211.93.118.55 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China United Telecommunications Corporation

Hostname: unknown

Organization: unknown

Usage Type: Fixed Line ISP

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	Unauthorised access (Sep 25) SRC=211.93.118.55 LEN=40 TTL=49 ID=36123 TCP DPT=8080 WINDOW=53480 SYN	2019-09-25 15:54:53

Comments on same subnet:

IP	Type	Details	Datetime
211.93.118.58	attack	Scanning random ports - tries to find possible vulnerable services	2020-02-24 08:03:39

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.93.118.55
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55048
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.93.118.55.			IN	A

;; AUTHORITY SECTION:
.			526	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019092500 1800 900 604800 86400

;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Sep 25 15:54:50 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 55.118.93.211.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 183.60.83.19, trying next server
Server:		183.60.82.98
Address:	183.60.82.98#53

** server can't find 55.118.93.211.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
148.70.54.83	attack	SSH Brute Force, server-1 sshd[30590]: Failed password for invalid user cooks from 148.70.54.83 port 56380 ssh2	2019-11-17 22:03:33
138.197.89.212	attackspambots	CyberHackers.eu > SSH Bruteforce attempt!	2019-11-17 22:13:18
115.114.111.94	attack	Nov 17 10:13:57 vps01 sshd[4560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=115.114.111.94 Nov 17 10:13:59 vps01 sshd[4560]: Failed password for invalid user guest from 115.114.111.94 port 53708 ssh2	2019-11-17 21:50:31
106.13.230.219	attack	F2B jail: sshd. Time: 2019-11-17 15:01:33, Reported by: VKReport	2019-11-17 22:09:52
178.128.122.3	attack	Nov 17 15:34:21 lcl-usvr-02 sshd[4860]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.122.3 user=root Nov 17 15:34:23 lcl-usvr-02 sshd[4860]: Failed password for root from 178.128.122.3 port 62171 ssh2 ...	2019-11-17 22:07:46
118.25.111.153	attack	2019-11-17T04:57:45.823805ns547587 sshd\[3902\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.111.153 user=root 2019-11-17T04:57:47.420972ns547587 sshd\[3902\]: Failed password for root from 118.25.111.153 port 49373 ssh2 2019-11-17T05:04:31.524322ns547587 sshd\[17632\]: Invalid user drew from 118.25.111.153 port 38085 2019-11-17T05:04:31.526316ns547587 sshd\[17632\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.25.111.153 ...	2019-11-17 22:03:57
223.244.87.132	attackbots	Nov 17 12:28:43 *** sshd[28731]: User root from 223.244.87.132 not allowed because not listed in AllowUsers	2019-11-17 22:01:03
132.64.81.226	attackbotsspam	Lines containing failures of 132.64.81.226 Nov 13 09:52:12 nxxxxxxx sshd[13288]: Invalid user bond007 from 132.64.81.226 port 60560 Nov 13 09:52:12 nxxxxxxx sshd[13288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.64.81.226 Nov 13 09:52:15 nxxxxxxx sshd[13288]: Failed password for invalid user bond007 from 132.64.81.226 port 60560 ssh2 Nov 13 09:52:15 nxxxxxxx sshd[13288]: Received disconnect from 132.64.81.226 port 60560:11: Bye Bye [preauth] Nov 13 09:52:15 nxxxxxxx sshd[13288]: Disconnected from invalid user bond007 132.64.81.226 port 60560 [preauth] Nov 13 10:07:29 nxxxxxxx sshd[15049]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.64.81.226 user=mysql Nov 13 10:07:31 nxxxxxxx sshd[15049]: Failed password for mysql from 132.64.81.226 port 45950 ssh2 Nov 13 10:07:31 nxxxxxxx sshd[15049]: Received disconnect from 132.64.81.226 port 45950:11: Bye Bye [preauth] Nov 13 10:07:31 ........ ------------------------------	2019-11-17 22:16:12
89.248.172.16	attackspam	89.248.172.16 was recorded 7 times by 6 hosts attempting to connect to the following ports: 3119,8804,3402,491,9199,7000,8048. Incident counter (4h, 24h, all-time): 7, 53, 610	2019-11-17 22:17:05
27.70.153.187	attack	Nov 17 14:46:23 vmi148877 sshd\[2246\]: refused connect from 27.70.153.187 \(27.70.153.187\) Nov 17 14:46:25 vmi148877 sshd\[2254\]: refused connect from 27.70.153.187 \(27.70.153.187\) Nov 17 14:46:26 vmi148877 sshd\[2261\]: refused connect from 27.70.153.187 \(27.70.153.187\) Nov 17 14:47:01 vmi148877 sshd\[2275\]: refused connect from 27.70.153.187 \(27.70.153.187\) Nov 17 14:47:27 vmi148877 sshd\[2289\]: refused connect from 27.70.153.187 \(27.70.153.187\)	2019-11-17 21:52:50
83.168.104.70	attack	Automatic report - XMLRPC Attack	2019-11-17 22:12:06
27.155.99.173	attack	2019-11-17T06:57:18.206804abusebot-2.cloudsearch.cf sshd\[18197\]: Invalid user zimbra from 27.155.99.173 port 57592	2019-11-17 21:56:56
37.59.107.100	attackbots	SSH Bruteforce	2019-11-17 21:39:58
223.197.175.171	attackbots	SSH Bruteforce	2019-11-17 22:02:58
35.241.73.192	attack	SSH Bruteforce	2019-11-17 21:43:07

Recently Reported IPs

104.2.34.156	85.111.28.190	95.14.144.91	94.130.64.96
114.242.84.140	1.255.153.136	185.112.33.202	185.84.181.47
62.151.182.151	37.73.198.131	185.82.220.154	51.15.43.171
80.82.70.186	185.70.68.82	185.56.72.170	159.203.201.4
39.82.65.205	113.174.76.67	185.50.25.52	13.69.59.19