117.50.93.63 - IPInfo

Basic Info

City: unknown

Region: Shanghai

Country: China

Internet Service Provider: Shanghai UCloud Information Technology Company Limited

Hostname: unknown

Organization: China Unicom Beijing Province Network

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Aug 10 19:50:27 xtremcommunity sshd\[6555\]: Invalid user louie from 117.50.93.63 port 36334 Aug 10 19:50:27 xtremcommunity sshd\[6555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63 Aug 10 19:50:29 xtremcommunity sshd\[6555\]: Failed password for invalid user louie from 117.50.93.63 port 36334 ssh2 Aug 10 19:58:58 xtremcommunity sshd\[6842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63 user=root Aug 10 19:59:00 xtremcommunity sshd\[6842\]: Failed password for root from 117.50.93.63 port 47904 ssh2 ...	2019-08-11 09:41:54
attack	SSH Bruteforce attack	2019-08-10 02:13:40

Type

Details

Datetime

attack

Aug 10 19:50:27 xtremcommunity sshd\[6555\]: Invalid user louie from 117.50.93.63 port 36334
Aug 10 19:50:27 xtremcommunity sshd\[6555\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63
Aug 10 19:50:29 xtremcommunity sshd\[6555\]: Failed password for invalid user louie from 117.50.93.63 port 36334 ssh2
Aug 10 19:58:58 xtremcommunity sshd\[6842\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.63  user=root
Aug 10 19:59:00 xtremcommunity sshd\[6842\]: Failed password for root from 117.50.93.63 port 47904 ssh2
...

2019-08-11 09:41:54

attack

SSH Bruteforce attack

2019-08-10 02:13:40

Comments on same subnet:

IP	Type	Details	Datetime
117.50.93.75	attack	ET SCAN NMAP -sS window 1024	2020-10-10 03:44:15
117.50.93.75	attackspambots	" "	2020-10-09 19:39:56
117.50.93.75	attackbotsspam	[N10.H2.VM2] Port Scanner Detected Blocked by UFW	2020-10-04 06:49:43
117.50.93.75	attackbots	" "	2020-10-03 22:58:47
117.50.93.75	attackbots	1025/tcp 10333/tcp 1027/tcp... [2020-08-06/10-02]70pkt,20pt.(tcp)	2020-10-03 14:41:52
117.50.93.75	attack	4730/tcp 4567/tcp 465/tcp... [2020-06-18/08-14]58pkt,18pt.(tcp)	2020-08-15 03:20:56
117.50.93.75	attackbots	firewall-block, port(s): 4880/tcp	2020-07-27 17:58:06
117.50.93.66	attack	Apr 10 00:12:16 NPSTNNYC01T sshd[22828]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66 Apr 10 00:12:18 NPSTNNYC01T sshd[22828]: Failed password for invalid user martin from 117.50.93.66 port 45218 ssh2 Apr 10 00:16:44 NPSTNNYC01T sshd[23035]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.93.66 ...	2020-04-10 12:24:48
117.50.93.75	attackbotsspam	suspicious action Tue, 25 Feb 2020 13:38:39 -0300	2020-02-26 01:38:04
117.50.93.75	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2020-01-14 21:50:18
117.50.93.75	attackspam	22.12.2019 08:27:07 Connection to port 13 blocked by firewall	2019-12-22 19:25:09
117.50.93.75	attack	Automatic report - Banned IP Access	2019-12-20 08:18:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.50.93.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60619
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.50.93.63.			IN	A

