117.90.137.54 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
117.90.137.111	attack	Sep 30 11:13:25 eola postfix/smtpd[368]: connect from unknown[117.90.137.111] Sep 30 11:13:30 eola postfix/smtpd[368]: lost connection after AUTH from unknown[117.90.137.111] Sep 30 11:13:30 eola postfix/smtpd[368]: disconnect from unknown[117.90.137.111] ehlo=1 auth=0/1 commands=1/2 Sep 30 11:13:32 eola postfix/smtpd[368]: connect from unknown[117.90.137.111] Sep 30 11:13:34 eola postfix/smtpd[368]: lost connection after AUTH from unknown[117.90.137.111] Sep 30 11:13:34 eola postfix/smtpd[368]: disconnect from unknown[117.90.137.111] ehlo=1 auth=0/1 commands=1/2 Sep 30 11:13:34 eola postfix/smtpd[368]: connect from unknown[117.90.137.111] Sep 30 11:13:37 eola postfix/smtpd[368]: lost connection after AUTH from unknown[117.90.137.111] Sep 30 11:13:37 eola postfix/smtpd[368]: disconnect from unknown[117.90.137.111] ehlo=1 auth=0/1 commands=1/2 Sep 30 11:13:37 eola postfix/smtpd[368]: connect from unknown[117.90.137.111] Sep 30 11:13:38 eola postfix/smtpd[368]: lost conne........ -------------------------------	2019-10-03 16:54:20

Type

Details

Datetime

117.90.137.111

attack

Sep 30 11:13:25 eola postfix/smtpd[368]: connect from unknown[117.90.137.111]
Sep 30 11:13:30 eola postfix/smtpd[368]: lost connection after AUTH from unknown[117.90.137.111]
Sep 30 11:13:30 eola postfix/smtpd[368]: disconnect from unknown[117.90.137.111] ehlo=1 auth=0/1 commands=1/2
Sep 30 11:13:32 eola postfix/smtpd[368]: connect from unknown[117.90.137.111]
Sep 30 11:13:34 eola postfix/smtpd[368]: lost connection after AUTH from unknown[117.90.137.111]
Sep 30 11:13:34 eola postfix/smtpd[368]: disconnect from unknown[117.90.137.111] ehlo=1 auth=0/1 commands=1/2
Sep 30 11:13:34 eola postfix/smtpd[368]: connect from unknown[117.90.137.111]
Sep 30 11:13:37 eola postfix/smtpd[368]: lost connection after AUTH from unknown[117.90.137.111]
Sep 30 11:13:37 eola postfix/smtpd[368]: disconnect from unknown[117.90.137.111] ehlo=1 auth=0/1 commands=1/2
Sep 30 11:13:37 eola postfix/smtpd[368]: connect from unknown[117.90.137.111]
Sep 30 11:13:38 eola postfix/smtpd[368]: lost conne........
-------------------------------

2019-10-03 16:54:20

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.90.137.54
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 41762
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;117.90.137.54.			IN	A

;; AUTHORITY SECTION:
.			364	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030400 1800 900 604800 86400

