:11:37:18 -0800] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 208 58.218.199.250 - - [10/Mar/2013:03:16:44 -0700] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 208 58.218.199.250 - - [10/Mar/2013:14:49:30 -0700] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [10/Mar/2013:17:40:16 -0700] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [14/Mar/2013:13:25:05 -0700] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 404 213 58.218.199.250 - - [14/Mar/2013:21:55:47 -0700] "GET http://www.piggmail.com/proxyheader.php HTTP/1.1" 404 213 58.218.199.250 - - [16/Mar/2013:11:49:26 -0700] "GET http://216.245.211.138/aop0igj.php HTTP/1.1" 404 209 58.218.199.250 - - [21/Mar/2013:07:28:38 -0700] "GET http://www.piggmail.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [21/Mar/2013:13:18:06 -0700] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [21/Mar/2013:16:11:28 -0700] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [22/Mar/2013:21:07:12 -0700] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [23/Mar/2013:03:05:25 -0700] "GET http://www.verysurf.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [23/Mar/2013:11:54:45 -0700] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [25/Mar/2013:13:42:15 -0700] "GET http://www.piggmail.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [26/Mar/2013:10:20:24 -0700] "GET http://216.245.211.138/aop0igj.php HTTP/1.1" 403 213 58.218.199.250 - - [26/Mar/2013:16:09:34 -0700] "GET http://61.152.144.145/judge.php HTTP/1.1" 403 211 58.218.199.250 - - [26/Mar/2013:21:59:42 -0700] "GET http://www.piggmail.com/proxyheader.php HTTP/1.1" 403 217 58.218.199.250 - - [27/Mar/2013:18:06:15 -0700] "GET http://www.travelimgusa.com/ip.php HTTP/1.1" 403 208 58.218.199.250 - - [28/Mar/2013:05:32:27 -0700] "GET http://www.piggmail.com/proxyheader.php HTTP/1.1" 403 217
с айпи 58.218.199.250 сканировали порты на моем компе, пытались хакнуть. Я подозреваю может это троян закравшийся в уторент клиент, а может это ПО по скюлинжект было заражено этим трояном китайского происхождения.
NOT IN JAIL: The client will block traffic from IP address 58.218.199.250 for the next 600 seconds (from 4/23/2013 8:36:16 PM to 4/23/2013 8:46:16 PM). Somebody is scanning your computer. Your computer's TCP ports: 27977, 9000, 1080, 8088 and 8118 have been scanned from 58.218.199.250. Active Response that started at 4/23/2013 8:36:16 PM is disengaged. The traffic from IP address 58.218.199.250 was blocked for 600 second(s). Wish I knew how to block this person.
Can someone PLEASE follow all these packets back to their source and beat up the jerks who are CONSTANTLY trying to hack into my pc??!!?! I see comments here from 2011. Now its MAY-2013 and STILL this IP is a major menace! There is no way the communist **** china government would allow anyone to hack, so I would say its the china government that is behind this!
[root@tom232 Desktop]# traceroute 58.218.199.250 traceroute to 58.218.199.250 (58.218.199.250), 30 hops max, 60 byte packets 1 127.0.0.1 (127.0.0.1) 0.609 ms 1.651 ms 1.817 ms 2 **.***.*.1 (XXXXXXXXXXXX) 11.107 ms 11.300 ms 14.449 ms 3 te-0-0-0-5-*********************************** 18.919 ms 18.976 ms 19.639 ms 4 te-0-0-0-0-*********************************** (xx.xx.x.189) 15.096 ms 15.161 ms 15.094 ms 5 te-1-7-0-2-***********************************(XX.***.XX.141) 19.666 ms 19.627 ms 19.592 ms 6 he-2-10-0-0-cr01.newyork.ny.ibone.comcast.net (68.86.94.17) 28.813 ms 20.230 ms 21.022 ms 7 he-0-7-0-0-cr01.350ecermak.il.ibone.comcast.net (68.86.88.158) 46.444 ms 50.843 ms 51.844 ms 8 he-1-13-0-0-cr01.denver.co.ibone.comcast.net (68.86.85.246) 61.664 ms 69.513 ms 70.395 ms 9 he-0-2-0-0-cr01.denverqwest.co.ibone.comcast.net (68.86.89.30) 71.576 ms 72.641 ms 72.332 ms 10 he-4-13-0-0-cr01.sanjose.ca.ibone.comcast.net (68.86.89.129) 95.608 ms 96.439 ms 96.402 ms 11 pos-0-4-0-0-pe01.11greatoaks.ca.ibone.comcast.net (68.86.87.150) 95.608 ms 90.044 ms 93.756 ms 12 66.208.216.42 (66.208.216.42) 95.496 ms 96.211 ms 93.309 ms 13 202.97.50.81 (202.97.50.81) 93.370 ms 92.075 ms 92.505 ms 14 202.97.50.89 (202.97.50.89) 238.018 ms 236.959 ms 237.869 ms 15 202.97.33.121 (202.97.33.121) 229.259 ms 226.107 ms 230.191 ms 16 202.97.33.9 (202.97.33.9) 250.462 ms 249.476 ms 246.442 ms 17 202.97.82.2 (202.97.82.2) 250.464 ms 249.123 ms 253.092 ms 18 61.160.130.102 (61.160.130.102) 235.307 ms 246.765 ms 232.523 ms 19 58.218.203.66 (58.218.203.66) 266.521 ms 267.332 ms 267.321 ms 20 58.218.201.242 (58.218.201.242) 252.532 ms 253.222 ms 253.210 ms 21 * * * 22 58.218.199.250 (58.218.199.250) 244.662 ms 243.490 ms 244.600 ms <---******* !!!!!
Confirm found IP 58.218.199.250 as author of a hacking attempt on our server too. Server located in London, UK, source IP reported to be in China.
You guys can connect to his server by doing the following: Windows 7: 1) Open the start menu and type MSTSC. 2) Type in his IP address in the box that pops up: 58.218.199.250 3) Attempt to guess username and password. 4) Have fun. Sick of this ****** trying to hack my network.
Looks like 58.218.199.250 is still at it - the IP address scanned my computer in Australia.
Please help us keep Internet safer and cleaner by leaving a descriptive comment about 58.218.199.250 IP address
- Hacked Gmail accounts
- WordPress Hacking Attempts
- SSH Hacking Attempts
- Why Can't I See The Exact Address?
DNSBL* - is a list of IP addresses published through the Internet Domain Name Service (DNS) either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time. DNSBLs are most often used to publish the addresses of computers or networks linked to spamming; most mail server software can be configured to reject or flag messages which have been sent from a site listed on one or more such lists.
WHOIS** - is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. WHOIS lookups were traditionally performed with a command line interface application, and network administrators predominantly still use this method, but many simplified web-based tools exist. WHOIS services are typically communicated using the Transmission Control Protocol (TCP). Servers listen to requests on the well-known port number 43.
** Approximate Geographic Location - This is NOT the exact geographical location of the person/organization with the given IP address. However, this should still give you a good idea about the area/region where this person/orgranization is located.