117.50.12.10 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Dec 21 15:30:13 thevastnessof sshd[29426]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 ...	2019-12-22 00:37:14
attackbotsspam	Dec 16 23:12:48 lnxmail61 sshd[30730]: Failed password for root from 117.50.12.10 port 50118 ssh2 Dec 16 23:12:48 lnxmail61 sshd[30730]: Failed password for root from 117.50.12.10 port 50118 ssh2 Dec 16 23:20:01 lnxmail61 sshd[31638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-12-17 06:38:32
attackspambots	Dec 10 07:06:54 game-panel sshd[19565]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Dec 10 07:06:56 game-panel sshd[19565]: Failed password for invalid user test from 117.50.12.10 port 54640 ssh2 Dec 10 07:13:51 game-panel sshd[19949]: Failed password for root from 117.50.12.10 port 54572 ssh2	2019-12-10 15:13:53
attackspam	2019-11-19T22:02:53.919036homeassistant sshd[3855]: Invalid user mysql from 117.50.12.10 port 50404 2019-11-19T22:02:53.925919homeassistant sshd[3855]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 ...	2019-11-20 08:47:50
attackbots	Nov 6 10:04:31 marvibiene sshd[48998]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Nov 6 10:04:33 marvibiene sshd[48998]: Failed password for root from 117.50.12.10 port 33648 ssh2 Nov 6 10:09:31 marvibiene sshd[49093]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Nov 6 10:09:33 marvibiene sshd[49093]: Failed password for root from 117.50.12.10 port 42018 ssh2 ...	2019-11-06 20:54:11
attackbotsspam	Oct 29 18:10:15 sachi sshd\[23704\]: Invalid user hichina from 117.50.12.10 Oct 29 18:10:15 sachi sshd\[23704\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 29 18:10:17 sachi sshd\[23704\]: Failed password for invalid user hichina from 117.50.12.10 port 36986 ssh2 Oct 29 18:14:59 sachi sshd\[24073\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Oct 29 18:15:01 sachi sshd\[24073\]: Failed password for root from 117.50.12.10 port 46290 ssh2	2019-10-30 12:20:19
attackspam	Oct 29 14:42:24 MainVPS sshd[31527]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 user=root Oct 29 14:42:27 MainVPS sshd[31527]: Failed password for root from 117.50.12.10 port 32964 ssh2 Oct 29 14:48:17 MainVPS sshd[31929]: Invalid user _lldpd from 117.50.12.10 port 42242 Oct 29 14:48:17 MainVPS sshd[31929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 29 14:48:17 MainVPS sshd[31929]: Invalid user _lldpd from 117.50.12.10 port 42242 Oct 29 14:48:19 MainVPS sshd[31929]: Failed password for invalid user _lldpd from 117.50.12.10 port 42242 ssh2 ...	2019-10-29 22:32:33
attack	Oct 28 10:09:45 tdfoods sshd\[7829\]: Invalid user P@\$\$w0rd from 117.50.12.10 Oct 28 10:09:45 tdfoods sshd\[7829\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 28 10:09:48 tdfoods sshd\[7829\]: Failed password for invalid user P@\$\$w0rd from 117.50.12.10 port 57496 ssh2 Oct 28 10:14:09 tdfoods sshd\[8223\]: Invalid user pass from 117.50.12.10 Oct 28 10:14:09 tdfoods sshd\[8223\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-10-29 04:26:56
attackspam	Oct 20 07:56:14 nextcloud sshd\[25610\]: Invalid user system from 117.50.12.10 Oct 20 07:56:14 nextcloud sshd\[25610\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 20 07:56:16 nextcloud sshd\[25610\]: Failed password for invalid user system from 117.50.12.10 port 34652 ssh2 ...	2019-10-20 14:20:10
attackspam	Port Scan detected from 117.50.12.10 (CN/China/-). 4 hits in the last 290 seconds	2019-10-08 05:29:43