;; Query time: 132 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 22:58:04 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 54.137.90.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 54.137.90.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
142.93.26.245	attack	Aug 27 17:31:28 OPSO sshd\[24882\]: Invalid user persil from 142.93.26.245 port 32934 Aug 27 17:31:28 OPSO sshd\[24882\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.26.245 Aug 27 17:31:30 OPSO sshd\[24882\]: Failed password for invalid user persil from 142.93.26.245 port 32934 ssh2 Aug 27 17:35:56 OPSO sshd\[25644\]: Invalid user shoutcast from 142.93.26.245 port 49708 Aug 27 17:35:56 OPSO sshd\[25644\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.26.245	2019-08-28 02:09:41
80.82.77.18	attack	Aug 27 19:56:27 webserver postfix/smtpd\[831\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 19:57:06 webserver postfix/smtpd\[831\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 19:57:42 webserver postfix/smtpd\[831\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 19:58:21 webserver postfix/smtpd\[831\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Aug 27 19:58:58 webserver postfix/smtpd\[831\]: warning: unknown\[80.82.77.18\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2019-08-28 02:06:36
200.100.176.92	attackbotsspam	Aug 27 17:35:07 www sshd\[48584\]: Invalid user !@\#$%\^\&\* from 200.100.176.92Aug 27 17:35:09 www sshd\[48584\]: Failed password for invalid user !@\#$%\^\&\* from 200.100.176.92 port 58399 ssh2Aug 27 17:40:20 www sshd\[48637\]: Invalid user testing123456 from 200.100.176.92 ...	2019-08-28 01:38:41
129.211.4.202	attack	Aug 27 01:52:44 kapalua sshd\[9114\]: Invalid user irfan from 129.211.4.202 Aug 27 01:52:44 kapalua sshd\[9114\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.4.202 Aug 27 01:52:46 kapalua sshd\[9114\]: Failed password for invalid user irfan from 129.211.4.202 port 34526 ssh2 Aug 27 01:58:20 kapalua sshd\[9666\]: Invalid user psc from 129.211.4.202 Aug 27 01:58:20 kapalua sshd\[9666\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.4.202	2019-08-28 02:04:45
148.70.210.77	attack	Aug 27 14:18:58 tux-35-217 sshd\[8860\]: Invalid user bscw from 148.70.210.77 port 55015 Aug 27 14:18:58 tux-35-217 sshd\[8860\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.210.77 Aug 27 14:18:59 tux-35-217 sshd\[8860\]: Failed password for invalid user bscw from 148.70.210.77 port 55015 ssh2 Aug 27 14:24:32 tux-35-217 sshd\[8930\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.210.77 user=root ...	2019-08-28 01:37:18
94.176.76.188	attackspambots	(Aug 27) LEN=40 TTL=244 ID=51916 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=64579 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=5668 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=42598 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=1809 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=18399 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=10825 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=53513 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=28649 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=7515 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=19377 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=36579 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=27548 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=19872 DF TCP DPT=23 WINDOW=14600 SYN (Aug 27) LEN=40 TTL=244 ID=31687 DF TCP DPT=23 WINDOW=14600 SYN...	2019-08-28 01:56:19
125.161.104.219	attack	Unauthorized connection attempt from IP address 125.161.104.219 on Port 445(SMB)	2019-08-28 01:39:48
125.165.18.176	attackbotsspam	Unauthorized connection attempt from IP address 125.165.18.176 on Port 445(SMB)	2019-08-28 02:11:59
84.63.209.212	attackspambots	Aug 27 05:03:05 TORMINT sshd\[22243\]: Invalid user louis from 84.63.209.212 Aug 27 05:03:05 TORMINT sshd\[22243\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.63.209.212 Aug 27 05:03:07 TORMINT sshd\[22243\]: Failed password for invalid user louis from 84.63.209.212 port 60750 ssh2 ...	2019-08-28 01:49:58
37.151.28.64	attackspam	Unauthorized connection attempt from IP address 37.151.28.64 on Port 445(SMB)	2019-08-28 01:52:01
123.201.158.194	attack	Aug 27 02:06:48 hpm sshd\[13282\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.201.158.194 user=root Aug 27 02:06:50 hpm sshd\[13282\]: Failed password for root from 123.201.158.194 port 47699 ssh2 Aug 27 02:11:52 hpm sshd\[13754\]: Invalid user sontra from 123.201.158.194 Aug 27 02:11:53 hpm sshd\[13754\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.201.158.194 Aug 27 02:11:55 hpm sshd\[13754\]: Failed password for invalid user sontra from 123.201.158.194 port 47953 ssh2	2019-08-28 02:01:36
37.186.123.91	attackbotsspam	Aug 27 17:02:55 SilenceServices sshd[24580]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.186.123.91 Aug 27 17:02:57 SilenceServices sshd[24580]: Failed password for invalid user info from 37.186.123.91 port 37978 ssh2 Aug 27 17:07:17 SilenceServices sshd[26209]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=37.186.123.91	2019-08-28 02:06:08
23.129.64.200	attackbots	Automated report - ssh fail2ban: Aug 27 18:00:58 wrong password, user=root, port=44317, ssh2 Aug 27 18:01:03 wrong password, user=root, port=44317, ssh2 Aug 27 18:01:07 wrong password, user=root, port=44317, ssh2 Aug 27 18:01:11 wrong password, user=root, port=44317, ssh2	2019-08-28 02:13:11
171.224.177.63	attack	Unauthorized connection attempt from IP address 171.224.177.63 on Port 445(SMB)	2019-08-28 01:49:18
148.63.84.157	attack	Aug 27 09:03:09 hermescis postfix/smtpd\[2544\]: NOQUEUE: reject: RCPT from unknown\[148.63.84.157\]: 550 5.1.1 \: Recipient address rejected:* from=\ to=\ proto=ESMTP helo=\<157.84.63.148.rev.vodafone.pt\>	2019-08-28 01:41:23

Recently Reported IPs

117.90.137.58	114.233.51.54	117.90.137.66	117.90.137.68
117.90.137.64	117.90.137.74	117.90.137.52	117.90.137.60
117.90.137.72	117.90.137.76	117.90.137.8	117.90.137.82
117.90.137.86	117.90.137.90	117.90.137.80	117.90.137.88
117.90.137.79	117.90.137.84	114.233.51.61	117.90.144.106