93.99.104.117 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Czechia

Internet Service Provider: Inflr.com.br

Hostname: unknown

Organization: unknown

Usage Type: Data Center/Web Hosting/Transit

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	SQL injection attempt.	2020-04-20 18:15:20
attackbots	20 attempts against mh-misbehave-ban on cell	2020-04-06 21:42:44

Comments on same subnet:

IP	Type	Details	Datetime
93.99.104.106	attackbots	on port 3389	2020-08-28 03:09:16
93.99.104.103	attackspam	20 attempts against mh-misbehave-ban on pine	2020-06-07 13:04:47
93.99.104.103	attack	20 attempts against mh_ha-misbehave-ban on dawn	2020-06-06 12:27:06
93.99.104.103	attackbotsspam	HTTP SQL Injection Attempt, PTR: vps.asciiwolf.com.	2020-05-31 01:34:06
93.99.104.101	attackspambots	21 attempts against mh-misbehave-ban on float	2020-05-20 04:52:10
93.99.104.213	attackspam	(mod_security) mod_security (id:211650) triggered by 93.99.104.213 (CZ/Czechia/mmarketing64.tk): 5 in the last 3600 secs	2020-05-12 17:56:26
93.99.104.199	attack	SQL Injection in QueryString parameter: 2 AND (SELECT 8883 FROM(SELECT COUNT(),CONCAT(0x7178707671,(SELECT (ELT(8883=8883,1))),0x717a766271,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)	2020-05-12 17:45:24
93.99.104.201	attackbots	SQL Injection attack	2020-05-12 15:02:09
93.99.104.191	attack	20 attempts against mh_ha-misbehave-ban on ice	2020-05-11 22:14:54
93.99.104.176	attack	20 attempts against mh-misbehave-ban on thorn	2020-05-08 04:41:29
93.99.104.103	attackspambots	17/Apr/20 02:56:04 #6411981 CRITICAL 114 93.99.104.103 POST /index.php - Cross-site scripting - [SERVER:QUERY_STRING = view=reset&Itemid=101&DJYD%3D4406%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema...] - 17/Apr/20 02:56:10 #7191395 CRITICAL 256 93.99.104.103 POST /index.php - SQL injection - [GET:view = reset) AND (SELECT 5130 FROM(SELECT COUNT(),CONCAT(0x7178717671,(SELECT (ELT(5130=5130,1))),0x71627a7871,FLOOR(RAND(0)2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND (8622=8622] - 17/Apr/20 02:56:13 #3881151 CRITICAL 256 93.99.104.103 POST /index.php - SQL injection - [GET:view = reset) AND 8908=CAST((CHR(113)\|\|CHR(120)\|\|CHR(113)\|\|CHR(118)\|\|CHR(113))\|\|(SELECT (CASE WHEN (8908=8908) THEN 1 ELSE 0 END))::text\|\|(CHR(113)\|\|CHR(98)\|\|CHR(122)\|\|CHR(120)\|\|CHR(113)) AS NUMER...] - 17/Apr/20 02:56:15 #3189325 CRITICAL 256 93.99.104.103 POST	2020-04-18 17:06:46
93.99.104.166	attack	SQL injection attempt.	2020-04-16 13:03:59
93.99.104.125	attack	20 attempts against mh-misbehave-ban on web2	2020-04-11 00:28:57
93.99.104.137	attackspam	sql injection via query parameters	2020-04-10 15:06:28
93.99.104.103	attackbots	200 atempt in 1 min	2020-04-10 02:36:43

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.99.104.117
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50956
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.99.104.117.			IN	A

;; AUTHORITY SECTION:
.			443	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040600 1800 900 604800 86400

;; Query time: 98 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Apr 06 21:42:36 CST 2020
;; MSG SIZE  rcvd: 117

