47.93.20.99 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: Aliyun Computing Co. Ltd

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-07-02 04:37:42

Comments on same subnet:

IP	Type	Details	Datetime
47.93.204.113	attack	Aug 27 08:29:18 host sshd\[2137\]: Invalid user qfc from 47.93.204.113 Aug 27 08:29:18 host sshd\[2137\]: Failed password for invalid user qfc from 47.93.204.113 port 38996 ssh2 Aug 27 08:55:19 host sshd\[7956\]: Invalid user avinash from 47.93.204.113 Aug 27 08:55:19 host sshd\[7956\]: Failed password for invalid user avinash from 47.93.204.113 port 60072 ssh2 ...	2020-08-28 04:48:08
47.93.207.58	attackspambots	Unauthorized connection attempt detected from IP address 47.93.207.58 to port 10895	2020-07-22 18:00:00
47.93.204.91	attack	Jan 3 14:07:41 sxvn sshd[3407169]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.93.204.91	2020-01-03 21:55:00
47.93.202.197	attackbotsspam	Port scan on 3 port(s): 2376 2377 4243	2019-12-03 22:38:45
47.93.206.149	attackspambots	Unauthorised access (Jul 9) SRC=47.93.206.149 LEN=60 TTL=45 ID=64804 DF TCP DPT=1433 WINDOW=29200 SYN	2019-07-10 06:43:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.93.20.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18218
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;47.93.20.99.			IN	A

