117.50.5.198 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	2020-06-21T05:11:01.139033suse-nuc sshd[30749]: Invalid user white from 117.50.5.198 port 38374 ...	2020-06-22 02:35:29
attackspam	2020-06-16T05:50:38.770625+02:00 sshd[28613]: Failed password for root from 117.50.5.198 port 33908 ssh2	2020-06-16 16:00:46
attack	Jun 1 05:38:11 mockhub sshd[32676]: Failed password for root from 117.50.5.198 port 51990 ssh2 ...	2020-06-02 02:51:07
attack	May 27 11:56:53 abendstille sshd\[18605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.198 user=root May 27 11:56:54 abendstille sshd\[18605\]: Failed password for root from 117.50.5.198 port 55568 ssh2 May 27 12:02:11 abendstille sshd\[23777\]: Invalid user admin from 117.50.5.198 May 27 12:02:11 abendstille sshd\[23777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.198 May 27 12:02:13 abendstille sshd\[23777\]: Failed password for invalid user admin from 117.50.5.198 port 53780 ssh2 ...	2020-05-27 18:08:30

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.5.94	attack	Unauthorized access to SSH at 29/Aug/2020:20:24:04 +0000.	2020-08-30 06:55:44
117.50.5.94	attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.5.94 to port 8545 [T]	2020-08-10 19:59:17
117.50.5.94	attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.5.94 to port 9000	2020-07-14 13:35:10
117.50.59.243	attackspambots	Jun 12 18:42:19 web1 sshd\[27222\]: Invalid user zll from 117.50.59.243 Jun 12 18:42:19 web1 sshd\[27222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.243 Jun 12 18:42:21 web1 sshd\[27222\]: Failed password for invalid user zll from 117.50.59.243 port 47644 ssh2 Jun 12 18:45:32 web1 sshd\[27507\]: Invalid user sharing from 117.50.59.243 Jun 12 18:45:32 web1 sshd\[27507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.243	2020-06-13 12:49:02
117.50.59.243	attack	Jun 10 14:01:43 master sshd[18186]: Failed password for invalid user tonytan from 117.50.59.243 port 38776 ssh2 Jun 10 14:02:39 master sshd[18218]: Failed password for invalid user ponfly from 117.50.59.243 port 46970 ssh2	2020-06-10 19:18:23
117.50.59.243	attackspambots	Jun 8 12:02:48 Tower sshd[6039]: Connection from 117.50.59.243 port 47272 on 192.168.10.220 port 22 rdomain "" Jun 8 12:02:53 Tower sshd[6039]: Failed password for root from 117.50.59.243 port 47272 ssh2 Jun 8 12:02:54 Tower sshd[6039]: Received disconnect from 117.50.59.243 port 47272:11: Bye Bye [preauth] Jun 8 12:02:54 Tower sshd[6039]: Disconnected from authenticating user root 117.50.59.243 port 47272 [preauth]	2020-06-09 02:13:59
117.50.5.12	attack	Failed password for invalid user nginx from 117.50.5.12 port 58320 ssh2	2020-05-27 14:00:00
117.50.5.12	attackbots	Lines containing failures of 117.50.5.12 May 25 02:54:22 newdogma sshd[3439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.12 user=r.r May 25 02:54:24 newdogma sshd[3439]: Failed password for r.r from 117.50.5.12 port 44618 ssh2 May 25 02:54:26 newdogma sshd[3439]: Received disconnect from 117.50.5.12 port 44618:11: Bye Bye [preauth] May 25 02:54:26 newdogma sshd[3439]: Disconnected from authenticating user r.r 117.50.5.12 port 44618 [preauth] May 25 03:06:42 newdogma sshd[3605]: Invalid user school from 117.50.5.12 port 44462 May 25 03:06:42 newdogma sshd[3605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.12 May 25 03:06:44 newdogma sshd[3605]: Failed password for invalid user school from 117.50.5.12 port 44462 ssh2 May 25 03:06:48 newdogma sshd[3605]: Received disconnect from 117.50.5.12 port 44462:11: Bye Bye [preauth] May 25 03:06:48 newdogma sshd[3605]: Disconn........ ------------------------------	2020-05-26 18:26:41
117.50.5.94	attack	Automatic report - Banned IP Access	2020-04-30 08:16:46
117.50.59.209	attackbotsspam	Feb 2 18:30:03 mail sshd\[30852\]: Invalid user lemonsj from 117.50.59.209 Feb 2 18:30:03 mail sshd\[30852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.209 ...	2020-02-03 08:25:52
117.50.50.44	attackspam	2020-1-30 5:55:39 PM: failed ssh attempt	2020-01-31 01:27:26
117.50.50.44	attackbots	Unauthorized connection attempt detected from IP address 117.50.50.44 to port 2220 [J]	2020-01-17 18:06:32
117.50.50.44	attack	Jan 3 14:08:22 haigwepa sshd[11859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 Jan 3 14:08:25 haigwepa sshd[11859]: Failed password for invalid user y from 117.50.50.44 port 52896 ssh2 ...	2020-01-03 21:34:14
117.50.5.94	attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-28 02:52:24
117.50.54.253	attackbotsspam	$f2bV_matches	2019-12-27 02:28:55