Host info

117.104.99.93.in-addr.arpa domain name pointer dhwt.specialowner.info.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
117.104.99.93.in-addr.arpa	name = dhwt.specialowner.info.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
89.174.36.11	attack	Honeypot attack, port: 81, PTR: PTR record not found	2020-03-01 15:12:33
103.221.244.165	attackbotsspam	Invalid user pdf from 103.221.244.165 port 57572	2020-03-01 14:58:22
223.157.228.214	attack	Honeypot attack, port: 5555, PTR: PTR record not found	2020-03-01 14:21:58
181.191.241.6	attack	Mar 1 06:14:37 game-panel sshd[29395]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.191.241.6 Mar 1 06:14:39 game-panel sshd[29395]: Failed password for invalid user liangying from 181.191.241.6 port 49922 ssh2 Mar 1 06:24:24 game-panel sshd[29690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=181.191.241.6	2020-03-01 14:49:41
178.7.172.207	attack	Lines containing failures of 178.7.172.207 Mar 1 06:55:44 shared02 sshd[20249]: Invalid user usuario from 178.7.172.207 port 35750 Mar 1 06:55:44 shared02 sshd[20249]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.7.172.207 Mar 1 06:55:45 shared02 sshd[20249]: Failed password for invalid user usuario from 178.7.172.207 port 35750 ssh2 Mar 1 06:55:46 shared02 sshd[20249]: Received disconnect from 178.7.172.207 port 35750:11: Bye Bye [preauth] Mar 1 06:55:46 shared02 sshd[20249]: Disconnected from invalid user usuario 178.7.172.207 port 35750 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=178.7.172.207	2020-03-01 14:55:40
163.172.27.28	attackbots	1583042519 - 03/01/2020 07:01:59 Host: 163-172-27-28.rev.poneytelecom.eu/163.172.27.28 Port: 389 UDP Blocked	2020-03-01 15:07:02
46.101.103.191	attackspam	Unauthorized connection attempt detected from IP address 46.101.103.191 to port 22 [J]	2020-03-01 14:53:16
222.186.175.151	attack	Mar 1 07:53:35 server sshd[3051962]: Failed none for root from 222.186.175.151 port 2012 ssh2 Mar 1 07:53:37 server sshd[3051962]: Failed password for root from 222.186.175.151 port 2012 ssh2 Mar 1 07:53:39 server sshd[3051962]: Failed password for root from 222.186.175.151 port 2012 ssh2	2020-03-01 14:55:17
222.186.30.167	attackspam	Mar 1 07:56:53 localhost sshd\[9981\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.30.167 user=root Mar 1 07:56:55 localhost sshd\[9981\]: Failed password for root from 222.186.30.167 port 62375 ssh2 Mar 1 07:56:57 localhost sshd\[9981\]: Failed password for root from 222.186.30.167 port 62375 ssh2	2020-03-01 14:58:46
50.62.208.99	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-01 15:08:59
36.92.69.26	attackbotsspam	Mar 1 08:03:09 MK-Soft-VM3 sshd[29094]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=36.92.69.26 Mar 1 08:03:11 MK-Soft-VM3 sshd[29094]: Failed password for invalid user remote from 36.92.69.26 port 43318 ssh2 ...	2020-03-01 15:11:47
97.74.24.194	attackbotsspam	Automatic report - XMLRPC Attack	2020-03-01 14:57:25
165.154.84.42	attack	Automatic report - Port Scan Attack	2020-03-01 15:02:32
5.39.29.252	attackspambots	Feb 29 21:04:22 hanapaa sshd\[13493\]: Invalid user liaohaoran from 5.39.29.252 Feb 29 21:04:22 hanapaa sshd\[13493\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip252.ip-5-39-29.eu Feb 29 21:04:24 hanapaa sshd\[13493\]: Failed password for invalid user liaohaoran from 5.39.29.252 port 45018 ssh2 Feb 29 21:11:53 hanapaa sshd\[14160\]: Invalid user userftp from 5.39.29.252 Feb 29 21:11:53 hanapaa sshd\[14160\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=ip252.ip-5-39-29.eu	2020-03-01 15:13:58
85.244.85.119	attack	Automatic report - Port Scan Attack	2020-03-01 15:16:42

Recently Reported IPs

14.231.218.69	203.171.25.202	181.52.249.177	59.93.50.122
36.67.75.225	5.114.163.245	206.189.205.124	178.205.245.12
171.232.253.1	156.222.151.49	194.27.251.214	106.13.59.224
189.69.97.253	13.81.222.209	93.92.10.108	208.176.151.217
38.51.102.143	45.63.107.23	115.214.234.53	229.168.39.235