112.239.91.53 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Unicom Shandong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	UTC: 2019-09-15 pkts: 3 port: 22/tcp	2019-09-16 16:19:01
attackbotsspam	Sep 14 22:38:03 web2 sshd[7624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.239.91.53 Sep 14 22:38:05 web2 sshd[7624]: Failed password for invalid user admin from 112.239.91.53 port 34984 ssh2	2019-09-15 04:44:14

Type

Details

Datetime

attackspambots

UTC: 2019-09-15 pkts: 3 port: 22/tcp

2019-09-16 16:19:01

attackbotsspam

Sep 14 22:38:03 web2 sshd[7624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.239.91.53
Sep 14 22:38:05 web2 sshd[7624]: Failed password for invalid user admin from 112.239.91.53 port 34984 ssh2

2019-09-15 04:44:14

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.239.91.53
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47593
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.239.91.53.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019091401 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 15 04:44:09 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 53.91.239.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 53.91.239.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
71.6.232.5	attackbots	TCP (SYN) 71.6.232.5:33048 -> port 3306, len 44	2020-06-21 06:46:56
113.208.119.2	attackspambots	TCP (SYN) 113.208.119.2:52831 -> port 1433, len 44	2020-06-21 07:03:30
104.140.188.6	attack	ET SCAN Suspicious inbound to PostgreSQL port 5432 - port: 5432 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:23:04
37.49.224.125	attack	NL_XEMU-MNT_<177>1592687834 [1:2402001:5581] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2]: {UDP} 37.49.224.125:59186	2020-06-21 06:54:11
51.79.149.123	attackspam	ET CINS Active Threat Intelligence Poor Reputation IP group 38 - port: 46148 proto: UDP cat: Misc Attack	2020-06-21 06:51:14
92.63.197.70	attack	TCP (SYN) 92.63.197.70:46942 -> port 3396, len 44	2020-06-21 06:44:23
79.124.62.86	attackspambots	TCP (SYN) 79.124.62.86:55076 -> port 9055, len 44	2020-06-21 07:07:09
185.153.196.245	attackbotsspam	=Multiport scan 196 ports : 2318 2319 2320 2321 2322 2323 2324 2325 2326 2327 2328 2329 2330 2331 2332 2333 2334 2335 2336 2337 2338 2339 2340 2341 2342 2343 2344 2345 2346 2347 2348 2349 2350 2351 2352 2353 2354 2355 2356 2357 2358 2359 2360 2361 3165 3166 3167 3168 3169 3170 3171 3172 3173 3174 3175 3176 3177 3178 3179 3180 3181 3182 3183 3184 3185 3186 3267 3268 3269 3270 3271 3272 3273 3274 3275 3276 3277 3278 3279 3280 3281 3282 3283 3284 3285 3286 3287 3288 3369 3370 3371 3372 3373 3374 3375 3376 3377 3378 3379 3380 3381 3382 3383 3384 3385 3386 3387 3388 3390(x13) 10156 10157 10158 10159 10160 10161 10162 10163 10164 10165 10166 10167 10168 10169 10170 10171 10172 10173 10174 10175 10176 10177 10178 10180 10181 10182 10183 10184 10185 10186 10187 10188 10189 10190 10191 10192 10193 10194 10195 10196 10197 10198 10199 17965 17966 17967 17968 17969 17970 17971 17972 17973 17974 17975 17976 17977 17978 17979 17980 17981 17982 17983 17984 17985 17986 17987 17988 17989 17990 17991 179....	2020-06-21 06:59:51
45.56.91.118	attackbots	TCP (SYN) 45.56.91.118:45759 -> port 25, len 40	2020-06-21 06:53:28
64.227.23.68	attackspambots	Multiport scan 62 ports : 529 1495 1543 4474 4723 6373 6967 7373 7888 10188 10562 10718 10929 11595 11597 11965 12067 12792 12877 13570 14630 14859 16400 16840 16905 16951 17053 17646 17977 18130 18186 19340 19423 19451 19686 19992 20273 20618 21030 21225 21427 21623 21835 21989 22749 23855 23965 24136 26654 26656 27165 28046 28919 29327 29511 30343 31176 31708 31906 31997 32244 32640	2020-06-21 06:48:50
141.98.9.157	attackspambots	detected by Fail2Ban	2020-06-21 07:02:48
196.219.89.214	attack	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-21 07:14:01
45.148.10.92	attackbotsspam	ET CINS Active Threat Intelligence Poor Reputation IP group 27 - port: 10000 proto: UDP cat: Misc Attack	2020-06-21 07:10:22
146.88.240.4	attack	Multiport scan : 31 ports scanned 17 19 53 69 111 123(x2) 137 161 389 500 520 623 1194 1434 1604 1701 1900(x2) 3283 3702 5060 5093 5353 5683(x2) 7781 10001 11211 21026 27016 27018 27960 47808	2020-06-21 07:21:41
185.209.0.90	attack	ET DROP Dshield Block Listed Source group 1 - port: 3400 proto: TCP cat: Misc Attack	2020-06-21 06:58:17

Recently Reported IPs

43.180.75.94	109.209.159.29	60.170.204.100	173.82.153.83
155.0.203.6	12.197.157.62	61.189.48.146	159.203.201.203
46.99.172.105	119.48.172.22	109.175.8.31	211.166.217.225
95.33.225.176	91.121.75.62	35.198.237.235	187.235.56.228
167.114.157.86	159.203.201.101	102.157.39.103	118.169.20.140