117.50.13.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 03:05:03

Comments on same subnet:

IP	Type	Details	Datetime
117.50.13.54	attackbots	2020-09-14T02:28:13.751153ks3355764 sshd[25189]: Invalid user admin from 117.50.13.54 port 45496 2020-09-14T02:28:15.465900ks3355764 sshd[25189]: Failed password for invalid user admin from 117.50.13.54 port 45496 ssh2 ...	2020-09-15 03:07:18
117.50.13.167	attack	Sep 14 07:30:34 fhem-rasp sshd[7914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.167 user=root Sep 14 07:30:36 fhem-rasp sshd[7914]: Failed password for root from 117.50.13.167 port 52142 ssh2 ...	2020-09-14 21:50:26
117.50.13.54	attackspam	2020-09-14T02:28:13.751153ks3355764 sshd[25189]: Invalid user admin from 117.50.13.54 port 45496 2020-09-14T02:28:15.465900ks3355764 sshd[25189]: Failed password for invalid user admin from 117.50.13.54 port 45496 ssh2 ...	2020-09-14 18:59:52
117.50.13.167	attackspam	Sep 14 07:30:34 fhem-rasp sshd[7914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.167 user=root Sep 14 07:30:36 fhem-rasp sshd[7914]: Failed password for root from 117.50.13.167 port 52142 ssh2 ...	2020-09-14 13:44:10
117.50.13.167	attackbotsspam	ssh brute force	2020-09-14 05:41:29
117.50.13.13	attack	2020-09-13 09:28:44.341256-0500 localhost sshd[69370]: Failed password for root from 117.50.13.13 port 55836 ssh2	2020-09-13 22:34:34
117.50.13.13	attack	Sep 13 07:51:10 MainVPS sshd[21638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.13 user=root Sep 13 07:51:12 MainVPS sshd[21638]: Failed password for root from 117.50.13.13 port 56794 ssh2 Sep 13 07:56:39 MainVPS sshd[23591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.13 user=root Sep 13 07:56:41 MainVPS sshd[23591]: Failed password for root from 117.50.13.13 port 48626 ssh2 Sep 13 07:58:45 MainVPS sshd[24355]: Invalid user 1922 from 117.50.13.13 port 39166 ...	2020-09-13 14:30:25
117.50.13.13	attackbotsspam	Sep 13 02:17:40 lunarastro sshd[11646]: Failed password for root from 117.50.13.13 port 39300 ssh2	2020-09-13 06:14:02
117.50.137.36	attack	Port Scan/VNC login attempt ...	2020-09-06 04:00:37
117.50.137.36	attack	Port Scan/VNC login attempt ...	2020-09-05 19:43:34
117.50.137.10	attack	RDPBruteMak	2020-08-12 06:35:25
117.50.13.29	attackbotsspam	Invalid user administrator from 117.50.13.29 port 53876	2020-07-18 23:18:25
117.50.13.170	attack	Jul 8 02:17:09 server sshd[27232]: Failed password for invalid user yoshizu from 117.50.13.170 port 57058 ssh2 Jul 8 02:21:33 server sshd[30853]: Failed password for invalid user xsbk from 117.50.13.170 port 47602 ssh2 Jul 8 02:25:40 server sshd[34046]: Failed password for invalid user demo from 117.50.13.170 port 38146 ssh2	2020-07-08 08:41:24
117.50.132.62	attackbotsspam	TCP Port: 25 invalid blocked Listed on dnsbl-sorbs also barracuda and spam-sorbs (6)	2020-07-04 07:30:32
117.50.13.170	attack	SSH login attempts.	2020-06-15 02:18:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.13.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24408
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.13.2.			IN	A

