117.50.13.29 - IPInfo

基本信息:

城市(city): unknown

省份(region): Shanghai

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): China Unicom Beijing Province Network

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Invalid user administrator from 117.50.13.29 port 53876	2020-07-18 23:18:25
attack	Unauthorized connection attempt detected from IP address 117.50.13.29 to port 22	2020-05-31 21:01:35
attackspambots	SSH Brute-Forcing (server2)	2020-05-30 14:14:29
attackbotsspam	2020-05-29T16:47:38.470761xentho-1 sshd[882783]: Invalid user nickollas from 117.50.13.29 port 46112 2020-05-29T16:47:40.555239xentho-1 sshd[882783]: Failed password for invalid user nickollas from 117.50.13.29 port 46112 ssh2 2020-05-29T16:49:07.672808xentho-1 sshd[882842]: Invalid user ftp_boot from 117.50.13.29 port 60404 2020-05-29T16:49:07.680253xentho-1 sshd[882842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 2020-05-29T16:49:07.672808xentho-1 sshd[882842]: Invalid user ftp_boot from 117.50.13.29 port 60404 2020-05-29T16:49:09.639112xentho-1 sshd[882842]: Failed password for invalid user ftp_boot from 117.50.13.29 port 60404 ssh2 2020-05-29T16:50:34.691586xentho-1 sshd[882867]: Invalid user Administrator from 117.50.13.29 port 46464 2020-05-29T16:50:34.697090xentho-1 sshd[882867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 2020-05-29T16:50:34.691586xentho-1 sshd[882 ...	2020-05-30 05:24:27
attackspam	May 24 21:14:09 pve1 sshd[32701]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 May 24 21:14:12 pve1 sshd[32701]: Failed password for invalid user server from 117.50.13.29 port 55948 ssh2 ...	2020-05-25 03:36:34
attackbotsspam	detected by Fail2Ban	2020-05-08 19:25:24
attack	Fail2Ban Ban Triggered (2)	2020-05-06 23:44:39
attack	Apr 8 14:38:45 markkoudstaal sshd[8977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 Apr 8 14:38:47 markkoudstaal sshd[8977]: Failed password for invalid user gabriel from 117.50.13.29 port 44732 ssh2 Apr 8 14:43:17 markkoudstaal sshd[9610]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29	2020-04-08 21:19:56
attack	SSH Brute-Forcing (server2)	2020-03-13 19:14:21
attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.13.29 to port 2220 [J]	2020-02-23 18:02:16
attackbots	Unauthorized connection attempt detected from IP address 117.50.13.29 to port 2220 [J]	2020-01-26 03:53:13
attack	Jan 23 23:44:28 vps691689 sshd[8513]: Failed password for root from 117.50.13.29 port 37000 ssh2 Jan 23 23:45:15 vps691689 sshd[8533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 ...	2020-01-24 06:51:12
attackbotsspam	Dec 21 20:07:03 server sshd\[6087\]: Invalid user user from 117.50.13.29 Dec 21 20:07:03 server sshd\[6087\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 Dec 21 20:07:05 server sshd\[6087\]: Failed password for invalid user user from 117.50.13.29 port 59346 ssh2 Dec 21 20:33:29 server sshd\[13063\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 user=root Dec 21 20:33:31 server sshd\[13063\]: Failed password for root from 117.50.13.29 port 55616 ssh2 ...	2019-12-22 03:19:23
attackbots	Dec 9 14:13:09 server sshd\[27443\]: Invalid user doramus from 117.50.13.29 Dec 9 14:13:09 server sshd\[27443\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 Dec 9 14:13:10 server sshd\[27443\]: Failed password for invalid user doramus from 117.50.13.29 port 48182 ssh2 Dec 10 07:58:51 server sshd\[8548\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 user=root Dec 10 07:58:52 server sshd\[8548\]: Failed password for root from 117.50.13.29 port 55554 ssh2 ...	2019-12-10 13:54:33
attackbotsspam	Dec 6 23:52:37 itv-usvr-01 sshd[5447]: Invalid user rijkmans from 117.50.13.29 Dec 6 23:52:37 itv-usvr-01 sshd[5447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 Dec 6 23:52:37 itv-usvr-01 sshd[5447]: Invalid user rijkmans from 117.50.13.29 Dec 6 23:52:39 itv-usvr-01 sshd[5447]: Failed password for invalid user rijkmans from 117.50.13.29 port 58102 ssh2 Dec 6 23:59:08 itv-usvr-01 sshd[5703]: Invalid user eatg from 117.50.13.29	2019-12-07 01:13:20
attackspambots	SSH Brute-Force reported by Fail2Ban	2019-12-01 17:34:57
attack	SSH Bruteforce	2019-11-22 20:31:04
attack	2019-11-17T18:10:48.801825abusebot-4.cloudsearch.cf sshd\[17251\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 user=root	2019-11-18 02:24:56
attack	Nov 11 23:19:25 areeb-Workstation sshd[18594]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 Nov 11 23:19:27 areeb-Workstation sshd[18594]: Failed password for invalid user bababunmi from 117.50.13.29 port 48452 ssh2 ...	2019-11-12 03:23:26
attackbots	Nov 5 06:18:41 localhost sshd\[19834\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 user=root Nov 5 06:18:44 localhost sshd\[19834\]: Failed password for root from 117.50.13.29 port 33454 ssh2 Nov 5 06:23:44 localhost sshd\[20377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 user=root	2019-11-05 13:41:34
attackspambots	SSH Brute-Force reported by Fail2Ban	2019-11-03 20:10:18
attackbotsspam	SSH Brute-Force reported by Fail2Ban	2019-11-01 06:14:40
attackbotsspam	Port Scan detected from 117.50.13.29 (CN/China/-). 4 hits in the last 225 seconds	2019-10-21 12:47:06
attackbots	2019-09-08 20:42:18,340 fail2ban.actions [814]: NOTICE [sshd] Ban 117.50.13.29 2019-09-08 23:46:12,061 fail2ban.actions [814]: NOTICE [sshd] Ban 117.50.13.29 2019-09-09 02:51:25,275 fail2ban.actions [814]: NOTICE [sshd] Ban 117.50.13.29 ...	2019-10-19 01:54:24
attackspam	Aug 24 05:46:13 cp sshd[23849]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29	2019-08-24 18:48:19
attackbots	Aug 2 17:14:17 xtremcommunity sshd\[20109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 user=root Aug 2 17:14:19 xtremcommunity sshd\[20109\]: Failed password for root from 117.50.13.29 port 38364 ssh2 Aug 2 17:21:46 xtremcommunity sshd\[20386\]: Invalid user admin from 117.50.13.29 port 32918 Aug 2 17:21:46 xtremcommunity sshd\[20386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 Aug 2 17:21:48 xtremcommunity sshd\[20386\]: Failed password for invalid user admin from 117.50.13.29 port 32918 ssh2 ...	2019-08-03 05:25:11
attackbotsspam	Jul 31 20:49:29 ArkNodeAT sshd\[5547\]: Invalid user monero from 117.50.13.29 Jul 31 20:49:29 ArkNodeAT sshd\[5547\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.29 Jul 31 20:49:31 ArkNodeAT sshd\[5547\]: Failed password for invalid user monero from 117.50.13.29 port 36052 ssh2	2019-08-01 03:56:18

