117.50.12.10 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 21 15:30:13 thevastnessof sshd[29426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 ...	2019-12-22 00:37:14
attackbotsspam	Dec 16 23:12:48 lnxmail61 sshd[30730]: Failed password for root from 117.50.12.10 port 50118 ssh2 Dec 16 23:12:48 lnxmail61 sshd[30730]: Failed password for root from 117.50.12.10 port 50118 ssh2 Dec 16 23:20:01 lnxmail61 sshd[31638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-12-17 06:38:32
attackspambots	Dec 10 07:06:54 game-panel sshd[19565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Dec 10 07:06:56 game-panel sshd[19565]: Failed password for invalid user test from 117.50.12.10 port 54640 ssh2 Dec 10 07:13:51 game-panel sshd[19949]: Failed password for root from 117.50.12.10 port 54572 ssh2	2019-12-10 15:13:53
attackspam	2019-11-19T22:02:53.919036homeassistant sshd[3855]: Invalid user mysql from 117.50.12.10 port 50404 2019-11-19T22:02:53.925919homeassistant sshd[3855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 ...	2019-11-20 08:47:50
attackbots	Nov 6 10:04:31 marvibiene sshd[48998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Nov 6 10:04:33 marvibiene sshd[48998]: Failed password for root from 117.50.12.10 port 33648 ssh2 Nov 6 10:09:31 marvibiene sshd[49093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Nov 6 10:09:33 marvibiene sshd[49093]: Failed password for root from 117.50.12.10 port 42018 ssh2 ...	2019-11-06 20:54:11
attackbotsspam	Oct 29 18:10:15 sachi sshd\[23704\]: Invalid user hichina from 117.50.12.10 Oct 29 18:10:15 sachi sshd\[23704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 29 18:10:17 sachi sshd\[23704\]: Failed password for invalid user hichina from 117.50.12.10 port 36986 ssh2 Oct 29 18:14:59 sachi sshd\[24073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Oct 29 18:15:01 sachi sshd\[24073\]: Failed password for root from 117.50.12.10 port 46290 ssh2	2019-10-30 12:20:19
attackspam	Oct 29 14:42:24 MainVPS sshd[31527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Oct 29 14:42:27 MainVPS sshd[31527]: Failed password for root from 117.50.12.10 port 32964 ssh2 Oct 29 14:48:17 MainVPS sshd[31929]: Invalid user _lldpd from 117.50.12.10 port 42242 Oct 29 14:48:17 MainVPS sshd[31929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 29 14:48:17 MainVPS sshd[31929]: Invalid user _lldpd from 117.50.12.10 port 42242 Oct 29 14:48:19 MainVPS sshd[31929]: Failed password for invalid user _lldpd from 117.50.12.10 port 42242 ssh2 ...	2019-10-29 22:32:33
attack	Oct 28 10:09:45 tdfoods sshd\[7829\]: Invalid user P@\$\$w0rd from 117.50.12.10 Oct 28 10:09:45 tdfoods sshd\[7829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 28 10:09:48 tdfoods sshd\[7829\]: Failed password for invalid user P@\$\$w0rd from 117.50.12.10 port 57496 ssh2 Oct 28 10:14:09 tdfoods sshd\[8223\]: Invalid user pass from 117.50.12.10 Oct 28 10:14:09 tdfoods sshd\[8223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-10-29 04:26:56
attackspam	Oct 20 07:56:14 nextcloud sshd\[25610\]: Invalid user system from 117.50.12.10 Oct 20 07:56:14 nextcloud sshd\[25610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 20 07:56:16 nextcloud sshd\[25610\]: Failed password for invalid user system from 117.50.12.10 port 34652 ssh2 ...	2019-10-20 14:20:10
attackspam	Port Scan detected from 117.50.12.10 (CN/China/-). 4 hits in the last 290 seconds	2019-10-08 05:29:43
attackbotsspam	Oct 2 11:25:26 php1 sshd\[12094\]: Invalid user t from 117.50.12.10 Oct 2 11:25:26 php1 sshd\[12094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 2 11:25:28 php1 sshd\[12094\]: Failed password for invalid user t from 117.50.12.10 port 37562 ssh2 Oct 2 11:29:41 php1 sshd\[12474\]: Invalid user beefy from 117.50.12.10 Oct 2 11:29:41 php1 sshd\[12474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-10-03 05:48:35
attack	Sep 27 14:04:04 tdfoods sshd\[30218\]: Invalid user spamspam from 117.50.12.10 Sep 27 14:04:04 tdfoods sshd\[30218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 27 14:04:06 tdfoods sshd\[30218\]: Failed password for invalid user spamspam from 117.50.12.10 port 39442 ssh2 Sep 27 14:08:48 tdfoods sshd\[30640\]: Invalid user teamspeak from 117.50.12.10 Sep 27 14:08:48 tdfoods sshd\[30640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-09-28 08:45:51
