117.50.5.94 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized access to SSH at 29/Aug/2020:20:24:04 +0000.	2020-08-30 06:55:44
attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.5.94 to port 8545 [T]	2020-08-10 19:59:17
attackbotsspam	Unauthorized connection attempt detected from IP address 117.50.5.94 to port 9000	2020-07-14 13:35:10
attack	Automatic report - Banned IP Access	2020-04-30 08:16:46
attackbotsspam	SIP/5060 Probe, BF, Hack -	2019-12-28 02:52:24

Comments on same subnet:

IP	Type	Details	Datetime
117.50.5.198	attack	2020-06-21T05:11:01.139033suse-nuc sshd[30749]: Invalid user white from 117.50.5.198 port 38374 ...	2020-06-22 02:35:29
117.50.5.198	attackspam	2020-06-16T05:50:38.770625+02:00 sshd[28613]: Failed password for root from 117.50.5.198 port 33908 ssh2	2020-06-16 16:00:46
117.50.59.243	attackspambots	Jun 12 18:42:19 web1 sshd\[27222\]: Invalid user zll from 117.50.59.243 Jun 12 18:42:19 web1 sshd\[27222\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.243 Jun 12 18:42:21 web1 sshd\[27222\]: Failed password for invalid user zll from 117.50.59.243 port 47644 ssh2 Jun 12 18:45:32 web1 sshd\[27507\]: Invalid user sharing from 117.50.59.243 Jun 12 18:45:32 web1 sshd\[27507\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.243	2020-06-13 12:49:02
117.50.59.243	attack	Jun 10 14:01:43 master sshd[18186]: Failed password for invalid user tonytan from 117.50.59.243 port 38776 ssh2 Jun 10 14:02:39 master sshd[18218]: Failed password for invalid user ponfly from 117.50.59.243 port 46970 ssh2	2020-06-10 19:18:23
117.50.59.243	attackspambots	Jun 8 12:02:48 Tower sshd[6039]: Connection from 117.50.59.243 port 47272 on 192.168.10.220 port 22 rdomain "" Jun 8 12:02:53 Tower sshd[6039]: Failed password for root from 117.50.59.243 port 47272 ssh2 Jun 8 12:02:54 Tower sshd[6039]: Received disconnect from 117.50.59.243 port 47272:11: Bye Bye [preauth] Jun 8 12:02:54 Tower sshd[6039]: Disconnected from authenticating user root 117.50.59.243 port 47272 [preauth]	2020-06-09 02:13:59
117.50.5.198	attack	Jun 1 05:38:11 mockhub sshd[32676]: Failed password for root from 117.50.5.198 port 51990 ssh2 ...	2020-06-02 02:51:07
117.50.5.198	attack	May 27 11:56:53 abendstille sshd\[18605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.198 user=root May 27 11:56:54 abendstille sshd\[18605\]: Failed password for root from 117.50.5.198 port 55568 ssh2 May 27 12:02:11 abendstille sshd\[23777\]: Invalid user admin from 117.50.5.198 May 27 12:02:11 abendstille sshd\[23777\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.198 May 27 12:02:13 abendstille sshd\[23777\]: Failed password for invalid user admin from 117.50.5.198 port 53780 ssh2 ...	2020-05-27 18:08:30
117.50.5.12	attack	Failed password for invalid user nginx from 117.50.5.12 port 58320 ssh2	2020-05-27 14:00:00
117.50.5.12	attackbots	Lines containing failures of 117.50.5.12 May 25 02:54:22 newdogma sshd[3439]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.12 user=r.r May 25 02:54:24 newdogma sshd[3439]: Failed password for r.r from 117.50.5.12 port 44618 ssh2 May 25 02:54:26 newdogma sshd[3439]: Received disconnect from 117.50.5.12 port 44618:11: Bye Bye [preauth] May 25 02:54:26 newdogma sshd[3439]: Disconnected from authenticating user r.r 117.50.5.12 port 44618 [preauth] May 25 03:06:42 newdogma sshd[3605]: Invalid user school from 117.50.5.12 port 44462 May 25 03:06:42 newdogma sshd[3605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.5.12 May 25 03:06:44 newdogma sshd[3605]: Failed password for invalid user school from 117.50.5.12 port 44462 ssh2 May 25 03:06:48 newdogma sshd[3605]: Received disconnect from 117.50.5.12 port 44462:11: Bye Bye [preauth] May 25 03:06:48 newdogma sshd[3605]: Disconn........ ------------------------------	2020-05-26 18:26:41
117.50.59.209	attackbotsspam	Feb 2 18:30:03 mail sshd\[30852\]: Invalid user lemonsj from 117.50.59.209 Feb 2 18:30:03 mail sshd\[30852\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.59.209 ...	2020-02-03 08:25:52
117.50.50.44	attackspam	2020-1-30 5:55:39 PM: failed ssh attempt	2020-01-31 01:27:26
117.50.50.44	attackbots	Unauthorized connection attempt detected from IP address 117.50.50.44 to port 2220 [J]	2020-01-17 18:06:32
117.50.50.44	attack	Jan 3 14:08:22 haigwepa sshd[11859]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 Jan 3 14:08:25 haigwepa sshd[11859]: Failed password for invalid user y from 117.50.50.44 port 52896 ssh2 ...	2020-01-03 21:34:14
117.50.54.253	attackbotsspam	$f2bV_matches	2019-12-27 02:28:55
117.50.50.44	attackspambots	Dec 20 12:29:37 linuxvps sshd\[39805\]: Invalid user kolbekk from 117.50.50.44 Dec 20 12:29:37 linuxvps sshd\[39805\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 Dec 20 12:29:39 linuxvps sshd\[39805\]: Failed password for invalid user kolbekk from 117.50.50.44 port 59598 ssh2 Dec 20 12:37:28 linuxvps sshd\[44928\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.50.44 user=root Dec 20 12:37:30 linuxvps sshd\[44928\]: Failed password for root from 117.50.50.44 port 60118 ssh2	2019-12-21 01:41:29

