50.116.72.139
50.116.72.139 is a threat-intelligence indicator (IPv4 address) classified as Suspicious, corroborated across 7 independent feeds. It is aggregated and de-duplicated from many open and commercial threat feeds, with confidence scoring and decay over time.
Indicator facts
- Type
- IPv4 address
- Indicator
50.116.72.139- Classification
- Suspicious
- Confidence
- 100 / 100
- Corroboration
- 7 independent sources
- First seen
- Last seen
- Network (ASN)
- AS19871 — NETWORK-SOLUTIONS-HOSTING
- Country
- US
Tags
- ssh
- brute-force
- attacker
- aggregate-source
- sshpwauth
- honeypot
- scanner
Related CVEs (42)
- CVE-2026-48840
- CVE-2026-40687
- CVE-2026-40686
- CVE-2026-40685
- CVE-2026-40684
- CVE-2025-67896
- CVE-2024-39929
- CVE-2023-51766
- CVE-2023-42119
- CVE-2023-42117
- CVE-2023-42116
- CVE-2023-42115
- CVE-2023-42114
- CVE-2022-37452
- CVE-2022-37451
- CVE-2022-3559
- CVE-2021-38371
- CVE-2021-27216
- CVE-2020-8015
- CVE-2020-28026
- CVE-2020-28025
- CVE-2020-28024
- CVE-2020-28023
- CVE-2020-28022
- CVE-2020-28021
- CVE-2020-28019
- CVE-2020-28018
- CVE-2020-28017
- CVE-2020-28016
- CVE-2020-28015
- CVE-2020-28014
- CVE-2020-28013
- CVE-2020-28012
- CVE-2020-28011
- CVE-2020-28010
- CVE-2020-28009
- CVE-2020-28008
- CVE-2020-28007
- CVE-2020-12783
- CVE-2019-16928
- CVE-2019-15846
- CVE-2019-13917
← Threat intelligence command center · Explore the indicator corpus