117.50.99.223 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): Shanghai UCloud Information Technology Company Limited

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspambots	Nov 1 06:42:54 jane sshd[11254]: Failed password for root from 117.50.99.223 port 54462 ssh2 ...	2019-11-01 14:00:27
attack	2019-10-27T07:56:55.2632781495-001 sshd\[26783\]: Failed password for invalid user rh from 117.50.99.223 port 50390 ssh2 2019-10-27T09:02:11.1518641495-001 sshd\[29591\]: Invalid user gg from 117.50.99.223 port 41182 2019-10-27T09:02:11.1588311495-001 sshd\[29591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.223 2019-10-27T09:02:12.4054911495-001 sshd\[29591\]: Failed password for invalid user gg from 117.50.99.223 port 41182 ssh2 2019-10-27T09:07:44.9687381495-001 sshd\[29801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.223 user=root 2019-10-27T09:07:47.5998221495-001 sshd\[29801\]: Failed password for root from 117.50.99.223 port 49824 ssh2 ...	2019-10-27 22:22:09

类型

评论内容

时间

attackspambots

Nov  1 06:42:54 jane sshd[11254]: Failed password for root from 117.50.99.223 port 54462 ssh2
...

2019-11-01 14:00:27

attack

2019-10-27T07:56:55.2632781495-001 sshd\[26783\]: Failed password for invalid user rh from 117.50.99.223 port 50390 ssh2
2019-10-27T09:02:11.1518641495-001 sshd\[29591\]: Invalid user gg from 117.50.99.223 port 41182
2019-10-27T09:02:11.1588311495-001 sshd\[29591\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.223
2019-10-27T09:02:12.4054911495-001 sshd\[29591\]: Failed password for invalid user gg from 117.50.99.223 port 41182 ssh2
2019-10-27T09:07:44.9687381495-001 sshd\[29801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.223  user=root
2019-10-27T09:07:47.5998221495-001 sshd\[29801\]: Failed password for root from 117.50.99.223 port 49824 ssh2
...

2019-10-27 22:22:09

相同子网IP讨论:

