47.94.4.80 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
47.94.41.69	attackspambots	Lines containing failures of 47.94.41.69 Aug 10 07:37:43 penfold sshd[5356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.94.41.69 user=r.r Aug 10 07:37:45 penfold sshd[5356]: Failed password for r.r from 47.94.41.69 port 52326 ssh2 Aug 10 07:37:45 penfold sshd[5356]: Received disconnect from 47.94.41.69 port 52326:11: Bye Bye [preauth] Aug 10 07:37:45 penfold sshd[5356]: Disconnected from authenticating user r.r 47.94.41.69 port 52326 [preauth] Aug 10 07:45:27 penfold sshd[5903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.94.41.69 user=r.r Aug 10 07:45:28 penfold sshd[5903]: Failed password for r.r from 47.94.41.69 port 45086 ssh2 Aug 10 07:45:29 penfold sshd[5903]: Received disconnect from 47.94.41.69 port 45086:11: Bye Bye [preauth] Aug 10 07:45:29 penfold sshd[5903]: Disconnected from authenticating user r.r 47.94.41.69 port 45086 [preauth] Aug 10 07:48:27 penfold sshd[605........ ------------------------------	2020-08-10 21:44:29
47.94.46.215	attackbots	47.94.46.215 - - \[22/Jun/2019:06:32:36 +0200\] "POST /wp-login.php HTTP/1.1" 200 2113 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 47.94.46.215 - - \[22/Jun/2019:06:32:39 +0200\] "POST /wp-login.php HTTP/1.1" 200 2088 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ...	2019-06-22 15:40:03

Type

Details

Datetime

47.94.41.69

attackspambots

Lines containing failures of 47.94.41.69
Aug 10 07:37:43 penfold sshd[5356]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.94.41.69  user=r.r
Aug 10 07:37:45 penfold sshd[5356]: Failed password for r.r from 47.94.41.69 port 52326 ssh2
Aug 10 07:37:45 penfold sshd[5356]: Received disconnect from 47.94.41.69 port 52326:11: Bye Bye [preauth]
Aug 10 07:37:45 penfold sshd[5356]: Disconnected from authenticating user r.r 47.94.41.69 port 52326 [preauth]
Aug 10 07:45:27 penfold sshd[5903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=47.94.41.69  user=r.r
Aug 10 07:45:28 penfold sshd[5903]: Failed password for r.r from 47.94.41.69 port 45086 ssh2
Aug 10 07:45:29 penfold sshd[5903]: Received disconnect from 47.94.41.69 port 45086:11: Bye Bye [preauth]
Aug 10 07:45:29 penfold sshd[5903]: Disconnected from authenticating user r.r 47.94.41.69 port 45086 [preauth]
Aug 10 07:48:27 penfold sshd[605........
------------------------------

2020-08-10 21:44:29

47.94.46.215

attackbots

47.94.46.215 - - \[22/Jun/2019:06:32:36 +0200\] "POST /wp-login.php HTTP/1.1" 200 2113 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
47.94.46.215 - - \[22/Jun/2019:06:32:39 +0200\] "POST /wp-login.php HTTP/1.1" 200 2088 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0"
...

2019-06-22 15:40:03

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 47.94.4.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38071
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;47.94.4.80.			IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025021400 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 14 17:20:55 CST 2025
;; MSG SIZE  rcvd: 103