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.5.94
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.5.94.			IN	A

;; AUTHORITY SECTION:
.			460	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019100402 1800 900 604800 86400

;; Query time: 86 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 05 12:55:28 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 94.5.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 94.5.50.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.31.242.36	attack	Dec 3 08:26:22 web8 sshd\[32572\]: Invalid user admin from 182.31.242.36 Dec 3 08:26:22 web8 sshd\[32572\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.31.242.36 Dec 3 08:26:24 web8 sshd\[32572\]: Failed password for invalid user admin from 182.31.242.36 port 42907 ssh2 Dec 3 08:26:26 web8 sshd\[32572\]: Failed password for invalid user admin from 182.31.242.36 port 42907 ssh2 Dec 3 08:26:28 web8 sshd\[32572\]: Failed password for invalid user admin from 182.31.242.36 port 42907 ssh2	2019-12-03 20:13:00
200.52.29.112	attackspam	firewall-block, port(s): 23/tcp	2019-12-03 20:39:36
167.160.160.148	attackspam	Dec 2 06:42:00 sanyalnet-cloud-vps2 sshd[24490]: Connection from 167.160.160.148 port 39596 on 45.62.253.138 port 22 Dec 2 06:42:01 sanyalnet-cloud-vps2 sshd[24490]: Address 167.160.160.148 maps to 167.160.160.148.static.quadranet.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Dec 2 06:42:01 sanyalnet-cloud-vps2 sshd[24490]: User apache from 167.160.160.148 not allowed because not listed in AllowUsers Dec 2 06:42:01 sanyalnet-cloud-vps2 sshd[24490]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.160.160.148 user=apache Dec 2 06:42:03 sanyalnet-cloud-vps2 sshd[24490]: Failed password for invalid user apache from 167.160.160.148 port 39596 ssh2 Dec 2 06:42:03 sanyalnet-cloud-vps2 sshd[24490]: Received disconnect from 167.160.160.148 port 39596:11: Bye Bye [preauth] Dec 2 06:42:03 sanyalnet-cloud-vps2 sshd[24490]: Disconnected from 167.160.160.148 port 39596 [preauth] ........ ----------------------------------------------- https	2019-12-03 20:08:07
71.6.167.142	attackbots	Portscan or hack attempt detected by psad/fwsnort	2019-12-03 20:27:31
207.154.194.145	attackbots	$f2bV_matches	2019-12-03 20:26:04
68.183.31.138	attackspambots	Dec 3 08:00:20 raspberrypi sshd\[5786\]: Invalid user admin from 68.183.31.138Dec 3 08:00:23 raspberrypi sshd\[5786\]: Failed password for invalid user admin from 68.183.31.138 port 39586 ssh2Dec 3 08:17:35 raspberrypi sshd\[6078\]: Failed password for root from 68.183.31.138 port 37136 ssh2 ...	2019-12-03 20:11:49
79.137.77.131	attackbots	Dec 3 14:38:03 server sshd\[11753\]: Invalid user test from 79.137.77.131 Dec 3 14:38:03 server sshd\[11753\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.ip-79-137-77.eu Dec 3 14:38:04 server sshd\[11753\]: Failed password for invalid user test from 79.137.77.131 port 55984 ssh2 Dec 3 14:48:49 server sshd\[14385\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=131.ip-79-137-77.eu user=root Dec 3 14:48:51 server sshd\[14385\]: Failed password for root from 79.137.77.131 port 49922 ssh2 ...	2019-12-03 20:14:03