;; AUTHORITY SECTION:
.			138	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 860 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 03:05:00 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 2.13.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.13.50.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.145.211.33	attackbots	20/9/6@12:53:05: FAIL: Alarm-Telnet address from=217.145.211.33 ...	2020-09-07 13:52:45
111.161.74.118	attack	Sep 6 23:21:42 serwer sshd\[26157\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.161.74.118 user=root Sep 6 23:21:44 serwer sshd\[26157\]: Failed password for root from 111.161.74.118 port 41978 ssh2 Sep 6 23:26:14 serwer sshd\[26579\]: Invalid user pollo from 111.161.74.118 port 48586 Sep 6 23:26:14 serwer sshd\[26579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.161.74.118 ...	2020-09-07 13:51:29
192.35.169.31	attackspambots	TCP (SYN) 192.35.169.31:50198 -> port 81, len 44	2020-09-07 13:33:26
112.85.42.176	attackbotsspam	Sep 7 05:58:37 ip-172-31-61-156 sshd[19031]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.176 user=root Sep 7 05:58:39 ip-172-31-61-156 sshd[19031]: Failed password for root from 112.85.42.176 port 18894 ssh2 ...	2020-09-07 14:03:43
41.45.16.155	attack	Telnet Server BruteForce Attack	2020-09-07 13:47:33
60.250.67.47	attackspambots	Sep 6 20:14:58 home sshd[1021577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.67.47 Sep 6 20:14:58 home sshd[1021577]: Invalid user trevor from 60.250.67.47 port 55034 Sep 6 20:15:00 home sshd[1021577]: Failed password for invalid user trevor from 60.250.67.47 port 55034 ssh2 Sep 6 20:16:53 home sshd[1021759]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.250.67.47 user=root Sep 6 20:16:55 home sshd[1021759]: Failed password for root from 60.250.67.47 port 55604 ssh2 ...	2020-09-07 13:59:32
103.79.250.82	attackspam	1599449392 - 09/07/2020 05:29:52 Host: 103.79.250.82/103.79.250.82 Port: 445 TCP Blocked	2020-09-07 13:30:22
139.59.84.29	attackbots	Sep 7 05:51:27 root sshd[17915]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.84.29 ...	2020-09-07 13:54:45
182.61.49.179	attackspambots	2020-09-06T17:05:17.785411shield sshd\[3359\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.49.179 user=root 2020-09-06T17:05:19.900296shield sshd\[3359\]: Failed password for root from 182.61.49.179 port 44564 ssh2 2020-09-06T17:08:15.025788shield sshd\[3608\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.61.49.179 user=root 2020-09-06T17:08:16.432363shield sshd\[3608\]: Failed password for root from 182.61.49.179 port 47284 ssh2 2020-09-06T17:11:03.229030shield sshd\[3922\]: Invalid user castro from 182.61.49.179 port 49994	2020-09-07 13:30:46
49.128.174.248	attack	Honeypot attack, port: 445, PTR: 49.128.174-248.static-mumbai.wnet.net.in.	2020-09-07 13:33:57
49.233.77.12	attack	Failed password for invalid user uu from 49.233.77.12 port 59512 ssh2	2020-09-07 13:35:59
101.133.170.16	attackspambots	101.133.170.16 - - [07/Sep/2020:06:51:56 +0100] "POST /wp-login.php HTTP/1.1" 200 1792 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 101.133.170.16 - - [07/Sep/2020:06:52:00 +0100] "POST /wp-login.php HTTP/1.1" 200 1768 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 101.133.170.16 - - [07/Sep/2020:06:52:00 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-09-07 14:02:02
141.98.10.211	attackbots	2020-09-07T05:32:22.292080abusebot-4.cloudsearch.cf sshd[15104]: Invalid user admin from 141.98.10.211 port 34667 2020-09-07T05:32:22.299728abusebot-4.cloudsearch.cf sshd[15104]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.211 2020-09-07T05:32:22.292080abusebot-4.cloudsearch.cf sshd[15104]: Invalid user admin from 141.98.10.211 port 34667 2020-09-07T05:32:24.764617abusebot-4.cloudsearch.cf sshd[15104]: Failed password for invalid user admin from 141.98.10.211 port 34667 ssh2 2020-09-07T05:32:51.032916abusebot-4.cloudsearch.cf sshd[15116]: Invalid user Admin from 141.98.10.211 port 37569 2020-09-07T05:32:51.037947abusebot-4.cloudsearch.cf sshd[15116]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.211 2020-09-07T05:32:51.032916abusebot-4.cloudsearch.cf sshd[15116]: Invalid user Admin from 141.98.10.211 port 37569 2020-09-07T05:32:52.484042abusebot-4.cloudsearch.cf sshd[15116]: Failed ...	2020-09-07 13:44:00
207.244.70.35	attackbots	Brute-force attempt banned	2020-09-07 13:41:18
51.223.211.225	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-09-07 13:37:43

Recently Reported IPs

191.55.95.81	194.13.147.8	104.209.178.147	117.205.84.8
211.231.139.189	156.211.3.119	1.57.235.170	116.185.52.88
17.30.122.161	116.255.166.2	73.59.205.237	222.163.160.140
109.15.75.48	155.196.24.65	158.106.16.198	116.72.235.1
110.206.157.112	180.201.83.103	181.107.210.74	203.89.158.92