117.50.12.10 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 21 15:30:13 thevastnessof sshd[29426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 ...	2019-12-22 00:37:14
attackbotsspam	Dec 16 23:12:48 lnxmail61 sshd[30730]: Failed password for root from 117.50.12.10 port 50118 ssh2 Dec 16 23:12:48 lnxmail61 sshd[30730]: Failed password for root from 117.50.12.10 port 50118 ssh2 Dec 16 23:20:01 lnxmail61 sshd[31638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-12-17 06:38:32
attackspambots	Dec 10 07:06:54 game-panel sshd[19565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Dec 10 07:06:56 game-panel sshd[19565]: Failed password for invalid user test from 117.50.12.10 port 54640 ssh2 Dec 10 07:13:51 game-panel sshd[19949]: Failed password for root from 117.50.12.10 port 54572 ssh2	2019-12-10 15:13:53
attackspam	2019-11-19T22:02:53.919036homeassistant sshd[3855]: Invalid user mysql from 117.50.12.10 port 50404 2019-11-19T22:02:53.925919homeassistant sshd[3855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 ...	2019-11-20 08:47:50
attackbots	Nov 6 10:04:31 marvibiene sshd[48998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Nov 6 10:04:33 marvibiene sshd[48998]: Failed password for root from 117.50.12.10 port 33648 ssh2 Nov 6 10:09:31 marvibiene sshd[49093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Nov 6 10:09:33 marvibiene sshd[49093]: Failed password for root from 117.50.12.10 port 42018 ssh2 ...	2019-11-06 20:54:11
attackbotsspam	Oct 29 18:10:15 sachi sshd\[23704\]: Invalid user hichina from 117.50.12.10 Oct 29 18:10:15 sachi sshd\[23704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 29 18:10:17 sachi sshd\[23704\]: Failed password for invalid user hichina from 117.50.12.10 port 36986 ssh2 Oct 29 18:14:59 sachi sshd\[24073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Oct 29 18:15:01 sachi sshd\[24073\]: Failed password for root from 117.50.12.10 port 46290 ssh2	2019-10-30 12:20:19
attackspam	Oct 29 14:42:24 MainVPS sshd[31527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Oct 29 14:42:27 MainVPS sshd[31527]: Failed password for root from 117.50.12.10 port 32964 ssh2 Oct 29 14:48:17 MainVPS sshd[31929]: Invalid user _lldpd from 117.50.12.10 port 42242 Oct 29 14:48:17 MainVPS sshd[31929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 29 14:48:17 MainVPS sshd[31929]: Invalid user _lldpd from 117.50.12.10 port 42242 Oct 29 14:48:19 MainVPS sshd[31929]: Failed password for invalid user _lldpd from 117.50.12.10 port 42242 ssh2 ...	2019-10-29 22:32:33
attack	Oct 28 10:09:45 tdfoods sshd\[7829\]: Invalid user P@\$\$w0rd from 117.50.12.10 Oct 28 10:09:45 tdfoods sshd\[7829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 28 10:09:48 tdfoods sshd\[7829\]: Failed password for invalid user P@\$\$w0rd from 117.50.12.10 port 57496 ssh2 Oct 28 10:14:09 tdfoods sshd\[8223\]: Invalid user pass from 117.50.12.10 Oct 28 10:14:09 tdfoods sshd\[8223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-10-29 04:26:56
attackspam	Oct 20 07:56:14 nextcloud sshd\[25610\]: Invalid user system from 117.50.12.10 Oct 20 07:56:14 nextcloud sshd\[25610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 20 07:56:16 nextcloud sshd\[25610\]: Failed password for invalid user system from 117.50.12.10 port 34652 ssh2 ...	2019-10-20 14:20:10
attackspam	Port Scan detected from 117.50.12.10 (CN/China/-). 4 hits in the last 290 seconds	2019-10-08 05:29:43