attackbotsspam	Sep 25 17:53:18 wbs sshd\[17706\]: Invalid user gen from 117.50.12.10 Sep 25 17:53:18 wbs sshd\[17706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 25 17:53:19 wbs sshd\[17706\]: Failed password for invalid user gen from 117.50.12.10 port 55054 ssh2 Sep 25 17:58:32 wbs sshd\[18102\]: Invalid user tester from 117.50.12.10 Sep 25 17:58:32 wbs sshd\[18102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-09-26 12:06:21
attackbots	Sep 25 14:21:54 gw1 sshd[14938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 25 14:21:56 gw1 sshd[14938]: Failed password for invalid user nancy from 117.50.12.10 port 40452 ssh2 ...	2019-09-25 17:31:10
attack	$f2bV_matches	2019-09-21 01:21:08
attackbots	Sep 16 05:44:02 core sshd[7503]: Invalid user Tehmas82 from 117.50.12.10 port 45790 Sep 16 05:44:04 core sshd[7503]: Failed password for invalid user Tehmas82 from 117.50.12.10 port 45790 ssh2 ...	2019-09-16 11:48:39
attackspambots	web-1 [ssh_2] SSH Attack	2019-08-24 17:13:03
attack	Aug 2 13:07:36 hosting sshd[11473]: Invalid user wanker from 117.50.12.10 port 42960 ...	2019-08-02 21:34:03
attack	Jun 25 20:15:38 server sshd\[188433\]: Invalid user steve from 117.50.12.10 Jun 25 20:15:38 server sshd\[188433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Jun 25 20:15:41 server sshd\[188433\]: Failed password for invalid user steve from 117.50.12.10 port 39220 ssh2 ...	2019-07-17 11:27:56
attackspam	2019-07-12T01:14:07.267960abusebot-4.cloudsearch.cf sshd\[30579\]: Invalid user foo from 117.50.12.10 port 59964	2019-07-12 09:26:50
attackbots	Tried sshing with brute force.	2019-06-26 19:47:48

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.12.104	attackspambots	2020-09-14 00:37:07.280073-0500 localhost sshd[41937]: Failed password for root from 117.50.12.104 port 44614 ssh2	2020-09-15 01:00:36
117.50.12.228	attackbots	2020-09-14 05:44:52,306 fail2ban.actions: WARNING [ssh] Ban 117.50.12.228	2020-09-14 23:24:46
117.50.12.104	attack	2020-09-14 00:37:07.280073-0500 localhost sshd[41937]: Failed password for root from 117.50.12.104 port 44614 ssh2	2020-09-14 16:43:30
117.50.12.228	attackbotsspam	2020-09-14 05:44:52,306 fail2ban.actions: WARNING [ssh] Ban 117.50.12.228	2020-09-14 15:13:14
117.50.12.228	attack	Sep 12 23:26:38 server sshd[19430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.228 user=r.r Sep 12 23:26:39 server sshd[19430]: Failed password for r.r from 117.50.12.228 port 53674 ssh2 Sep 12 23:26:40 server sshd[19430]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:36:44 server sshd[19701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.228 user=r.r Sep 12 23:36:47 server sshd[19701]: Failed password for r.r from 117.50.12.228 port 51038 ssh2 Sep 12 23:36:47 server sshd[19701]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:47:52 server sshd[20142]: Failed password for invalid user netscape from 117.50.12.228 port 57976 ssh2 Sep 12 23:47:53 server sshd[20142]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:53:24 server sshd[20286]: pam_unix(sshd:auth): authentication failure; logname= u........ -------------------------------	2020-09-14 07:08:23
117.50.12.149	attackbots	20 attempts against mh-ssh on maple	2020-07-07 06:40:20
117.50.12.149	attackbotsspam	Jul 4 06:22:06 vps46666688 sshd[31935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.149 Jul 4 06:22:08 vps46666688 sshd[31935]: Failed password for invalid user sysadm from 117.50.12.149 port 45920 ssh2 ...	2020-07-04 18:25:13
117.50.126.15	attackspambots	2020-06-13T15:33:04.557579+02:00 sshd[13115]: Failed password for root from 117.50.126.15 port 61362 ssh2	2020-06-13 22:14:26
117.50.126.4	attackbots	Jun 10 21:26:10 debian-2gb-nbg1-2 kernel: \[14075899.289422\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=117.50.126.4 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=48873 PROTO=TCP SPT=58478 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-11 04:46:47
117.50.126.15	attackbots	Jun 8 22:38:38 server sshd[18582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 Jun 8 22:38:40 server sshd[18582]: Failed password for invalid user meriel from 117.50.126.15 port 47175 ssh2 Jun 8 22:41:47 server sshd[19069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 ...	2020-06-09 04:42:23
