2.50.14.200 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United Arab Emirates

运营商(isp): Emirates Telecommunications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbots	Unauthorized connection attempt from IP address 2.50.14.200 on Port 445(SMB)	2019-08-24 19:44:02

相同子网IP讨论:

IP	类型	评论内容	时间
2.50.14.36	attackbots	1583832534 - 03/10/2020 10:28:54 Host: 2.50.14.36/2.50.14.36 Port: 445 TCP Blocked	2020-03-10 17:36:51
2.50.141.189	attack	Dec 20 07:27:06 sso sshd[24563]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.50.141.189 Dec 20 07:27:08 sso sshd[24563]: Failed password for invalid user admin from 2.50.141.189 port 35678 ssh2 ...	2019-12-20 18:11:56
2.50.14.54	attackbotsspam	Unauthorized connection attempt from IP address 2.50.14.54 on Port 445(SMB)	2019-11-29 03:38:20
2.50.143.4	attackspambots	Nov 11 15:37:07 MK-Soft-VM5 sshd[25883]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.50.143.4 Nov 11 15:37:09 MK-Soft-VM5 sshd[25883]: Failed password for invalid user tech from 2.50.143.4 port 50930 ssh2 ...	2019-11-12 05:11:20
2.50.142.99	attack	Nov 1 12:48:18 cavern sshd[14325]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.50.142.99	2019-11-02 00:55:35
2.50.143.13	attackbots	" "	2019-10-13 08:31:05
2.50.143.90	attack	Unauthorized connection attempt from IP address 2.50.143.90 on Port 445(SMB)	2019-08-09 01:04:22
2.50.142.209	attackbots	[SMB remote code execution attempt: port tcp/445] *(RWIN=1024)(08050931)	2019-08-06 00:34:03
2.50.146.227	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-08-04 00:47:26,995 INFO [amun_request_handler] PortScan Detected on Port: 445 (2.50.146.227)	2019-08-04 09:19:37
2.50.146.247	attackbots	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-07-08 12:40:20,080 INFO [shellcode_manager] (2.50.146.247) no match, writing hexdump (581c034b7031ce4a9b769e0201542992 :2468582) - MS17010 (EternalBlue)	2019-07-09 17:22:37
2.50.148.137	attackspam	445/tcp [2019-06-30]1pkt	2019-06-30 14:14:34

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.50.14.200
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16039
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.50.14.200.			IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019082302 1800 900 604800 86400

;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Aug 24 19:43:56 CST 2019
;; MSG SIZE  rcvd: 115

HOST信息:

