117.50.44.215 - IPInfo

基本信息:

城市(city): unknown

省份(region): Shanghai

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): China Unicom Beijing Province Network

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Automatic report - Banned IP Access	2019-10-31 07:11:03
attackbots	Oct 17 12:25:01 vps647732 sshd[27504]: Failed password for root from 117.50.44.215 port 56448 ssh2 Oct 17 12:29:39 vps647732 sshd[27576]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 ...	2019-10-17 18:54:40
attackbotsspam	Oct 10 13:55:37 markkoudstaal sshd[21447]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Oct 10 13:55:40 markkoudstaal sshd[21447]: Failed password for invalid user 123Stick from 117.50.44.215 port 34159 ssh2 Oct 10 13:59:36 markkoudstaal sshd[21831]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215	2019-10-10 20:04:11
attackspambots	Sep 26 16:37:19 vps691689 sshd[17223]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Sep 26 16:37:22 vps691689 sshd[17223]: Failed password for invalid user remnux from 117.50.44.215 port 42523 ssh2 Sep 26 16:43:09 vps691689 sshd[17315]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 ...	2019-09-27 04:42:05
attack	Sep 26 13:55:46 vps691689 sshd[13335]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Sep 26 13:55:48 vps691689 sshd[13335]: Failed password for invalid user test from 117.50.44.215 port 55837 ssh2 Sep 26 14:00:49 vps691689 sshd[13461]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 ...	2019-09-26 20:03:48
attackbots	Sep 26 01:40:02 server sshd\[13815\]: Invalid user zzz from 117.50.44.215 port 50290 Sep 26 01:40:02 server sshd\[13815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Sep 26 01:40:05 server sshd\[13815\]: Failed password for invalid user zzz from 117.50.44.215 port 50290 ssh2 Sep 26 01:44:21 server sshd\[18088\]: Invalid user jenny from 117.50.44.215 port 37231 Sep 26 01:44:21 server sshd\[18088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215	2019-09-26 06:47:44
attackspam	Sep 23 04:13:53 monocul sshd[16605]: Invalid user toor from 117.50.44.215 port 44248 ...	2019-09-23 16:32:01
attack	$f2bV_matches	2019-09-12 15:27:57
attackbotsspam	Sep 11 23:22:41 legacy sshd[29559]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Sep 11 23:22:44 legacy sshd[29559]: Failed password for invalid user student@123 from 117.50.44.215 port 43418 ssh2 Sep 11 23:26:28 legacy sshd[29626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 ...	2019-09-12 05:40:50
attack	Sep 9 10:48:50 home sshd[28227]: Invalid user test from 117.50.44.215 port 56220 Sep 9 10:48:50 home sshd[28227]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Sep 9 10:48:50 home sshd[28227]: Invalid user test from 117.50.44.215 port 56220 Sep 9 10:48:52 home sshd[28227]: Failed password for invalid user test from 117.50.44.215 port 56220 ssh2 Sep 9 11:28:03 home sshd[28331]: Invalid user system from 117.50.44.215 port 47963 Sep 9 11:28:03 home sshd[28331]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Sep 9 11:28:03 home sshd[28331]: Invalid user system from 117.50.44.215 port 47963 Sep 9 11:28:05 home sshd[28331]: Failed password for invalid user system from 117.50.44.215 port 47963 ssh2 Sep 9 11:31:03 home sshd[28352]: Invalid user customer from 117.50.44.215 port 57555 Sep 9 11:31:03 home sshd[28352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rh	2019-09-10 09:17:44
attackbots	Sep 7 13:56:02 MK-Soft-VM3 sshd\[11109\]: Invalid user q1w2e3 from 117.50.44.215 port 36236 Sep 7 13:56:02 MK-Soft-VM3 sshd\[11109\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Sep 7 13:56:04 MK-Soft-VM3 sshd\[11109\]: Failed password for invalid user q1w2e3 from 117.50.44.215 port 36236 ssh2 ...	2019-09-07 22:07:00
attackspambots	Jul 29 08:52:15 icinga sshd[12338]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Jul 29 08:52:17 icinga sshd[12338]: Failed password for invalid user FQCL!@#123 from 117.50.44.215 port 60678 ssh2 ...	2019-07-29 16:03:36
attackspam	Jul 6 18:43:52 server01 sshd\[30795\]: Invalid user typo3 from 117.50.44.215 Jul 6 18:43:52 server01 sshd\[30795\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 Jul 6 18:43:54 server01 sshd\[30795\]: Failed password for invalid user typo3 from 117.50.44.215 port 50762 ssh2 ...	2019-07-07 06:54:27
attackspam	Jul 1 15:35:11 dev sshd\[6031\]: Invalid user musikbot from 117.50.44.215 port 59728 Jul 1 15:35:11 dev sshd\[6031\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.215 ...	2019-07-02 02:36:21

