117.50.40.157 - IPInfo

基本信息:

城市(city): unknown

省份(region): Shanghai

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	firewall-block, port(s): 31572/tcp	2020-08-27 08:01:28
attackbots	Jun 21 08:14:37 h1745522 sshd[28290]: Invalid user tracy from 117.50.40.157 port 55134 Jun 21 08:14:37 h1745522 sshd[28290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 Jun 21 08:14:37 h1745522 sshd[28290]: Invalid user tracy from 117.50.40.157 port 55134 Jun 21 08:14:39 h1745522 sshd[28290]: Failed password for invalid user tracy from 117.50.40.157 port 55134 ssh2 Jun 21 08:18:16 h1745522 sshd[28433]: Invalid user juliet from 117.50.40.157 port 37142 Jun 21 08:18:16 h1745522 sshd[28433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 Jun 21 08:18:16 h1745522 sshd[28433]: Invalid user juliet from 117.50.40.157 port 37142 Jun 21 08:18:18 h1745522 sshd[28433]: Failed password for invalid user juliet from 117.50.40.157 port 37142 ssh2 Jun 21 08:21:50 h1745522 sshd[28535]: Invalid user ubuntu from 117.50.40.157 port 47380 ...	2020-06-21 17:42:13
attack	Invalid user webcam from 117.50.40.157 port 59824	2020-06-18 13:53:18
attackbotsspam	Jun 17 10:04:46 firewall sshd[9117]: Invalid user israel from 117.50.40.157 Jun 17 10:04:48 firewall sshd[9117]: Failed password for invalid user israel from 117.50.40.157 port 43324 ssh2 Jun 17 10:08:54 firewall sshd[9204]: Invalid user mha from 117.50.40.157 ...	2020-06-17 21:26:01
attack	Jun 7 15:11:58 home sshd[30941]: Failed password for root from 117.50.40.157 port 56530 ssh2 Jun 7 15:15:43 home sshd[31293]: Failed password for root from 117.50.40.157 port 38882 ssh2 ...	2020-06-08 01:03:22
attackspam	Invalid user peu01 from 117.50.40.157 port 52740	2020-06-07 07:12:16
attackspambots	Jun 3 12:44:38 Host-KLAX-C sshd[21437]: User root from 117.50.40.157 not allowed because not listed in AllowUsers ...	2020-06-04 04:11:06
attackbotsspam	May 30 08:46:40 ny01 sshd[2149]: Failed password for root from 117.50.40.157 port 43414 ssh2 May 30 08:51:24 ny01 sshd[2761]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 May 30 08:51:26 ny01 sshd[2761]: Failed password for invalid user ray from 117.50.40.157 port 35756 ssh2	2020-05-31 01:14:24
attack	2020-05-23T17:06:53.752533abusebot-7.cloudsearch.cf sshd[8440]: Invalid user vaa from 117.50.40.157 port 40972 2020-05-23T17:06:53.759299abusebot-7.cloudsearch.cf sshd[8440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 2020-05-23T17:06:53.752533abusebot-7.cloudsearch.cf sshd[8440]: Invalid user vaa from 117.50.40.157 port 40972 2020-05-23T17:06:56.233011abusebot-7.cloudsearch.cf sshd[8440]: Failed password for invalid user vaa from 117.50.40.157 port 40972 ssh2 2020-05-23T17:11:58.613107abusebot-7.cloudsearch.cf sshd[8729]: Invalid user hxa from 117.50.40.157 port 32966 2020-05-23T17:11:58.622325abusebot-7.cloudsearch.cf sshd[8729]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 2020-05-23T17:11:58.613107abusebot-7.cloudsearch.cf sshd[8729]: Invalid user hxa from 117.50.40.157 port 32966 2020-05-23T17:12:00.970120abusebot-7.cloudsearch.cf sshd[8729]: Failed password for inva ...	2020-05-24 03:52:15
attackspam	May 22 08:23:28 prod4 sshd\[29844\]: Invalid user fsy from 117.50.40.157 May 22 08:23:30 prod4 sshd\[29844\]: Failed password for invalid user fsy from 117.50.40.157 port 42154 ssh2 May 22 08:28:20 prod4 sshd\[1740\]: Invalid user inl from 117.50.40.157 ...	2020-05-22 17:23:02
attackspam	May 16 01:52:14 lukav-desktop sshd\[23867\]: Invalid user ubuntu from 117.50.40.157 May 16 01:52:14 lukav-desktop sshd\[23867\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 May 16 01:52:16 lukav-desktop sshd\[23867\]: Failed password for invalid user ubuntu from 117.50.40.157 port 60552 ssh2 May 16 01:56:03 lukav-desktop sshd\[24049\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 user=root May 16 01:56:05 lukav-desktop sshd\[24049\]: Failed password for root from 117.50.40.157 port 44396 ssh2	2020-05-16 08:35:37