;; AUTHORITY SECTION:
.			1601	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070101 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Tue Jul 02 04:37:37 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 99.20.93.47.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 99.20.93.47.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
13.94.36.15	attackbotsspam	Nov 26 07:09:46 collab sshd[7718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.36.15 user=r.r Nov 26 07:09:49 collab sshd[7718]: Failed password for r.r from 13.94.36.15 port 59534 ssh2 Nov 26 07:09:49 collab sshd[7718]: Received disconnect from 13.94.36.15: 11: Bye Bye [preauth] Nov 26 07:23:03 collab sshd[8278]: Invalid user vncuser from 13.94.36.15 Nov 26 07:23:03 collab sshd[8278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=13.94.36.15 Nov 26 07:23:05 collab sshd[8278]: Failed password for invalid user vncuser from 13.94.36.15 port 36408 ssh2 Nov 26 07:23:06 collab sshd[8278]: Received disconnect from 13.94.36.15: 11: Bye Bye [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=13.94.36.15	2019-11-26 15:45:40
78.128.113.123	attackspam	Nov 26 08:08:17 mail postfix/smtpd[32102]: warning: unknown[78.128.113.123]: SASL PLAIN authentication failed: Nov 26 08:14:24 mail postfix/smtpd[32206]: warning: unknown[78.128.113.123]: SASL PLAIN authentication failed: Nov 26 08:17:28 mail postfix/smtpd[32131]: warning: unknown[78.128.113.123]: SASL PLAIN authentication failed:	2019-11-26 15:39:41
139.162.86.84	attackbots	" "	2019-11-26 16:02:41
45.225.236.37	attack	MultiHost/MultiPort Probe, Scan, Hack -	2019-11-26 16:08:14
112.141.202.143	attack	TCP Port Scanning	2019-11-26 15:49:36
222.186.173.180	attack	Nov 26 08:04:15 localhost sshd\[117091\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.180 user=root Nov 26 08:04:18 localhost sshd\[117091\]: Failed password for root from 222.186.173.180 port 51326 ssh2 Nov 26 08:04:21 localhost sshd\[117091\]: Failed password for root from 222.186.173.180 port 51326 ssh2 Nov 26 08:04:25 localhost sshd\[117091\]: Failed password for root from 222.186.173.180 port 51326 ssh2 Nov 26 08:04:29 localhost sshd\[117091\]: Failed password for root from 222.186.173.180 port 51326 ssh2 ...	2019-11-26 16:08:45
93.170.130.1	attackbotsspam	2019-11-26T07:33:12.212540abusebot-3.cloudsearch.cf sshd\[22947\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=93.170.130.1 user=bin	2019-11-26 15:35:00
187.189.95.50	attack	Nov 25 16:33:37 nbi-636 sshd[3036]: Invalid user rickborn from 187.189.95.50 port 17857 Nov 25 16:33:38 nbi-636 sshd[3036]: Failed password for invalid user rickborn from 187.189.95.50 port 17857 ssh2 Nov 25 16:33:39 nbi-636 sshd[3036]: Received disconnect from 187.189.95.50 port 17857:11: Bye Bye [preauth] Nov 25 16:33:39 nbi-636 sshd[3036]: Disconnected from 187.189.95.50 port 17857 [preauth] Nov 25 16:47:53 nbi-636 sshd[5792]: Invalid user rpm from 187.189.95.50 port 42260 Nov 25 16:47:56 nbi-636 sshd[5792]: Failed password for invalid user rpm from 187.189.95.50 port 42260 ssh2 Nov 25 16:47:56 nbi-636 sshd[5792]: Received disconnect from 187.189.95.50 port 42260:11: Bye Bye [preauth] Nov 25 16:47:56 nbi-636 sshd[5792]: Disconnected from 187.189.95.50 port 42260 [preauth] Nov 25 16:55:51 nbi-636 sshd[7248]: Invalid user webmaster from 187.189.95.50 port 18166 Nov 25 16:55:53 nbi-636 sshd[7248]: Failed password for invalid user webmaster from 187.189.95.50 port 18166 ........ -------------------------------	2019-11-26 15:51:54
218.92.0.134	attack	Nov 26 08:34:28 sso sshd[14224]: Failed password for root from 218.92.0.134 port 40032 ssh2 Nov 26 08:34:31 sso sshd[14224]: Failed password for root from 218.92.0.134 port 40032 ssh2 ...	2019-11-26 15:42:09
51.254.32.102	attackbots	Nov 26 08:20:15 localhost sshd\[20024\]: Invalid user somepassword from 51.254.32.102 port 58548 Nov 26 08:20:15 localhost sshd\[20024\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.32.102 Nov 26 08:20:17 localhost sshd\[20024\]: Failed password for invalid user somepassword from 51.254.32.102 port 58548 ssh2	2019-11-26 15:38:00
51.83.138.91	attack	51.83.138.91 was recorded 40 times by 24 hosts attempting to connect to the following ports: 3390,53389,63389,3388,33892,33893,3399,33389,33899,3391,33890,23389,13389. Incident counter (4h, 24h, all-time): 40, 237, 5111	2019-11-26 16:00:17
203.114.102.69	attackspam	Nov 26 07:49:48 ncomp sshd[9506]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.114.102.69 user=root Nov 26 07:49:50 ncomp sshd[9506]: Failed password for root from 203.114.102.69 port 38262 ssh2 Nov 26 08:29:08 ncomp sshd[10329]: Invalid user squid from 203.114.102.69	2019-11-26 15:43:20
211.150.70.18	attack	Nov 26 07:29:13 mail postfix/postscreen[18213]: DNSBL rank 3 for [211.150.70.18]:23231 ...	2019-11-26 15:39:07
106.52.52.230	attack	Nov 26 08:15:53 mail sshd[1994]: Failed password for root from 106.52.52.230 port 53764 ssh2 Nov 26 08:23:36 mail sshd[3546]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.52.52.230 Nov 26 08:23:38 mail sshd[3546]: Failed password for invalid user vcsa from 106.52.52.230 port 59048 ssh2	2019-11-26 15:39:27
112.21.191.252	attack	F2B jail: sshd. Time: 2019-11-26 08:40:58, Reported by: VKReport	2019-11-26 15:46:02

Recently Reported IPs

90.154.86.122	203.66.211.176	76.99.203.14	237.194.137.69
166.134.16.20	20.66.253.223	91.193.15.128	184.69.141.229
87.154.251.205	211.24.88.31	128.165.198.39	231.228.169.131
224.170.44.76	185.137.234.182	148.40.211.237	181.40.84.98
29.237.142.238	108.235.193.151	90.230.174.235	168.228.148.109