162.213.0.56 - IPInfo

Basic Info

City: Tseung Kwan O

Region: Sai Kung New Territories

Country: Hong Kong

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
162.213.0.243	attackspam	Aug 6 13:26:01 mail sshd\[20525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.213.0.243 user=root Aug 6 13:26:03 mail sshd\[20525\]: Failed password for root from 162.213.0.243 port 36153 ssh2 Aug 6 13:26:06 mail sshd\[20525\]: Failed password for root from 162.213.0.243 port 36153 ssh2	2019-08-06 19:38:18
162.213.0.243	attackspambots	Jul 25 14:31:24 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2 Jul 25 14:31:27 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2 Jul 25 14:31:29 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2 Jul 25 14:31:32 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2	2019-07-26 03:33:17
162.213.0.243	attackbots	3389BruteforceFW21	2019-07-07 12:55:30

Type

Details

Datetime

162.213.0.243

attackspam

Aug  6 13:26:01 mail sshd\[20525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.213.0.243  user=root
Aug  6 13:26:03 mail sshd\[20525\]: Failed password for root from 162.213.0.243 port 36153 ssh2
Aug  6 13:26:06 mail sshd\[20525\]: Failed password for root from 162.213.0.243 port 36153 ssh2

2019-08-06 19:38:18

162.213.0.243

attackspambots

Jul 25 14:31:24 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2
Jul 25 14:31:27 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2
Jul 25 14:31:29 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2
Jul 25 14:31:32 ns37 sshd[14858]: Failed password for root from 162.213.0.243 port 42955 ssh2

2019-07-26 03:33:17

162.213.0.243

attackbots

3389BruteforceFW21

2019-07-07 12:55:30

Whois info:

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#



# start

NetRange:       162.213.0.0 - 162.213.3.255
CIDR:           162.213.0.0/22
NetName:        NET-162-213-0-0-1
NetHandle:      NET-162-213-0-0-1
Parent:         NET162 (NET-162-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   HostPapa (HOSTP-7)
RegDate:        2013-05-29
Updated:        2024-02-02
Comment:        https://www.hostpapa.com - static allocation.
Ref:            https://rdap.arin.net/registry/ip/162.213.0.0


OrgName:        HostPapa
OrgId:          HOSTP-7
Address:        325 Delaware Avenue
Address:        Suite 300
City:           Buffalo
StateProv:      NY
PostalCode:     14202
Country:        US
RegDate:        2016-06-06
Updated:        2024-04-26
Ref:            https://rdap.arin.net/registry/entity/HOSTP-7


OrgAbuseHandle: NETAB23-ARIN
OrgAbuseName:   NETABUSE
OrgAbusePhone:  +1-905-315-3455 
OrgAbuseEmail:  net-abuse-global@hostpapa.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/NETAB23-ARIN

OrgTechHandle: NETTE9-ARIN
OrgTechName:   NETTECH
OrgTechPhone:  +1-905-315-3455 
OrgTechEmail:  net-tech-global@hostpapa.com
OrgTechRef:    https://rdap.arin.net/registry/entity/NETTE9-ARIN

RAbuseHandle: NETAB26-ARIN
RAbuseName:   NETABUSE-HOSTPAPA
RAbusePhone:  +1-905-315-3455 
RAbuseEmail:  net-abuse@hostpapa.com
RAbuseRef:    https://rdap.arin.net/registry/entity/NETAB26-ARIN

RTechHandle: NETTE12-ARIN
RTechName:   NETTECH-HOSTPAPA
RTechPhone:  +1-905-315-3455 
RTechEmail:  net-tech@hostpapa.com
RTechRef:    https://rdap.arin.net/registry/entity/NETTE12-ARIN

# end


# start

NetRange:       162.213.0.0 - 162.213.3.255
CIDR:           162.213.0.0/22
NetName:        NET-162-213-0-0-22
NetHandle:      NET-162-213-0-0-2
Parent:         NET-162-213-0-0-1 (NET-162-213-0-0-1)
NetType:        Reallocated
OriginAS:       
Organization:   IPXO LLC (IL-845)
RegDate:        2023-01-31
Updated:        2023-01-31
Ref:            https://rdap.arin.net/registry/ip/162.213.0.0


OrgName:        IPXO LLC
OrgId:          IL-845
Address:        3132 State Street
City:           Dallas
StateProv:      TX
PostalCode:     75204-3500
Country:        US
RegDate:        2021-03-25
Updated:        2025-09-10
Comment:        Geofeed https://geofeed.ipxo.com/geofeed.txt
Ref:            https://rdap.arin.net/registry/entity/IL-845


OrgAbuseHandle: IAMT1-ARIN
OrgAbuseName:   IPXO Abuse Management Team
OrgAbusePhone:  +1 (650) 934-1667 
OrgAbuseEmail:  abuse@ipxo.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/IAMT1-ARIN

OrgDNSHandle: IST36-ARIN
OrgDNSName:   IPXO Support Team
OrgDNSPhone:  +1 (650) 564-3425  
OrgDNSEmail:  support@ipxo.com
OrgDNSRef:    https://rdap.arin.net/registry/entity/IST36-ARIN

OrgTechHandle: IST36-ARIN
OrgTechName:   IPXO Support Team
OrgTechPhone:  +1 (650) 564-3425  
OrgTechEmail:  support@ipxo.com
OrgTechRef:    https://rdap.arin.net/registry/entity/IST36-ARIN