attackspam	$f2bV_matches	2020-05-04 12:52:55
attack	SSH Brute-Forcing (server1)	2020-04-30 20:07:40
attack	Apr 16 14:15:55 sshd\[30372\]: Invalid user xo from 117.50.40.157Apr 16 14:15:58 sshd\[30372\]: Failed password for invalid user xo from 117.50.40.157 port 40204 ssh2 ...	2020-04-16 20:17:55
attack	Apr 8 03:59:24 localhost sshd\[10827\]: Invalid user minecraft from 117.50.40.157 port 59110 Apr 8 03:59:24 localhost sshd\[10827\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 Apr 8 03:59:26 localhost sshd\[10827\]: Failed password for invalid user minecraft from 117.50.40.157 port 59110 ssh2 ...	2020-04-08 13:19:51
attack	Mar 14 05:28:36 srv-ubuntu-dev3 sshd[123845]: Invalid user git from 117.50.40.157 Mar 14 05:28:36 srv-ubuntu-dev3 sshd[123845]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 Mar 14 05:28:36 srv-ubuntu-dev3 sshd[123845]: Invalid user git from 117.50.40.157 Mar 14 05:28:38 srv-ubuntu-dev3 sshd[123845]: Failed password for invalid user git from 117.50.40.157 port 50550 ssh2 Mar 14 05:31:31 srv-ubuntu-dev3 sshd[124342]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 user=root Mar 14 05:31:33 srv-ubuntu-dev3 sshd[124342]: Failed password for root from 117.50.40.157 port 52740 ssh2 Mar 14 05:34:27 srv-ubuntu-dev3 sshd[124807]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 user=root Mar 14 05:34:30 srv-ubuntu-dev3 sshd[124807]: Failed password for root from 117.50.40.157 port 54926 ssh2 Mar 14 05:37:24 srv-ubuntu-dev3 sshd[125 ...	2020-03-14 12:40:37
attackbots	Mar 3 05:28:51 server sshd[1074754]: Failed password for invalid user sinusbot from 117.50.40.157 port 54456 ssh2 Mar 3 05:49:16 server sshd[1108648]: Failed password for invalid user oracle from 117.50.40.157 port 44606 ssh2 Mar 3 05:59:25 server sshd[1124880]: Failed password for invalid user sphinx from 117.50.40.157 port 39680 ssh2	2020-03-03 13:09:14
attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.40.157 to port 2220 [J]	2020-01-17 00:52:03
attackspambots	2020-01-13 22:57:00,518 fail2ban.actions [2870]: NOTICE [sshd] Ban 117.50.40.157 2020-01-13 23:29:01,217 fail2ban.actions [2870]: NOTICE [sshd] Ban 117.50.40.157 2020-01-14 00:02:16,345 fail2ban.actions [2870]: NOTICE [sshd] Ban 117.50.40.157 2020-01-14 00:37:02,617 fail2ban.actions [2870]: NOTICE [sshd] Ban 117.50.40.157 2020-01-14 01:13:43,883 fail2ban.actions [2870]: NOTICE [sshd] Ban 117.50.40.157 ...	2020-01-14 08:15:26
attackspam	Jan 12 00:13:33 meumeu sshd[5904]: Failed password for root from 117.50.40.157 port 42246 ssh2 Jan 12 00:16:13 meumeu sshd[6358]: Failed password for root from 117.50.40.157 port 36586 ssh2 Jan 12 00:19:14 meumeu sshd[6885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 ...	2020-01-12 08:19:43
attack	Jan 4 04:01:11 web9 sshd\[29960\]: Invalid user csgo from 117.50.40.157 Jan 4 04:01:11 web9 sshd\[29960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 Jan 4 04:01:13 web9 sshd\[29960\]: Failed password for invalid user csgo from 117.50.40.157 port 35518 ssh2 Jan 4 04:04:45 web9 sshd\[30578\]: Invalid user qqj from 117.50.40.157 Jan 4 04:04:45 web9 sshd\[30578\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157	2020-01-05 01:31:40
attackspambots	Brute force attempt	2019-12-23 02:40:25
attackbots	Fail2Ban Ban Triggered	2019-12-16 03:19:39
attackbotsspam	Dec 6 06:17:19 yesfletchmain sshd\[13377\]: Invalid user srdeeg from 117.50.40.157 port 43390 Dec 6 06:17:19 yesfletchmain sshd\[13377\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 Dec 6 06:17:22 yesfletchmain sshd\[13377\]: Failed password for invalid user srdeeg from 117.50.40.157 port 43390 ssh2 Dec 6 06:24:42 yesfletchmain sshd\[13570\]: Invalid user server from 117.50.40.157 port 43430 Dec 6 06:24:42 yesfletchmain sshd\[13570\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.157 ...	2019-12-06 20:08:32
attack	Unauthorized SSH login attempts	2019-12-05 07:32:43