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.5.198
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27080
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.5.198.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020052700 1800 900 604800 86400

;; Query time: 79 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 27 18:08:25 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

198.5.50.117.in-addr.arpa domain name pointer home520.xyz.
198.5.50.117.in-addr.arpa domain name pointer smtpservice.site.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
198.5.50.117.in-addr.arpa	name = home520.xyz.
198.5.50.117.in-addr.arpa	name = smtpservice.site.

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
183.89.217.141	attackbots	[portscan] tcp/23 [TELNET] *(RWIN=3164)(06301147)	2020-06-30 20:14:50
117.31.109.144	attackbotsspam	Icarus honeypot on github	2020-06-30 20:10:00
81.214.245.41	attackspam	Automatic report - Banned IP Access	2020-06-30 20:50:59
192.241.229.231	attackspambots	Port Scan detected from 192.241.229.231 (US/United States/California/San Francisco/zg-0626-180.stretchoid.com). 4 hits in the last 180 seconds	2020-06-30 20:34:04
166.111.152.230	attackspambots	Jun 30 22:00:48 web1 sshd[20489]: Invalid user bojan from 166.111.152.230 port 51176 Jun 30 22:00:48 web1 sshd[20489]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.152.230 Jun 30 22:00:48 web1 sshd[20489]: Invalid user bojan from 166.111.152.230 port 51176 Jun 30 22:00:50 web1 sshd[20489]: Failed password for invalid user bojan from 166.111.152.230 port 51176 ssh2 Jun 30 22:21:24 web1 sshd[25679]: Invalid user iroda from 166.111.152.230 port 44072 Jun 30 22:21:24 web1 sshd[25679]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.152.230 Jun 30 22:21:24 web1 sshd[25679]: Invalid user iroda from 166.111.152.230 port 44072 Jun 30 22:21:26 web1 sshd[25679]: Failed password for invalid user iroda from 166.111.152.230 port 44072 ssh2 Jun 30 22:24:59 web1 sshd[26524]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=166.111.152.230 user=root Jun 30 22:25:00 ...	2020-06-30 20:40:21
43.227.253.254	attackspam	43.227.253.254 - - \[30/Jun/2020:14:25:15 +0200\] "GET / HTTP/1.1" 403 162 "-" "Mozilla/5.0 $Windows NT 6.1\; WOW64\; rv:52.0$ Gecko/20100101 Firefox/52.0" 43.227.253.254 - - \[30/Jun/2020:14:25:16 +0200\] "POST /Admin56a0e6b9/Login.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 $Windows NT 6.1\; WOW64\; rv:52.0$ Gecko/20100101 Firefox/52.0" 43.227.253.254 - - \[30/Jun/2020:14:25:16 +0200\] "GET / HTTP/1.1" 403 192 "-" "Mozilla/4.0 $compatible\; MSIE 7.0\; Windows NT 6.0$" 43.227.253.254 - - \[30/Jun/2020:14:25:16 +0200\] "GET /l.php HTTP/1.1" 404 193 "-" "Mozilla/4.0 $compatible\; MSIE 7.0\; Windows NT 6.0$" 43.227.253.254 - - \[30/Jun/2020:14:25:16 +0200\] "GET /phpinfo.php HTTP/1.1" 404 193 "-" "Mozilla/4.0 $compatible\; MSIE 7.0\; Windows NT 6.0$" ...	2020-06-30 20:30:07