IP	类型	评论内容	时间
117.50.99.197	attackspambots	Invalid user ubuntu from 117.50.99.197 port 22868	2020-09-20 22:06:37
117.50.99.197	attackbots	Sep 20 06:26:43 xeon sshd[37491]: Failed password for root from 117.50.99.197 port 45528 ssh2	2020-09-20 14:00:04
117.50.99.197	attackspambots	Invalid user ubuntu from 117.50.99.197 port 22868	2020-09-20 05:59:31
117.50.99.197	attack	Invalid user admin from 117.50.99.197 port 55870	2020-09-10 21:06:33
117.50.99.197	attack	...	2020-09-10 12:51:47
117.50.99.197	attackspambots	117.50.99.197 (CN/China/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 9 12:49:21 jbs1 sshd[17354]: Failed password for root from 157.245.54.200 port 46116 ssh2 Sep 9 12:57:44 jbs1 sshd[20671]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 user=root Sep 9 12:52:29 jbs1 sshd[18281]: Failed password for root from 49.235.215.147 port 36210 ssh2 Sep 9 12:49:19 jbs1 sshd[17354]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.54.200 user=root Sep 9 12:52:27 jbs1 sshd[18269]: Failed password for root from 95.163.195.60 port 40440 ssh2 Sep 9 12:52:27 jbs1 sshd[18281]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.215.147 user=root IP Addresses Blocked: 157.245.54.200 (SG/Singapore/-)	2020-09-10 03:38:47
117.50.99.197	attackspam	Aug 31 22:52:05 plex-server sshd[2254147]: Invalid user contact from 117.50.99.197 port 38776 Aug 31 22:52:05 plex-server sshd[2254147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 Aug 31 22:52:05 plex-server sshd[2254147]: Invalid user contact from 117.50.99.197 port 38776 Aug 31 22:52:06 plex-server sshd[2254147]: Failed password for invalid user contact from 117.50.99.197 port 38776 ssh2 Aug 31 22:55:41 plex-server sshd[2255979]: Invalid user ka from 117.50.99.197 port 14812 ...	2020-09-01 07:04:11
117.50.99.197	attackspam	Aug 29 15:12:29 pve1 sshd[26929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 Aug 29 15:12:32 pve1 sshd[26929]: Failed password for invalid user alfred from 117.50.99.197 port 20036 ssh2 ...	2020-08-29 23:27:50
117.50.99.197	attackbots	Aug 27 14:59:19 nuernberg-4g-01 sshd[3003]: Failed password for root from 117.50.99.197 port 9804 ssh2 Aug 27 15:01:30 nuernberg-4g-01 sshd[3746]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 Aug 27 15:01:32 nuernberg-4g-01 sshd[3746]: Failed password for invalid user oracle from 117.50.99.197 port 61248 ssh2	2020-08-27 23:00:54
117.50.99.197	attackspambots	Automatic report BANNED IP	2020-08-25 12:41:50
117.50.99.197	attackspam	2020-08-22T15:18:47.685308shield sshd\[24042\]: Invalid user student from 117.50.99.197 port 14118 2020-08-22T15:18:47.698195shield sshd\[24042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 2020-08-22T15:18:49.675760shield sshd\[24042\]: Failed password for invalid user student from 117.50.99.197 port 14118 ssh2 2020-08-22T15:23:18.460043shield sshd\[25088\]: Invalid user geoff from 117.50.99.197 port 49920 2020-08-22T15:23:18.469608shield sshd\[25088\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197	2020-08-22 23:53:40
117.50.99.197	attackspam	Aug 20 01:10:04 pkdns2 sshd\[52914\]: Invalid user pablo from 117.50.99.197Aug 20 01:10:06 pkdns2 sshd\[52914\]: Failed password for invalid user pablo from 117.50.99.197 port 16898 ssh2Aug 20 01:13:49 pkdns2 sshd\[53099\]: Invalid user git from 117.50.99.197Aug 20 01:13:51 pkdns2 sshd\[53099\]: Failed password for invalid user git from 117.50.99.197 port 11944 ssh2Aug 20 01:17:45 pkdns2 sshd\[53313\]: Invalid user office from 117.50.99.197Aug 20 01:17:47 pkdns2 sshd\[53313\]: Failed password for invalid user office from 117.50.99.197 port 64382 ssh2 ...	2020-08-20 06:35:37
117.50.99.197	attackbotsspam	2020-08-14T05:59:05.259436ks3355764 sshd[24750]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.99.197 user=root 2020-08-14T05:59:07.186739ks3355764 sshd[24750]: Failed password for root from 117.50.99.197 port 65426 ssh2 ...	2020-08-14 12:05:00
117.50.99.197	attack	Aug 13 15:45:52 webhost01 sshd[1790]: Failed password for root from 117.50.99.197 port 61444 ssh2 ...	2020-08-13 19:04:17
117.50.99.197	attack	SSH Brute-Forcing (server2)	2020-08-11 05:32:20

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.99.223
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6581
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.99.223.			IN	A