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.40.205	attack	Jul 31 14:05:50 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=117.50.40.205 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=56072 DF PROTO=TCP SPT=34684 DPT=1433 WINDOW=14140 RES=0x00 SYN URGP=0 Jul 31 14:05:51 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=117.50.40.205 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=20928 DF PROTO=TCP SPT=55004 DPT=7002 WINDOW=14140 RES=0x00 SYN URGP=0 Jul 31 14:05:52 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=117.50.40.205 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=20929 DF PROTO=TCP SPT=55004 DPT=7002 WINDOW=14140 RES=0x00 SYN URGP=0 Jul 31 14:05:52 hidden kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:3e:4a:cc:28:99:3a:4d:23:91:08:00 SRC=117.50.40.205 DST=173.212.244.83 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=41192 DF PROTO=TCP SPT=34072 DPT=8080 WINDOW=14140 RES=0x00 SYN URGP=0 Jul 31 1 ...	2020-08-01 00:21:37
117.50.40.36	attack	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-05-15 19:14:03
117.50.40.36	attackbots	May 4 20:52:31 ArkNodeAT sshd\[10410\]: Invalid user phf from 117.50.40.36 May 4 20:52:31 ArkNodeAT sshd\[10410\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 May 4 20:52:33 ArkNodeAT sshd\[10410\]: Failed password for invalid user phf from 117.50.40.36 port 36673 ssh2	2020-05-05 03:10:14
117.50.40.36	attackspam	May 3 22:24:45 web01 sshd[8637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 May 3 22:24:47 web01 sshd[8637]: Failed password for invalid user veeam from 117.50.40.36 port 57250 ssh2 ...	2020-05-04 04:33:59
117.50.40.36	attack	Invalid user vivian from 117.50.40.36 port 44512	2020-05-03 17:59:33
117.50.40.36	attack	2020-04-21T03:49:19.663635abusebot-3.cloudsearch.cf sshd[18466]: Invalid user admin from 117.50.40.36 port 50620 2020-04-21T03:49:19.674457abusebot-3.cloudsearch.cf sshd[18466]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 2020-04-21T03:49:19.663635abusebot-3.cloudsearch.cf sshd[18466]: Invalid user admin from 117.50.40.36 port 50620 2020-04-21T03:49:22.076220abusebot-3.cloudsearch.cf sshd[18466]: Failed password for invalid user admin from 117.50.40.36 port 50620 ssh2 2020-04-21T03:52:52.043581abusebot-3.cloudsearch.cf sshd[18649]: Invalid user ubuntu from 117.50.40.36 port 40013 2020-04-21T03:52:52.049719abusebot-3.cloudsearch.cf sshd[18649]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 2020-04-21T03:52:52.043581abusebot-3.cloudsearch.cf sshd[18649]: Invalid user ubuntu from 117.50.40.36 port 40013 2020-04-21T03:52:54.025023abusebot-3.cloudsearch.cf sshd[18649]: Failed pass ...	2020-04-21 16:03:39
117.50.40.36	attackspam	Apr 13 19:07:42 mail sshd[17612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 user=root Apr 13 19:07:45 mail sshd[17612]: Failed password for root from 117.50.40.36 port 44162 ssh2 Apr 13 19:27:05 mail sshd[15407]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 user=root Apr 13 19:27:07 mail sshd[15407]: Failed password for root from 117.50.40.36 port 51791 ssh2 Apr 13 19:33:12 mail sshd[24803]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 user=root Apr 13 19:33:13 mail sshd[24803]: Failed password for root from 117.50.40.36 port 52810 ssh2 ...	2020-04-14 03:15:59
117.50.40.36	attack	Brute force attempt	2020-04-07 04:25:04
117.50.40.36	attackbotsspam	2020-03-16T16:59:35.020701struts4.enskede.local sshd\[14768\]: Invalid user user from 117.50.40.36 port 53406 2020-03-16T16:59:35.028580struts4.enskede.local sshd\[14768\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 2020-03-16T16:59:38.269107struts4.enskede.local sshd\[14768\]: Failed password for invalid user user from 117.50.40.36 port 53406 ssh2 2020-03-16T17:08:58.284638struts4.enskede.local sshd\[14819\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.36 user=root 2020-03-16T17:09:01.961573struts4.enskede.local sshd\[14819\]: Failed password for root from 117.50.40.36 port 46309 ssh2 ...	2020-03-17 04:12:48
117.50.40.36	attackbotsspam	$f2bV_matches	2020-02-12 18:54:21
117.50.40.133	attack	Nov 15 01:57:27 server sshd\[13315\]: Invalid user user from 117.50.40.133 Nov 15 01:57:27 server sshd\[13315\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.133 Nov 15 01:57:29 server sshd\[13315\]: Failed password for invalid user user from 117.50.40.133 port 52748 ssh2 Nov 15 09:30:51 server sshd\[4768\]: Invalid user support from 117.50.40.133 Nov 15 09:30:51 server sshd\[4768\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.40.133 ...	2019-11-15 14:46:11

