117.50.42.242 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	2020-03-18T19:11:47.559572jannga.de sshd[32734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.42.242 user=root 2020-03-18T19:11:49.744605jannga.de sshd[32734]: Failed password for root from 117.50.42.242 port 55494 ssh2 ...	2020-03-19 03:14:21
attack	Invalid user pellegrini from 117.50.42.242 port 43620 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.42.242 Failed password for invalid user pellegrini from 117.50.42.242 port 43620 ssh2 Invalid user support from 117.50.42.242 port 56186 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.42.242	2020-02-27 21:49:12

Type

Details

Datetime

attack

2020-03-18T19:11:47.559572jannga.de sshd[32734]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.42.242  user=root
2020-03-18T19:11:49.744605jannga.de sshd[32734]: Failed password for root from 117.50.42.242 port 55494 ssh2
...

2020-03-19 03:14:21

attack

Invalid user pellegrini from 117.50.42.242 port 43620
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.42.242
Failed password for invalid user pellegrini from 117.50.42.242 port 43620 ssh2
Invalid user support from 117.50.42.242 port 56186
pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.42.242

2020-02-27 21:49:12

Comments on same subnet:

IP	Type	Details	Datetime
117.50.42.249	attackspam	Port scan denied	2020-06-24 14:17:39
117.50.42.55	attack	unauthorized connection attempt	2020-02-07 19:54:33

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.42.242
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35573
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.42.242.			IN	A

;; AUTHORITY SECTION:
.			598	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022700 1800 900 604800 86400

;; Query time: 46 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 21:49:04 CST 2020
;; MSG SIZE  rcvd: 117

Host info

;; connection timed out; no servers could be reached

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 242.42.50.117.in-addr.arpa.: No answer

