117.50.99.197 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Invalid user ubuntu from 117.50.99.197 port 22868	2020-09-20 22:06:37
attackbots	Sep 20 06:26:43 xeon sshd[37491]: Failed password for root from 117.50.99.197 port 45528 ssh2	2020-09-20 14:00:04
attackspambots	Invalid user ubuntu from 117.50.99.197 port 22868	2020-09-20 05:59:31
attack	Invalid user admin from 117.50.99.197 port 55870	2020-09-10 21:06:33
attack	...	2020-09-10 12:51:47
attackspambots	117.50.99.197 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 9 12:49:21 jbs1 sshd[17354]: Failed password for root from 157.245.54.200 port 46116 ssh2 Sep 9 12:57:44 jbs1 sshd[20671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 user=root Sep 9 12:52:29 jbs1 sshd[18281]: Failed password for root from 49.235.215.147 port 36210 ssh2 Sep 9 12:49:19 jbs1 sshd[17354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.54.200 user=root Sep 9 12:52:27 jbs1 sshd[18269]: Failed password for root from 95.163.195.60 port 40440 ssh2 Sep 9 12:52:27 jbs1 sshd[18281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.215.147 user=root IP Addresses Blocked: 157.245.54.200 (SG/Singapore/-)	2020-09-10 03:38:47
attackspam	Aug 31 22:52:05 plex-server sshd[2254147]: Invalid user contact from 117.50.99.197 port 38776 Aug 31 22:52:05 plex-server sshd[2254147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 Aug 31 22:52:05 plex-server sshd[2254147]: Invalid user contact from 117.50.99.197 port 38776 Aug 31 22:52:06 plex-server sshd[2254147]: Failed password for invalid user contact from 117.50.99.197 port 38776 ssh2 Aug 31 22:55:41 plex-server sshd[2255979]: Invalid user ka from 117.50.99.197 port 14812 ...	2020-09-01 07:04:11
attackspam	Aug 29 15:12:29 pve1 sshd[26929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 Aug 29 15:12:32 pve1 sshd[26929]: Failed password for invalid user alfred from 117.50.99.197 port 20036 ssh2 ...	2020-08-29 23:27:50
attackbots	Aug 27 14:59:19 nuernberg-4g-01 sshd[3003]: Failed password for root from 117.50.99.197 port 9804 ssh2 Aug 27 15:01:30 nuernberg-4g-01 sshd[3746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 Aug 27 15:01:32 nuernberg-4g-01 sshd[3746]: Failed password for invalid user oracle from 117.50.99.197 port 61248 ssh2	2020-08-27 23:00:54
attackspambots	Automatic report BANNED IP	2020-08-25 12:41:50
attackspam	2020-08-22T15:18:47.685308shield sshd\[24042\]: Invalid user student from 117.50.99.197 port 14118 2020-08-22T15:18:47.698195shield sshd\[24042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 2020-08-22T15:18:49.675760shield sshd\[24042\]: Failed password for invalid user student from 117.50.99.197 port 14118 ssh2 2020-08-22T15:23:18.460043shield sshd\[25088\]: Invalid user geoff from 117.50.99.197 port 49920 2020-08-22T15:23:18.469608shield sshd\[25088\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197	2020-08-22 23:53:40
attackspam	Aug 20 01:10:04 pkdns2 sshd\[52914\]: Invalid user pablo from 117.50.99.197Aug 20 01:10:06 pkdns2 sshd\[52914\]: Failed password for invalid user pablo from 117.50.99.197 port 16898 ssh2Aug 20 01:13:49 pkdns2 sshd\[53099\]: Invalid user git from 117.50.99.197Aug 20 01:13:51 pkdns2 sshd\[53099\]: Failed password for invalid user git from 117.50.99.197 port 11944 ssh2Aug 20 01:17:45 pkdns2 sshd\[53313\]: Invalid user office from 117.50.99.197Aug 20 01:17:47 pkdns2 sshd\[53313\]: Failed password for invalid user office from 117.50.99.197 port 64382 ssh2 ...	2020-08-20 06:35:37
attackbotsspam	2020-08-14T05:59:05.259436ks3355764 sshd[24750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 user=root 2020-08-14T05:59:07.186739ks3355764 sshd[24750]: Failed password for root from 117.50.99.197 port 65426 ssh2 ...	2020-08-14 12:05:00
