117.50.93.63 - IPInfo

基本信息:

城市(city): unknown

省份(region): Shanghai

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): China Unicom Beijing Province Network

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Aug 10 19:50:27 xtremcommunity sshd\[6555\]: Invalid user louie from 117.50.93.63 port 36334 Aug 10 19:50:27 xtremcommunity sshd\[6555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63 Aug 10 19:50:29 xtremcommunity sshd\[6555\]: Failed password for invalid user louie from 117.50.93.63 port 36334 ssh2 Aug 10 19:58:58 xtremcommunity sshd\[6842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63 user=root Aug 10 19:59:00 xtremcommunity sshd\[6842\]: Failed password for root from 117.50.93.63 port 47904 ssh2 ...	2019-08-11 09:41:54
attack	SSH Bruteforce attack	2019-08-10 02:13:40

类型

评论内容

时间

attack

Aug 10 19:50:27 xtremcommunity sshd\[6555\]: Invalid user louie from 117.50.93.63 port 36334
Aug 10 19:50:27 xtremcommunity sshd\[6555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63
Aug 10 19:50:29 xtremcommunity sshd\[6555\]: Failed password for invalid user louie from 117.50.93.63 port 36334 ssh2
Aug 10 19:58:58 xtremcommunity sshd\[6842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63  user=root
Aug 10 19:59:00 xtremcommunity sshd\[6842\]: Failed password for root from 117.50.93.63 port 47904 ssh2
...

2019-08-11 09:41:54

attack

SSH Bruteforce attack

2019-08-10 02:13:40

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.93.75	attack	ET SCAN NMAP -sS window 1024	2020-10-10 03:44:15
117.50.93.75	attackspambots	" "	2020-10-09 19:39:56
117.50.93.75	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-04 06:49:43
117.50.93.75	attackbots	" "	2020-10-03 22:58:47
117.50.93.75	attackbots	1025/tcp 10333/tcp 1027/tcp... [2020-08-06/10-02]70pkt,20pt.(tcp)	2020-10-03 14:41:52
117.50.93.75	attack	4730/tcp 4567/tcp 465/tcp... [2020-06-18/08-14]58pkt,18pt.(tcp)	2020-08-15 03:20:56
117.50.93.75	attackbots	firewall-block, port(s): 4880/tcp	2020-07-27 17:58:06
117.50.93.66	attack	Apr 10 00:12:16 NPSTNNYC01T sshd[22828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66 Apr 10 00:12:18 NPSTNNYC01T sshd[22828]: Failed password for invalid user martin from 117.50.93.66 port 45218 ssh2 Apr 10 00:16:44 NPSTNNYC01T sshd[23035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66 ...	2020-04-10 12:24:48
117.50.93.75	attackbotsspam	suspicious action Tue, 25 Feb 2020 13:38:39 -0300	2020-02-26 01:38:04
117.50.93.75	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-14 21:50:18
117.50.93.75	attackspam	22.12.2019 08:27:07 Connection to port 13 blocked by firewall	2019-12-22 19:25:09
117.50.93.75	attack	Automatic report - Banned IP Access	2019-12-20 08:18:41

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.93.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60619
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.93.63.			IN	A

