142.93.50.178 - IPInfo

基本信息:

城市(city): North Bergen

省份(region): New Jersey

国家(country): United States

运营商(isp): DigitalOcean LLC

主机名(hostname): unknown

机构(organization): DigitalOcean, LLC

使用类型(Usage Type): Data Center/Web Hosting/Transit

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackspam	Aug 19 01:10:47 nextcloud sshd\[27786\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root Aug 19 01:10:48 nextcloud sshd\[27786\]: Failed password for root from 142.93.50.178 port 57930 ssh2 Aug 19 01:16:52 nextcloud sshd\[3590\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root ...	2019-08-19 09:27:09
attack	Aug 18 06:01:00 debian sshd\[8092\]: Invalid user bayonne from 142.93.50.178 port 32796 Aug 18 06:01:00 debian sshd\[8092\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 ...	2019-08-18 13:14:45
attackbotsspam	SSH Brute Force, server-1 sshd[20632]: Failed password for invalid user user01 from 142.93.50.178 port 58286 ssh2	2019-08-17 02:51:32
attackspam	Aug 7 14:46:49 debian sshd\[2690\]: Invalid user mysql from 142.93.50.178 port 45638 Aug 7 14:46:49 debian sshd\[2690\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 Aug 7 14:46:51 debian sshd\[2690\]: Failed password for invalid user mysql from 142.93.50.178 port 45638 ssh2 ...	2019-08-08 02:58:19
attackbotsspam	Jul 28 23:17:08 vpn01 sshd\[16037\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root Jul 28 23:17:11 vpn01 sshd\[16037\]: Failed password for root from 142.93.50.178 port 59938 ssh2 Jul 28 23:32:21 vpn01 sshd\[16061\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 user=root	2019-07-29 07:06:38
attackspambots	2019-07-17T06:44:03.718554abusebot-4.cloudsearch.cf sshd\[1555\]: Invalid user vendeg from 142.93.50.178 port 43746	2019-07-17 15:19:37
attackbotsspam	2019-07-17T02:34:20.618525abusebot-4.cloudsearch.cf sshd\[363\]: Invalid user hari from 142.93.50.178 port 37556	2019-07-17 10:47:05
attackbotsspam	2019-07-16T16:50:19.686210abusebot-4.cloudsearch.cf sshd\[30320\]: Invalid user tan from 142.93.50.178 port 35810	2019-07-17 01:07:49
attack	Jul 11 03:42:26 * sshd[659]: Failed password for invalid user wen from 142.93.50.178 port 58992 ssh2 Jul 11 03:44:12 * sshd[688]: Failed password for invalid user jenkins from 142.93.50.178 port 51852 ssh2 Jul 11 03:45:35 * sshd[710]: Failed password for invalid user nate from 142.93.50.178 port 40688 ssh2 Jul 11 03:46:56 * sshd[712]: Failed password for invalid user tarcisio from 142.93.50.178 port 57740 ssh2 Jul 11 03:48:15 * sshd[714]: Failed password for invalid user gopi from 142.93.50.178 port 46576 ssh2 Jul 11 03:49:35 * sshd[718]: Failed password for invalid user yi from 142.93.50.178 port 35396 ssh2 Jul 11 03:51:00 * sshd[720]: Failed password for invalid user debian from 142.93.50.178 port 52464 ssh2 Jul 11 03:52:26 * sshd[722]: Failed password for invalid user jeff from 142.93.50.178 port 41300 ssh2 Jul 11 03:53:47 * sshd[724]: Failed password for invalid user yamada from 142.93.50.178 port 58352 ssh2 Jul 11 03:55:13 * sshd[731]: Failed password for invalid user dh from 142.93.5	2019-07-12 04:39:00
attack	Jun 30 18:32:13 thevastnessof sshd[20253]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.50.178 ...	2019-07-01 02:52:38

相同子网IP讨论:

IP	类型	评论内容	时间
142.93.50.112	attack	20/5/2@09:08:22: FAIL: IoT-SSH address from=142.93.50.112 ...	2020-05-03 02:19:50

WHOIS信息:

DIG信息:


; <<>> DiG 9.10.3-P4-Ubuntu <<>> 142.93.50.178
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 35928
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;142.93.50.178.			IN	A

;; AUTHORITY SECTION:
.			2198	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019040800 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.3#53(67.207.67.3)
;; WHEN: Mon Apr 08 16:08:25 +08 2019
;; MSG SIZE  rcvd: 117

HOST信息:

Host 178.50.93.142.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		67.207.67.3
Address:	67.207.67.3#53