;; AUTHORITY SECTION:
.			553	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 22:22:05 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 223.99.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 223.99.50.117.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
200.54.242.46	attackbots	2020-09-08T15:55:05.915794hostname sshd[64931]: Failed password for root from 200.54.242.46 port 54851 ssh2 ...	2020-09-09 17:12:15
140.143.206.191	attackspambots	Sep 9 08:15:10 scw-tender-jepsen sshd[27539]: Failed password for root from 140.143.206.191 port 55882 ssh2	2020-09-09 16:56:17
35.187.239.32	attackbotsspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 16:50:50
103.200.22.126	attackbotsspam	Coordinated SSH brute-force attack from different IPs. pam_unix(sshd:auth): user=root	2020-09-09 17:01:16
139.99.171.51	attackbotsspam	(sshd) Failed SSH login from 139.99.171.51 (AU/Australia/relay6.tor.ian.sh): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 9 00:36:37 server sshd[13653]: Failed password for root from 139.99.171.51 port 40899 ssh2 Sep 9 00:36:40 server sshd[13653]: Failed password for root from 139.99.171.51 port 40899 ssh2 Sep 9 00:36:44 server sshd[13653]: Failed password for root from 139.99.171.51 port 40899 ssh2 Sep 9 00:36:47 server sshd[13653]: Failed password for root from 139.99.171.51 port 40899 ssh2 Sep 9 00:36:51 server sshd[13653]: Failed password for root from 139.99.171.51 port 40899 ssh2	2020-09-09 16:47:44
167.71.226.130	attack	Sep 9 08:11:29 root sshd[20155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.226.130 ...	2020-09-09 16:55:55
197.248.16.118	attack	Failed password for root from 197.248.16.118 port 41696 ssh2 Failed password for root from 197.248.16.118 port 41624 ssh2	2020-09-09 17:11:33
154.127.39.3	attack	Sep 1 05:43:23 mail.srvfarm.net postfix/smtpd[837216]: warning: unknown[154.127.39.3]: SASL PLAIN authentication failed: Sep 1 05:43:23 mail.srvfarm.net postfix/smtpd[837216]: lost connection after AUTH from unknown[154.127.39.3] Sep 1 05:48:07 mail.srvfarm.net postfix/smtpd[845241]: warning: unknown[154.127.39.3]: SASL PLAIN authentication failed: Sep 1 05:48:07 mail.srvfarm.net postfix/smtpd[845241]: lost connection after AUTH from unknown[154.127.39.3] Sep 1 05:52:51 mail.srvfarm.net postfix/smtpd[843233]: warning: unknown[154.127.39.3]: SASL PLAIN authentication failed:	2020-09-09 16:47:30
171.236.71.110	attackspambots	[portscan] Port scan	2020-09-09 17:18:49
68.183.176.26	attackbotsspam	familiengesundheitszentrum-fulda.de 68.183.176.26 [09/Sep/2020:08:34:45 +0200] "POST /wp-login.php HTTP/1.1" 200 6745 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" familiengesundheitszentrum-fulda.de 68.183.176.26 [09/Sep/2020:08:34:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4119 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2020-09-09 17:03:54
45.145.66.104	attackbots	Unauthorized connection attempt from IP address 45.145.66.104 on Port 3389(RDP)	2020-09-09 17:11:10
117.34.91.22	attackbotsspam	Banned for a week because repeated abuses, for example SSH, but not only	2020-09-09 16:48:26
194.5.207.189	attackspambots	Sep 9 09:14:13 root sshd[18706]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.5.207.189 ...	2020-09-09 16:55:11
159.65.119.25	attack	159.65.119.25 (DE/Germany/-), 6 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 9 03:35:47 server5 sshd[3667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.119.25 user=root Sep 9 03:35:49 server5 sshd[3667]: Failed password for root from 159.65.119.25 port 40244 ssh2 Sep 9 03:36:10 server5 sshd[3714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=146.185.129.216 user=root Sep 9 03:35:15 server5 sshd[3313]: Failed password for root from 51.89.68.141 port 58506 ssh2 Sep 9 03:33:24 server5 sshd[2438]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.28.132.211 user=root Sep 9 03:33:26 server5 sshd[2438]: Failed password for root from 119.28.132.211 port 59304 ssh2 IP Addresses Blocked:	2020-09-09 17:08:32
89.189.186.45	attack	...	2020-09-09 16:40:50

最近上报的IP列表

217.78.236.58	112.115.88.228	45.202.74.221	6.161.31.134
50.35.30.243	94.71.57.19	105.146.7.49	6.142.236.165
200.89.178.66	179.74.111.133	37.80.146.41	210.99.34.239
8.112.223.90	5.50.246.122	50.174.69.71	97.58.25.80
133.109.224.182	181.15.114.70	107.135.16.224	157.200.30.236