attack	Aug 13 15:45:52 webhost01 sshd[1790]: Failed password for root from 117.50.99.197 port 61444 ssh2 ...	2020-08-13 19:04:17
attack	SSH Brute-Forcing (server2)	2020-08-11 05:32:20
attackbotsspam	Aug 10 14:45:22 ws12vmsma01 sshd[51801]: Failed password for root from 117.50.99.197 port 36602 ssh2 Aug 10 14:49:49 ws12vmsma01 sshd[52535]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 user=root Aug 10 14:49:51 ws12vmsma01 sshd[52535]: Failed password for root from 117.50.99.197 port 43284 ssh2 ...	2020-08-11 01:52:51
attackbotsspam	Aug 8 22:15:32 rocket sshd[11198]: Failed password for root from 117.50.99.197 port 46854 ssh2 Aug 8 22:17:34 rocket sshd[11485]: Failed password for root from 117.50.99.197 port 54106 ssh2 ...	2020-08-09 05:32:44
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-08-08T07:46:43Z and 2020-08-08T08:02:57Z	2020-08-08 19:02:28
attackspam	Jul 31 23:14:59 home sshd[519307]: Failed password for root from 117.50.99.197 port 9456 ssh2 Jul 31 23:17:26 home sshd[520177]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 user=root Jul 31 23:17:28 home sshd[520177]: Failed password for root from 117.50.99.197 port 27404 ssh2 Jul 31 23:19:57 home sshd[520864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 user=root Jul 31 23:19:58 home sshd[520864]: Failed password for root from 117.50.99.197 port 45310 ssh2 ...	2020-08-01 05:39:50
attackbots	Jul 27 00:45:26 home sshd[949317]: Invalid user rustserver from 117.50.99.197 port 37820 Jul 27 00:45:26 home sshd[949317]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 Jul 27 00:45:26 home sshd[949317]: Invalid user rustserver from 117.50.99.197 port 37820 Jul 27 00:45:28 home sshd[949317]: Failed password for invalid user rustserver from 117.50.99.197 port 37820 ssh2 Jul 27 00:47:33 home sshd[949576]: Invalid user admin2 from 117.50.99.197 port 50390 ...	2020-07-27 07:15:39
attack	20 attempts against mh-ssh on ice	2020-07-05 00:29:44

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.99.223	attackspambots	Nov 1 06:42:54 jane sshd[11254]: Failed password for root from 117.50.99.223 port 54462 ssh2 ...	2019-11-01 14:00:27
117.50.99.93	attack	Oct 31 08:15:43 localhost sshd\[24826\]: Invalid user letmein from 117.50.99.93 port 52804 Oct 31 08:15:43 localhost sshd\[24826\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 Oct 31 08:15:45 localhost sshd\[24826\]: Failed password for invalid user letmein from 117.50.99.93 port 52804 ssh2	2019-10-31 17:33:39
117.50.99.223	attack	2019-10-27T07:56:55.2632781495-001 sshd\[26783\]: Failed password for invalid user rh from 117.50.99.223 port 50390 ssh2 2019-10-27T09:02:11.1518641495-001 sshd\[29591\]: Invalid user gg from 117.50.99.223 port 41182 2019-10-27T09:02:11.1588311495-001 sshd\[29591\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.223 2019-10-27T09:02:12.4054911495-001 sshd\[29591\]: Failed password for invalid user gg from 117.50.99.223 port 41182 ssh2 2019-10-27T09:07:44.9687381495-001 sshd\[29801\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.223 user=root 2019-10-27T09:07:47.5998221495-001 sshd\[29801\]: Failed password for root from 117.50.99.223 port 49824 ssh2 ...	2019-10-27 22:22:09
117.50.99.93	attackspam	Oct 16 13:48:03 xeon sshd[38984]: Failed password for root from 117.50.99.93 port 50186 ssh2	2019-10-16 22:48:11
117.50.99.93	attackbotsspam	Oct 11 08:55:30 auw2 sshd\[23911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 user=root Oct 11 08:55:33 auw2 sshd\[23911\]: Failed password for root from 117.50.99.93 port 48464 ssh2 Oct 11 08:58:53 auw2 sshd\[24209\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 user=root Oct 11 08:58:55 auw2 sshd\[24209\]: Failed password for root from 117.50.99.93 port 51870 ssh2 Oct 11 09:02:20 auw2 sshd\[24522\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 user=root	2019-10-12 07:07:05
