117.50.45.254 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 26 13:57:21 ny01 sshd[31731]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 Nov 26 13:57:23 ny01 sshd[31731]: Failed password for invalid user polad from 117.50.45.254 port 41078 ssh2 Nov 26 14:02:50 ny01 sshd[32400]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254	2019-11-27 04:23:55
attack	2019-11-11T23:15:32.675593abusebot-4.cloudsearch.cf sshd\[22216\]: Invalid user rwatkins from 117.50.45.254 port 50760	2019-11-12 07:20:50
attack	Nov 10 07:31:26 zooi sshd[22849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 Nov 10 07:31:28 zooi sshd[22849]: Failed password for invalid user vivek from 117.50.45.254 port 37572 ssh2 ...	2019-11-10 15:45:43
attackspam	SSH Brute Force, server-1 sshd[29966]: Failed password for invalid user sikerim from 117.50.45.254 port 60940 ssh2	2019-11-08 07:03:36
attack	Nov 5 10:34:16 vpn01 sshd[4367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 Nov 5 10:34:18 vpn01 sshd[4367]: Failed password for invalid user FUWUQInet!@ from 117.50.45.254 port 33820 ssh2 ...	2019-11-05 18:47:52
attackspam	Oct 25 14:03:58 lnxmail61 sshd[29127]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254	2019-10-26 00:51:16
attack	Invalid user km from 117.50.45.254 port 37018	2019-10-24 23:50:42
attackbotsspam	Oct 17 17:34:01 php1 sshd\[20090\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 user=root Oct 17 17:34:03 php1 sshd\[20090\]: Failed password for root from 117.50.45.254 port 37926 ssh2 Oct 17 17:38:48 php1 sshd\[20466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 user=root Oct 17 17:38:50 php1 sshd\[20466\]: Failed password for root from 117.50.45.254 port 39666 ssh2 Oct 17 17:43:30 php1 sshd\[21000\]: Invalid user prueba from 117.50.45.254 Oct 17 17:43:30 php1 sshd\[21000\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254	2019-10-18 19:37:35
attackbotsspam	$f2bV_matches	2019-10-15 06:09:05
attackbotsspam	Oct 5 11:32:58 sachi sshd\[9847\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 user=root Oct 5 11:33:00 sachi sshd\[9847\]: Failed password for root from 117.50.45.254 port 33926 ssh2 Oct 5 11:36:18 sachi sshd\[10119\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 user=root Oct 5 11:36:20 sachi sshd\[10119\]: Failed password for root from 117.50.45.254 port 57546 ssh2 Oct 5 11:39:37 sachi sshd\[10478\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.254 user=root	2019-10-06 05:43:27

Comments on same subnet:

IP	Type	Details	Datetime
117.50.45.122	attack	Invalid user ftpuser from 117.50.45.122 port 54680	2020-05-01 12:16:34
117.50.45.190	attackspam	$f2bV_matches	2019-09-16 20:15:12
117.50.45.190	attack	Sep 14 20:42:06 meumeu sshd[11452]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.190 Sep 14 20:42:08 meumeu sshd[11452]: Failed password for invalid user jing from 117.50.45.190 port 35298 ssh2 Sep 14 20:45:44 meumeu sshd[11883]: Failed password for root from 117.50.45.190 port 35316 ssh2 ...	2019-09-15 06:37:42
117.50.45.190	attackbots	Sep 9 04:52:57 web1 sshd\[3127\]: Invalid user ts3srv from 117.50.45.190 Sep 9 04:52:57 web1 sshd\[3127\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.190 Sep 9 04:52:59 web1 sshd\[3127\]: Failed password for invalid user ts3srv from 117.50.45.190 port 49834 ssh2 Sep 9 04:58:47 web1 sshd\[3683\]: Invalid user username from 117.50.45.190 Sep 9 04:58:47 web1 sshd\[3683\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.45.190	2019-09-10 05:41:05
117.50.45.216	attackbotsspam	2019-06-24 06:41:57 H=(ewy.com) [117.50.45.216]:61942 I=[10.100.18.25]:25 sender verify fail for : Unrouteable address 2019-06-24 x@x 2019-06-24 06:41:57 unexpected disconnection while reading SMTP command from (ewy.com) [117.50.45.216]:61942 I=[10.100.18.25]:25 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=117.50.45.216	2019-06-24 17:12:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.45.254
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.45.254.			IN	A

;; AUTHORITY SECTION:
.			597	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100501 1800 900 604800 86400

