117.54.4.92 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Indonesia

Internet Service Provider: IndoInternet Network

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Unauthorized connection attempt from IP address 117.54.4.92 on Port 445(SMB)	2019-10-12 08:12:20

Comments on same subnet:

IP	Type	Details	Datetime
117.54.4.86	attackbotsspam	Feb 12 05:55:31 game-panel sshd[3258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86 Feb 12 05:55:33 game-panel sshd[3258]: Failed password for invalid user pythia from 117.54.4.86 port 58308 ssh2 Feb 12 05:58:06 game-panel sshd[3355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86	2020-02-12 14:27:06
117.54.4.86	attack	Unauthorized connection attempt detected from IP address 117.54.4.86 to port 2220 [J]	2020-02-04 06:07:53
117.54.4.86	attackspambots	Feb 3 06:50:59 legacy sshd[14926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86 Feb 3 06:51:01 legacy sshd[14926]: Failed password for invalid user xdp from 117.54.4.86 port 58102 ssh2 Feb 3 06:54:48 legacy sshd[15152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86 ...	2020-02-03 13:58:27

Type

Details

Datetime

117.54.4.86

attackbotsspam

Feb 12 05:55:31 game-panel sshd[3258]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86
Feb 12 05:55:33 game-panel sshd[3258]: Failed password for invalid user pythia from 117.54.4.86 port 58308 ssh2
Feb 12 05:58:06 game-panel sshd[3355]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86

2020-02-12 14:27:06

117.54.4.86

attack

Unauthorized connection attempt detected from IP address 117.54.4.86 to port 2220 [J]

2020-02-04 06:07:53

117.54.4.86

attackspambots

Feb  3 06:50:59 legacy sshd[14926]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86
Feb  3 06:51:01 legacy sshd[14926]: Failed password for invalid user xdp from 117.54.4.86 port 58102 ssh2
Feb  3 06:54:48 legacy sshd[15152]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.54.4.86
...

2020-02-03 13:58:27

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.54.4.92
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16789
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.54.4.92.			IN	A

;; AUTHORITY SECTION:
.			327	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019101101 1800 900 604800 86400

;; Query time: 242 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 12 08:12:16 CST 2019
;; MSG SIZE  rcvd: 115