201.203.21.239	attack	2020-06-30T11:00:56.355146abusebot.cloudsearch.cf sshd[8162]: Invalid user production from 201.203.21.239 port 39635 2020-06-30T11:00:56.360651abusebot.cloudsearch.cf sshd[8162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.203.21.239 2020-06-30T11:00:56.355146abusebot.cloudsearch.cf sshd[8162]: Invalid user production from 201.203.21.239 port 39635 2020-06-30T11:00:58.364541abusebot.cloudsearch.cf sshd[8162]: Failed password for invalid user production from 201.203.21.239 port 39635 ssh2 2020-06-30T11:06:15.154611abusebot.cloudsearch.cf sshd[8216]: Invalid user leo from 201.203.21.239 port 41909 2020-06-30T11:06:15.159754abusebot.cloudsearch.cf sshd[8216]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.203.21.239 2020-06-30T11:06:15.154611abusebot.cloudsearch.cf sshd[8216]: Invalid user leo from 201.203.21.239 port 41909 2020-06-30T11:06:17.624981abusebot.cloudsearch.cf sshd[8216]: Failed passw ...	2020-06-30 20:26:39
200.73.240.238	attackbots	Jun 30 19:11:14 itv-usvr-02 sshd[8780]: Invalid user djones from 200.73.240.238 port 57834 Jun 30 19:11:14 itv-usvr-02 sshd[8780]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.73.240.238 Jun 30 19:11:14 itv-usvr-02 sshd[8780]: Invalid user djones from 200.73.240.238 port 57834 Jun 30 19:11:16 itv-usvr-02 sshd[8780]: Failed password for invalid user djones from 200.73.240.238 port 57834 ssh2 Jun 30 19:15:41 itv-usvr-02 sshd[8940]: Invalid user bcx from 200.73.240.238 port 57072	2020-06-30 20:26:06
51.75.250.45	attackbots	Jun 30 14:25:05 pve1 sshd[24134]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.250.45 Jun 30 14:25:06 pve1 sshd[24134]: Failed password for invalid user sw from 51.75.250.45 port 46286 ssh2 ...	2020-06-30 20:44:42
46.148.21.32	attack	2020-06-30 07:20:21.708278-0500 localhost sshd[16695]: Failed password for invalid user ubnt from 46.148.21.32 port 60476 ssh2	2020-06-30 20:51:17
111.230.210.78	attackbots	SSH invalid-user multiple login try	2020-06-30 20:52:10
197.5.145.82	attackbots	Jun 30 14:16:48 v22019038103785759 sshd\[13888\]: Invalid user bt from 197.5.145.82 port 8620 Jun 30 14:16:48 v22019038103785759 sshd\[13888\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.82 Jun 30 14:16:49 v22019038103785759 sshd\[13888\]: Failed password for invalid user bt from 197.5.145.82 port 8620 ssh2 Jun 30 14:24:59 v22019038103785759 sshd\[14386\]: Invalid user afc from 197.5.145.82 port 8621 Jun 30 14:24:59 v22019038103785759 sshd\[14386\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.82 ...	2020-06-30 20:55:39
171.15.17.161	attackbots	2020-06-30T08:33:10.763725devel sshd[12324]: Invalid user steam from 171.15.17.161 port 46402 2020-06-30T08:33:12.826049devel sshd[12324]: Failed password for invalid user steam from 171.15.17.161 port 46402 ssh2 2020-06-30T08:36:34.176330devel sshd[12664]: Invalid user jenkins from 171.15.17.161 port 60366	2020-06-30 20:47:42
115.186.149.166	attackbots	SMB Server BruteForce Attack	2020-06-30 20:35:25
111.229.28.34	attackbots	Jun 30 13:41:44 sso sshd[15721]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.28.34 Jun 30 13:41:46 sso sshd[15721]: Failed password for invalid user gast from 111.229.28.34 port 38678 ssh2 ...	2020-06-30 20:24:17

最近上报的IP列表

2.187.91.14	114.237.109.222	198.108.67.116	58.56.112.167
37.6.172.112	242.207.34.204	180.183.28.233	116.120.33.114
51.158.190.54	37.183.38.184	2.42.205.208	202.47.68.162
117.212.149.90	40.76.46.120	14.234.227.146	175.97.139.252
178.32.221.225	220.64.91.229	117.2.123.160	171.232.147.135