;; Query time: 160 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 06 05:43:22 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 254.45.50.117.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
*** Can't find 254.45.50.117.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
139.99.221.61	attackbots	Feb 2 05:58:33 haigwepa sshd[21028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.99.221.61 Feb 2 05:58:36 haigwepa sshd[21028]: Failed password for invalid user upload from 139.99.221.61 port 37437 ssh2 ...	2020-02-02 13:10:17
113.116.53.129	attack	Unauthorized connection attempt detected from IP address 113.116.53.129 to port 1433 [J]	2020-02-02 10:11:57
103.78.39.59	attack	Unauthorized connection attempt detected from IP address 103.78.39.59 to port 139 [J]	2020-02-02 10:18:19
222.186.30.57	attackspambots	Feb 2 03:12:48 v22018076622670303 sshd\[11772\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.57 user=root Feb 2 03:12:50 v22018076622670303 sshd\[11772\]: Failed password for root from 222.186.30.57 port 59024 ssh2 Feb 2 03:12:53 v22018076622670303 sshd\[11772\]: Failed password for root from 222.186.30.57 port 59024 ssh2 ...	2020-02-02 10:14:56
190.9.56.20	attackbots	Feb 1 19:23:34 hpm sshd\[14202\]: Invalid user test1 from 190.9.56.20 Feb 1 19:23:34 hpm sshd\[14202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.56.20 Feb 1 19:23:36 hpm sshd\[14202\]: Failed password for invalid user test1 from 190.9.56.20 port 44198 ssh2 Feb 1 19:27:15 hpm sshd\[14352\]: Invalid user redmine from 190.9.56.20 Feb 1 19:27:15 hpm sshd\[14352\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.9.56.20	2020-02-02 13:32:56
112.51.252.191	attack	Feb 2 05:58:04 host dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 9 secs): user=, method=PLAIN, rip=112.51.252.191, lip=62.210.151.217, session= Feb 2 05:58:37 host dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 4 secs): user=, method=PLAIN, rip=112.51.252.191, lip=62.210.151.217, session=<5xigqJCdrsxwM/y/> ...	2020-02-02 13:09:05
34.232.80.179	attack	[SunFeb0201:43:05.2367622020][:error][pid9885:tid47092616283904][client34.232.80.179:47348][client34.232.80.179]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$python-requests$.Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"skyrunningzone.com"][uri"/"][unique_id"XjYbGXt0QYW-EIdmBCBeAAAAAAI"][SunFeb0201:43:05.4852522020][:error][pid29026:tid47092724696832][client34.232.80.179:47358][client34.232.80.179]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent$python-requests$.Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"skyrunni	2020-02-02 10:22:29
49.88.112.65	attack	Feb 2 05:21:44 game-panel sshd[10021]: Failed password for root from 49.88.112.65 port 59872 ssh2 Feb 2 05:23:22 game-panel sshd[10081]: Failed password for root from 49.88.112.65 port 16044 ssh2 Feb 2 05:23:24 game-panel sshd[10081]: Failed password for root from 49.88.112.65 port 16044 ssh2	2020-02-02 13:33:46
51.38.232.93	attackspambots	Feb 1 23:58:35 plusreed sshd[16025]: Invalid user sbserver from 51.38.232.93 ...	2020-02-02 13:11:11
5.186.71.128	attackbotsspam	ssh failed login	2020-02-02 13:20:42
194.65.94.60	attack	Feb 2 05:58:23 nextcloud sshd\[1414\]: Invalid user deploy from 194.65.94.60 Feb 2 05:58:23 nextcloud sshd\[1414\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.65.94.60 Feb 2 05:58:25 nextcloud sshd\[1414\]: Failed password for invalid user deploy from 194.65.94.60 port 52744 ssh2	2020-02-02 13:21:36
222.186.180.130	attackspambots	Feb 2 02:11:12 firewall sshd[22304]: Failed password for root from 222.186.180.130 port 64800 ssh2 Feb 2 02:11:14 firewall sshd[22304]: Failed password for root from 222.186.180.130 port 64800 ssh2 Feb 2 02:11:17 firewall sshd[22304]: Failed password for root from 222.186.180.130 port 64800 ssh2 ...	2020-02-02 13:14:01
202.177.244.68	attack	Unauthorized connection attempt detected from IP address 202.177.244.68 to port 80 [J]	2020-02-02 10:23:24
219.79.32.216	attackspam	Unauthorized connection attempt detected from IP address 219.79.32.216 to port 5555 [J]	2020-02-02 10:19:52
182.61.184.155	attackspambots	Unauthorized connection attempt detected from IP address 182.61.184.155 to port 2220 [J]	2020-02-02 13:17:30

Recently Reported IPs

46.99.151.140	45.140.205.177	123.19.247.163	167.99.247.235
200.194.48.37	177.184.179.85	54.69.190.106	36.110.114.32
23.251.150.131	65.49.212.67	91.144.20.192	191.5.162.115
203.87.120.212	248.120.46.35	22.52.158.154	185.154.20.172
143.255.242.138	213.25.139.37	105.110.200.223	84.220.254.161