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.13.54	attackbots	2020-09-14T02:28:13.751153ks3355764 sshd[25189]: Invalid user admin from 117.50.13.54 port 45496 2020-09-14T02:28:15.465900ks3355764 sshd[25189]: Failed password for invalid user admin from 117.50.13.54 port 45496 ssh2 ...	2020-09-15 03:07:18
117.50.13.167	attack	Sep 14 07:30:34 fhem-rasp sshd[7914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.167 user=root Sep 14 07:30:36 fhem-rasp sshd[7914]: Failed password for root from 117.50.13.167 port 52142 ssh2 ...	2020-09-14 21:50:26
117.50.13.54	attackspam	2020-09-14T02:28:13.751153ks3355764 sshd[25189]: Invalid user admin from 117.50.13.54 port 45496 2020-09-14T02:28:15.465900ks3355764 sshd[25189]: Failed password for invalid user admin from 117.50.13.54 port 45496 ssh2 ...	2020-09-14 18:59:52
117.50.13.167	attackspam	Sep 14 07:30:34 fhem-rasp sshd[7914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.167 user=root Sep 14 07:30:36 fhem-rasp sshd[7914]: Failed password for root from 117.50.13.167 port 52142 ssh2 ...	2020-09-14 13:44:10
117.50.13.167	attackbotsspam	ssh brute force	2020-09-14 05:41:29
117.50.13.13	attack	2020-09-13 09:28:44.341256-0500 localhost sshd[69370]: Failed password for root from 117.50.13.13 port 55836 ssh2	2020-09-13 22:34:34
117.50.13.13	attack	Sep 13 07:51:10 MainVPS sshd[21638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.13 user=root Sep 13 07:51:12 MainVPS sshd[21638]: Failed password for root from 117.50.13.13 port 56794 ssh2 Sep 13 07:56:39 MainVPS sshd[23591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.13 user=root Sep 13 07:56:41 MainVPS sshd[23591]: Failed password for root from 117.50.13.13 port 48626 ssh2 Sep 13 07:58:45 MainVPS sshd[24355]: Invalid user 1922 from 117.50.13.13 port 39166 ...	2020-09-13 14:30:25
117.50.13.13	attackbotsspam	Sep 13 02:17:40 lunarastro sshd[11646]: Failed password for root from 117.50.13.13 port 39300 ssh2	2020-09-13 06:14:02
117.50.137.36	attack	Port Scan/VNC login attempt ...	2020-09-06 04:00:37
117.50.137.36	attack	Port Scan/VNC login attempt ...	2020-09-05 19:43:34
117.50.137.10	attack	RDPBruteMak	2020-08-12 06:35:25
117.50.13.170	attack	Jul 8 02:17:09 server sshd[27232]: Failed password for invalid user yoshizu from 117.50.13.170 port 57058 ssh2 Jul 8 02:21:33 server sshd[30853]: Failed password for invalid user xsbk from 117.50.13.170 port 47602 ssh2 Jul 8 02:25:40 server sshd[34046]: Failed password for invalid user demo from 117.50.13.170 port 38146 ssh2	2020-07-08 08:41:24
117.50.132.62	attackbotsspam	TCP Port: 25 invalid blocked Listed on dnsbl-sorbs also barracuda and spam-sorbs (6)	2020-07-04 07:30:32
117.50.13.170	attack	SSH login attempts.	2020-06-15 02:18:09
117.50.13.170	attackspam	$f2bV_matches	2020-06-11 17:35:15