attackbotsspam	Oct 2 11:25:26 php1 sshd\[12094\]: Invalid user t from 117.50.12.10 Oct 2 11:25:26 php1 sshd\[12094\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Oct 2 11:25:28 php1 sshd\[12094\]: Failed password for invalid user t from 117.50.12.10 port 37562 ssh2 Oct 2 11:29:41 php1 sshd\[12474\]: Invalid user beefy from 117.50.12.10 Oct 2 11:29:41 php1 sshd\[12474\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-10-03 05:48:35
attack	Sep 27 14:04:04 tdfoods sshd\[30218\]: Invalid user spamspam from 117.50.12.10 Sep 27 14:04:04 tdfoods sshd\[30218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 27 14:04:06 tdfoods sshd\[30218\]: Failed password for invalid user spamspam from 117.50.12.10 port 39442 ssh2 Sep 27 14:08:48 tdfoods sshd\[30640\]: Invalid user teamspeak from 117.50.12.10 Sep 27 14:08:48 tdfoods sshd\[30640\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-09-28 08:45:51
attackbotsspam	Sep 25 17:53:18 wbs sshd\[17706\]: Invalid user gen from 117.50.12.10 Sep 25 17:53:18 wbs sshd\[17706\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 25 17:53:19 wbs sshd\[17706\]: Failed password for invalid user gen from 117.50.12.10 port 55054 ssh2 Sep 25 17:58:32 wbs sshd\[18102\]: Invalid user tester from 117.50.12.10 Sep 25 17:58:32 wbs sshd\[18102\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10	2019-09-26 12:06:21
attackbots	Sep 25 14:21:54 gw1 sshd[14938]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Sep 25 14:21:56 gw1 sshd[14938]: Failed password for invalid user nancy from 117.50.12.10 port 40452 ssh2 ...	2019-09-25 17:31:10
attack	$f2bV_matches	2019-09-21 01:21:08
attackbots	Sep 16 05:44:02 core sshd[7503]: Invalid user Tehmas82 from 117.50.12.10 port 45790 Sep 16 05:44:04 core sshd[7503]: Failed password for invalid user Tehmas82 from 117.50.12.10 port 45790 ssh2 ...	2019-09-16 11:48:39
attackspambots	web-1 [ssh_2] SSH Attack	2019-08-24 17:13:03
attack	Aug 2 13:07:36 hosting sshd[11473]: Invalid user wanker from 117.50.12.10 port 42960 ...	2019-08-02 21:34:03
attack	Jun 25 20:15:38 server sshd\[188433\]: Invalid user steve from 117.50.12.10 Jun 25 20:15:38 server sshd\[188433\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.10 Jun 25 20:15:41 server sshd\[188433\]: Failed password for invalid user steve from 117.50.12.10 port 39220 ssh2 ...	2019-07-17 11:27:56
attackspam	2019-07-12T01:14:07.267960abusebot-4.cloudsearch.cf sshd\[30579\]: Invalid user foo from 117.50.12.10 port 59964	2019-07-12 09:26:50
attackbots	Tried sshing with brute force.	2019-06-26 19:47:48

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.12.104	attackspambots	2020-09-14 00:37:07.280073-0500 localhost sshd[41937]: Failed password for root from 117.50.12.104 port 44614 ssh2	2020-09-15 01:00:36
117.50.12.228	attackbots	2020-09-14 05:44:52,306 fail2ban.actions: WARNING [ssh] Ban 117.50.12.228	2020-09-14 23:24:46
117.50.12.104	attack	2020-09-14 00:37:07.280073-0500 localhost sshd[41937]: Failed password for root from 117.50.12.104 port 44614 ssh2	2020-09-14 16:43:30
117.50.12.228	attackbotsspam	2020-09-14 05:44:52,306 fail2ban.actions: WARNING [ssh] Ban 117.50.12.228	2020-09-14 15:13:14