** server can't find 178.50.93.142.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
175.107.192.204	attackbotsspam	xmlrpc attack	2019-07-24 09:08:42
36.89.163.178	attack	Jul 23 22:15:17 host sshd\[65417\]: Invalid user admin from 36.89.163.178 port 44956 Jul 23 22:15:17 host sshd\[65417\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.89.163.178 ...	2019-07-24 08:48:30
79.137.35.70	attack	Automatic report - Banned IP Access	2019-07-24 09:09:07
163.179.32.240	attackspam	eintrachtkultkellerfulda.de 163.179.32.240 \[23/Jul/2019:22:14:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 2076 "-" "Mozilla/5.0 $Windows NT 6.1\; WOW64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0" eintrachtkultkellerfulda.de 163.179.32.240 \[23/Jul/2019:22:14:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 2076 "-" "Mozilla/5.0 $Windows NT 6.1\; WOW64$ AppleWebKit/537.36 $KHTML, like Gecko$ Chrome/58.0.3029.110 Safari/537.36 SE 2.X MetaSr 1.0"	2019-07-24 09:14:21
192.144.159.186	attackspam	WordPress brute force	2019-07-24 08:40:48
117.66.243.77	attackspambots	Jul 24 03:02:24 rpi sshd[5351]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.66.243.77 Jul 24 03:02:26 rpi sshd[5351]: Failed password for invalid user kobayashi from 117.66.243.77 port 43693 ssh2	2019-07-24 09:05:17
191.53.221.5	attackbots	Jul 23 16:14:25 web1 postfix/smtpd[28822]: warning: unknown[191.53.221.5]: SASL PLAIN authentication failed: authentication failure ...	2019-07-24 09:13:31
185.53.88.22	attack	\[2019-07-23 20:45:35\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-23T20:45:35.723-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9441144630211",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.22/63309",ACLName="no_extension_match" \[2019-07-23 20:46:53\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-23T20:46:53.271-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011441144630211",SessionID="0x7f06f8009f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.22/52072",ACLName="no_extension_match" \[2019-07-23 20:47:57\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-23T20:47:57.184-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441144630211",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.53.88.22/54485",ACLName="no_exte	2019-07-24 09:04:43
178.218.104.8	attackbots	proto=tcp . spt=35475 . dpt=25 . (listed on Blocklist de Jul 23) (1032)	2019-07-24 09:12:58
177.23.56.147	attack	$f2bV_matches	2019-07-24 09:08:18
217.228.221.253	attackbotsspam	Chat Spam	2019-07-24 08:57:17
114.215.164.201	attackspambots	WordPress brute force	2019-07-24 08:51:54
104.214.234.214	attackbots	Jul 23 19:44:43 riskplan-s sshd[20550]: Did not receive identification string from 104.214.234.214 Jul 23 19:46:42 riskplan-s sshd[20605]: Invalid user oracle from 104.214.234.214 Jul 23 19:46:42 riskplan-s sshd[20605]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.234.214 Jul 23 19:46:45 riskplan-s sshd[20605]: Failed password for invalid user oracle from 104.214.234.214 port 38954 ssh2 Jul 23 19:46:45 riskplan-s sshd[20605]: Received disconnect from 104.214.234.214: 11: Normal Shutdown, Thank you for playing [preauth] Jul 23 19:47:31 riskplan-s sshd[20624]: Invalid user oracle from 104.214.234.214 Jul 23 19:47:31 riskplan-s sshd[20624]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.214.234.214 Jul 23 19:47:32 riskplan-s sshd[20624]: Failed password for invalid user oracle from 104.214.234.214 port 47956 ssh2 Jul 23 19:47:32 riskplan-s sshd[20624]: Received disconnect from........ -------------------------------	2019-07-24 08:58:37
89.25.114.144	attack	Automatic report - Port Scan Attack	2019-07-24 09:20:23
5.228.232.101	attackspambots	proto=tcp . spt=57985 . dpt=25 . (listed on Blocklist de Jul 23) (1031)	2019-07-24 09:14:50

最近上报的IP列表

12.69.93.106	50.87.152.103	178.128.94.55	117.6.160.251
94.100.28.230	45.72.184.74	175.107.200.184	117.4.120.62
178.128.68.103	79.89.191.96	2003:d4:1f18:e1cb:25b9:ab6b:c232:125d	128.199.162.251
118.70.176.108	194.152.42.131	84.241.37.228	37.232.160.211
122.161.197.163	47.58.217.221	62.143.26.152	59.42.10.173