92.118.160.37	attack	ICMP MH Probe, Scan /Distributed -	2019-12-03 20:32:29
118.24.123.42	attack	Dec 3 13:24:17 itv-usvr-01 sshd[11423]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.123.42 user=root Dec 3 13:24:19 itv-usvr-01 sshd[11423]: Failed password for root from 118.24.123.42 port 54762 ssh2 Dec 3 13:24:22 itv-usvr-01 sshd[11425]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.123.42 user=root Dec 3 13:24:23 itv-usvr-01 sshd[11425]: Failed password for root from 118.24.123.42 port 54972 ssh2 Dec 3 13:24:26 itv-usvr-01 sshd[11427]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.123.42 user=root Dec 3 13:24:27 itv-usvr-01 sshd[11427]: Failed password for root from 118.24.123.42 port 55178 ssh2	2019-12-03 20:14:59
112.112.214.117	attackspam	Unauthorised access (Dec 3) SRC=112.112.214.117 LEN=40 TTL=51 ID=19875 TCP DPT=8080 WINDOW=65426 SYN Unauthorised access (Dec 2) SRC=112.112.214.117 LEN=40 TTL=51 ID=40846 TCP DPT=8080 WINDOW=65426 SYN Unauthorised access (Dec 2) SRC=112.112.214.117 LEN=40 TTL=51 ID=44733 TCP DPT=8080 WINDOW=65426 SYN Unauthorised access (Dec 2) SRC=112.112.214.117 LEN=40 TTL=51 ID=417 TCP DPT=8080 WINDOW=65426 SYN	2019-12-03 20:09:37
61.175.121.76	attack	Dec 3 02:27:15 tdfoods sshd\[9042\]: Invalid user marg from 61.175.121.76 Dec 3 02:27:15 tdfoods sshd\[9042\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.175.121.76 Dec 3 02:27:17 tdfoods sshd\[9042\]: Failed password for invalid user marg from 61.175.121.76 port 22356 ssh2 Dec 3 02:35:30 tdfoods sshd\[9807\]: Invalid user moores from 61.175.121.76 Dec 3 02:35:30 tdfoods sshd\[9807\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.175.121.76	2019-12-03 20:37:00
129.204.210.40	attackbots	Dec 2 20:16:53 hanapaa sshd\[6361\]: Invalid user brother from 129.204.210.40 Dec 2 20:16:53 hanapaa sshd\[6361\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.210.40 Dec 2 20:16:55 hanapaa sshd\[6361\]: Failed password for invalid user brother from 129.204.210.40 port 46940 ssh2 Dec 2 20:24:11 hanapaa sshd\[7045\]: Invalid user password from 129.204.210.40 Dec 2 20:24:11 hanapaa sshd\[7045\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.210.40	2019-12-03 20:31:09
39.74.196.209	attackbots	firewall-block, port(s): 23/tcp	2019-12-03 20:39:57
168.181.189.74	attackbots	Automatic report - Port Scan Attack	2019-12-03 20:33:30
142.93.235.47	attack	$f2bV_matches	2019-12-03 20:42:59

Recently Reported IPs

60.14.195.252	198.55.103.92	23.238.217.199	166.187.20.62
80.81.173.228	135.95.143.82	20.93.143.161	157.48.66.64
159.172.122.120	77.215.169.160	51.247.219.162	6.6.5.57
148.233.29.202	167.71.224.91	173.201.196.174	141.229.146.6
119.97.44.215	108.149.31.160	132.152.239.58	66.181.161.70