117.50.99.93	attack	Oct 5 06:39:29 MK-Soft-VM5 sshd[4930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 Oct 5 06:39:31 MK-Soft-VM5 sshd[4930]: Failed password for invalid user 123QWERTYUIOP from 117.50.99.93 port 34542 ssh2 ...	2019-10-05 13:03:16
117.50.99.93	attack	Oct 2 14:16:57 gw1 sshd[14944]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 Oct 2 14:16:59 gw1 sshd[14944]: Failed password for invalid user to from 117.50.99.93 port 56480 ssh2 ...	2019-10-02 17:34:05
117.50.99.93	attackspambots	Sep 29 11:01:05 MK-Soft-VM6 sshd[14299]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 Sep 29 11:01:07 MK-Soft-VM6 sshd[14299]: Failed password for invalid user mirror02 from 117.50.99.93 port 45554 ssh2 ...	2019-09-29 17:14:57
117.50.99.9	attackbotsspam	Sep 27 00:06:25 xtremcommunity sshd\[10342\]: Invalid user wiki from 117.50.99.9 port 33762 Sep 27 00:06:25 xtremcommunity sshd\[10342\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9 Sep 27 00:06:27 xtremcommunity sshd\[10342\]: Failed password for invalid user wiki from 117.50.99.9 port 33762 ssh2 Sep 27 00:10:47 xtremcommunity sshd\[10460\]: Invalid user chu from 117.50.99.9 port 43822 Sep 27 00:10:47 xtremcommunity sshd\[10460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9 ...	2019-09-27 14:18:58
117.50.99.93	attack	$f2bV_matches_ltvn	2019-09-25 08:41:03
117.50.99.9	attackbotsspam	Sep 19 13:20:13 tux-35-217 sshd\[9019\]: Invalid user user from 117.50.99.9 port 53774 Sep 19 13:20:13 tux-35-217 sshd\[9019\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9 Sep 19 13:20:15 tux-35-217 sshd\[9019\]: Failed password for invalid user user from 117.50.99.9 port 53774 ssh2 Sep 19 13:23:17 tux-35-217 sshd\[9023\]: Invalid user redhat from 117.50.99.9 port 50146 Sep 19 13:23:17 tux-35-217 sshd\[9023\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9 ...	2019-09-19 19:57:09
117.50.99.9	attack	Sep 17 06:48:41 tdfoods sshd\[24284\]: Invalid user liprod from 117.50.99.9 Sep 17 06:48:41 tdfoods sshd\[24284\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9 Sep 17 06:48:44 tdfoods sshd\[24284\]: Failed password for invalid user liprod from 117.50.99.9 port 42944 ssh2 Sep 17 06:51:36 tdfoods sshd\[24527\]: Invalid user sunset from 117.50.99.9 Sep 17 06:51:36 tdfoods sshd\[24527\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.9	2019-09-18 02:27:04
117.50.99.93	attackspam	2019-09-16 13:30:36,245 fail2ban.actions: WARNING [ssh] Ban 117.50.99.93	2019-09-17 02:04:52
117.50.99.93	attackbots	Sep 15 16:26:15 auw2 sshd\[5984\]: Invalid user mopps from 117.50.99.93 Sep 15 16:26:15 auw2 sshd\[5984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 Sep 15 16:26:18 auw2 sshd\[5984\]: Failed password for invalid user mopps from 117.50.99.93 port 34612 ssh2 Sep 15 16:31:06 auw2 sshd\[6460\]: Invalid user b4ckup1 from 117.50.99.93 Sep 15 16:31:06 auw2 sshd\[6460\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93	2019-09-16 15:26:49
117.50.99.93	attack	Sep 15 09:34:42 xtremcommunity sshd\[111326\]: Invalid user jenkins from 117.50.99.93 port 43268 Sep 15 09:34:42 xtremcommunity sshd\[111326\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 Sep 15 09:34:45 xtremcommunity sshd\[111326\]: Failed password for invalid user jenkins from 117.50.99.93 port 43268 ssh2 Sep 15 09:38:19 xtremcommunity sshd\[111370\]: Invalid user archuser from 117.50.99.93 port 41674 Sep 15 09:38:19 xtremcommunity sshd\[111370\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.93 ...	2019-09-16 00:25:27

