117.50.4.55 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH/22 MH Probe, BF, Hack -	2020-09-14 20:54:48
attack	Sep 14 00:43:14 eventyay sshd[29016]: Failed password for root from 117.50.4.55 port 45928 ssh2 Sep 14 00:48:50 eventyay sshd[29181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.4.55 Sep 14 00:48:52 eventyay sshd[29181]: Failed password for invalid user afirouz from 117.50.4.55 port 53710 ssh2 ...	2020-09-14 12:47:04
attackbots	Sep 13 12:58:38 Tower sshd[11341]: Connection from 117.50.4.55 port 54450 on 192.168.10.220 port 22 rdomain "" Sep 13 12:58:44 Tower sshd[11341]: Failed password for root from 117.50.4.55 port 54450 ssh2 Sep 13 12:58:44 Tower sshd[11341]: Received disconnect from 117.50.4.55 port 54450:11: Bye Bye [preauth] Sep 13 12:58:44 Tower sshd[11341]: Disconnected from authenticating user root 117.50.4.55 port 54450 [preauth]	2020-09-14 04:49:08

类型

评论内容

时间

attack

SSH/22 MH Probe, BF, Hack -

2020-09-14 20:54:48

attack

Sep 14 00:43:14 eventyay sshd[29016]: Failed password for root from 117.50.4.55 port 45928 ssh2
Sep 14 00:48:50 eventyay sshd[29181]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.4.55
Sep 14 00:48:52 eventyay sshd[29181]: Failed password for invalid user afirouz from 117.50.4.55 port 53710 ssh2
...

2020-09-14 12:47:04

attackbots

Sep 13 12:58:38 Tower sshd[11341]: Connection from 117.50.4.55 port 54450 on 192.168.10.220 port 22 rdomain ""
Sep 13 12:58:44 Tower sshd[11341]: Failed password for root from 117.50.4.55 port 54450 ssh2
Sep 13 12:58:44 Tower sshd[11341]: Received disconnect from 117.50.4.55 port 54450:11: Bye Bye [preauth]
Sep 13 12:58:44 Tower sshd[11341]: Disconnected from authenticating user root 117.50.4.55 port 54450 [preauth]

2020-09-14 04:49:08

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.48.238	attack	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-08 06:33:13
117.50.48.238	attackbotsspam	Connection to SSH Honeypot - Detected by HoneypotDB	2020-10-07 22:53:43
117.50.48.238	attack	[ssh] SSH attack	2020-10-07 14:57:37
117.50.49.57	attack	Invalid user test2 from 117.50.49.57 port 51428	2020-10-07 02:35:32
117.50.49.57	attackspam	Invalid user test2 from 117.50.49.57 port 51428	2020-10-06 18:32:26
117.50.43.204	attackspam	fail2ban -- 117.50.43.204 ...	2020-10-02 06:12:18
117.50.43.204	attackspam	SSH_attack	2020-10-01 22:35:55
117.50.43.204	attackspam	Sep 21 14:30:02 root sshd[27975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.43.204 user=root Sep 21 14:30:04 root sshd[27975]: Failed password for root from 117.50.43.204 port 55558 ssh2 ...	2020-09-21 23:20:51
117.50.43.204	attackbotsspam	Sep 20 17:37:54 mockhub sshd[342611]: Invalid user user from 117.50.43.204 port 56784 Sep 20 17:37:56 mockhub sshd[342611]: Failed password for invalid user user from 117.50.43.204 port 56784 ssh2 Sep 20 17:42:16 mockhub sshd[342730]: Invalid user dcadmin from 117.50.43.204 port 57906 ...	2020-09-21 15:04:04
117.50.43.204	attackspambots	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-21 06:56:55
117.50.49.57	attack	Invalid user nina from 117.50.49.57 port 42840	2020-09-04 15:39:16
117.50.49.57	attackbotsspam	SSH Invalid Login	2020-09-04 08:00:47
117.50.4.198	attackspam	Aug 29 15:52:28 web-main sshd[3718815]: Invalid user tiptop from 117.50.4.198 port 47346 Aug 29 15:52:30 web-main sshd[3718815]: Failed password for invalid user tiptop from 117.50.4.198 port 47346 ssh2 Aug 29 16:05:30 web-main sshd[3720429]: Invalid user suporte from 117.50.4.198 port 54452	2020-08-29 22:57:00
117.50.40.157	attackbots	firewall-block, port(s): 31572/tcp	2020-08-27 08:01:28
117.50.49.57	attackbots	Aug 21 17:41:22 OPSO sshd\[5566\]: Invalid user @test from 117.50.49.57 port 54388 Aug 21 17:41:22 OPSO sshd\[5566\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.49.57 Aug 21 17:41:25 OPSO sshd\[5566\]: Failed password for invalid user @test from 117.50.49.57 port 54388 ssh2 Aug 21 17:44:34 OPSO sshd\[6054\]: Invalid user zk from 117.50.49.57 port 46060 Aug 21 17:44:34 OPSO sshd\[6054\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.49.57	2020-08-22 00:11:24

