117.50.21.68 - IPInfo

基本信息:

城市(city): unknown

省份(region): Shanghai

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt detected from IP address 117.50.21.68 to port 22 [T]	2020-01-07 02:12:17
attackspam	Failed password for admin from 117.50.21.68 port 57608 ssh2	2019-11-09 03:50:40

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.21.168	attackspambots	scans once in preceeding hours on the ports (in chronological order) 32733 resulting in total of 1 scans from 117.50.0.0/16 block.	2020-06-07 02:49:24
117.50.21.253	attack	Jun 2 16:16:21 [host] sshd[32404]: pam_unix(sshd: Jun 2 16:16:23 [host] sshd[32404]: Failed passwor Jun 2 16:18:36 [host] sshd[32473]: pam_unix(sshd:	2020-06-03 00:03:39
117.50.21.168	attack	May 16 04:29:23 melroy-server sshd[26717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.21.168 May 16 04:29:25 melroy-server sshd[26717]: Failed password for invalid user deploy from 117.50.21.168 port 57692 ssh2 ...	2020-05-16 23:55:48
117.50.21.168	attack	May 11 15:10:06 home sshd[13385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.21.168 May 11 15:10:08 home sshd[13385]: Failed password for invalid user ep from 117.50.21.168 port 36036 ssh2 May 11 15:15:19 home sshd[14219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.21.168 ...	2020-05-11 21:30:34
117.50.21.168	attack	May 2 15:27:34 host sshd[19853]: Invalid user admin6 from 117.50.21.168 port 38342 ...	2020-05-02 23:29:23
117.50.21.168	attackbots	Apr 28 18:28:35 xeon sshd[56863]: Failed password for invalid user hal from 117.50.21.168 port 39790 ssh2	2020-04-29 01:31:31
117.50.21.168	attackbots	2020-04-25T14:04:56.128059linuxbox-skyline sshd[68394]: Invalid user ts from 117.50.21.168 port 41094 ...	2020-04-26 04:21:12
117.50.21.150	attackbots	Nov 9 07:19:57 lnxded63 sshd[22570]: Failed password for root from 117.50.21.150 port 36106 ssh2 Nov 9 07:19:58 lnxded63 sshd[22570]: error: Received disconnect from 117.50.21.150 port 36106:3: [munged]:ception: Auth fail [preauth]	2019-11-09 21:21:44
117.50.21.150	attack	SSH Brute-Force reported by Fail2Ban	2019-09-29 20:30:37
117.50.21.156	attackspam	Repeated brute force against a port	2019-08-18 10:38:10

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.21.68
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10594
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.21.68.			IN	A

;; AUTHORITY SECTION:
.			375	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019110801 1800 900 604800 86400

