142.93.50.178 - IPInfo

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 19 01:10:47 nextcloud sshd\[27786\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root Aug 19 01:10:48 nextcloud sshd\[27786\]: Failed password for root from 142.93.50.178 port 57930 ssh2 Aug 19 01:16:52 nextcloud sshd\[3590\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root ...	2019-08-19 09:27:09
attack	Aug 18 06:01:00 debian sshd\[8092\]: Invalid user bayonne from 142.93.50.178 port 32796 Aug 18 06:01:00 debian sshd\[8092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 ...	2019-08-18 13:14:45
attackbotsspam	SSH Brute Force, server-1 sshd[20632]: Failed password for invalid user user01 from 142.93.50.178 port 58286 ssh2	2019-08-17 02:51:32
attackspam	Aug 7 14:46:49 debian sshd\[2690\]: Invalid user mysql from 142.93.50.178 port 45638 Aug 7 14:46:49 debian sshd\[2690\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 Aug 7 14:46:51 debian sshd\[2690\]: Failed password for invalid user mysql from 142.93.50.178 port 45638 ssh2 ...	2019-08-08 02:58:19
attackbotsspam	Jul 28 23:17:08 vpn01 sshd\[16037\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root Jul 28 23:17:11 vpn01 sshd\[16037\]: Failed password for root from 142.93.50.178 port 59938 ssh2 Jul 28 23:32:21 vpn01 sshd\[16061\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root	2019-07-29 07:06:38
attackspambots	2019-07-17T06:44:03.718554abusebot-4.cloudsearch.cf sshd\[1555\]: Invalid user vendeg from 142.93.50.178 port 43746	2019-07-17 15:19:37
attackbotsspam	2019-07-17T02:34:20.618525abusebot-4.cloudsearch.cf sshd\[363\]: Invalid user hari from 142.93.50.178 port 37556	2019-07-17 10:47:05
attackbotsspam	2019-07-16T16:50:19.686210abusebot-4.cloudsearch.cf sshd\[30320\]: Invalid user tan from 142.93.50.178 port 35810	2019-07-17 01:07:49
attack	Jul 11 03:42:26 * sshd[659]: Failed password for invalid user wen from 142.93.50.178 port 58992 ssh2 Jul 11 03:44:12 * sshd[688]: Failed password for invalid user jenkins from 142.93.50.178 port 51852 ssh2 Jul 11 03:45:35 * sshd[710]: Failed password for invalid user nate from 142.93.50.178 port 40688 ssh2 Jul 11 03:46:56 * sshd[712]: Failed password for invalid user tarcisio from 142.93.50.178 port 57740 ssh2 Jul 11 03:48:15 * sshd[714]: Failed password for invalid user gopi from 142.93.50.178 port 46576 ssh2 Jul 11 03:49:35 * sshd[718]: Failed password for invalid user yi from 142.93.50.178 port 35396 ssh2 Jul 11 03:51:00 * sshd[720]: Failed password for invalid user debian from 142.93.50.178 port 52464 ssh2 Jul 11 03:52:26 * sshd[722]: Failed password for invalid user jeff from 142.93.50.178 port 41300 ssh2 Jul 11 03:53:47 * sshd[724]: Failed password for invalid user yamada from 142.93.50.178 port 58352 ssh2 Jul 11 03:55:13 * sshd[731]: Failed password for invalid user dh from 142.93.5	2019-07-12 04:39:00
attack	Jun 30 18:32:13 thevastnessof sshd[20253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 ...	2019-07-01 02:52:38

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.50.112	attack	20/5/2@09:08:22: FAIL: IoT-SSH address from=142.93.50.112 ...	2020-05-03 02:19:50

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.50.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35928
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.50.178.			IN	A