;; AUTHORITY SECTION:
.			2565	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080801 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 09 01:31:16 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 63.93.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 63.93.50.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
131.0.160.199	attack	Lines containing failures of 131.0.160.199 Oct 7 05:00:32 shared04 sshd[23934]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.0.160.199 user=r.r Oct 7 05:00:34 shared04 sshd[23934]: Failed password for r.r from 131.0.160.199 port 55752 ssh2 Oct 7 05:00:34 shared04 sshd[23934]: Received disconnect from 131.0.160.199 port 55752:11: Bye Bye [preauth] Oct 7 05:00:34 shared04 sshd[23934]: Disconnected from authenticating user r.r 131.0.160.199 port 55752 [preauth] Oct 7 05:12:41 shared04 sshd[27678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.0.160.199 user=r.r Oct 7 05:12:44 shared04 sshd[27678]: Failed password for r.r from 131.0.160.199 port 36746 ssh2 Oct 7 05:12:45 shared04 sshd[27678]: Received disconnect from 131.0.160.199 port 36746:11: Bye Bye [preauth] Oct 7 05:12:45 shared04 sshd[27678]: Disconnected from authenticating user r.r 131.0.160.199 port 36746 [preauth........ ------------------------------	2019-10-08 21:56:04
106.12.28.36	attackbotsspam	2019-10-08T13:34:42.553144abusebot-2.cloudsearch.cf sshd\[1340\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.28.36 user=root	2019-10-08 22:08:41
125.64.8.5	attackspambots	Oct 8 14:31:38 Ubuntu-1404-trusty-64-minimal sshd\[12570\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.64.8.5 user=root Oct 8 14:31:40 Ubuntu-1404-trusty-64-minimal sshd\[12570\]: Failed password for root from 125.64.8.5 port 45404 ssh2 Oct 8 14:52:42 Ubuntu-1404-trusty-64-minimal sshd\[29698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.64.8.5 user=root Oct 8 14:52:43 Ubuntu-1404-trusty-64-minimal sshd\[29698\]: Failed password for root from 125.64.8.5 port 48832 ssh2 Oct 8 14:57:21 Ubuntu-1404-trusty-64-minimal sshd\[31200\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.64.8.5 user=root	2019-10-08 21:51:52
118.254.134.131	attackbotsspam	Port Scan detected from 118.254.134.131 (CN/China/-). 4 hits in the last 240 seconds	2019-10-08 21:54:35
198.211.123.183	attack	Oct 8 15:13:23 MK-Soft-VM7 sshd[4420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.123.183 Oct 8 15:13:25 MK-Soft-VM7 sshd[4420]: Failed password for invalid user cacti from 198.211.123.183 port 43800 ssh2 ...	2019-10-08 22:19:44
212.64.61.70	attack	Oct 8 13:49:57 vps647732 sshd[7305]: Failed password for root from 212.64.61.70 port 57698 ssh2 ...	2019-10-08 22:18:31
121.97.159.141	attack	scan z	2019-10-08 21:48:27
159.146.11.174	attack	DATE:2019-10-08 13:55:23, IP:159.146.11.174, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-10-08 21:38:35
82.159.138.57	attackspambots	Oct 8 13:46:59 venus sshd\[12298\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.159.138.57 user=root Oct 8 13:47:01 venus sshd\[12298\]: Failed password for root from 82.159.138.57 port 44862 ssh2 Oct 8 13:51:06 venus sshd\[12365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=82.159.138.57 user=root ...	2019-10-08 22:03:02
52.172.138.31	attackbots	Oct 8 14:52:58 markkoudstaal sshd[27073]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.172.138.31 Oct 8 14:53:00 markkoudstaal sshd[27073]: Failed password for invalid user Root from 52.172.138.31 port 57634 ssh2 Oct 8 14:58:19 markkoudstaal sshd[27501]: Failed password for root from 52.172.138.31 port 44448 ssh2	2019-10-08 21:59:11
182.61.109.92	attackspam	Oct 8 17:04:12 www sshd\[53608\]: Invalid user Caffee1@3 from 182.61.109.92 Oct 8 17:04:12 www sshd\[53608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.109.92 Oct 8 17:04:14 www sshd\[53608\]: Failed password for invalid user Caffee1@3 from 182.61.109.92 port 43034 ssh2 ...	2019-10-08 22:05:28
54.38.241.162	attack	Oct 8 09:26:46 ny01 sshd[21678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162 Oct 8 09:26:48 ny01 sshd[21678]: Failed password for invalid user 123Photo from 54.38.241.162 port 52376 ssh2 Oct 8 09:35:02 ny01 sshd[22528]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.241.162	2019-10-08 21:50:57
45.55.243.124	attackspam	Oct 8 16:01:09 vps691689 sshd[3602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.243.124 Oct 8 16:01:11 vps691689 sshd[3602]: Failed password for invalid user Human@123 from 45.55.243.124 port 37254 ssh2 Oct 8 16:05:11 vps691689 sshd[3664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.243.124 ...	2019-10-08 22:06:32
220.225.126.55	attack	Jul 27 22:37:33 dallas01 sshd[20873]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.225.126.55 Jul 27 22:37:35 dallas01 sshd[20873]: Failed password for invalid user zest from 220.225.126.55 port 36664 ssh2 Jul 27 22:42:54 dallas01 sshd[21826]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.225.126.55	2019-10-08 22:09:45
14.141.199.166	attackbots	Attempt to attack host OS, exploiting network vulnerabilities, on 08-10-2019 12:55:23.	2019-10-08 21:37:05

最近上报的IP列表

85.199.70.148	197.3.235.230	115.114.188.179	66.151.214.215
98.15.116.46	126.167.133.214	198.127.161.213	190.47.129.206
162.199.52.154	171.58.210.31	137.74.181.116	124.204.16.171
36.253.100.38	206.56.228.190	122.90.2.235	204.123.19.59
120.78.224.75	105.155.250.106	77.71.245.136	14.102.130.31