117.50.12.228	attack	Sep 12 23:26:38 server sshd[19430]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.228 user=r.r Sep 12 23:26:39 server sshd[19430]: Failed password for r.r from 117.50.12.228 port 53674 ssh2 Sep 12 23:26:40 server sshd[19430]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:36:44 server sshd[19701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.228 user=r.r Sep 12 23:36:47 server sshd[19701]: Failed password for r.r from 117.50.12.228 port 51038 ssh2 Sep 12 23:36:47 server sshd[19701]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:47:52 server sshd[20142]: Failed password for invalid user netscape from 117.50.12.228 port 57976 ssh2 Sep 12 23:47:53 server sshd[20142]: Received disconnect from 117.50.12.228: 11: Bye Bye [preauth] Sep 12 23:53:24 server sshd[20286]: pam_unix(sshd:auth): authentication failure; logname= u........ -------------------------------	2020-09-14 07:08:23
117.50.12.149	attackbots	20 attempts against mh-ssh on maple	2020-07-07 06:40:20
117.50.12.149	attackbotsspam	Jul 4 06:22:06 vps46666688 sshd[31935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.12.149 Jul 4 06:22:08 vps46666688 sshd[31935]: Failed password for invalid user sysadm from 117.50.12.149 port 45920 ssh2 ...	2020-07-04 18:25:13
117.50.126.15	attackspambots	2020-06-13T15:33:04.557579+02:00 sshd[13115]: Failed password for root from 117.50.126.15 port 61362 ssh2	2020-06-13 22:14:26
117.50.126.4	attackbots	Jun 10 21:26:10 debian-2gb-nbg1-2 kernel: \[14075899.289422\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=117.50.126.4 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=48873 PROTO=TCP SPT=58478 DPT=1433 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-11 04:46:47
117.50.126.15	attackbots	Jun 8 22:38:38 server sshd[18582]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 Jun 8 22:38:40 server sshd[18582]: Failed password for invalid user meriel from 117.50.126.15 port 47175 ssh2 Jun 8 22:41:47 server sshd[19069]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 ...	2020-06-09 04:42:23
117.50.126.15	attack	Jun 8 05:54:54 ns3164893 sshd[27389]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root Jun 8 05:54:55 ns3164893 sshd[27389]: Failed password for root from 117.50.126.15 port 61127 ssh2 ...	2020-06-08 12:52:59
117.50.126.15	attack	2020-06-04T15:14:09.686287vps773228.ovh.net sshd[24523]: Failed password for root from 117.50.126.15 port 39651 ssh2 2020-06-04T15:18:34.562059vps773228.ovh.net sshd[24583]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root 2020-06-04T15:18:36.985633vps773228.ovh.net sshd[24583]: Failed password for root from 117.50.126.15 port 21944 ssh2 2020-06-04T15:23:07.861348vps773228.ovh.net sshd[24637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 user=root 2020-06-04T15:23:09.763017vps773228.ovh.net sshd[24637]: Failed password for root from 117.50.126.15 port 4243 ssh2 ...	2020-06-05 01:13:25
117.50.126.15	attackspam	Jun 3 14:34:43 eventyay sshd[17788]: Failed password for root from 117.50.126.15 port 22271 ssh2 Jun 3 14:38:31 eventyay sshd[17849]: Failed password for root from 117.50.126.15 port 3062 ssh2 ...	2020-06-04 03:01:29
117.50.126.4	attack	Unauthorized connection attempt detected from IP address 117.50.126.4 to port 1433	2020-06-01 00:43:56
117.50.126.15	attackbots	May 10 08:12:10 ny01 sshd[7939]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15 May 10 08:12:12 ny01 sshd[7939]: Failed password for invalid user test from 117.50.126.15 port 36854 ssh2 May 10 08:15:57 ny01 sshd[8413]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.126.15	2020-05-10 20:20:18

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.12.10
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 33224
