142.93.50.178 - IPInfo

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 19 01:10:47 nextcloud sshd\[27786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root Aug 19 01:10:48 nextcloud sshd\[27786\]: Failed password for root from 142.93.50.178 port 57930 ssh2 Aug 19 01:16:52 nextcloud sshd\[3590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root ...	2019-08-19 09:27:09
attack	Aug 18 06:01:00 debian sshd\[8092\]: Invalid user bayonne from 142.93.50.178 port 32796 Aug 18 06:01:00 debian sshd\[8092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 ...	2019-08-18 13:14:45
attackbotsspam	SSH Brute Force, server-1 sshd[20632]: Failed password for invalid user user01 from 142.93.50.178 port 58286 ssh2	2019-08-17 02:51:32
attackspam	Aug 7 14:46:49 debian sshd\[2690\]: Invalid user mysql from 142.93.50.178 port 45638 Aug 7 14:46:49 debian sshd\[2690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 Aug 7 14:46:51 debian sshd\[2690\]: Failed password for invalid user mysql from 142.93.50.178 port 45638 ssh2 ...	2019-08-08 02:58:19
attackbotsspam	Jul 28 23:17:08 vpn01 sshd\[16037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root Jul 28 23:17:11 vpn01 sshd\[16037\]: Failed password for root from 142.93.50.178 port 59938 ssh2 Jul 28 23:32:21 vpn01 sshd\[16061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root	2019-07-29 07:06:38
attackspambots	2019-07-17T06:44:03.718554abusebot-4.cloudsearch.cf sshd\[1555\]: Invalid user vendeg from 142.93.50.178 port 43746	2019-07-17 15:19:37
attackbotsspam	2019-07-17T02:34:20.618525abusebot-4.cloudsearch.cf sshd\[363\]: Invalid user hari from 142.93.50.178 port 37556	2019-07-17 10:47:05
attackbotsspam	2019-07-16T16:50:19.686210abusebot-4.cloudsearch.cf sshd\[30320\]: Invalid user tan from 142.93.50.178 port 35810	2019-07-17 01:07:49
attack	Jul 11 03:42:26 * sshd[659]: Failed password for invalid user wen from 142.93.50.178 port 58992 ssh2 Jul 11 03:44:12 * sshd[688]: Failed password for invalid user jenkins from 142.93.50.178 port 51852 ssh2 Jul 11 03:45:35 * sshd[710]: Failed password for invalid user nate from 142.93.50.178 port 40688 ssh2 Jul 11 03:46:56 * sshd[712]: Failed password for invalid user tarcisio from 142.93.50.178 port 57740 ssh2 Jul 11 03:48:15 * sshd[714]: Failed password for invalid user gopi from 142.93.50.178 port 46576 ssh2 Jul 11 03:49:35 * sshd[718]: Failed password for invalid user yi from 142.93.50.178 port 35396 ssh2 Jul 11 03:51:00 * sshd[720]: Failed password for invalid user debian from 142.93.50.178 port 52464 ssh2 Jul 11 03:52:26 * sshd[722]: Failed password for invalid user jeff from 142.93.50.178 port 41300 ssh2 Jul 11 03:53:47 * sshd[724]: Failed password for invalid user yamada from 142.93.50.178 port 58352 ssh2 Jul 11 03:55:13 * sshd[731]: Failed password for invalid user dh from 142.93.5	2019-07-12 04:39:00
attack	Jun 30 18:32:13 thevastnessof sshd[20253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 ...	2019-07-01 02:52:38

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.50.112	attack	20/5/2@09:08:22: FAIL: IoT-SSH address from=142.93.50.112 ...	2020-05-03 02:19:50

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.50.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35928
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.50.178.			IN	A

;; AUTHORITY SECTION:
.			2198	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 16:08:25 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 178.50.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 178.50.93.142.in-addr.arpa: NXDOMAIN

IP	类型	评论内容	时间
185.175.93.104	attack	Fail2Ban Ban Triggered	2020-08-27 00:08:03
45.145.66.66	attackspambots	scans 2 times in preceeding hours on the ports (in chronological order) 3546 8562 resulting in total of 13 scans from 45.145.66.0/23 block.	2020-08-27 00:46:26
94.102.51.29	attack	TCP (SYN) 94.102.51.29:58115 -> port 8000, len 44	2020-08-27 00:35:15
195.54.160.228	attack	SmallBizIT.US 6 packets to tcp(4489,5000,43389,53389,63389,65535)	2020-08-27 00:33:42
62.171.163.94	attackspambots	scans 8 times in preceeding hours on the ports (in chronological order) 1093 1094 1095 1096 1097 1098 1099 1100	2020-08-27 00:05:35
45.129.33.154	attackspambots	firewall-block, port(s): 53407/tcp, 53443/tcp, 53477/tcp, 53513/tcp, 53546/tcp	2020-08-27 00:23:06
206.189.188.218	attack	firewall-block, port(s): 15545/tcp	2020-08-27 00:46:54
185.216.140.6	attackspam	Port Scan ...	2020-08-27 00:07:28
80.82.65.90	attackspam	UDP 80.82.65.90:58858 -> port 53, len 64	2020-08-27 00:43:39
78.128.113.42	attackbotsspam	SmallBizIT.US 3 packets to tcp(2227,5561,7740)	2020-08-27 00:04:38
185.175.93.14	attack	SmallBizIT.US 3 packets to tcp(7003,7613,23656)	2020-08-27 00:09:41
192.241.235.17	attack	scans once in preceeding hours on the ports (in chronological order) 5351 resulting in total of 38 scans from 192.241.128.0/17 block.	2020-08-27 00:49:06
195.54.160.155	attack	TCP (SYN) 195.54.160.155:57125 -> port 15980, len 44	2020-08-27 00:34:03
195.54.167.93	attackspam	SmallBizIT.US 5 packets to tcp(12387,12391,12399,12480,12499)	2020-08-27 00:29:40
195.54.167.92	attack	SmallBizIT.US 9 packets to tcp(11989,11993,11994,11996,11998,12080,12084,12090,12094)	2020-08-27 00:30:16

最近上报的IP列表

12.69.93.106	50.87.152.103	178.128.94.55	117.6.160.251
94.100.28.230	45.72.184.74	175.107.200.184	117.4.120.62
178.128.68.103	79.89.191.96	2003:d4:1f18:e1cb:25b9:ab6b:c232:125d	128.199.162.251
118.70.176.108	194.152.42.131	84.241.37.228	37.232.160.211
122.161.197.163	47.58.217.221	62.143.26.152	59.42.10.173