Host info

Host 80.4.94.47.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 80.4.94.47.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
178.251.31.88	attackbots	21 attempts against mh-ssh on river.magehost.pro	2019-12-07 09:06:28
160.120.6.245	attackbotsspam	Attempt to attack host OS, exploiting network vulnerabilities, on 07-12-2019 04:55:09.	2019-12-07 13:00:05
185.156.73.25	attackbotsspam	Multiport scan : 11 ports scanned 2657 2658 17092 17093 17094 43897 43898 43899 62458 62459 62460	2019-12-07 08:56:43
129.211.24.187	attackbotsspam	Dec 7 00:50:06 h2177944 sshd\[19948\]: Invalid user vk from 129.211.24.187 port 52319 Dec 7 00:50:06 h2177944 sshd\[19948\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.187 Dec 7 00:50:08 h2177944 sshd\[19948\]: Failed password for invalid user vk from 129.211.24.187 port 52319 ssh2 Dec 7 01:01:12 h2177944 sshd\[21422\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.211.24.187 user=backup ...	2019-12-07 08:54:24
180.163.220.96	attack	Brute force attack stopped by firewall	2019-12-07 09:15:38
185.176.27.30	attack	Multiport scan : 6 ports scanned 7589 7590 7591 7683 7684 7685	2019-12-07 08:46:02
185.143.223.121	attackbotsspam	Excessive Port-Scanning	2019-12-07 09:06:53
212.237.53.169	attackbotsspam	Dec 6 14:06:57 sachi sshd\[6270\]: Invalid user cezanni from 212.237.53.169 Dec 6 14:06:57 sachi sshd\[6270\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.237.53.169 Dec 6 14:07:00 sachi sshd\[6270\]: Failed password for invalid user cezanni from 212.237.53.169 port 56098 ssh2 Dec 6 14:12:03 sachi sshd\[6861\]: Invalid user fetherolf from 212.237.53.169 Dec 6 14:12:03 sachi sshd\[6861\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.237.53.169	2019-12-07 08:43:01
185.143.223.145	attackbotsspam	Multiport scan : 37 ports scanned 441 577 678 765 774 949 1116 3773 3883 4344 5051 9339 10819 11408 13123 14536 15824 16412 19195 20203 22338 22744 32322 32393 32927 34346 36060 37076 37158 37543 41713 44441 46465 54544 56503 60131 63670	2019-12-07 09:03:53
106.13.120.176	attack	Dec 6 19:51:49 linuxvps sshd\[63572\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.120.176 user=root Dec 6 19:51:52 linuxvps sshd\[63572\]: Failed password for root from 106.13.120.176 port 51118 ssh2 Dec 6 19:58:23 linuxvps sshd\[1987\]: Invalid user vaesen from 106.13.120.176 Dec 6 19:58:23 linuxvps sshd\[1987\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.120.176 Dec 6 19:58:25 linuxvps sshd\[1987\]: Failed password for invalid user vaesen from 106.13.120.176 port 51324 ssh2	2019-12-07 09:16:51
185.143.223.182	attackspambots	Multiport scan : 38 ports scanned 11039 11051 11201 11233 11264 11285 11345 11346 11437 11498 11505 11512 11524 11577 11580 11582 11600 11608 11612 11618 11631 11726 11746 11748 11762 11772 11793 11800 11806 11808 11827 11843 11845 11857 11869 11961 11967 11993	2019-12-07 09:01:52
101.187.39.74	attack	Dec 6 14:40:32 web9 sshd\[3962\]: Invalid user bomar from 101.187.39.74 Dec 6 14:40:32 web9 sshd\[3962\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.187.39.74 Dec 6 14:40:34 web9 sshd\[3962\]: Failed password for invalid user bomar from 101.187.39.74 port 43544 ssh2 Dec 6 14:47:54 web9 sshd\[5139\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.187.39.74 user=mail Dec 6 14:47:56 web9 sshd\[5139\]: Failed password for mail from 101.187.39.74 port 54754 ssh2	2019-12-07 08:52:16
185.175.93.17	attackbots	12/06/2019-20:11:11.683863 185.175.93.17 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-07 09:13:10
153.35.93.7	attack	Dec 7 01:37:11 server sshd\[3226\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.35.93.7 user=operator Dec 7 01:37:13 server sshd\[3226\]: Failed password for operator from 153.35.93.7 port 48146 ssh2 Dec 7 01:55:10 server sshd\[8819\]: Invalid user lost from 153.35.93.7 Dec 7 01:55:10 server sshd\[8819\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=153.35.93.7 Dec 7 01:55:12 server sshd\[8819\]: Failed password for invalid user lost from 153.35.93.7 port 64340 ssh2 ...	2019-12-07 09:11:55
132.145.170.174	attackbotsspam	IP blocked	2019-12-07 08:47:31

Recently Reported IPs

156.222.210.199	209.100.142.196	61.248.223.55	12.156.255.55
114.96.203.29	14.177.89.10	250.56.101.182	199.6.87.20
59.21.77.167	108.119.170.205	203.47.109.198	12.91.144.235
239.178.168.61	179.131.211.125	243.94.115.39	208.190.14.164
212.91.25.14	97.47.133.191	193.252.206.211	228.171.240.174