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.4.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62946
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.4.55.			IN	A

;; AUTHORITY SECTION:
.			298	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020091301 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 14 04:49:03 CST 2020
;; MSG SIZE  rcvd: 115

HOST信息:

Host 55.4.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 55.4.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
220.246.186.124	attack	Unauthorized connection attempt detected from IP address 220.246.186.124 to port 5555 [J]	2020-01-06 16:50:44
201.156.4.156	attackbotsspam	Unauthorized connection attempt detected from IP address 201.156.4.156 to port 23 [J]	2020-01-06 16:54:37
150.109.170.49	attack	Unauthorized connection attempt detected from IP address 150.109.170.49 to port 1214 [J]	2020-01-06 16:33:08
92.86.80.250	attack	Unauthorized connection attempt detected from IP address 92.86.80.250 to port 23 [J]	2020-01-06 16:39:13
119.160.219.5	attackspambots	Unauthorized connection attempt detected from IP address 119.160.219.5 to port 1433 [J]	2020-01-06 16:35:39
150.164.254.73	attackbots	Unauthorized connection attempt detected from IP address 150.164.254.73 to port 4567 [J]	2020-01-06 17:01:57
168.196.2.57	attackspambots	Unauthorized connection attempt detected from IP address 168.196.2.57 to port 23 [J]	2020-01-06 17:00:33
217.60.231.113	attack	Unauthorized connection attempt detected from IP address 217.60.231.113 to port 23 [J]	2020-01-06 16:51:38
62.234.62.206	attackbotsspam	Brute-force attempt banned	2020-01-06 16:43:40
131.100.127.144	attack	Unauthorized connection attempt detected from IP address 131.100.127.144 to port 88 [J]	2020-01-06 17:02:33
178.62.118.53	attack	Unauthorized connection attempt detected from IP address 178.62.118.53 to port 2220 [J]	2020-01-06 16:58:16
14.173.91.105	attackbotsspam	Unauthorized connection attempt detected from IP address 14.173.91.105 to port 88 [J]	2020-01-06 16:48:10
91.204.188.50	attack	Unauthorized connection attempt detected from IP address 91.204.188.50 to port 2220 [J]	2020-01-06 17:07:15
98.15.132.104	attackbotsspam	Unauthorized connection attempt detected from IP address 98.15.132.104 to port 2323 [J]	2020-01-06 17:06:11
24.185.97.170	attackbotsspam	Unauthorized connection attempt detected from IP address 24.185.97.170 to port 2220 [J]	2020-01-06 16:47:08

最近上报的IP列表

164.51.191.28	189.178.55.34	168.63.212.45	82.253.141.54
198.251.89.99	94.191.113.77	111.21.255.2	54.39.209.237
119.45.199.173	189.90.135.51	115.98.229.146	94.201.52.66
209.141.46.38	192.99.11.223	154.85.53.68	45.129.33.82
218.121.122.12	111.226.235.91	210.60.80.152	52.231.24.146