The digital world runs on IP addresses, which are the core identifiers that allow devices, servers, and websites to connect across networks. Sometimes, strange strings like 111.90.150.2044 show up in logs, firewalls, or discussions, sparking curiosity and confusion. Is it an IP address? A typo? A proxy server? Or something malicious?
In this article, we’ll demystify 111.90.150.2044—from its structural irregularities to possible meanings, real-world implications, and what actions (if any) you should take when you encounter it. Let’s take a deep dive.
Understanding IP Address Formats: Why 111.90.150.2044 Is Technically Invalid
To understand why 111.90.150.2044 raises red flags, we need to revisit how IP addresses work—especially the commonly used IPv4 format.
IPv4 addresses are written as four decimal numbers (each between 0 and 255) separated by dots. This is known as the dotted decimal notation, like this: 192.168.1.1. Each segment is called an “octet” and corresponds to one byte of data.
Now, let’s look at 111.90.150.2044. The final segment—2044—far exceeds the valid range for an octet, which should max out at 255. That alone tells us this is not a valid IP address in IPv4 format. Most systems, log analyzers, and networking tools will reject or misinterpret it.
So why does this malformed IP appear at all?
111.90.150.2044: A Closer Look at the Most Logical Explanation
The most likely reason this string shows up is due to a formatting error—specifically, a missing colon between an IP address and a port number.
Correct form:
111.90.150.204:2044
Here, 111.90.150.204 is a valid IPv4 address, and 2044 is a port number. This format is common when specifying services that run on non-standard ports (other than default ones like 80 for HTTP or 443 for HTTPS).
If the colon is accidentally removed—either by a faulty logging system or during data transmission—it becomes a single string: 111.90.150.2044. This may cause automated tools to interpret it incorrectly.
Breaking Down the Real IP: 111.90.150.204
Assuming the correct format is 111.90.150.204:2044, let’s focus on the valid IP portion.
Using IP lookup and WHOIS tools, we can gather the following:
- Owner: Shinjiru Technology Sdn Bhd
- ASN: AS45839
- Location: Kuala Lumpur, Malaysia
- Hostname (PTR): Often resolves to
server1.kamon.laor a similar naming structure
Shinjiru is a well-known offshore hosting provider in Malaysia. It offers data center solutions, virtual servers, and anonymous hosting—services often used for privacy-sensitive projects or niche websites.
This tells us the IP is hosted, not residential, and is part of a data center block, which is important when considering its context and behavior.
Port 2044: What Services Use It?
Now, let’s examine the port number 2044. It’s not among the standard or well-known ports, but that doesn’t mean it’s useless or malicious.
Here are some key facts:
- Not officially registered with IANA
- Sometimes labeled as “rimsl” in port databases
- Rarely used in mainstream software or services
- Occasionally appears in proprietary or internal applications
Because it’s uncommon, port 2044 is sometimes used in:
- Custom web interfaces for niche apps
- Encrypted tunnels or VPN gateways
- Malware command-and-control systems (though rarely)
- Internal admin dashboards configured to avoid default ports
While there’s no definitive function, the usage of high-numbered ports like this often implies a custom or specialized application, especially in hosting environments.
IP Reputation: Is 111.90.150.204 Risky?
If you’re worried that this mysterious IP might be malicious, you’re not alone. Let’s analyze its reputation and security profile.
Using major threat intelligence platforms:
- AbuseIPDB: One or zero reports. The most recent involved a minor port scan; no spam or malware reported.
- VirusTotal: Typically shows clean results, depending on current activity.
- Scamalytics: Lists Shinjiru IPs as having a low fraud score in general—between 10 and 20 out of 100.
In essence, 111.90.150.204 does not appear to be inherently malicious, though it’s important to note that IP addresses in hosting environments can be repurposed quickly. Just because it’s safe today doesn’t mean it always will be.
Why You Might See 111.90.150.2044 in Logs or Firewall Alerts
If you’ve found 111.90.150.2044 in logs, firewall notifications, IDS (intrusion detection systems), or server reports, it’s likely due to one of these causes:
- Log Formatting Error: A software module or application removed the colon between IP and port.
- Custom Script Output: Some log scrapers or security tools flatten the string for readability or regex matching.
- Port Scanning Activity: If your system logs both IP and port in raw form, it could appear as a combined integer-like string.
If your firewall is flagging 111.90.150.2044, it’s most likely trying to indicate that traffic attempted to access port 2044 from 111.90.150.204.
Geolocation and Hosting Provider: Shinjiru Technology Sdn Bhd
The hosting provider, Shinjiru, has operated in Malaysia since the early 2000s. It’s known for:
- Anonymous hosting for offshore clients
- Bulletproof servers (sometimes linked to free-speech or gray-market hosting)
- Custom IP ranges and virtualized cloud infrastructure
Due to its business model, IPs under Shinjiru often attract attention from law enforcement, cybersecurity firms, and researchers—although most traffic is benign.
It’s not uncommon for such providers to be used for VPN services, crypto websites, or forums. This could explain occasional spikes in visibility for IPs like 111.90.150.204.
How to Investigate 111.90.150.2044 Yourself (Safely)
If you’re a system administrator, developer, or cybersecurity analyst and want to investigate further, here are safe ways to analyze it:
- Split the String Manually:
Separate into IP and port like this:
111.90.150.204:2044 - Use Nmap for Port Scanning:
nmap -p 2044 111.90.150.204This will reveal whether the port is open and which service (if any) is running.
- Check for PTR and Reverse DNS:
dig -x 111.90.150.204You’ll likely find a hostname pointing to a hosted VPS or dedicated server.
- Review Abuse Records:
Visit abuseipdb.com to view real-time reports. - Traceroute the IP:
traceroute 111.90.150.204This can show the network path and determine whether it’s being routed through suspicious hops or proxies.
Should You Block or Trust 111.90.150.2044?
The answer depends on context:
- If you received it in a malformed log, clean up the log format and check the actual IP behavior.
- If port 2044 is open and unauthenticated, consider firewalling it unless it’s a known service.
- If it’s actively probing your system, a temporary IP block might be prudent.
But based on currently available data, there’s no overwhelming reason to block it solely because of its structure.
Common Mistakes: Misreading or Overreacting
A few common pitfalls:
- Assuming it’s malware because it “looks weird.” Many legitimate systems use high ports.
- Confusing the number as a full IP. Remember, 2044 isn’t a valid octet.
- Blocking the wrong thing. If you block “111.90.150.2044” literally, some systems might fail to match it at all due to invalid format.
Correct action starts with accurate parsing and context review.
Read More: What Is 185.63.253.2pp? Full Guide to This IP Address & Its Uses
Final Thoughts: Understanding “111.90.150.2044” in a Digital World
To wrap it all up: 111.90.150.2044 is not a real IP address. It’s almost certainly a formatting error where a colon was dropped between a valid IP and a custom port number.
The valid IP 111.90.150.204 belongs to a Malaysian hosting provider known for anonymous and offshore services, and port 2044 is likely used for something custom—nothing immediately dangerous, based on open reports.
If you see this string, don’t panic. Analyze the IP, test the port, check logs, and ensure your systems are correctly interpreting data.
Staying calm, curious, and informed is the best way to deal with digital mysteries like 111.90.150.2044.