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.13.29
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45131
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.13.29.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019073101 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Thu Aug 01 03:56:12 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 29.13.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 29.13.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
106.13.27.156	attackspambots	prod6 ...	2020-06-09 14:26:19
107.150.125.223	attack	spam (f2b h2)	2020-06-09 14:24:39
111.241.185.67	attackspambots	Port probing on unauthorized port 23	2020-06-09 14:04:46
51.83.44.53	attackbots	prod6 ...	2020-06-09 14:26:36
213.230.103.86	attackspambots	2020-06-08 22:55:01.390968-0500 localhost screensharingd[41017]: Authentication: FAILED :: User Name: N/A :: Viewer Address: 213.230.103.86 :: Type: VNC DES	2020-06-09 14:11:24
118.89.108.152	attackspambots	Jun 9 07:56:20 ift sshd\[35175\]: Invalid user wangxt from 118.89.108.152Jun 9 07:56:22 ift sshd\[35175\]: Failed password for invalid user wangxt from 118.89.108.152 port 34230 ssh2Jun 9 07:57:16 ift sshd\[35213\]: Invalid user deployer from 118.89.108.152Jun 9 07:57:18 ift sshd\[35213\]: Failed password for invalid user deployer from 118.89.108.152 port 45848 ssh2Jun 9 07:58:20 ift sshd\[35246\]: Failed password for root from 118.89.108.152 port 57472 ssh2 ...	2020-06-09 14:01:43
180.69.27.26	attackbotsspam	Failed password for invalid user cpw from 180.69.27.26 port 55988 ssh2	2020-06-09 13:59:44
54.38.181.106	attack	Jun 9 07:46:23 mail postfix/postscreen[12715]: DNSBL rank 4 for [54.38.181.106]:52493 ...	2020-06-09 13:55:47
91.121.76.43	attack	91.121.76.43 - - [09/Jun/2020:07:56:02 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.76.43 - - [09/Jun/2020:07:56:04 +0200] "POST /wp-login.php HTTP/1.1" 200 6684 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 91.121.76.43 - - [09/Jun/2020:07:56:05 +0200] "GET /wp-login.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-06-09 14:15:11
121.241.244.92	attack	Jun 9 06:15:06 game-panel sshd[546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92 Jun 9 06:15:08 game-panel sshd[546]: Failed password for invalid user 123456 from 121.241.244.92 port 49306 ssh2 Jun 9 06:19:08 game-panel sshd[744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.241.244.92	2020-06-09 14:25:42
190.26.222.66	attack	Unauthorised access (Jun 9) SRC=190.26.222.66 LEN=52 TTL=115 ID=24345 DF TCP DPT=445 WINDOW=8192 SYN	2020-06-09 14:05:33
218.103.196.104	attack	Automatic report - Port Scan Attack	2020-06-09 14:02:36
89.252.232.82	attack	Jun 9 08:38:53 debian kernel: [583690.224727] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=89.252.232.82 DST=89.252.131.35 LEN=44 TOS=0x00 PREC=0x00 TTL=238 ID=56954 DF PROTO=TCP SPT=19168 DPT=8291 WINDOW=14600 RES=0x00 SYN URGP=0	2020-06-09 13:49:32
222.186.30.57	attack	Jun 9 11:28:33 gw1 sshd[10099]: Failed password for root from 222.186.30.57 port 30062 ssh2 Jun 9 11:28:35 gw1 sshd[10099]: Failed password for root from 222.186.30.57 port 30062 ssh2 ...	2020-06-09 14:29:16
193.27.228.135	attack	Jun 9 03:53:28 TCP Attack: SRC=193.27.228.135 DST=[Masked] LEN=40 TOS=0x08 PREC=0x20 TTL=241 PROTO=TCP SPT=52923 DPT=15131 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-09 14:07:21

最近上报的IP列表

137.13.143.198	180.126.229.15	41.50.177.170	117.95.14.218
42.112.90.50	222.96.209.196	193.170.134.147	41.13.44.21
66.249.65.140	70.74.150.110	109.126.204.77	84.228.148.99
106.75.8.129	73.89.64.131	92.156.127.126	81.221.13.105
189.37.174.249	169.226.153.159	97.200.222.160	190.38.198.23