attackbotsspam	Oct 2 11:25:26 php1 sshd\[12094\]: Invalid user t from 117.50.12.10 Oct 2 11:25:26 php1 sshd\[12094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 2 11:25:28 php1 sshd\[12094\]: Failed password for invalid user t from 117.50.12.10 port 37562 ssh2 Oct 2 11:29:41 php1 sshd\[12474\]: Invalid user beefy from 117.50.12.10 Oct 2 11:29:41 php1 sshd\[12474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-10-03 05:48:35
attack	Sep 27 14:04:04 tdfoods sshd\[30218\]: Invalid user spamspam from 117.50.12.10 Sep 27 14:04:04 tdfoods sshd\[30218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 27 14:04:06 tdfoods sshd\[30218\]: Failed password for invalid user spamspam from 117.50.12.10 port 39442 ssh2 Sep 27 14:08:48 tdfoods sshd\[30640\]: Invalid user teamspeak from 117.50.12.10 Sep 27 14:08:48 tdfoods sshd\[30640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-09-28 08:45:51
attackbotsspam	Sep 25 17:53:18 wbs sshd\[17706\]: Invalid user gen from 117.50.12.10 Sep 25 17:53:18 wbs sshd\[17706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 25 17:53:19 wbs sshd\[17706\]: Failed password for invalid user gen from 117.50.12.10 port 55054 ssh2 Sep 25 17:58:32 wbs sshd\[18102\]: Invalid user tester from 117.50.12.10 Sep 25 17:58:32 wbs sshd\[18102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-09-26 12:06:21
attackbots	Sep 25 14:21:54 gw1 sshd[14938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 25 14:21:56 gw1 sshd[14938]: Failed password for invalid user nancy from 117.50.12.10 port 40452 ssh2 ...	2019-09-25 17:31:10
attack	$f2bV_matches	2019-09-21 01:21:08
attackbots	Sep 16 05:44:02 core sshd[7503]: Invalid user Tehmas82 from 117.50.12.10 port 45790 Sep 16 05:44:04 core sshd[7503]: Failed password for invalid user Tehmas82 from 117.50.12.10 port 45790 ssh2 ...	2019-09-16 11:48:39
attackspambots	web-1 [ssh_2] SSH Attack	2019-08-24 17:13:03
attack	Aug 2 13:07:36 hosting sshd[11473]: Invalid user wanker from 117.50.12.10 port 42960 ...	2019-08-02 21:34:03
attack	Jun 25 20:15:38 server sshd\[188433\]: Invalid user steve from 117.50.12.10 Jun 25 20:15:38 server sshd\[188433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Jun 25 20:15:41 server sshd\[188433\]: Failed password for invalid user steve from 117.50.12.10 port 39220 ssh2 ...	2019-07-17 11:27:56
attackspam	2019-07-12T01:14:07.267960abusebot-4.cloudsearch.cf sshd\[30579\]: Invalid user foo from 117.50.12.10 port 59964	2019-07-12 09:26:50
attackbots	Tried sshing with brute force.	2019-06-26 19:47:48

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.12.104	attackspambots	2020-09-14 00:37:07.280073-0500 localhost sshd[41937]: Failed password for root from 117.50.12.104 port 44614 ssh2	2020-09-15 01:00:36
117.50.12.228	attackbots	2020-09-14 05:44:52,306 fail2ban.actions: WARNING [ssh] Ban 117.50.12.228	2020-09-14 23:24:46
117.50.12.104	attack	2020-09-14 00:37:07.280073-0500 localhost sshd[41937]: Failed password for root from 117.50.12.104 port 44614 ssh2	2020-09-14 16:43:30
117.50.12.228	attackbotsspam	2020-09-14 05:44:52,306 fail2ban.actions: WARNING [ssh] Ban 117.50.12.228	2020-09-14 15:13:14