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.44.113	attack	Invalid user administrador from 117.50.44.113 port 33024	2020-07-01 07:17:41
117.50.44.113	attackbotsspam	Jun 30 05:16:42 powerpi2 sshd[26977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.113 Jun 30 05:16:42 powerpi2 sshd[26977]: Invalid user nexus from 117.50.44.113 port 50968 Jun 30 05:16:44 powerpi2 sshd[26977]: Failed password for invalid user nexus from 117.50.44.113 port 50968 ssh2 ...	2020-06-30 19:46:32
117.50.44.5	attack	TCP (SYN) 117.50.44.5:57985 -> port 1433, len 40	2020-06-30 16:52:23
117.50.44.113	attackbotsspam	Jun 28 11:11:35 vps46666688 sshd[30691]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.113 Jun 28 11:11:38 vps46666688 sshd[30691]: Failed password for invalid user peter from 117.50.44.113 port 57684 ssh2 ...	2020-06-29 04:17:36
117.50.44.115	attackspambots	Invalid user fabiola from 117.50.44.115 port 35084 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115 Failed password for invalid user fabiola from 117.50.44.115 port 35084 ssh2 Invalid user user from 117.50.44.115 port 47160 pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115	2020-06-23 21:43:20
117.50.44.115	attackbots	Jun 17 06:59:49 eventyay sshd[26429]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115 Jun 17 06:59:51 eventyay sshd[26429]: Failed password for invalid user gmod from 117.50.44.115 port 51294 ssh2 Jun 17 07:06:08 eventyay sshd[26699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115 ...	2020-06-17 16:32:20
117.50.44.115	attackspam	Invalid user dcr from 117.50.44.115 port 34328	2020-05-24 18:02:06
117.50.44.115	attackspam	web-1 [ssh] SSH Attack	2020-05-23 03:05:42
117.50.44.115	attackspam	20 attempts against mh-ssh on echoip	2020-05-07 16:22:13
117.50.44.115	attackbots	May 5 09:47:21 ns381471 sshd[14153]: Failed password for root from 117.50.44.115 port 43782 ssh2 May 5 09:51:25 ns381471 sshd[14392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115	2020-05-05 16:19:47
117.50.44.115	attack	...	2020-05-03 18:40:01
117.50.44.115	attack	Apr 27 23:26:41 web1 sshd\[16800\]: Invalid user support from 117.50.44.115 Apr 27 23:26:41 web1 sshd\[16800\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115 Apr 27 23:26:43 web1 sshd\[16800\]: Failed password for invalid user support from 117.50.44.115 port 35036 ssh2 Apr 27 23:31:12 web1 sshd\[17188\]: Invalid user tahir from 117.50.44.115 Apr 27 23:31:12 web1 sshd\[17188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115	2020-04-28 17:47:29
117.50.44.115	attackspam	SSH brutforce	2020-04-24 15:04:48
117.50.44.115	attackbotsspam	Apr 18 22:13:51 srv-ubuntu-dev3 sshd[8801]: Invalid user el from 117.50.44.115 Apr 18 22:13:51 srv-ubuntu-dev3 sshd[8801]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115 Apr 18 22:13:51 srv-ubuntu-dev3 sshd[8801]: Invalid user el from 117.50.44.115 Apr 18 22:13:53 srv-ubuntu-dev3 sshd[8801]: Failed password for invalid user el from 117.50.44.115 port 53122 ssh2 Apr 18 22:16:57 srv-ubuntu-dev3 sshd[9385]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115 user=root Apr 18 22:16:58 srv-ubuntu-dev3 sshd[9385]: Failed password for root from 117.50.44.115 port 36628 ssh2 Apr 18 22:20:36 srv-ubuntu-dev3 sshd[9971]: Invalid user ff from 117.50.44.115 Apr 18 22:20:36 srv-ubuntu-dev3 sshd[9971]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.44.115 Apr 18 22:20:36 srv-ubuntu-dev3 sshd[9971]: Invalid user ff from 117.50.44.115 Apr 18 22:20:38 ...	2020-04-19 04:51:25
117.50.44.115	attack	$f2bV_matches \| Triggered by Fail2Ban at Vostok web server	2020-04-17 18:22:58

