117.50.5.94 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized access to SSH at 29/Aug/2020:20:24:04 +0000.	2020-08-30 06:55:44
attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.5.94 to port 8545 [T]	2020-08-10 19:59:17
attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.5.94 to port 9000	2020-07-14 13:35:10
attack	Automatic report - Banned IP Access	2020-04-30 08:16:46
attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-28 02:52:24

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.5.198	attack	2020-06-21T05:11:01.139033suse-nuc sshd[30749]: Invalid user white from 117.50.5.198 port 38374 ...	2020-06-22 02:35:29
117.50.5.198	attackspam	2020-06-16T05:50:38.770625+02:00 sshd[28613]: Failed password for root from 117.50.5.198 port 33908 ssh2	2020-06-16 16:00:46
117.50.59.243	attackspambots	Jun 12 18:42:19 web1 sshd\[27222\]: Invalid user zll from 117.50.59.243 Jun 12 18:42:19 web1 sshd\[27222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.243 Jun 12 18:42:21 web1 sshd\[27222\]: Failed password for invalid user zll from 117.50.59.243 port 47644 ssh2 Jun 12 18:45:32 web1 sshd\[27507\]: Invalid user sharing from 117.50.59.243 Jun 12 18:45:32 web1 sshd\[27507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.243	2020-06-13 12:49:02
117.50.59.243	attack	Jun 10 14:01:43 master sshd[18186]: Failed password for invalid user tonytan from 117.50.59.243 port 38776 ssh2 Jun 10 14:02:39 master sshd[18218]: Failed password for invalid user ponfly from 117.50.59.243 port 46970 ssh2	2020-06-10 19:18:23
117.50.59.243	attackspambots	Jun 8 12:02:48 Tower sshd[6039]: Connection from 117.50.59.243 port 47272 on 192.168.10.220 port 22 rdomain "" Jun 8 12:02:53 Tower sshd[6039]: Failed password for root from 117.50.59.243 port 47272 ssh2 Jun 8 12:02:54 Tower sshd[6039]: Received disconnect from 117.50.59.243 port 47272:11: Bye Bye [preauth] Jun 8 12:02:54 Tower sshd[6039]: Disconnected from authenticating user root 117.50.59.243 port 47272 [preauth]	2020-06-09 02:13:59
117.50.5.198	attack	Jun 1 05:38:11 mockhub sshd[32676]: Failed password for root from 117.50.5.198 port 51990 ssh2 ...	2020-06-02 02:51:07
117.50.5.198	attack	May 27 11:56:53 abendstille sshd\[18605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.198 user=root May 27 11:56:54 abendstille sshd\[18605\]: Failed password for root from 117.50.5.198 port 55568 ssh2 May 27 12:02:11 abendstille sshd\[23777\]: Invalid user admin from 117.50.5.198 May 27 12:02:11 abendstille sshd\[23777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.198 May 27 12:02:13 abendstille sshd\[23777\]: Failed password for invalid user admin from 117.50.5.198 port 53780 ssh2 ...	2020-05-27 18:08:30
117.50.5.12	attack	Failed password for invalid user nginx from 117.50.5.12 port 58320 ssh2	2020-05-27 14:00:00
117.50.5.12	attackbots	Lines containing failures of 117.50.5.12 May 25 02:54:22 newdogma sshd[3439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.12 user=r.r May 25 02:54:24 newdogma sshd[3439]: Failed password for r.r from 117.50.5.12 port 44618 ssh2 May 25 02:54:26 newdogma sshd[3439]: Received disconnect from 117.50.5.12 port 44618:11: Bye Bye [preauth] May 25 02:54:26 newdogma sshd[3439]: Disconnected from authenticating user r.r 117.50.5.12 port 44618 [preauth] May 25 03:06:42 newdogma sshd[3605]: Invalid user school from 117.50.5.12 port 44462 May 25 03:06:42 newdogma sshd[3605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.12 May 25 03:06:44 newdogma sshd[3605]: Failed password for invalid user school from 117.50.5.12 port 44462 ssh2 May 25 03:06:48 newdogma sshd[3605]: Received disconnect from 117.50.5.12 port 44462:11: Bye Bye [preauth] May 25 03:06:48 newdogma sshd[3605]: Disconn........ ------------------------------	2020-05-26 18:26:41
117.50.59.209	attackbotsspam	Feb 2 18:30:03 mail sshd\[30852\]: Invalid user lemonsj from 117.50.59.209 Feb 2 18:30:03 mail sshd\[30852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.209 ...	2020-02-03 08:25:52
117.50.50.44	attackspam	2020-1-30 5:55:39 PM: failed ssh attempt	2020-01-31 01:27:26
117.50.50.44	attackbots	Unauthorized connection attempt detected from IP address 117.50.50.44 to port 2220 [J]	2020-01-17 18:06:32
117.50.50.44	attack	Jan 3 14:08:22 haigwepa sshd[11859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 Jan 3 14:08:25 haigwepa sshd[11859]: Failed password for invalid user y from 117.50.50.44 port 52896 ssh2 ...	2020-01-03 21:34:14
117.50.54.253	attackbotsspam	$f2bV_matches	2019-12-27 02:28:55
117.50.50.44	attackspambots	Dec 20 12:29:37 linuxvps sshd\[39805\]: Invalid user kolbekk from 117.50.50.44 Dec 20 12:29:37 linuxvps sshd\[39805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 Dec 20 12:29:39 linuxvps sshd\[39805\]: Failed password for invalid user kolbekk from 117.50.50.44 port 59598 ssh2 Dec 20 12:37:28 linuxvps sshd\[44928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 user=root Dec 20 12:37:30 linuxvps sshd\[44928\]: Failed password for root from 117.50.50.44 port 60118 ssh2	2019-12-21 01:41:29