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.40.157
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58030
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.40.157.			IN	A

;; AUTHORITY SECTION:
.			532	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120201 1800 900 604800 86400

;; Query time: 109 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 03 03:32:52 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 157.40.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 157.40.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
185.176.27.42	attack	TCP (SYN) 185.176.27.42:41797 -> port 40877, len 44	2020-06-07 02:34:44
162.243.144.28	attack	scans once in preceeding hours on the ports (in chronological order) 5632 resulting in total of 34 scans from 162.243.0.0/16 block.	2020-06-07 02:47:42
194.26.29.125	attackbotsspam	scans 37 times in preceeding hours on the ports (in chronological order) 54266 54520 53453 54049 51877 52646 51636 52972 53668 52904 52775 54979 51806 54966 53215 53655 54465 53611 54070 53841 54026 50261 54056 51344 52850 54838 50228 54361 50206 53859 54812 52222 51515 53644 54367 53969 54285 resulting in total of 612 scans from 194.26.29.0/24 block.	2020-06-07 02:30:20
185.156.73.60	attack	[H1] Blocked by UFW	2020-06-07 02:37:43
185.200.118.70	attackspambots	scans once in preceeding hours on the ports (in chronological order) 1723 resulting in total of 2 scans from 185.200.118.0/24 block.	2020-06-07 02:32:49
119.28.149.239	attackbotsspam	scans once in preceeding hours on the ports (in chronological order) 8667 resulting in total of 1 scans from 119.28.0.0/15 block.	2020-06-07 02:49:04
185.39.11.39	attackspam	TCP (SYN) 185.39.11.39:52464 -> port 40030, len 44	2020-06-07 02:40:33
92.63.197.55	attackbotsspam	TCP (SYN) 92.63.197.55:54083 -> port 20889, len 44	2020-06-07 02:53:37
94.102.50.137	attackbotsspam	Jun 6 20:20:31 debian-2gb-nbg1-2 kernel: \[13726379.554833\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=94.102.50.137 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=640 PROTO=TCP SPT=41800 DPT=65535 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 02:51:13
89.248.172.85	attackbotsspam	06/06/2020-14:51:19.090323 89.248.172.85 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2020-06-07 02:55:06
172.104.65.226	attackspam	scans once in preceeding hours on the ports (in chronological order) 3128 resulting in total of 3 scans from 172.104.0.0/15 block.	2020-06-07 02:44:35
185.156.73.45	attack	Jun 6 21:23:45 debian kernel: [370385.621220] [UFW BLOCK] IN=eth0 OUT= MAC=52:54:00:be:e4:65:08:e8:4f:6e:48:0c:08:00 SRC=185.156.73.45 DST=89.252.131.35 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=6832 PROTO=TCP SPT=54105 DPT=21001 WINDOW=1024 RES=0x00 SYN URGP=0	2020-06-07 02:38:38
162.243.144.222	attack	scans once in preceeding hours on the ports (in chronological order) 50070 resulting in total of 34 scans from 162.243.0.0/16 block.	2020-06-07 02:46:37
185.175.93.104	attackbotsspam	TCP (SYN) 185.175.93.104:47557 -> port 49152, len 44	2020-06-07 02:36:35
94.102.56.231	attackbotsspam	TCP (SYN) 94.102.56.231:51209 -> port 8648, len 44	2020-06-07 02:50:33

最近上报的IP列表

139.201.193.131	107.17.89.32	201.174.134.173	7.22.205.60
222.200.213.208	12.173.232.124	192.138.210.121	43.53.243.124
150.153.222.109	17.94.29.115	210.54.198.216	195.84.170.117
23.254.168.243	89.103.164.103	107.106.164.213	225.174.223.218
162.227.152.103	46.165.9.172	205.128.155.242	222.71.182.18