112.213.109.54

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Sun Network (Hong Kong) Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 112.213.109.54 to port 9200 [T]	2020-08-13 23:44:06
attack	SSH break in or HTTP scan ...	2020-07-13 16:30:56

Comments on same subnet:

IP	Type	Details	Datetime
112.213.109.129	attackbots	ECShop Remote Code Execution Vulnerability, PTR: PTR record not found	2019-10-05 17:34:26
112.213.109.156	attack	Unauthorized connection attempt from IP address 112.213.109.156 on Port 445(SMB)	2019-08-23 04:24:25
112.213.109.149	attackbotsspam	Port Scan: TCP/445	2019-08-04 06:14:28
112.213.109.149	attackspambots	Honeypot attack, port: 445, PTR: PTR record not found	2019-07-31 22:23:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.213.109.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45390
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.213.109.54.			IN	A

;; AUTHORITY SECTION:
.			525	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020071300 1800 900 604800 86400

;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Jul 13 16:30:53 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 54.109.213.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 54.109.213.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
49.68.184.223	attack	Port Scan: TCP/23	2019-09-14 14:54:44
102.158.181.64	attackbots	Port Scan: TCP/60001	2019-09-14 14:45:47
198.23.133.81	attack	Sep 14 02:48:48 ny01 sshd[6239]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.133.81 Sep 14 02:48:50 ny01 sshd[6239]: Failed password for invalid user ovhuser from 198.23.133.81 port 37958 ssh2 Sep 14 02:53:43 ny01 sshd[7143]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.23.133.81	2019-09-14 15:09:29
27.71.225.157	attackspambots	port scan/probe/communication attempt	2019-09-14 15:03:19
140.207.155.102	attackbots	Port Scan: UDP/49153	2019-09-14 14:41:12
66.176.142.83	attackbots	Port Scan: UDP/944	2019-09-14 14:52:07
116.228.147.46	attackspambots	Port Scan: UDP/37853	2019-09-14 14:43:29
181.40.66.61	attackbotsspam	Port Scan: TCP/445	2019-09-14 14:38:44
76.170.7.245	attackbots	Port Scan: UDP/80	2019-09-14 14:50:10
91.247.193.140	attack	Port Scan: TCP/445	2019-09-14 14:48:26
92.53.65.52	attackbots	09/14/2019-01:16:46.103486 92.53.65.52 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-09-14 14:47:59
117.34.112.10	attack	Port Scan: TCP/445	2019-09-14 14:42:59
183.62.158.218	attackspam	Sep 14 09:53:50 hosting sshd[19592]: Invalid user design from 183.62.158.218 port 54132 ...	2019-09-14 15:03:52
186.64.121.145	attackbots	Sep 13 20:48:40 hpm sshd\[22331\]: Invalid user qhsupport from 186.64.121.145 Sep 13 20:48:40 hpm sshd\[22331\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.64.121.145 Sep 13 20:48:43 hpm sshd\[22331\]: Failed password for invalid user qhsupport from 186.64.121.145 port 49000 ssh2 Sep 13 20:53:44 hpm sshd\[22757\]: Invalid user wifin from 186.64.121.145 Sep 13 20:53:44 hpm sshd\[22757\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.64.121.145	2019-09-14 15:08:24
197.214.114.90	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-14 05:39:26,122 INFO [amun_request_handler] unknown vuln (Attacker: 197.214.114.90 Port: 3389, Mess: ['\x03\x00\x00*%\xe0\x00\x00\x00\x00\x00Cookie: mstshash=Test \x01\x00\x08\x00\x03\x00\x00\x00\x03\x00\x00%\x02\xf0\x80d\x00\x00\x03\xebp\x80\x16\x16\x00\x17\x00\xe9\x03\x00\x00\x00\x00\x00\x01\x08\x00$\x00\x00\x00\x01\ 122.228.208.113 Port: 1080, Mess: ['\x05\x02\x00\x01'] (4) Stages: ['MYDOOM_STAGE1'])	2019-09-14 15:25:56

Recently Reported IPs

118.174.185.37	111.207.155.50	36.74.115.141	184.185.236.81
14.232.177.231	84.54.120.96	154.70.98.49	60.246.155.145
45.116.160.31	211.234.242.14	55.192.198.37	58.131.104.7
185.189.123.34	212.162.128.25	123.17.213.73	199.115.230.39
125.227.39.74	114.35.100.75	47.91.156.14	197.62.89.111