;; AUTHORITY SECTION:
.			2565	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019080801 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Fri Aug 09 01:31:16 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 63.93.50.117.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 63.93.50.117.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.151.37.230	attackspam	Apr 7 15:29:34 ewelt sshd[31021]: Failed password for invalid user mtaserver from 182.151.37.230 port 43726 ssh2 Apr 7 15:33:21 ewelt sshd[31318]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.151.37.230 user=postgres Apr 7 15:33:23 ewelt sshd[31318]: Failed password for postgres from 182.151.37.230 port 58858 ssh2 Apr 7 15:37:01 ewelt sshd[31545]: Invalid user admin from 182.151.37.230 port 45756 ...	2020-04-08 02:31:21
14.167.123.113	attack	Apr 7 18:52:16 gw1 sshd[26841]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.167.123.113 Apr 7 18:52:18 gw1 sshd[26841]: Failed password for invalid user user3 from 14.167.123.113 port 2879 ssh2 ...	2020-04-08 02:57:34
95.145.136.7	attackspam	Automatic report - Port Scan Attack	2020-04-08 02:34:00
1.179.185.50	attackbotsspam	Dec 16 02:07:21 mail sshd\[9945\]: Invalid user share from 1.179.185.50 port 38206 Dec 16 02:07:21 mail sshd\[9945\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.185.50 Dec 16 02:07:23 mail sshd\[9945\]: Failed password for invalid user share from 1.179.185.50 port 38206 ssh2 Dec 16 02:13:54 mail sshd\[14167\]: Invalid user test from 1.179.185.50 port 49058 Dec 16 02:13:54 mail sshd\[14167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=1.179.185.50 ...	2020-04-08 02:51:47
200.215.160.113	attackspambots	Apr 7 20:43:50 ncomp sshd[12606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.215.160.113 user=root Apr 7 20:43:52 ncomp sshd[12606]: Failed password for root from 200.215.160.113 port 39272 ssh2 Apr 7 20:47:25 ncomp sshd[12667]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.215.160.113 user=root Apr 7 20:47:27 ncomp sshd[12667]: Failed password for root from 200.215.160.113 port 60095 ssh2	2020-04-08 02:52:14
113.200.58.178	attack	Apr 7 23:53:21 itv-usvr-01 sshd[23825]: Invalid user user from 113.200.58.178 Apr 7 23:53:21 itv-usvr-01 sshd[23825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.200.58.178 Apr 7 23:53:21 itv-usvr-01 sshd[23825]: Invalid user user from 113.200.58.178 Apr 7 23:53:23 itv-usvr-01 sshd[23825]: Failed password for invalid user user from 113.200.58.178 port 24255 ssh2	2020-04-08 02:53:59
14.18.54.30	attackspambots	$f2bV_matches	2020-04-08 02:23:09
61.74.118.139	attack	Apr 7 15:47:41 localhost sshd\[29491\]: Invalid user margaret from 61.74.118.139 port 49998 Apr 7 15:47:41 localhost sshd\[29491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.74.118.139 Apr 7 15:47:43 localhost sshd\[29491\]: Failed password for invalid user margaret from 61.74.118.139 port 49998 ssh2 ...	2020-04-08 02:51:18
49.48.102.180	attack	2020-04-07 14:40:43 plain_virtual_exim authenticator failed for ([127.0.0.1]) [49.48.102.180]: 535 Incorrect authentication data ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=49.48.102.180	2020-04-08 02:58:07
152.136.17.25	attack	Apr 7 18:26:28 ip-172-31-62-245 sshd\[19944\]: Invalid user deploy from 152.136.17.25\ Apr 7 18:26:30 ip-172-31-62-245 sshd\[19944\]: Failed password for invalid user deploy from 152.136.17.25 port 34360 ssh2\ Apr 7 18:31:06 ip-172-31-62-245 sshd\[19984\]: Invalid user junit from 152.136.17.25\ Apr 7 18:31:09 ip-172-31-62-245 sshd\[19984\]: Failed password for invalid user junit from 152.136.17.25 port 58626 ssh2\ Apr 7 18:35:48 ip-172-31-62-245 sshd\[20053\]: Invalid user test from 152.136.17.25\	2020-04-08 02:50:57
195.223.211.242	attackbots	(sshd) Failed SSH login from 195.223.211.242 (IT/Italy/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 7 19:04:10 ubnt-55d23 sshd[18221]: Invalid user es from 195.223.211.242 port 56127 Apr 7 19:04:12 ubnt-55d23 sshd[18221]: Failed password for invalid user es from 195.223.211.242 port 56127 ssh2	2020-04-08 02:58:34
35.195.188.176	attackbots	Brute force SMTP login attempted. ...	2020-04-08 02:32:06
92.118.38.66	attack	Apr 7 20:12:30 relay postfix/smtpd\[20238\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 7 20:12:41 relay postfix/smtpd\[22392\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 7 20:13:12 relay postfix/smtpd\[20238\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 7 20:13:23 relay postfix/smtpd\[25207\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 7 20:13:55 relay postfix/smtpd\[20238\]: warning: unknown\[92.118.38.66\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-04-08 02:21:25
106.12.36.224	attackbotsspam	Apr 7 19:18:08 vps333114 sshd[22283]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.224 Apr 7 19:18:11 vps333114 sshd[22283]: Failed password for invalid user sso from 106.12.36.224 port 57324 ssh2 ...	2020-04-08 02:44:07
106.246.250.202	attack	Apr 7 22:37:56 itv-usvr-02 sshd[3980]: Invalid user linsoft from 106.246.250.202 port 61788 Apr 7 22:37:56 itv-usvr-02 sshd[3980]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.246.250.202 Apr 7 22:37:56 itv-usvr-02 sshd[3980]: Invalid user linsoft from 106.246.250.202 port 61788 Apr 7 22:37:58 itv-usvr-02 sshd[3980]: Failed password for invalid user linsoft from 106.246.250.202 port 61788 ssh2 Apr 7 22:45:07 itv-usvr-02 sshd[4410]: Invalid user deploy from 106.246.250.202 port 48438	2020-04-08 02:50:12

Recently Reported IPs

85.199.70.148	197.3.235.230	115.114.188.179	66.151.214.215
98.15.116.46	126.167.133.214	198.127.161.213	190.47.129.206
162.199.52.154	171.58.210.31	137.74.181.116	124.204.16.171
36.253.100.38	206.56.228.190	122.90.2.235	204.123.19.59
120.78.224.75	105.155.250.106	77.71.245.136	14.102.130.31