117.93.116.149

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized access on Port 22 [ssh]	2019-09-09 17:19:04

Comments on same subnet:

IP	Type	Details	Datetime
117.93.116.170	attackbots	Unauthorised access (Oct 3) SRC=117.93.116.170 LEN=40 TTL=50 ID=16842 TCP DPT=23 WINDOW=21417 SYN	2020-10-05 03:42:17
117.93.116.170	attack	Unauthorised access (Oct 3) SRC=117.93.116.170 LEN=40 TTL=50 ID=16842 TCP DPT=23 WINDOW=21417 SYN	2020-10-04 19:31:06

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.93.116.149
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 47465
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.93.116.149.			IN	A

;; AUTHORITY SECTION:
.			2204	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090900 1800 900 604800 86400

;; Query time: 1 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Mon Sep 09 17:18:58 CST 2019
;; MSG SIZE  rcvd: 118

Host info

149.116.93.117.in-addr.arpa domain name pointer 149.116.93.117.broad.yc.js.dynamic.163data.com.cn.

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

Non-authoritative answer:
149.116.93.117.in-addr.arpa	name = 149.116.93.117.broad.yc.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
219.140.198.51	attackspambots	Sep 1 19:57:04 lcdev sshd\[12400\]: Invalid user xq from 219.140.198.51 Sep 1 19:57:04 lcdev sshd\[12400\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.140.198.51 Sep 1 19:57:06 lcdev sshd\[12400\]: Failed password for invalid user xq from 219.140.198.51 port 45348 ssh2 Sep 1 20:02:19 lcdev sshd\[12877\]: Invalid user test from 219.140.198.51 Sep 1 20:02:19 lcdev sshd\[12877\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=219.140.198.51	2019-09-02 20:30:22
59.48.153.231	attack	2019-09-02T05:36:54.972520hub.schaetter.us sshd\[16711\]: Invalid user ch from 59.48.153.231 2019-09-02T05:36:55.000580hub.schaetter.us sshd\[16711\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.48.153.231 2019-09-02T05:36:57.299507hub.schaetter.us sshd\[16711\]: Failed password for invalid user ch from 59.48.153.231 port 35789 ssh2 2019-09-02T05:42:40.440910hub.schaetter.us sshd\[16755\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.48.153.231 user=root 2019-09-02T05:42:42.913941hub.schaetter.us sshd\[16755\]: Failed password for root from 59.48.153.231 port 36194 ssh2 ...	2019-09-02 20:27:49
106.12.120.89	attack	proto=tcp . spt=41284 . dpt=25 . (listed on 106.12.0.0/16 Dark List de Sep 02 03:55) (343)	2019-09-02 20:42:12
43.227.68.77	attackbotsspam	Sep 2 06:12:37 site3 sshd\[33737\]: Invalid user ariel from 43.227.68.77 Sep 2 06:12:37 site3 sshd\[33737\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.227.68.77 Sep 2 06:12:39 site3 sshd\[33737\]: Failed password for invalid user ariel from 43.227.68.77 port 44870 ssh2 Sep 2 06:15:47 site3 sshd\[33809\]: Invalid user jedi from 43.227.68.77 Sep 2 06:15:47 site3 sshd\[33809\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.227.68.77 ...	2019-09-02 19:53:33
118.25.133.121	attackspambots	Sep 2 08:07:05 legacy sshd[1477]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.133.121 Sep 2 08:07:08 legacy sshd[1477]: Failed password for invalid user hath from 118.25.133.121 port 46924 ssh2 Sep 2 08:10:39 legacy sshd[1533]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.133.121 ...	2019-09-02 20:06:59
217.182.186.225	attackspam	Sep 2 03:55:25 vtv3 sshd\[24176\]: Invalid user group3 from 217.182.186.225 port 53960 Sep 2 03:55:25 vtv3 sshd\[24176\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.186.225 Sep 2 03:55:26 vtv3 sshd\[24176\]: Failed password for invalid user group3 from 217.182.186.225 port 53960 ssh2 Sep 2 04:02:39 vtv3 sshd\[27801\]: Invalid user nano from 217.182.186.225 port 38510 Sep 2 04:02:39 vtv3 sshd\[27801\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.186.225 Sep 2 04:20:09 vtv3 sshd\[4637\]: Invalid user patrick from 217.182.186.225 port 38832 Sep 2 04:20:09 vtv3 sshd\[4637\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.182.186.225 Sep 2 04:20:10 vtv3 sshd\[4637\]: Failed password for invalid user patrick from 217.182.186.225 port 38832 ssh2 Sep 2 04:24:07 vtv3 sshd\[6257\]: Invalid user tmp from 217.182.186.225 port 57208 Sep 2 04:24:07 vtv3 ssh	2019-09-02 20:48:09
176.236.25.148	attackbotsspam	port scan and connect, tcp 23 (telnet)	2019-09-02 20:37:46
14.186.50.139	attack	Aug 27 07:10:00 Server10 sshd[14025]: User admin from 14.186.50.139 not allowed because not listed in AllowUsers Aug 27 07:10:00 Server10 sshd[14025]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.186.50.139 user=admin Aug 27 07:10:02 Server10 sshd[14025]: Failed password for invalid user admin from 14.186.50.139 port 50318 ssh2	2019-09-02 20:34:31
170.130.126.214	attack	ECShop Remote Code Execution Vulnerability	2019-09-02 20:09:47
141.98.81.111	attackspam	Sep 2 08:10:40 ny01 sshd[19639]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.111 Sep 2 08:10:40 ny01 sshd[19640]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.81.111 Sep 2 08:10:42 ny01 sshd[19639]: Failed password for invalid user admin from 141.98.81.111 port 44615 ssh2	2019-09-02 20:19:18
116.239.106.35	attackspambots	SSH invalid-user multiple login try	2019-09-02 20:33:07
203.142.84.250	attackspambots	port scan and connect, tcp 80 (http)	2019-09-02 20:41:11
116.74.178.136	attackbotsspam	Caught in portsentry honeypot	2019-09-02 19:56:08
104.248.30.249	attackbotsspam	Sep 2 13:22:47 rotator sshd\[29227\]: Invalid user york from 104.248.30.249Sep 2 13:22:49 rotator sshd\[29227\]: Failed password for invalid user york from 104.248.30.249 port 54934 ssh2Sep 2 13:26:36 rotator sshd\[30030\]: Invalid user gyc from 104.248.30.249Sep 2 13:26:39 rotator sshd\[30030\]: Failed password for invalid user gyc from 104.248.30.249 port 43844 ssh2Sep 2 13:30:25 rotator sshd\[30805\]: Invalid user maria from 104.248.30.249Sep 2 13:30:27 rotator sshd\[30805\]: Failed password for invalid user maria from 104.248.30.249 port 60990 ssh2 ...	2019-09-02 20:44:06
94.23.212.137	attackspambots	Sep 2 09:27:41 SilenceServices sshd[11164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.212.137 Sep 2 09:27:44 SilenceServices sshd[11164]: Failed password for invalid user carla from 94.23.212.137 port 40028 ssh2 Sep 2 09:31:41 SilenceServices sshd[12705]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.23.212.137	2019-09-02 20:35:28

Recently Reported IPs

75.77.163.1	106.53.28.115	244.133.85.98	90.164.111.69
201.171.65.39	47.73.214.96	38.123.140.218	223.35.99.32
96.193.107.183	44.205.19.161	173.229.182.35	153.113.65.226
156.85.173.158	47.38.150.126	161.77.250.56	70.152.229.210
5.200.71.217	131.23.62.210	204.65.189.211	26.226.114.3