117.50.13.2 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	SSH login attempts with user root at 2020-01-02.	2020-01-03 03:05:03

Comments on same subnet:

IP	Type	Details	Datetime
117.50.13.54	attackbots	2020-09-14T02:28:13.751153ks3355764 sshd[25189]: Invalid user admin from 117.50.13.54 port 45496 2020-09-14T02:28:15.465900ks3355764 sshd[25189]: Failed password for invalid user admin from 117.50.13.54 port 45496 ssh2 ...	2020-09-15 03:07:18
117.50.13.167	attack	Sep 14 07:30:34 fhem-rasp sshd[7914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.167 user=root Sep 14 07:30:36 fhem-rasp sshd[7914]: Failed password for root from 117.50.13.167 port 52142 ssh2 ...	2020-09-14 21:50:26
117.50.13.54	attackspam	2020-09-14T02:28:13.751153ks3355764 sshd[25189]: Invalid user admin from 117.50.13.54 port 45496 2020-09-14T02:28:15.465900ks3355764 sshd[25189]: Failed password for invalid user admin from 117.50.13.54 port 45496 ssh2 ...	2020-09-14 18:59:52
117.50.13.167	attackspam	Sep 14 07:30:34 fhem-rasp sshd[7914]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.167 user=root Sep 14 07:30:36 fhem-rasp sshd[7914]: Failed password for root from 117.50.13.167 port 52142 ssh2 ...	2020-09-14 13:44:10
117.50.13.167	attackbotsspam	ssh brute force	2020-09-14 05:41:29
117.50.13.13	attack	2020-09-13 09:28:44.341256-0500 localhost sshd[69370]: Failed password for root from 117.50.13.13 port 55836 ssh2	2020-09-13 22:34:34
117.50.13.13	attack	Sep 13 07:51:10 MainVPS sshd[21638]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.13 user=root Sep 13 07:51:12 MainVPS sshd[21638]: Failed password for root from 117.50.13.13 port 56794 ssh2 Sep 13 07:56:39 MainVPS sshd[23591]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.13.13 user=root Sep 13 07:56:41 MainVPS sshd[23591]: Failed password for root from 117.50.13.13 port 48626 ssh2 Sep 13 07:58:45 MainVPS sshd[24355]: Invalid user 1922 from 117.50.13.13 port 39166 ...	2020-09-13 14:30:25
117.50.13.13	attackbotsspam	Sep 13 02:17:40 lunarastro sshd[11646]: Failed password for root from 117.50.13.13 port 39300 ssh2	2020-09-13 06:14:02
117.50.137.36	attack	Port Scan/VNC login attempt ...	2020-09-06 04:00:37
117.50.137.36	attack	Port Scan/VNC login attempt ...	2020-09-05 19:43:34
117.50.137.10	attack	RDPBruteMak	2020-08-12 06:35:25
117.50.13.29	attackbotsspam	Invalid user administrator from 117.50.13.29 port 53876	2020-07-18 23:18:25
117.50.13.170	attack	Jul 8 02:17:09 server sshd[27232]: Failed password for invalid user yoshizu from 117.50.13.170 port 57058 ssh2 Jul 8 02:21:33 server sshd[30853]: Failed password for invalid user xsbk from 117.50.13.170 port 47602 ssh2 Jul 8 02:25:40 server sshd[34046]: Failed password for invalid user demo from 117.50.13.170 port 38146 ssh2	2020-07-08 08:41:24
117.50.132.62	attackbotsspam	TCP Port: 25 invalid blocked Listed on dnsbl-sorbs also barracuda and spam-sorbs (6)	2020-07-04 07:30:32
117.50.13.170	attack	SSH login attempts.	2020-06-15 02:18:09

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.13.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24408
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.13.2.			IN	A

;; AUTHORITY SECTION:
.			138	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010200 1800 900 604800 86400

;; Query time: 860 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jan 03 03:05:00 CST 2020
;; MSG SIZE  rcvd: 115