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
211.91.163.236	attackbots	SSH Login Bruteforce	2020-05-07 20:11:48
36.111.171.14	attackspam	2020-05-07T11:57:21.170338abusebot-4.cloudsearch.cf sshd[8500]: Invalid user lourdes from 36.111.171.14 port 34478 2020-05-07T11:57:21.188708abusebot-4.cloudsearch.cf sshd[8500]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.111.171.14 2020-05-07T11:57:21.170338abusebot-4.cloudsearch.cf sshd[8500]: Invalid user lourdes from 36.111.171.14 port 34478 2020-05-07T11:57:23.606940abusebot-4.cloudsearch.cf sshd[8500]: Failed password for invalid user lourdes from 36.111.171.14 port 34478 ssh2 2020-05-07T12:02:37.409260abusebot-4.cloudsearch.cf sshd[8785]: Invalid user precious from 36.111.171.14 port 60156 2020-05-07T12:02:37.419521abusebot-4.cloudsearch.cf sshd[8785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.111.171.14 2020-05-07T12:02:37.409260abusebot-4.cloudsearch.cf sshd[8785]: Invalid user precious from 36.111.171.14 port 60156 2020-05-07T12:02:39.221569abusebot-4.cloudsearch.cf sshd[8785]: Fa ...	2020-05-07 20:08:07
119.76.185.190	attackbots	Wordpress Admin Login attack	2020-05-07 20:04:42
104.248.235.6	attackspam	xmlrpc attack	2020-05-07 20:07:54
51.83.76.139	attack	Automatic report - Banned IP Access	2020-05-07 20:24:24
138.255.0.27	attackspam	May 7 14:02:13 [host] sshd[7890]: Invalid user he May 7 14:02:13 [host] sshd[7890]: pam_unix(sshd:a May 7 14:02:15 [host] sshd[7890]: Failed password	2020-05-07 20:29:27
121.183.244.209	attack	port 23	2020-05-07 20:00:26
187.188.90.141	attackbots	2020-05-07T11:54:14.844765shield sshd\[3645\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-90-141.totalplay.net user=root 2020-05-07T11:54:17.260859shield sshd\[3645\]: Failed password for root from 187.188.90.141 port 55616 ssh2 2020-05-07T11:58:13.150808shield sshd\[4717\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=fixed-187-188-90-141.totalplay.net user=root 2020-05-07T11:58:15.376447shield sshd\[4717\]: Failed password for root from 187.188.90.141 port 36868 ssh2 2020-05-07T12:02:12.626958shield sshd\[6286\]: Invalid user team from 187.188.90.141 port 46366	2020-05-07 20:36:39
46.38.144.179	attackspambots	May 7 14:12:43 galaxy event: galaxy/lswi: smtp: danilov@uni-potsdam.de [46.38.144.179] authentication failure using internet password May 7 14:13:19 galaxy event: galaxy/lswi: smtp: seminar@uni-potsdam.de [46.38.144.179] authentication failure using internet password May 7 14:13:56 galaxy event: galaxy/lswi: smtp: blueprint@uni-potsdam.de [46.38.144.179] authentication failure using internet password May 7 14:14:33 galaxy event: galaxy/lswi: smtp: platform@uni-potsdam.de [46.38.144.179] authentication failure using internet password May 7 14:15:09 galaxy event: galaxy/lswi: smtp: manan@uni-potsdam.de [46.38.144.179] authentication failure using internet password ...	2020-05-07 20:15:19
129.152.141.71	attack	2020-05-07T12:22:16.119918abusebot-8.cloudsearch.cf sshd[5983]: Invalid user andrew from 129.152.141.71 port 64046 2020-05-07T12:22:16.129119abusebot-8.cloudsearch.cf sshd[5983]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-129-152-141-71.compute.oraclecloud.com 2020-05-07T12:22:16.119918abusebot-8.cloudsearch.cf sshd[5983]: Invalid user andrew from 129.152.141.71 port 64046 2020-05-07T12:22:17.789188abusebot-8.cloudsearch.cf sshd[5983]: Failed password for invalid user andrew from 129.152.141.71 port 64046 ssh2 2020-05-07T12:30:39.116400abusebot-8.cloudsearch.cf sshd[6633]: Invalid user lb from 129.152.141.71 port 14935 2020-05-07T12:30:39.127128abusebot-8.cloudsearch.cf sshd[6633]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=oc-129-152-141-71.compute.oraclecloud.com 2020-05-07T12:30:39.116400abusebot-8.cloudsearch.cf sshd[6633]: Invalid user lb from 129.152.141.71 port 14935 2020-05-07T12:30:41. ...	2020-05-07 20:33:07
186.4.184.218	attackbots	Brute-force attempt banned	2020-05-07 20:08:38
110.138.52.125	attack	Unauthorized connection attempt from IP address 110.138.52.125 on Port 445(SMB)	2020-05-07 20:30:36
35.205.219.55	attackspam	[ThuMay0713:55:24.4853122020][:error][pid20188:tid47899058763520][client35.205.219.55:8078][client35.205.219.55]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname"148.251.104.76"][uri"/"][unique_id"XrP3LLqDst1dU06tj5GW9QAAAUc"][ThuMay0714:02:30.2099512020][:error][pid20295:tid47899052459776][client35.205.219.55:9230][client35.205.219.55]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch"python-requests/"atREQUEST_HEADERS:User-Agent.[file"/usr/local/apache.ea3/conf/modsec_rules/20_asl_useragents.conf"][line"218"][id"332039"][rev"4"][msg"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(python-requests\).Disablethisruleifyouusepython-requests/."][severity"CRITICAL"][hostname\	2020-05-07 20:12:42
103.107.17.134	attack	May 7 14:14:30 meumeu sshd[16006]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.107.17.134 May 7 14:14:32 meumeu sshd[16006]: Failed password for invalid user zls from 103.107.17.134 port 51532 ssh2 May 7 14:20:37 meumeu sshd[16808]: Failed password for proxy from 103.107.17.134 port 57982 ssh2 ...	2020-05-07 20:22:47
158.69.192.35	attack	May 7 14:03:18 vps639187 sshd\[20833\]: Invalid user hm from 158.69.192.35 port 46164 May 7 14:03:18 vps639187 sshd\[20833\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.192.35 May 7 14:03:20 vps639187 sshd\[20833\]: Failed password for invalid user hm from 158.69.192.35 port 46164 ssh2 ...	2020-05-07 20:16:21

Recently Reported IPs

50.28.37.25	192.168.4.251	38.254.58.86	87.246.7.7
251.93.55.157	119.236.182.238	236.82.80.74	222.93.64.134
137.119.19.37	189.223.211.188	122.118.35.208	125.161.139.30
125.25.18.207	218.102.139.76	14.136.188.199	223.19.37.145
91.189.216.89	51.91.108.15	221.124.192.239	185.202.2.132