104.211.50.18 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
104.211.50.174	attackbotsspam	SSH/22 MH Probe, BF, Hack -	2020-05-04 15:39:36
104.211.50.174	attackspam	Apr 24 18:24:07 ns382633 sshd\[11843\]: Invalid user tomcat2 from 104.211.50.174 port 36020 Apr 24 18:24:07 ns382633 sshd\[11843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.50.174 Apr 24 18:24:09 ns382633 sshd\[11843\]: Failed password for invalid user tomcat2 from 104.211.50.174 port 36020 ssh2 Apr 24 18:41:23 ns382633 sshd\[15297\]: Invalid user ubuntu from 104.211.50.174 port 59514 Apr 24 18:41:23 ns382633 sshd\[15297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.50.174	2020-04-25 01:11:25

类型

评论内容

时间

104.211.50.174

attackbotsspam

SSH/22 MH Probe, BF, Hack -

2020-05-04 15:39:36

104.211.50.174

attackspam

Apr 24 18:24:07 ns382633 sshd\[11843\]: Invalid user tomcat2 from 104.211.50.174 port 36020
Apr 24 18:24:07 ns382633 sshd\[11843\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.50.174
Apr 24 18:24:09 ns382633 sshd\[11843\]: Failed password for invalid user tomcat2 from 104.211.50.174 port 36020 ssh2
Apr 24 18:41:23 ns382633 sshd\[15297\]: Invalid user ubuntu from 104.211.50.174 port 59514
Apr 24 18:41:23 ns382633 sshd\[15297\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.211.50.174

2020-04-25 01:11:25

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.211.50.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39511
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;104.211.50.18.			IN	A

;; AUTHORITY SECTION:
.			441	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 13:57:46 CST 2022
;; MSG SIZE  rcvd: 106

HOST信息:

Host 18.50.211.104.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 18.50.211.104.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
185.158.142.144	attack	Honeypot attack, port: 445, PTR: 144-142-158-185.wifi4all.it.	2020-09-07 15:57:54
49.235.153.220	attackspam	Sep 7 08:41:48 rancher-0 sshd[1476910]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.153.220 user=root Sep 7 08:41:51 rancher-0 sshd[1476910]: Failed password for root from 49.235.153.220 port 42866 ssh2 ...	2020-09-07 16:15:28
45.142.120.192	attackbotsspam	Sep 7 09:45:10 srv01 postfix/smtpd\[27802\]: warning: unknown\[45.142.120.192\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 09:45:26 srv01 postfix/smtpd\[29439\]: warning: unknown\[45.142.120.192\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 09:45:27 srv01 postfix/smtpd\[27802\]: warning: unknown\[45.142.120.192\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 09:45:42 srv01 postfix/smtpd\[27156\]: warning: unknown\[45.142.120.192\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Sep 7 09:46:00 srv01 postfix/smtpd\[29440\]: warning: unknown\[45.142.120.192\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-09-07 15:51:12
104.131.118.160	attackbots	Sep 2 01:42:33 bbl sshd[30823]: Did not receive identification string from 104.131.118.160 port 51928 Sep 2 01:43:20 bbl sshd[3577]: Received disconnect from 104.131.118.160 port 49256:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:20 bbl sshd[3577]: Disconnected from 104.131.118.160 port 49256 [preauth] Sep 2 01:43:43 bbl sshd[6163]: Invalid user ftpuser from 104.131.118.160 port 44062 Sep 2 01:43:43 bbl sshd[6163]: Received disconnect from 104.131.118.160 port 44062:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:43:43 bbl sshd[6163]: Disconnected from 104.131.118.160 port 44062 [preauth] Sep 2 01:44:07 bbl sshd[8872]: Invalid user ghostname from 104.131.118.160 port 38862 Sep 2 01:44:07 bbl sshd[8872]: Received disconnect from 104.131.118.160 port 38862:11: Normal Shutdown, Thank you for playing [preauth] Sep 2 01:44:07 bbl sshd[8872]: Disconnected from 104.131.118.160 port 38862 [preauth] Sep 2 01:44:31 bbl sshd[12270]: Inva........ -------------------------------	2020-09-07 16:00:31
104.46.32.174	attackbotsspam	Unauthorised login to NAS	2020-09-07 16:02:18
117.107.213.244	attack	$f2bV_matches	2020-09-07 16:20:58
60.165.219.14	attackbotsspam	Sep 7 05:54:37 rancher-0 sshd[1474641]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.165.219.14 user=root Sep 7 05:54:39 rancher-0 sshd[1474641]: Failed password for root from 60.165.219.14 port 61338 ssh2 ...	2020-09-07 16:27:51
80.32.131.229	attackspambots	$f2bV_matches	2020-09-07 16:27:36
192.42.116.26	attackbotsspam	(sshd) Failed SSH login from 192.42.116.26 (NL/Netherlands/this-is-a-tor-exit-node-hviv126.hviv.nl): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 7 04:27:22 server sshd[15868]: Failed password for root from 192.42.116.26 port 55180 ssh2 Sep 7 04:27:24 server sshd[15868]: Failed password for root from 192.42.116.26 port 55180 ssh2 Sep 7 04:27:27 server sshd[15868]: Failed password for root from 192.42.116.26 port 55180 ssh2 Sep 7 04:27:29 server sshd[15868]: Failed password for root from 192.42.116.26 port 55180 ssh2 Sep 7 04:27:31 server sshd[15868]: Failed password for root from 192.42.116.26 port 55180 ssh2	2020-09-07 16:30:06
104.225.154.136	attackspam	$f2bV_matches	2020-09-07 16:01:32
122.51.224.106	attack	Lines containing failures of 122.51.224.106 Sep 6 13:36:38 shared10 sshd[2881]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.224.106 user=r.r Sep 6 13:36:40 shared10 sshd[2881]: Failed password for r.r from 122.51.224.106 port 59962 ssh2 Sep 6 13:36:40 shared10 sshd[2881]: Received disconnect from 122.51.224.106 port 59962:11: Bye Bye [preauth] Sep 6 13:36:40 shared10 sshd[2881]: Disconnected from authenticating user r.r 122.51.224.106 port 59962 [preauth] Sep 6 13:56:39 shared10 sshd[12017]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.224.106 user=r.r Sep 6 13:56:41 shared10 sshd[12017]: Failed password for r.r from 122.51.224.106 port 36424 ssh2 Sep 6 13:56:42 shared10 sshd[12017]: Received disconnect from 122.51.224.106 port 36424:11: Bye Bye [preauth] Sep 6 13:56:42 shared10 sshd[12017]: Disconnected from authenticating user r.r 122.51.224.106 port 36424 [pr........ ------------------------------	2020-09-07 16:25:33
152.136.149.160	attackbots	Sep 7 13:34:46 webhost01 sshd[30572]: Failed password for root from 152.136.149.160 port 33602 ssh2 ...	2020-09-07 16:23:14
49.88.112.69	attackspam	Sep 7 10:37:53 pkdns2 sshd\[5758\]: Failed password for root from 49.88.112.69 port 29960 ssh2Sep 7 10:37:58 pkdns2 sshd\[5758\]: Failed password for root from 49.88.112.69 port 29960 ssh2Sep 7 10:38:00 pkdns2 sshd\[5758\]: Failed password for root from 49.88.112.69 port 29960 ssh2Sep 7 10:45:53 pkdns2 sshd\[6228\]: Failed password for root from 49.88.112.69 port 27178 ssh2Sep 7 10:45:55 pkdns2 sshd\[6228\]: Failed password for root from 49.88.112.69 port 27178 ssh2Sep 7 10:45:59 pkdns2 sshd\[6228\]: Failed password for root from 49.88.112.69 port 27178 ssh2 ...	2020-09-07 16:07:50
138.94.117.118	attackbotsspam	Attempted Brute Force (dovecot)	2020-09-07 15:53:32
192.144.215.146	attack	Port scan denied	2020-09-07 15:54:52

最近上报的IP列表

104.211.5.87	104.211.60.104	104.211.7.200	104.211.63.229
104.211.59.224	104.211.77.233	104.211.73.126	104.214.101.105
104.214.101.74	104.211.8.26	105.213.101.46	104.214.102.180
104.214.102.64	104.214.102.179	104.214.103.115	104.214.20.11
104.214.237.220	105.213.101.52	104.214.231.131	105.213.101.55