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.44.215
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16035
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.44.215.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070101 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 02:36:16 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 215.44.50.117.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 67.207.67.2, trying next server
Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 215.44.50.117.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
202.181.237.142	attack	1600189231 - 09/15/2020 19:00:31 Host: 202.181.237.142/202.181.237.142 Port: 445 TCP Blocked	2020-09-16 14:07:14
201.231.175.63	attackbotsspam	Sep 16 00:55:39 ip-172-31-16-56 sshd\[28024\]: Invalid user lkihara from 201.231.175.63\ Sep 16 00:55:41 ip-172-31-16-56 sshd\[28024\]: Failed password for invalid user lkihara from 201.231.175.63 port 54689 ssh2\ Sep 16 00:58:08 ip-172-31-16-56 sshd\[28067\]: Failed password for root from 201.231.175.63 port 55137 ssh2\ Sep 16 01:00:58 ip-172-31-16-56 sshd\[28126\]: Failed password for root from 201.231.175.63 port 55905 ssh2\ Sep 16 01:03:44 ip-172-31-16-56 sshd\[28159\]: Failed password for root from 201.231.175.63 port 56609 ssh2\	2020-09-16 13:58:17
89.188.125.250	attackbotsspam	Port scan denied	2020-09-16 13:48:39
218.79.219.25	attack	Unauthorized connection attempt from IP address 218.79.219.25 on Port 445(SMB)	2020-09-16 14:04:01
138.91.89.115	attackbotsspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-16 14:05:48
193.181.46.75	attack	Sep 15 17:00:43 scw-focused-cartwright sshd[10219]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.181.46.75 Sep 15 17:00:45 scw-focused-cartwright sshd[10219]: Failed password for invalid user ubnt from 193.181.46.75 port 50504 ssh2	2020-09-16 13:45:41
118.89.163.105	attack	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "root" at 2020-09-16T04:31:17Z	2020-09-16 13:55:13
112.197.138.134	attack	2020-09-16T00:01:10.624453Z b011c210790c New connection: 112.197.138.134:56337 (172.17.0.2:2222) [session: b011c210790c] 2020-09-16T00:01:10.625611Z 802d037fb53c New connection: 112.197.138.134:56470 (172.17.0.2:2222) [session: 802d037fb53c]	2020-09-16 13:40:52
134.122.85.209	attackspam	Sep 15 19:15:01 master sshd[6596]: Failed password for root from 134.122.85.209 port 49301 ssh2 Sep 15 19:20:20 master sshd[6769]: Failed password for root from 134.122.85.209 port 34302 ssh2 Sep 15 19:24:31 master sshd[6782]: Failed password for root from 134.122.85.209 port 42223 ssh2 Sep 15 19:28:42 master sshd[6845]: Failed password for root from 134.122.85.209 port 50151 ssh2 Sep 15 19:34:03 master sshd[7295]: Failed password for invalid user donut from 134.122.85.209 port 58083 ssh2 Sep 15 19:39:53 master sshd[7404]: Failed password for root from 134.122.85.209 port 37767 ssh2 Sep 15 19:46:01 master sshd[7577]: Failed password for root from 134.122.85.209 port 45687 ssh2 Sep 15 19:51:57 master sshd[7690]: Failed password for root from 134.122.85.209 port 53613 ssh2 Sep 15 19:57:59 master sshd[7767]: Failed password for root from 134.122.85.209 port 33301 ssh2	2020-09-16 13:40:28
123.206.111.27	attackbotsspam	Sep 16 07:28:33 ns381471 sshd[31547]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.206.111.27 Sep 16 07:28:35 ns381471 sshd[31547]: Failed password for invalid user logger from 123.206.111.27 port 43422 ssh2	2020-09-16 13:50:06
116.72.27.215	attackbotsspam	GPON Home Routers Remote Code Execution Vulnerability	2020-09-16 13:50:33
187.135.19.68	attack	Unauthorized connection attempt from IP address 187.135.19.68 on Port 445(SMB)	2020-09-16 14:08:10
63.143.99.227	attack	Unauthorized connection attempt from IP address 63.143.99.227 on Port 445(SMB)	2020-09-16 13:49:05
142.4.213.28	attackbots	142.4.213.28 - - [16/Sep/2020:06:24:32 +0100] "POST /wp-login.php HTTP/1.1" 200 1861 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.213.28 - - [16/Sep/2020:06:24:33 +0100] "POST /wp-login.php HTTP/1.1" 200 1839 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 142.4.213.28 - - [16/Sep/2020:06:24:34 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-16 13:52:12
176.37.82.180	attackspam	Sep 15 17:00:34 scw-focused-cartwright sshd[10177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.37.82.180 Sep 15 17:00:36 scw-focused-cartwright sshd[10177]: Failed password for invalid user pi from 176.37.82.180 port 33898 ssh2	2020-09-16 14:01:06

最近上报的IP列表

42.105.210.102	8.26.21.26	85.116.62.107	35.195.205.193
126.218.90.221	62.50.51.66	35.195.80.59	122.198.27.170
111.10.169.203	150.225.238.68	77.103.157.198	77.31.64.51
142.255.245.174	200.40.71.145	87.142.192.67	124.243.187.3
220.245.198.135	5.32.79.119	176.239.4.110	207.202.227.55