117.50.12.228	attack	Sep 12 23:26:38 server sshd[19430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.228 user=r.r Sep 12 23:26:39 server sshd[19430]: Failed password for r.r from 117.50.12.228 port 53674 ssh2 Sep 12 23:26:40 server sshd[19430]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:36:44 server sshd[19701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.228 user=r.r Sep 12 23:36:47 server sshd[19701]: Failed password for r.r from 117.50.12.228 port 51038 ssh2 Sep 12 23:36:47 server sshd[19701]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:47:52 server sshd[20142]: Failed password for invalid user netscape from 117.50.12.228 port 57976 ssh2 Sep 12 23:47:53 server sshd[20142]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:53:24 server sshd[20286]: pam_unix(sshd:auth): authentication failure; logname= u........ -------------------------------	2020-09-14 07:08:23
117.50.12.149	attackbots	20 attempts against mh-ssh on maple	2020-07-07 06:40:20
117.50.12.149	attackbotsspam	Jul 4 06:22:06 vps46666688 sshd[31935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.149 Jul 4 06:22:08 vps46666688 sshd[31935]: Failed password for invalid user sysadm from 117.50.12.149 port 45920 ssh2 ...	2020-07-04 18:25:13
117.50.126.15	attackspambots	2020-06-13T15:33:04.557579+02:00 sshd[13115]: Failed password for root from 117.50.126.15 port 61362 ssh2	2020-06-13 22:14:26
117.50.126.4	attackbots	Jun 10 21:26:10 debian-2gb-nbg1-2 kernel: \[14075899.289422\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=117.50.126.4 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=48873 PROTO=TCP SPT=58478 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-11 04:46:47
117.50.126.15	attackbots	Jun 8 22:38:38 server sshd[18582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 Jun 8 22:38:40 server sshd[18582]: Failed password for invalid user meriel from 117.50.126.15 port 47175 ssh2 Jun 8 22:41:47 server sshd[19069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 ...	2020-06-09 04:42:23
117.50.126.15	attack	Jun 8 05:54:54 ns3164893 sshd[27389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root Jun 8 05:54:55 ns3164893 sshd[27389]: Failed password for root from 117.50.126.15 port 61127 ssh2 ...	2020-06-08 12:52:59
117.50.126.15	attack	2020-06-04T15:14:09.686287vps773228.ovh.net sshd[24523]: Failed password for root from 117.50.126.15 port 39651 ssh2 2020-06-04T15:18:34.562059vps773228.ovh.net sshd[24583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root 2020-06-04T15:18:36.985633vps773228.ovh.net sshd[24583]: Failed password for root from 117.50.126.15 port 21944 ssh2 2020-06-04T15:23:07.861348vps773228.ovh.net sshd[24637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root 2020-06-04T15:23:09.763017vps773228.ovh.net sshd[24637]: Failed password for root from 117.50.126.15 port 4243 ssh2 ...	2020-06-05 01:13:25
117.50.126.15	attackspam	Jun 3 14:34:43 eventyay sshd[17788]: Failed password for root from 117.50.126.15 port 22271 ssh2 Jun 3 14:38:31 eventyay sshd[17849]: Failed password for root from 117.50.126.15 port 3062 ssh2 ...	2020-06-04 03:01:29
117.50.126.4	attack	Unauthorized connection attempt detected from IP address 117.50.126.4 to port 1433	2020-06-01 00:43:56
117.50.126.15	attackbots	May 10 08:12:10 ny01 sshd[7939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 May 10 08:12:12 ny01 sshd[7939]: Failed password for invalid user test from 117.50.126.15 port 36854 ssh2 May 10 08:15:57 ny01 sshd[8413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15	2020-05-10 20:20:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.12.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33224
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.12.10.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 20 06:40:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 10.12.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 10.12.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