;; Query time: 124 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 09 03:50:37 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 68.21.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 68.21.50.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
77.233.4.133	attack	Invalid user lturpin from 77.233.4.133 port 40750	2019-10-17 06:40:59
222.186.175.167	attackbots	Brute force attempt	2019-10-17 06:21:56
45.114.244.56	attackspambots	Oct 17 00:33:29 jane sshd[9388]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.114.244.56 Oct 17 00:33:31 jane sshd[9388]: Failed password for invalid user user from 45.114.244.56 port 52521 ssh2 ...	2019-10-17 06:43:44
171.67.70.207	attackspambots	SSH Scan	2019-10-17 06:55:06
189.228.159.199	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/189.228.159.199/ MX - 1H : (66) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : MX NAME ASN : ASN8151 IP : 189.228.159.199 CIDR : 189.228.152.0/21 PREFIX COUNT : 6397 UNIQUE IP COUNT : 13800704 WYKRYTE ATAKI Z ASN8151 : 1H - 3 3H - 6 6H - 9 12H - 19 24H - 53 DateTime : 2019-10-16 21:23:58 INFO : Server 403 - Looking for resource vulnerabilities Detected and Blocked by ADMIN - data recovery	2019-10-17 06:58:52
125.74.47.230	attackbotsspam	Oct 16 18:47:10 plusreed sshd[20897]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.74.47.230 user=root Oct 16 18:47:12 plusreed sshd[20897]: Failed password for root from 125.74.47.230 port 48630 ssh2 ...	2019-10-17 06:49:42
41.41.100.38	attackbotsspam	Automatic report - Port Scan Attack	2019-10-17 06:47:35
51.75.133.167	attackbots	Oct 16 22:25:45 www_kotimaassa_fi sshd[6453]: Failed password for root from 51.75.133.167 port 48004 ssh2 Oct 16 22:29:22 www_kotimaassa_fi sshd[6486]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.133.167 ...	2019-10-17 06:36:36
130.204.253.193	attackspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/130.204.253.193/ BG - 1H : (14) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : BG NAME ASN : ASN13124 IP : 130.204.253.193 CIDR : 130.204.240.0/20 PREFIX COUNT : 324 UNIQUE IP COUNT : 400640 WYKRYTE ATAKI Z ASN13124 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-16 21:23:57 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-17 07:00:50
139.199.13.142	attack	Oct 16 23:26:45 v22018076622670303 sshd\[2496\]: Invalid user website from 139.199.13.142 port 39426 Oct 16 23:26:45 v22018076622670303 sshd\[2496\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.13.142 Oct 16 23:26:46 v22018076622670303 sshd\[2496\]: Failed password for invalid user website from 139.199.13.142 port 39426 ssh2 ...	2019-10-17 06:49:24
14.63.169.33	attackspam	Oct 17 00:44:24 vps691689 sshd[6343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.169.33 Oct 17 00:44:26 vps691689 sshd[6343]: Failed password for invalid user deployer from 14.63.169.33 port 47067 ssh2 ...	2019-10-17 06:54:49
202.29.20.252	attack	Oct 16 11:49:32 web9 sshd\[28066\]: Invalid user hanuman from 202.29.20.252 Oct 16 11:49:32 web9 sshd\[28066\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.20.252 Oct 16 11:49:34 web9 sshd\[28066\]: Failed password for invalid user hanuman from 202.29.20.252 port 18899 ssh2 Oct 16 11:54:04 web9 sshd\[28697\]: Invalid user z584897593 from 202.29.20.252 Oct 16 11:54:04 web9 sshd\[28697\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.20.252	2019-10-17 06:30:38
148.70.41.33	attackspambots	Oct 16 22:57:09 meumeu sshd[26785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.41.33 Oct 16 22:57:11 meumeu sshd[26785]: Failed password for invalid user vvv753 from 148.70.41.33 port 58372 ssh2 Oct 16 23:01:47 meumeu sshd[27420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.41.33 ...	2019-10-17 06:57:30
194.102.35.245	attackbots	Oct 16 10:39:33 wbs sshd\[24233\]: Invalid user realtek from 194.102.35.245 Oct 16 10:39:33 wbs sshd\[24233\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.102.35.245 Oct 16 10:39:35 wbs sshd\[24233\]: Failed password for invalid user realtek from 194.102.35.245 port 44526 ssh2 Oct 16 10:43:33 wbs sshd\[24531\]: Invalid user max123 from 194.102.35.245 Oct 16 10:43:33 wbs sshd\[24531\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.102.35.245	2019-10-17 06:27:33
170.246.152.106	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/170.246.152.106/ NI - 1H : (1) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : NI NAME ASN : ASN18840 IP : 170.246.152.106 CIDR : 170.246.152.0/22 PREFIX COUNT : 56 UNIQUE IP COUNT : 18688 WYKRYTE ATAKI Z ASN18840 : 1H - 1 3H - 1 6H - 1 12H - 1 24H - 1 DateTime : 2019-10-16 21:23:56 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery	2019-10-17 07:02:30

最近上报的IP列表

202.108.140.114	123.110.117.246	45.146.203.200	51.83.41.48
87.70.6.119	85.115.60.201	61.5.57.147	94.176.154.125
94.51.77.209	190.187.111.87	176.32.30.223	91.195.254.205
103.46.201.168	220.141.68.96	195.192.229.19	13.230.230.46
115.214.252.25	37.59.104.187	45.82.153.55	80.73.88.9