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.12.10.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019061901 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Jun 20 06:40:21 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 10.12.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 10.12.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
188.130.7.221	attack	09.07.2020 05:54:25 - Wordpress fail Detected by ELinOX-ALM	2020-07-09 16:06:04
64.227.22.136	attackspam	TCP (SYN) 64.227.22.136:45878 -> port 23, len 44	2020-07-09 16:13:07
200.114.236.19	attack	Total attacks: 2	2020-07-09 16:00:55
98.143.148.45	attack	Jul 9 08:59:11 h2865660 sshd[1154]: Invalid user Veronika from 98.143.148.45 port 44294 Jul 9 08:59:11 h2865660 sshd[1154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=98.143.148.45 Jul 9 08:59:11 h2865660 sshd[1154]: Invalid user Veronika from 98.143.148.45 port 44294 Jul 9 08:59:13 h2865660 sshd[1154]: Failed password for invalid user Veronika from 98.143.148.45 port 44294 ssh2 Jul 9 09:13:56 h2865660 sshd[1824]: Invalid user ssingh from 98.143.148.45 port 38196 ...	2020-07-09 15:46:18
166.62.80.165	attackbotsspam	166.62.80.165 - - [09/Jul/2020:07:49:21 +0100] "POST /wp-login.php HTTP/1.1" 200 2433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.80.165 - - [09/Jul/2020:07:49:22 +0100] "POST /wp-login.php HTTP/1.1" 200 2413 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 166.62.80.165 - - [09/Jul/2020:07:49:24 +0100] "POST /wp-login.php HTTP/1.1" 200 2412 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-09 15:49:41
104.248.56.150	attack	Jul 9 09:44:23 rancher-0 sshd[207788]: Invalid user taoli from 104.248.56.150 port 59638 Jul 9 09:44:26 rancher-0 sshd[207788]: Failed password for invalid user taoli from 104.248.56.150 port 59638 ssh2 ...	2020-07-09 16:12:33
213.141.157.220	attack	Jul 9 09:07:12 hosting sshd[25528]: Invalid user adolph from 213.141.157.220 port 47882 ...	2020-07-09 15:44:57
202.51.70.250	attack	Attacks websites by trying to access known vulnerables of plugins, brute-force of backends or probing of administrative tools	2020-07-09 16:09:12
79.135.73.141	attack	Jul 9 07:33:02 ws26vmsma01 sshd[43396]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=79.135.73.141 Jul 9 07:33:03 ws26vmsma01 sshd[43396]: Failed password for invalid user sundra from 79.135.73.141 port 60381 ssh2 ...	2020-07-09 15:40:55
5.39.87.36	attackspambots	5.39.87.36 - - [09/Jul/2020:04:54:15 +0100] "POST /wp-login.php HTTP/1.1" 200 2040 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.39.87.36 - - [09/Jul/2020:04:54:16 +0100] "POST /wp-login.php HTTP/1.1" 200 2037 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 5.39.87.36 - - [09/Jul/2020:04:54:16 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-07-09 16:07:39
27.110.129.12	attackspambots	Automatic report - XMLRPC Attack	2020-07-09 15:38:48
91.223.112.229	attackspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-07-09 15:40:43
119.63.74.25	attack	Honeypot attack, port: 445, PTR: relay1.2s1n.com.	2020-07-09 16:07:11
111.229.121.142	attackbots	Jul 9 05:54:14 * sshd[4363]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.121.142 Jul 9 05:54:16 * sshd[4363]: Failed password for invalid user zeiler from 111.229.121.142 port 40916 ssh2	2020-07-09 16:08:52
185.83.115.36	attackspambots	$f2bV_matches	2020-07-09 15:51:32

最近上报的IP列表

173.3.105.59	83.90.33.36	114.116.33.178	195.68.137.50
34.69.110.98	51.174.140.10	179.158.60.95	134.209.232.53
188.80.254.163	37.49.224.171	69.9.205.137	179.82.76.188
51.15.6.79	66.249.64.138	185.137.234.24	58.82.192.104
122.5.62.42	105.226.67.182	103.120.224.10	91.134.138.193