117.50.117.202

Basic Info

City: unknown

Region: Shanghai

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	suspicious action Fri, 21 Feb 2020 10:13:59 -0300	2020-02-22 02:35:18

Comments on same subnet:

IP	Type	Details	Datetime
117.50.117.16	attackspam	TCP (SYN) 117.50.117.16:56358 -> port 1433, len 40	2020-07-01 17:28:52
117.50.117.16	attackbotsspam	06/29/2020-07:10:43.969703 117.50.117.16 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-29 23:20:40
117.50.117.98	attack	" "	2020-04-14 22:12:37
117.50.117.43	attackbots	Unauthorized connection attempt detected from IP address 117.50.117.43 to port 1433 [T]	2020-01-21 03:03:09
117.50.117.43	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-12-07 23:12:47
117.50.117.16	attackbotsspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-16 07:42:34

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.117.202
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15721
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.117.202.			IN	A

;; AUTHORITY SECTION:
.			591	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010201 1800 900 604800 86400

;; Query time: 49 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 05:00:55 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 202.117.50.117.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

Server:		183.60.82.98
Address:	183.60.82.98#53

Non-authoritative answer:
*** Can't find 202.117.50.117.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
222.186.15.101	attackspambots	Sep 10 18:09:28 debian sshd[2043]: Unable to negotiate with 222.186.15.101 port 50078: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] Sep 10 19:39:59 debian sshd[6072]: Unable to negotiate with 222.186.15.101 port 16670: no matching key exchange method found. Their offer: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] ...	2019-09-11 07:47:39
222.186.52.124	botsattackproxy	Last failed login: Wed Sep 11 07:55:23 CST 2019 from 222.186.52.124 on ssh:notty There were 6 failed login attempts since the last successful login.	2019-09-11 08:15:40
62.234.109.203	attackbotsspam	Sep 11 01:23:01 rpi sshd[17680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.109.203 Sep 11 01:23:03 rpi sshd[17680]: Failed password for invalid user oneadmin from 62.234.109.203 port 53327 ssh2	2019-09-11 07:54:59
84.253.140.10	attack	Sep 11 01:19:38 vpn01 sshd\[32453\]: Invalid user work from 84.253.140.10 Sep 11 01:19:38 vpn01 sshd\[32453\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=84.253.140.10 Sep 11 01:19:40 vpn01 sshd\[32453\]: Failed password for invalid user work from 84.253.140.10 port 37410 ssh2	2019-09-11 07:43:37
96.48.244.48	attackspam	Sep 11 01:15:18 MK-Soft-Root2 sshd\[17811\]: Invalid user oracle from 96.48.244.48 port 39584 Sep 11 01:15:18 MK-Soft-Root2 sshd\[17811\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=96.48.244.48 Sep 11 01:15:20 MK-Soft-Root2 sshd\[17811\]: Failed password for invalid user oracle from 96.48.244.48 port 39584 ssh2 ...	2019-09-11 08:04:35
167.99.71.142	attackbotsspam	$f2bV_matches	2019-09-11 08:00:18
187.78.248.6	attack	@LucianNitescu Personal Honeypot Network <<<>>> Donate at paypal.me/LNitescu <<<>>> 2019-09-10 18:07:20,066 INFO [amun_request_handler] PortScan Detected on Port: 445 (187.78.248.6)	2019-09-11 08:16:37
62.83.87.120	attackspambots	ES - 1H : (23) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : ES NAME ASN : ASN12430 IP : 62.83.87.120 CIDR : 62.83.0.0/17 PREFIX COUNT : 131 UNIQUE IP COUNT : 3717120 WYKRYTE ATAKI Z ASN12430 : 1H - 1 3H - 2 6H - 2 12H - 2 24H - 4 INFO : SYN Flood DDoS Attack Denial-of-Service Attack (DoS) Detected and Blocked by ADMIN - data recovery https://help-dysk.pl	2019-09-11 08:06:02
164.132.205.21	attackspambots	Sep 11 01:55:49 vps647732 sshd[29539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=164.132.205.21 Sep 11 01:55:51 vps647732 sshd[29539]: Failed password for invalid user steam from 164.132.205.21 port 33712 ssh2 ...	2019-09-11 07:56:57
51.75.30.238	attackbots	Sep 11 07:06:41 webhost01 sshd[2913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.30.238 Sep 11 07:06:43 webhost01 sshd[2913]: Failed password for invalid user sinusbot from 51.75.30.238 port 56876 ssh2 ...	2019-09-11 08:20:26
132.232.19.122	attackbotsspam	Sep 11 01:40:22 localhost sshd\[18455\]: Invalid user 123 from 132.232.19.122 port 49208 Sep 11 01:40:22 localhost sshd\[18455\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.232.19.122 Sep 11 01:40:24 localhost sshd\[18455\]: Failed password for invalid user 123 from 132.232.19.122 port 49208 ssh2	2019-09-11 07:47:57
141.98.80.80	attack	Sep 11 01:28:23 vmanager6029 postfix/smtpd\[32289\]: warning: unknown\[141.98.80.80\]: SASL PLAIN authentication failed: Sep 11 01:28:42 vmanager6029 postfix/smtpd\[32289\]: warning: unknown\[141.98.80.80\]: SASL PLAIN authentication failed:	2019-09-11 07:40:45
106.75.15.142	attackbotsspam	Automated report - ssh fail2ban: Sep 11 01:14:17 authentication failure Sep 11 01:14:19 wrong password, user=userftp, port=57602, ssh2 Sep 11 01:18:18 authentication failure	2019-09-11 08:19:53
27.111.85.60	attackspam	Sep 10 13:35:16 php1 sshd\[23539\]: Invalid user user2 from 27.111.85.60 Sep 10 13:35:16 php1 sshd\[23539\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.111.85.60 Sep 10 13:35:19 php1 sshd\[23539\]: Failed password for invalid user user2 from 27.111.85.60 port 41107 ssh2 Sep 10 13:42:47 php1 sshd\[24298\]: Invalid user postgres from 27.111.85.60 Sep 10 13:42:47 php1 sshd\[24298\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.111.85.60	2019-09-11 08:02:36
118.170.62.253	attackspambots	port 23 attempt blocked	2019-09-11 07:36:17

Recently Reported IPs

73.75.48.109	14.120.17.250	109.154.95.127	63.163.46.14
45.71.76.130	150.109.63.204	101.160.240.179	220.1.154.185
75.236.5.30	136.169.152.93	176.164.79.244	205.207.226.114
51.79.141.187	139.196.92.7	206.133.131.212	31.251.219.46
177.209.0.32	152.237.227.218	96.250.156.169	116.106.26.170