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.5.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.5.94.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100402 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 05 12:55:28 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 94.5.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.5.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
177.132.72.210	attackbots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=30375)(10151156)	2019-10-16 02:08:53
61.163.95.234	attackbots	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 02:31:21
37.6.109.66	attackbotsspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=8982)(10151156)	2019-10-16 02:19:51
60.199.223.17	attack	[portscan] tcp/1433 [MsSQL] [scan/connect: 2 time(s)] *(RWIN=1024)(10151156)	2019-10-16 02:31:38
185.17.41.198	attack	Oct 15 18:12:55 mail sshd[29713]: Invalid user admin1 from 185.17.41.198 Oct 15 18:12:55 mail sshd[29713]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.17.41.198 Oct 15 18:12:55 mail sshd[29713]: Invalid user admin1 from 185.17.41.198 Oct 15 18:12:57 mail sshd[29713]: Failed password for invalid user admin1 from 185.17.41.198 port 48466 ssh2 Oct 15 18:20:41 mail sshd[30708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.17.41.198 user=root Oct 15 18:20:43 mail sshd[30708]: Failed password for root from 185.17.41.198 port 45082 ssh2 ...	2019-10-16 02:37:06
39.135.32.57	attack	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=14600)(10151156)	2019-10-16 02:18:38
2.186.45.193	attackbotsspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=19610)(10151156)	2019-10-16 02:33:55
156.198.103.179	attackbots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=21516)(10151156)	2019-10-16 02:11:17
188.4.246.83	attackbots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=65526)(10151156)	2019-10-16 02:24:40
93.87.244.143	attack	Automatic report - Port Scan Attack	2019-10-16 02:30:27
41.47.81.102	attackspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=61186)(10151156)	2019-10-16 02:18:10
201.108.211.137	attack	[portscan] tcp/1433 [MsSQL] in spfbl.net:'listed' *(RWIN=1024)(10151156)	2019-10-16 02:21:28
178.46.209.41	attackbots	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=49519)(10151156)	2019-10-16 02:08:20
104.140.188.10	attack	10/15/2019-18:23:41.314336 104.140.188.10 Protocol: 17 GPL SNMP public access udp	2019-10-16 02:27:54
118.165.120.35	attackbotsspam	[portscan] tcp/23 [TELNET] in spfbl.net:'listed' *(RWIN=4678)(10151156)	2019-10-16 02:40:51

最近上报的IP列表

60.14.195.252	198.55.103.92	23.238.217.199	166.187.20.62
80.81.173.228	135.95.143.82	20.93.143.161	157.48.66.64
159.172.122.120	77.215.169.160	51.247.219.162	6.6.5.57
148.233.29.202	167.71.224.91	173.201.196.174	141.229.146.6
119.97.44.215	108.149.31.160	132.152.239.58	66.181.161.70