Host info

Host 2.13.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 2.13.50.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
183.90.238.41	attack	Received: from sv2340.xserver.jp (sv2340.xserver.jp [183.90.238.41]) Received: from virusgw2301.xserver.jp (virusgw2301.xserver.jp [183.90.238.243]) Received: from sv2340.xserver.jp (183.90.238.41) by virusgw2301.xserver.jp (F-Secure/fsigk_smtp/521/virusgw2301.xserver.jp); Received: from localhost.localdomain (v133-130-126-241.a059.g.tyo1.static.cnode.io [133.130.126.241]) NETFLIX FRAUD/PHISHING MAIL	2019-07-17 14:34:04
106.110.132.139	attackbots	[Tue Jul 16 20:46:53 2019 GMT] "Amy" [URIBL_INV,RDNS_NONE], Subject: Re:Print logo/Healthy soft plastic bottle USB flash drive	2019-07-17 14:13:45
157.230.23.46	attackspambots	Jul 17 08:14:21 vps647732 sshd[22948]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.23.46 Jul 17 08:14:23 vps647732 sshd[22948]: Failed password for invalid user kj from 157.230.23.46 port 37470 ssh2 ...	2019-07-17 14:42:33
49.88.112.77	attack	Jul 17 06:14:29 animalibera sshd[21301]: Failed password for root from 49.88.112.77 port 31173 ssh2 Jul 17 06:14:23 animalibera sshd[21301]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.77 user=root Jul 17 06:14:25 animalibera sshd[21301]: Failed password for root from 49.88.112.77 port 31173 ssh2 Jul 17 06:14:29 animalibera sshd[21301]: Failed password for root from 49.88.112.77 port 31173 ssh2 Jul 17 06:14:31 animalibera sshd[21301]: Failed password for root from 49.88.112.77 port 31173 ssh2 ...	2019-07-17 14:35:18
51.68.215.113	attackbotsspam	Jul 17 08:01:51 eventyay sshd[17005]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.215.113 Jul 17 08:01:53 eventyay sshd[17005]: Failed password for invalid user info from 51.68.215.113 port 40382 ssh2 Jul 17 08:07:31 eventyay sshd[18482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.68.215.113 ...	2019-07-17 14:15:53
191.53.197.249	attackbotsspam	failed_logins	2019-07-17 14:40:01
103.224.250.136	attackspambots	Jul 17 01:52:09 vps200512 sshd\[22607\]: Invalid user luke from 103.224.250.136 Jul 17 01:52:09 vps200512 sshd\[22607\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.224.250.136 Jul 17 01:52:12 vps200512 sshd\[22607\]: Failed password for invalid user luke from 103.224.250.136 port 43271 ssh2 Jul 17 02:00:30 vps200512 sshd\[22758\]: Invalid user hassan from 103.224.250.136 Jul 17 02:00:30 vps200512 sshd\[22758\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.224.250.136	2019-07-17 14:14:17
51.254.99.208	attackbotsspam	Jul 17 08:03:15 SilenceServices sshd[9933]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.99.208 Jul 17 08:03:17 SilenceServices sshd[9933]: Failed password for invalid user ankit from 51.254.99.208 port 36300 ssh2 Jul 17 08:07:49 SilenceServices sshd[12822]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.99.208	2019-07-17 14:15:26
106.12.125.27	attackspam	Jul 17 06:14:48 MK-Soft-VM6 sshd\[24466\]: Invalid user zeus from 106.12.125.27 port 42068 Jul 17 06:14:48 MK-Soft-VM6 sshd\[24466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.125.27 Jul 17 06:14:50 MK-Soft-VM6 sshd\[24466\]: Failed password for invalid user zeus from 106.12.125.27 port 42068 ssh2 ...	2019-07-17 14:27:14
201.87.233.60	attackspambots	SMB Server BruteForce Attack	2019-07-17 14:06:21
219.128.51.65	attackbots	Jul 17 14:07:05 bacztwo courieresmtpd[17069]: error,relay=::ffff:219.128.51.65,from=<>,to=<>: 500 Invalid address Jul 17 14:08:43 bacztwo courieresmtpd[23954]: error,relay=::ffff:219.128.51.65,from=<>,to=<>: 500 Invalid address Jul 17 14:09:10 bacztwo courieresmtpd[26214]: error,relay=::ffff:219.128.51.65,from=<>,to=<>: 500 Invalid address Jul 17 14:09:29 bacztwo courieresmtpd[27462]: error,relay=::ffff:219.128.51.65,from=<>,to=<>: 500 Invalid address Jul 17 14:14:38 bacztwo courieresmtpd[22470]: error,relay=::ffff:219.128.51.65,from=<>,to=<>: 500 Invalid address ...	2019-07-17 14:30:07
187.72.124.10	attackspambots	Jul 16 23:59:17 srv-4 sshd\[1715\]: Invalid user admin from 187.72.124.10 Jul 16 23:59:17 srv-4 sshd\[1715\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.72.124.10 Jul 16 23:59:18 srv-4 sshd\[1715\]: Failed password for invalid user admin from 187.72.124.10 port 50093 ssh2 ...	2019-07-17 14:07:15
46.101.27.6	attackspam	" "	2019-07-17 14:16:11
123.30.139.114	attack	Automatic report - Banned IP Access	2019-07-17 14:11:44
120.132.105.173	attackspam	2019-07-17T07:54:36.349190cavecanem sshd[3387]: Invalid user nian from 120.132.105.173 port 51342 2019-07-17T07:54:36.351512cavecanem sshd[3387]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.105.173 2019-07-17T07:54:36.349190cavecanem sshd[3387]: Invalid user nian from 120.132.105.173 port 51342 2019-07-17T07:54:37.997259cavecanem sshd[3387]: Failed password for invalid user nian from 120.132.105.173 port 51342 ssh2 2019-07-17T07:58:51.003333cavecanem sshd[8714]: Invalid user oracle from 120.132.105.173 port 59848 2019-07-17T07:58:51.005792cavecanem sshd[8714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.132.105.173 2019-07-17T07:58:51.003333cavecanem sshd[8714]: Invalid user oracle from 120.132.105.173 port 59848 2019-07-17T07:58:53.660294cavecanem sshd[8714]: Failed password for invalid user oracle from 120.132.105.173 port 59848 ssh2 2019-07-17T08:03:21.997833cavecanem sshd[14489]: Inv ...	2019-07-17 14:12:08

Recently Reported IPs

191.55.95.81	194.13.147.8	104.209.178.147	117.205.84.8
211.231.139.189	156.211.3.119	1.57.235.170	116.185.52.88
17.30.122.161	116.255.166.2	73.59.205.237	222.163.160.140
109.15.75.48	155.196.24.65	158.106.16.198	116.72.235.1
110.206.157.112	180.201.83.103	181.107.210.74	203.89.158.92