117.50.126.15	attack	Jun 8 05:54:54 ns3164893 sshd[27389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root Jun 8 05:54:55 ns3164893 sshd[27389]: Failed password for root from 117.50.126.15 port 61127 ssh2 ...	2020-06-08 12:52:59
117.50.126.15	attack	2020-06-04T15:14:09.686287vps773228.ovh.net sshd[24523]: Failed password for root from 117.50.126.15 port 39651 ssh2 2020-06-04T15:18:34.562059vps773228.ovh.net sshd[24583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root 2020-06-04T15:18:36.985633vps773228.ovh.net sshd[24583]: Failed password for root from 117.50.126.15 port 21944 ssh2 2020-06-04T15:23:07.861348vps773228.ovh.net sshd[24637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root 2020-06-04T15:23:09.763017vps773228.ovh.net sshd[24637]: Failed password for root from 117.50.126.15 port 4243 ssh2 ...	2020-06-05 01:13:25
117.50.126.15	attackspam	Jun 3 14:34:43 eventyay sshd[17788]: Failed password for root from 117.50.126.15 port 22271 ssh2 Jun 3 14:38:31 eventyay sshd[17849]: Failed password for root from 117.50.126.15 port 3062 ssh2 ...	2020-06-04 03:01:29
117.50.126.4	attack	Unauthorized connection attempt detected from IP address 117.50.126.4 to port 1433	2020-06-01 00:43:56
117.50.126.15	attackbots	May 10 08:12:10 ny01 sshd[7939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 May 10 08:12:12 ny01 sshd[7939]: Failed password for invalid user test from 117.50.126.15 port 36854 ssh2 May 10 08:15:57 ny01 sshd[8413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15	2020-05-10 20:20:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.12.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33224
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.12.10.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 20 06:40:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 10.12.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 10.12.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
94.102.51.28	attackspambots	ET DROP Dshield Block Listed Source group 1 - port: 50043 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 07:47:38
194.26.25.103	attack	ET DROP Dshield Block Listed Source group 1 - port: 38707 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 07:43:06
45.129.33.50	attack	ET DROP Dshield Block Listed Source group 1 - port: 2428 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 07:54:53
91.204.199.73	attackbots	Unauthorized connection attempt detected from IP address 91.204.199.73 to port 10734 [T]	2020-08-11 07:25:52
194.26.29.135	attack	SmallBizIT.US 7 packets to tcp(37562,37804,38223,38301,38487,38702,38905)	2020-08-11 07:22:14
92.63.196.27	attack	SmallBizIT.US 4 packets to tcp(91,4100,9903,14489)	2020-08-11 07:25:22
194.26.29.103	attackspam	ET DROP Dshield Block Listed Source group 1 - port: 38217 proto: tcp cat: Misc Attackbytes: 60	2020-08-11 07:42:38
85.234.145.20	attack	6970/tcp 27675/tcp 14506/tcp... [2020-06-22/08-10]143pkt,54pt.(tcp)	2020-08-11 07:27:23
185.176.27.242	attackbots	Triggered: repeated knocking on closed ports.	2020-08-11 07:23:53
85.209.0.251	attackspam	Aug 11 02:06:28 server2 sshd\[13395\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:28 server2 sshd\[13399\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13402\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13401\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13406\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers Aug 11 02:06:29 server2 sshd\[13405\]: User root from 85.209.0.251 not allowed because not listed in AllowUsers	2020-08-11 07:27:38
87.251.73.231	attackspam	Multiport scan : 13 ports scanned 20 200 606 909 2211 3393 3395 4000 6060 7000 10000 15000 19000	2020-08-11 07:27:08
212.129.29.229	attackbotsspam	5060/udp 5060/udp 5060/udp... [2020-07-11/08-10]6pkt,1pt.(udp)	2020-08-11 07:21:25
89.248.168.217	attackbotsspam	16000/udp 14147/udp 9160/udp... [2020-06-10/08-10]1699pkt,42pt.(udp)	2020-08-11 07:26:26
54.39.133.91	attackspam	26207/tcp 26869/tcp 516/tcp... [2020-06-22/08-10]149pkt,56pt.(tcp)	2020-08-11 07:52:09
89.248.174.166	attackbots	Unauthorized connection attempt detected from IP address 89.248.174.166 to port 22 [T]	2020-08-11 07:48:44

最近上报的IP列表

173.3.105.59	83.90.33.36	114.116.33.178	195.68.137.50
34.69.110.98	51.174.140.10	179.158.60.95	134.209.232.53
188.80.254.163	37.49.224.171	69.9.205.137	179.82.76.188
51.15.6.79	66.249.64.138	185.137.234.24	58.82.192.104
122.5.62.42	105.226.67.182	103.120.224.10	91.134.138.193