106.12.141.206	attack	$f2bV_matches	2020-09-18 05:46:50
103.145.13.20	attack	SIP Server BruteForce Attack	2020-09-18 06:11:59
149.56.44.101	attack	Sep 17 21:07:52 buvik sshd[20354]: Failed password for invalid user i from 149.56.44.101 port 46290 ssh2 Sep 17 21:11:38 buvik sshd[21057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.44.101 user=root Sep 17 21:11:40 buvik sshd[21057]: Failed password for root from 149.56.44.101 port 58622 ssh2 ...	2020-09-18 05:59:36
67.207.89.15	attackbots	Sep 17 23:29:50 pve1 sshd[16513]: Failed password for root from 67.207.89.15 port 36658 ssh2 ...	2020-09-18 05:47:12
77.49.154.215	attack	B: Abusive ssh attack	2020-09-18 05:54:38
167.71.52.241	attackbotsspam	2020-09-17T23:47:35.734630ns386461 sshd\[387\]: Invalid user admin from 167.71.52.241 port 51140 2020-09-17T23:47:35.737466ns386461 sshd\[387\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.52.241 2020-09-17T23:47:37.170627ns386461 sshd\[387\]: Failed password for invalid user admin from 167.71.52.241 port 51140 ssh2 2020-09-17T23:55:47.086362ns386461 sshd\[7856\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.52.241 user=root 2020-09-17T23:55:48.730452ns386461 sshd\[7856\]: Failed password for root from 167.71.52.241 port 42896 ssh2 ...	2020-09-18 06:13:13
106.12.88.246	attackspam	Sep 17 21:11:49 server sshd[27965]: Failed password for root from 106.12.88.246 port 53146 ssh2 Sep 17 21:14:45 server sshd[29415]: Failed password for invalid user sair from 106.12.88.246 port 39744 ssh2 Sep 17 21:17:31 server sshd[30662]: Failed password for root from 106.12.88.246 port 54574 ssh2	2020-09-18 06:10:03
159.65.131.92	attack	Bruteforce detected by fail2ban	2020-09-18 06:09:33
187.32.48.59	attackbots	20/9/17@12:59:48: FAIL: Alarm-Intrusion address from=187.32.48.59 ...	2020-09-18 05:57:39
104.248.61.192	attackbots	Sep 17 14:46:02 NPSTNNYC01T sshd[11706]: Failed password for root from 104.248.61.192 port 32964 ssh2 Sep 17 14:48:29 NPSTNNYC01T sshd[11922]: Failed password for root from 104.248.61.192 port 47728 ssh2 ...	2020-09-18 06:13:49
60.243.120.197	attackspam	brute force attack ssh	2020-09-18 06:06:56
141.98.81.45	attackbotsspam	1600364661 - 09/18/2020 00:44:21 Host: 141.98.81.45/141.98.81.45 Port: 8080 TCP Blocked ...	2020-09-18 06:01:52
142.93.100.171	attackspam	Sep 17 23:36:56 OPSO sshd\[4732\]: Invalid user students from 142.93.100.171 port 43810 Sep 17 23:36:56 OPSO sshd\[4732\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.100.171 Sep 17 23:36:58 OPSO sshd\[4732\]: Failed password for invalid user students from 142.93.100.171 port 43810 ssh2 Sep 17 23:40:11 OPSO sshd\[5321\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.100.171 user=root Sep 17 23:40:14 OPSO sshd\[5321\]: Failed password for root from 142.93.100.171 port 50840 ssh2	2020-09-18 05:50:56
60.250.23.233	attackspambots	2020-09-18T03:58:50.691980hostname sshd[33695]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60-250-23-233.hinet-ip.hinet.net user=root 2020-09-18T03:58:52.595438hostname sshd[33695]: Failed password for root from 60.250.23.233 port 53607 ssh2 ...	2020-09-18 06:19:13
201.72.190.98	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-17T19:42:42Z	2020-09-18 06:01:22

最近上报的IP列表

173.3.105.59	83.90.33.36	114.116.33.178	195.68.137.50
34.69.110.98	51.174.140.10	179.158.60.95	134.209.232.53
188.80.254.163	37.49.224.171	69.9.205.137	179.82.76.188
51.15.6.79	66.249.64.138	185.137.234.24	58.82.192.104
122.5.62.42	105.226.67.182	103.120.224.10	91.134.138.193