;; AUTHORITY SECTION:
.			2198	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 16:08:25 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 178.50.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 178.50.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
190.233.58.153	attack	2019-11-20 15:27:04 H=([190.233.58.153]) [190.233.58.153]:56068 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=190.233.58.153) 2019-11-20 15:27:05 unexpected disconnection while reading SMTP command from ([190.233.58.153]) [190.233.58.153]:56068 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 15:37:59 H=([190.233.58.153]) [190.233.58.153]:43685 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=190.233.58.153) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.233.58.153	2019-11-21 01:42:07
182.171.245.130	attackspambots	Nov 20 06:58:42 wbs sshd\[23105\]: Invalid user rpc from 182.171.245.130 Nov 20 06:58:42 wbs sshd\[23105\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pb6abf582.tokyff01.ap.so-net.ne.jp Nov 20 06:58:44 wbs sshd\[23105\]: Failed password for invalid user rpc from 182.171.245.130 port 54735 ssh2 Nov 20 07:03:38 wbs sshd\[23514\]: Invalid user backen from 182.171.245.130 Nov 20 07:03:38 wbs sshd\[23514\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=pb6abf582.tokyff01.ap.so-net.ne.jp	2019-11-21 01:20:04
138.68.12.43	attack	2019-11-20T16:54:48.916052centos sshd\[23348\]: Invalid user waja from 138.68.12.43 port 40666 2019-11-20T16:54:48.927245centos sshd\[23348\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.12.43 2019-11-20T16:54:50.510138centos sshd\[23348\]: Failed password for invalid user waja from 138.68.12.43 port 40666 ssh2	2019-11-21 01:11:15
89.150.56.170	attackbots	Automatic report - Banned IP Access	2019-11-21 01:37:26
77.40.40.140	attackspam	Nov 20 17:51:39 mail postfix/smtps/smtpd[9684]: warning: unknown[77.40.40.140]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 17:51:46 mail postfix/smtpd[12435]: warning: unknown[77.40.40.140]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Nov 20 17:55:07 mail postfix/smtpd[12423]: warning: unknown[77.40.40.140]: SASL LOGIN authentication failed: UGFzc3dvcmQ6	2019-11-21 01:35:05
181.164.1.54	attackbotsspam	2019-11-20 14:26:31 H=(54-1-164-181.fibertel.com.ar) [181.164.1.54]:41227 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.164.1.54) 2019-11-20 14:26:32 unexpected disconnection while reading SMTP command from (54-1-164-181.fibertel.com.ar) [181.164.1.54]:41227 I=[10.100.18.21]:25 (error: Connection reset by peer) 2019-11-20 15:36:33 H=(54-1-164-181.fibertel.com.ar) [181.164.1.54]:10162 I=[10.100.18.21]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=181.164.1.54) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=181.164.1.54	2019-11-21 01:31:26
129.213.63.120	attackspam	k+ssh-bruteforce	2019-11-21 01:12:02
122.51.78.154	attackbots	Nov 20 22:35:24 areeb-Workstation sshd[3738]: Failed password for root from 122.51.78.154 port 48454 ssh2 Nov 20 22:39:25 areeb-Workstation sshd[4570]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.78.154 ...	2019-11-21 01:28:56
42.112.170.96	attackspam	2019-11-20 15:28:57 H=([42.112.170.96]) [42.112.170.96]:9988 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=42.112.170.96) 2019-11-20 15:28:58 unexpected disconnection while reading SMTP command from ([42.112.170.96]) [42.112.170.96]:9988 I=[10.100.18.23]:25 (error: Connection reset by peer) 2019-11-20 15:35:15 H=([42.112.170.96]) [42.112.170.96]:49461 I=[10.100.18.23]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=42.112.170.96) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=42.112.170.96	2019-11-21 01:14:37
121.57.224.91	attack	Unauthorised access (Nov 20) SRC=121.57.224.91 LEN=60 TTL=47 ID=8378 DF TCP DPT=8080 WINDOW=14100 SYN	2019-11-21 01:23:46
190.73.57.244	attackbots	Fail2Ban Ban Triggered	2019-11-21 01:22:16
177.66.208.244	attack	Automatic report - Port Scan Attack	2019-11-21 01:43:11
202.29.51.126	attack	2019-11-20T16:57:43.249544abusebot-4.cloudsearch.cf sshd\[28421\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.29.51.126 user=lp	2019-11-21 01:10:47
187.109.166.169	attack	Brute force attempt	2019-11-21 01:23:18
190.42.17.67	attack	2019-11-20 15:08:43 H=([190.42.17.67]) [190.42.17.67]:10210 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=190.42.17.67) 2019-11-20 15:08:45 unexpected disconnection while reading SMTP command from ([190.42.17.67]) [190.42.17.67]:10210 I=[10.100.18.20]:25 (error: Connection reset by peer) 2019-11-20 15:33:59 H=([190.42.17.67]) [190.42.17.67]:54466 I=[10.100.18.20]:25 F=: Host/domain is listed in RBL cbl.abuseat.org (Blocked - see hxxp://www.abuseat.org/lookup.cgi?ip=190.42.17.67) ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=190.42.17.67	2019-11-21 01:05:08

最近上报的IP列表

12.69.93.106	50.87.152.103	178.128.94.55	117.6.160.251
94.100.28.230	45.72.184.74	175.107.200.184	117.4.120.62
178.128.68.103	79.89.191.96	2003:d4:1f18:e1cb:25b9:ab6b:c232:125d	128.199.162.251
118.70.176.108	194.152.42.131	84.241.37.228	37.232.160.211
122.161.197.163	47.58.217.221	62.143.26.152	59.42.10.173