Host info

92.4.54.117.in-addr.arpa domain name pointer rev-92-4-54.117.indo.net.id.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
92.4.54.117.in-addr.arpa	name = rev-92-4-54.117.indo.net.id.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
5.39.77.117	attackspambots	2019-09-20T15:07:49.5732691495-001 sshd\[36100\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3262586.ip-5-39-77.eu 2019-09-20T15:07:51.0070151495-001 sshd\[36100\]: Failed password for invalid user km from 5.39.77.117 port 48512 ssh2 2019-09-20T15:20:42.2316601495-001 sshd\[36931\]: Invalid user minerva from 5.39.77.117 port 55740 2019-09-20T15:20:42.2390571495-001 sshd\[36931\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3262586.ip-5-39-77.eu 2019-09-20T15:20:44.1210371495-001 sshd\[36931\]: Failed password for invalid user minerva from 5.39.77.117 port 55740 ssh2 2019-09-20T15:25:07.7526401495-001 sshd\[37292\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3262586.ip-5-39-77.eu user=root ...	2019-09-21 03:36:45
221.150.22.201	attack	Reported by AbuseIPDB proxy server.	2019-09-21 03:37:15
51.255.44.56	attackspam	Reported by AbuseIPDB proxy server.	2019-09-21 03:36:23
54.37.138.172	attack	Sep 20 20:21:55 vpn01 sshd\[28056\]: Invalid user ftp from 54.37.138.172 Sep 20 20:21:55 vpn01 sshd\[28056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.37.138.172 Sep 20 20:21:57 vpn01 sshd\[28056\]: Failed password for invalid user ftp from 54.37.138.172 port 48872 ssh2	2019-09-21 03:20:52
70.37.49.155	attackbotsspam	2019-09-20T19:26:09.847209abusebot-5.cloudsearch.cf sshd\[16835\]: Invalid user stanphill from 70.37.49.155 port 38126	2019-09-21 03:43:28
46.235.173.250	attackbotsspam	Automated report - ssh fail2ban: Sep 20 21:37:04 authentication failure Sep 20 21:37:06 wrong password, user=srss, port=41758, ssh2 Sep 20 21:41:23 authentication failure	2019-09-21 03:45:49
188.166.41.192	attackbotsspam	2019-09-20T19:28:29.042080abusebot-3.cloudsearch.cf sshd\[27744\]: Invalid user Mielikki from 188.166.41.192 port 35522	2019-09-21 03:35:40
74.82.47.22	attackbots	" "	2019-09-21 03:39:52
185.176.27.178	attackbotsspam	Sep 20 21:03:09 mc1 kernel: \[292647.859488\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=12463 PROTO=TCP SPT=43437 DPT=6933 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 20 21:05:34 mc1 kernel: \[292792.392635\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=55802 PROTO=TCP SPT=43437 DPT=54232 WINDOW=1024 RES=0x00 SYN URGP=0 Sep 20 21:07:24 mc1 kernel: \[292902.870948\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.176.27.178 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=20340 PROTO=TCP SPT=43437 DPT=1436 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-09-21 03:13:06
113.107.139.68	attack	Port scan on 6 port(s): 2222 9009 10001 20002 30003 60006	2019-09-21 03:43:59
165.22.201.204	attack	Sep 20 09:06:31 web1 sshd\[16905\]: Invalid user szs from 165.22.201.204 Sep 20 09:06:31 web1 sshd\[16905\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.201.204 Sep 20 09:06:33 web1 sshd\[16905\]: Failed password for invalid user szs from 165.22.201.204 port 35174 ssh2 Sep 20 09:10:35 web1 sshd\[17375\]: Invalid user oframe5 from 165.22.201.204 Sep 20 09:10:35 web1 sshd\[17375\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.22.201.204	2019-09-21 03:16:48
218.92.0.155	attackspam	Sep 20 20:59:19 MK-Soft-Root2 sshd\[17723\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.92.0.155 user=root Sep 20 20:59:21 MK-Soft-Root2 sshd\[17723\]: Failed password for root from 218.92.0.155 port 3039 ssh2 Sep 20 20:59:24 MK-Soft-Root2 sshd\[17723\]: Failed password for root from 218.92.0.155 port 3039 ssh2 ...	2019-09-21 03:33:33
137.74.152.156	attackspam	Sep 20 19:23:54 localhost sshd\[45704\]: Invalid user user from 137.74.152.156 port 34758 Sep 20 19:23:54 localhost sshd\[45704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.152.156 Sep 20 19:23:57 localhost sshd\[45704\]: Failed password for invalid user user from 137.74.152.156 port 34758 ssh2 Sep 20 19:28:07 localhost sshd\[45811\]: Invalid user landscape from 137.74.152.156 port 54010 Sep 20 19:28:07 localhost sshd\[45811\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.74.152.156 ...	2019-09-21 03:28:55
222.73.36.73	attackspam	Sep 21 01:17:48 itv-usvr-01 sshd[24186]: Invalid user toni from 222.73.36.73 Sep 21 01:17:48 itv-usvr-01 sshd[24186]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.73.36.73 Sep 21 01:17:48 itv-usvr-01 sshd[24186]: Invalid user toni from 222.73.36.73 Sep 21 01:17:50 itv-usvr-01 sshd[24186]: Failed password for invalid user toni from 222.73.36.73 port 41704 ssh2 Sep 21 01:21:21 itv-usvr-01 sshd[24338]: Invalid user qg from 222.73.36.73	2019-09-21 03:43:08
59.93.160.193	attack	Sep 20 20:18:52 indra sshd[119450]: Invalid user admin from 59.93.160.193 Sep 20 20:18:52 indra sshd[119450]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.93.160.193 Sep 20 20:18:54 indra sshd[119450]: Failed password for invalid user admin from 59.93.160.193 port 46026 ssh2 Sep 20 20:18:56 indra sshd[119450]: Failed password for invalid user admin from 59.93.160.193 port 46026 ssh2 Sep 20 20:18:59 indra sshd[119450]: Failed password for invalid user admin from 59.93.160.193 port 46026 ssh2 ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=59.93.160.193	2019-09-21 03:39:15

Recently Reported IPs

108.251.211.21	166.103.128.64	180.248.110.84	143.189.241.76
117.50.54.253	112.71.114.162	71.7.210.111	91.214.0.164
7.143.30.45	79.83.108.248	240.15.66.230	239.143.75.31
200.186.186.99	170.75.55.164	21.125.239.165	168.125.134.124
4.249.198.29	47.164.32.88	194.135.108.82	216.104.72.146