Host 200.14.50.2.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 200.14.50.2.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
129.211.10.111	attackspambots	prod6 ...	2020-08-27 22:13:42
178.89.133.155	attackspam	Brute Force	2020-08-27 22:39:04
102.166.129.19	attackspambots	Unauthorized connection attempt from IP address 102.166.129.19 on Port 445(SMB)	2020-08-27 22:42:11
45.129.33.5	attack	[N10.H1.VM1] Port Scanner Detected Blocked by UFW	2020-08-27 22:15:46
51.75.52.118	attackbotsspam	2020-08-27T13:43:21.319880randservbullet-proofcloud-66.localdomain sshd[12114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3130898.ip-51-75-52.eu user=root 2020-08-27T13:43:23.633182randservbullet-proofcloud-66.localdomain sshd[12114]: Failed password for root from 51.75.52.118 port 55916 ssh2 2020-08-27T13:43:25.389886randservbullet-proofcloud-66.localdomain sshd[12114]: Failed password for root from 51.75.52.118 port 55916 ssh2 2020-08-27T13:43:21.319880randservbullet-proofcloud-66.localdomain sshd[12114]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=ns3130898.ip-51-75-52.eu user=root 2020-08-27T13:43:23.633182randservbullet-proofcloud-66.localdomain sshd[12114]: Failed password for root from 51.75.52.118 port 55916 ssh2 2020-08-27T13:43:25.389886randservbullet-proofcloud-66.localdomain sshd[12114]: Failed password for root from 51.75.52.118 port 55916 ssh2 ...	2020-08-27 22:28:35
106.12.46.179	attackspambots	2020-08-27T18:06:25.122775paragon sshd[481702]: Failed password for invalid user xusen from 106.12.46.179 port 42696 ssh2 2020-08-27T18:10:28.112842paragon sshd[482053]: Invalid user dev from 106.12.46.179 port 52566 2020-08-27T18:10:28.115416paragon sshd[482053]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.46.179 2020-08-27T18:10:28.112842paragon sshd[482053]: Invalid user dev from 106.12.46.179 port 52566 2020-08-27T18:10:29.780378paragon sshd[482053]: Failed password for invalid user dev from 106.12.46.179 port 52566 ssh2 ...	2020-08-27 22:18:53
180.250.55.195	attackbotsspam	Aug 27 12:57:34 plex-server sshd[420152]: Failed password for invalid user wenyan from 180.250.55.195 port 60380 ssh2 Aug 27 13:02:03 plex-server sshd[422078]: Invalid user glftpd from 180.250.55.195 port 58180 Aug 27 13:02:03 plex-server sshd[422078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.55.195 Aug 27 13:02:03 plex-server sshd[422078]: Invalid user glftpd from 180.250.55.195 port 58180 Aug 27 13:02:05 plex-server sshd[422078]: Failed password for invalid user glftpd from 180.250.55.195 port 58180 ssh2 ...	2020-08-27 22:22:54
81.183.113.193	attackspam	Aug 27 15:50:00 home sshd[1557718]: Failed password for invalid user dc from 81.183.113.193 port 45866 ssh2 Aug 27 15:54:04 home sshd[1559196]: Invalid user suzana from 81.183.113.193 port 54066 Aug 27 15:54:04 home sshd[1559196]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=81.183.113.193 Aug 27 15:54:04 home sshd[1559196]: Invalid user suzana from 81.183.113.193 port 54066 Aug 27 15:54:07 home sshd[1559196]: Failed password for invalid user suzana from 81.183.113.193 port 54066 ssh2 ...	2020-08-27 22:08:42
131.72.127.39	attackbotsspam	Unauthorized connection attempt from IP address 131.72.127.39 on Port 445(SMB)	2020-08-27 22:39:16
46.101.11.213	attackbots	Aug 27 16:48:44 journals sshd\[111378\]: Invalid user ax from 46.101.11.213 Aug 27 16:48:44 journals sshd\[111378\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.11.213 Aug 27 16:48:46 journals sshd\[111378\]: Failed password for invalid user ax from 46.101.11.213 port 47372 ssh2 Aug 27 16:52:58 journals sshd\[112134\]: Invalid user lizhen from 46.101.11.213 Aug 27 16:52:58 journals sshd\[112134\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.101.11.213 ...	2020-08-27 22:01:06
209.85.220.41	attackspambots	This IP address is a professional scammer as evident by this IP search: https://whatismyipaddress.com/ip/209.85.220.41. They posted a craiglist posting that I replied to and asked to be paid ahead of time and did not deliver as promised. Will not return money.	2020-08-27 22:33:48
49.88.112.77	attackbots	2020-08-27T13:01:59+0000 Failed SSH Authentication/Brute Force Attack. (Server 6)	2020-08-27 22:30:36
162.247.73.192	attackbots	$f2bV_matches	2020-08-27 22:43:10
185.10.68.152	attack	ft-1848-fussball.de 185.10.68.152 [27/Aug/2020:15:01:58 +0200] "POST /xmlrpc.php HTTP/1.0" 301 505 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" ft-1848-fussball.de 185.10.68.152 [27/Aug/2020:15:02:00 +0200] "POST /xmlrpc.php HTTP/1.0" 200 3707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"	2020-08-27 22:27:47
189.101.238.48	attackspambots	2020-08-27T16:15:38.016187galaxy.wi.uni-potsdam.de sshd[24292]: Invalid user leo from 189.101.238.48 port 32878 2020-08-27T16:15:38.020748galaxy.wi.uni-potsdam.de sshd[24292]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.101.238.48 2020-08-27T16:15:38.016187galaxy.wi.uni-potsdam.de sshd[24292]: Invalid user leo from 189.101.238.48 port 32878 2020-08-27T16:15:40.241069galaxy.wi.uni-potsdam.de sshd[24292]: Failed password for invalid user leo from 189.101.238.48 port 32878 ssh2 2020-08-27T16:18:23.767856galaxy.wi.uni-potsdam.de sshd[24600]: Invalid user redis from 189.101.238.48 port 41925 2020-08-27T16:18:23.769785galaxy.wi.uni-potsdam.de sshd[24600]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=189.101.238.48 2020-08-27T16:18:23.767856galaxy.wi.uni-potsdam.de sshd[24600]: Invalid user redis from 189.101.238.48 port 41925 2020-08-27T16:18:25.308439galaxy.wi.uni-potsdam.de sshd[24600]: Failed passwo ...	2020-08-27 22:31:56

最近上报的IP列表

139.59.59.241	58.217.76.76	112.65.12.239	217.61.20.238
111.161.242.174	119.29.20.201	163.31.195.128	37.114.128.109
118.24.18.193	116.106.131.204	114.105.174.237	180.160.73.85
35.248.193.131	213.105.87.26	112.52.42.147	111.200.206.60
203.204.1.196	175.51.138.15	112.175.127.189	17.58.101.200