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.99.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49880
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.99.197.			IN	A

;; AUTHORITY SECTION:
.			267	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020070400 1800 900 604800 86400

;; Query time: 44 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jul 05 00:29:38 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 197.99.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 197.99.50.117.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
220.134.64.189	attack	23/tcp 23/tcp 23/tcp [2020-07-31/08-23]3pkt	2020-08-24 06:27:08
222.186.190.2	attack	Aug 24 08:56:45 web1 sshd[5411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Aug 24 08:56:48 web1 sshd[5411]: Failed password for root from 222.186.190.2 port 11702 ssh2 Aug 24 08:56:47 web1 sshd[5418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Aug 24 08:56:49 web1 sshd[5418]: Failed password for root from 222.186.190.2 port 10198 ssh2 Aug 24 08:56:45 web1 sshd[5411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Aug 24 08:56:48 web1 sshd[5411]: Failed password for root from 222.186.190.2 port 11702 ssh2 Aug 24 08:56:52 web1 sshd[5411]: Failed password for root from 222.186.190.2 port 11702 ssh2 Aug 24 08:56:45 web1 sshd[5411]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.190.2 user=root Aug 24 08:56:48 web1 sshd[5411]: Failed pass ...	2020-08-24 07:01:31
49.213.182.136	attack	1433/tcp 445/tcp... [2020-07-03/08-23]7pkt,2pt.(tcp)	2020-08-24 06:44:48
185.70.189.82	attackspambots	1433/tcp 445/tcp... [2020-07-09/08-23]10pkt,2pt.(tcp)	2020-08-24 06:20:45
192.241.229.190	attack	Port Scan ...	2020-08-24 06:32:34
67.231.21.21	attack	445/tcp 1433/tcp... [2020-06-26/08-23]5pkt,2pt.(tcp)	2020-08-24 06:45:01
218.92.0.249	attackspam	Aug 23 22:23:15 scw-6657dc sshd[9930]: Failed password for root from 218.92.0.249 port 14418 ssh2 Aug 23 22:23:15 scw-6657dc sshd[9930]: Failed password for root from 218.92.0.249 port 14418 ssh2 Aug 23 22:23:19 scw-6657dc sshd[9930]: Failed password for root from 218.92.0.249 port 14418 ssh2 ...	2020-08-24 06:24:57
81.218.160.29	attack	Telnet Server BruteForce Attack	2020-08-24 06:50:18
138.68.67.96	attackbotsspam	SSH BruteForce Attack	2020-08-24 06:33:25
192.241.208.173	attack	9042/tcp 10000/tcp 161/udp... [2020-07-10/08-23]12pkt,9pt.(tcp),2pt.(udp)	2020-08-24 06:51:04
59.152.98.163	attackbots	"Unauthorized connection attempt on SSHD detected"	2020-08-24 06:52:27
61.172.177.132	attackspam	1433/tcp 1433/tcp 1433/tcp... [2020-07-05/08-23]8pkt,1pt.(tcp)	2020-08-24 06:51:20
20.52.39.68	attackspam	Postfix attempt blocked due to public blacklist entry	2020-08-24 06:34:40
85.105.242.11	attackbotsspam	23/tcp 23/tcp 23/tcp [2020-07-12/08-23]3pkt	2020-08-24 06:33:52
222.186.175.148	attackspambots	Aug 23 15:25:46 dignus sshd[17135]: Failed password for root from 222.186.175.148 port 12284 ssh2 Aug 23 15:25:46 dignus sshd[17135]: error: maximum authentication attempts exceeded for root from 222.186.175.148 port 12284 ssh2 [preauth] Aug 23 15:25:50 dignus sshd[17179]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.148 user=root Aug 23 15:25:52 dignus sshd[17179]: Failed password for root from 222.186.175.148 port 22244 ssh2 Aug 23 15:25:55 dignus sshd[17179]: Failed password for root from 222.186.175.148 port 22244 ssh2 ...	2020-08-24 06:26:42

最近上报的IP列表

133.209.17.128	132.145.123.175	82.132.88.195	80.211.190.104
56.95.117.107	198.168.54.139	82.171.104.49	163.172.78.29
207.173.41.127	185.132.53.31	101.21.151.199	45.84.196.178
218.94.16.82	193.35.51.11	175.24.77.27	187.12.219.122
192.234.159.101	66.249.68.50	212.237.123.103	134.46.30.141