# end


# start

NetRange:       162.213.0.0 - 162.213.0.255
CIDR:           162.213.0.0/24
NetName:        NET-162-213-0-0-24
NetHandle:      NET-162-213-0-0-3
Parent:         NET-162-213-0-0-22 (NET-162-213-0-0-2)
NetType:        Reassigned
OriginAS:       
Customer:       Private Customer (C11296643)
RegDate:        2025-07-29
Updated:        2025-07-29
Comment:        report@abuseradar.com
Comment:        Geofeed https://geofeed.ipxo.com/geofeed.txt
Ref:            https://rdap.arin.net/registry/ip/162.213.0.0


CustName:       Private Customer
Address:        Private Residence
City:           London
StateProv:      
PostalCode:     WC1N 3AX
Country:        GB
RegDate:        2025-07-29
Updated:        2025-07-29
Ref:            https://rdap.arin.net/registry/entity/C11296643

OrgAbuseHandle: IAMT1-ARIN
OrgAbuseName:   IPXO Abuse Management Team
OrgAbusePhone:  +1 (650) 934-1667 
OrgAbuseEmail:  abuse@ipxo.com
OrgAbuseRef:    https://rdap.arin.net/registry/entity/IAMT1-ARIN

OrgDNSHandle: IST36-ARIN
OrgDNSName:   IPXO Support Team
OrgDNSPhone:  +1 (650) 564-3425  
OrgDNSEmail:  support@ipxo.com
OrgDNSRef:    https://rdap.arin.net/registry/entity/IST36-ARIN

OrgTechHandle: IST36-ARIN
OrgTechName:   IPXO Support Team
OrgTechPhone:  +1 (650) 564-3425  
OrgTechEmail:  support@ipxo.com
OrgTechRef:    https://rdap.arin.net/registry/entity/IST36-ARIN

# end



#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 162.213.0.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62304
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;162.213.0.56.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025100201 1800 900 604800 86400

;; Query time: 33 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 03 05:01:33 CST 2025
;; MSG SIZE  rcvd: 105

Host info

Host 56.0.213.162.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 56.0.213.162.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
102.7.64.233	attackbots	2020-08-31 09:59:52.590174-0500 localhost smtpd[88903]: NOQUEUE: reject: RCPT from unknown[102.7.64.233]: 554 5.7.1 Service unavailable; Client host [102.7.64.233] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/102.7.64.233; from= to= proto=ESMTP helo=<[102.7.64.233]>	2020-09-01 00:57:28
67.49.89.233	attack	TCP (SYN) 67.49.89.233:12911 -> port 8080, len 44	2020-09-01 00:43:33
14.192.144.251	attack	2020-08-31 07:23:44.868243-0500 localhost smtpd[76680]: NOQUEUE: reject: RCPT from unknown[14.192.144.251]: 554 5.7.1 Service unavailable; Client host [14.192.144.251] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/14.192.144.251; from= to= proto=ESMTP helo=	2020-09-01 00:56:24
157.245.227.165	attack	Aug 31 13:51:59 rush sshd[24074]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.227.165 Aug 31 13:52:02 rush sshd[24074]: Failed password for invalid user test1234 from 157.245.227.165 port 57692 ssh2 Aug 31 13:53:53 rush sshd[24107]: Failed password for root from 157.245.227.165 port 58308 ssh2 ...	2020-09-01 01:09:08
200.192.244.12	attack	Unauthorised access (Aug 31) SRC=200.192.244.12 LEN=52 TTL=117 ID=31306 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-01 00:55:34
167.71.227.102	attackspambots	167.71.227.102 - - [31/Aug/2020:13:33:04 +0100] "POST /wp-login.php HTTP/1.1" 200 2261 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.227.102 - - [31/Aug/2020:13:33:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2234 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 167.71.227.102 - - [31/Aug/2020:13:33:07 +0100] "POST /wp-login.php HTTP/1.1" 200 2233 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-01 00:54:21
140.143.228.18	attack	Aug 31 14:33:38 instance-2 sshd[6899]: Failed password for root from 140.143.228.18 port 54306 ssh2 Aug 31 14:38:21 instance-2 sshd[6923]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.228.18 Aug 31 14:38:23 instance-2 sshd[6923]: Failed password for invalid user teddy from 140.143.228.18 port 43412 ssh2	2020-09-01 01:08:22
37.255.238.25	attack	Automatic report - Port Scan Attack	2020-09-01 01:24:40
112.198.126.116	attack	Causing of slow of my internet	2020-09-01 00:53:43
39.98.158.248	attackbots	Aug 31 13:32:36 rocket sshd[9827]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=39.98.158.248 Aug 31 13:32:38 rocket sshd[9827]: Failed password for invalid user ubnt from 39.98.158.248 port 58558 ssh2 ...	2020-09-01 01:21:47
195.54.160.180	attack	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-31T17:08:02Z and 2020-08-31T17:08:05Z	2020-09-01 01:13:48
177.19.176.234	attackspambots	Invalid user ventas from 177.19.176.234 port 39952	2020-09-01 01:15:22
47.31.34.233	attackbotsspam	Unauthorized connection attempt from IP address 47.31.34.233 on Port 445(SMB)	2020-09-01 00:50:52
160.19.137.121	attackbotsspam	Unauthorized connection attempt from IP address 160.19.137.121 on Port 445(SMB)	2020-09-01 01:12:14
164.90.214.5	attack	TCP (SYN) 164.90.214.5:44819 -> port 178, len 44	2020-09-01 01:04:53

Recently Reported IPs

198.199.84.120	171.80.11.160	85.190.232.106	113.215.188.236
44.203.199.99	18.204.218.89	80.99.23.123	64.23.181.166
167.71.31.248	20.84.118.60	172.202.113.141	38.79.118.141
38.79.118.140	38.79.118.111	52.91.122.136	167.172.233.176
113.215.189.54	117.245.240.28	103.252.89.75	222.246.154.254