113.104.242.213

Basic Info

City: Shenzhen

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 18 19:54:05 root sshd[20985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.213 Nov 18 19:54:07 root sshd[20985]: Failed password for invalid user famine from 113.104.242.213 port 35880 ssh2 Nov 18 19:58:30 root sshd[21059]: Failed password for root from 113.104.242.213 port 35853 ssh2 ...	2019-11-19 03:52:50

Type

Details

Datetime

attack

Nov 18 19:54:05 root sshd[20985]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.213 
Nov 18 19:54:07 root sshd[20985]: Failed password for invalid user famine from 113.104.242.213 port 35880 ssh2
Nov 18 19:58:30 root sshd[21059]: Failed password for root from 113.104.242.213 port 35853 ssh2
...

2019-11-19 03:52:50

Comments on same subnet:

IP	Type	Details	Datetime
113.104.242.151	attackspam	Aug 31 00:35:58 josie sshd[15614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 user=r.r Aug 31 00:36:00 josie sshd[15614]: Failed password for r.r from 113.104.242.151 port 10736 ssh2 Aug 31 00:36:01 josie sshd[15615]: Received disconnect from 113.104.242.151: 11: Bye Bye Aug 31 00:38:53 josie sshd[16444]: Invalid user ela from 113.104.242.151 Aug 31 00:38:53 josie sshd[16444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 Aug 31 00:38:55 josie sshd[16444]: Failed password for invalid user ela from 113.104.242.151 port 10386 ssh2 Aug 31 00:38:55 josie sshd[16446]: Received disconnect from 113.104.242.151: 11: Bye Bye Aug 31 00:43:40 josie sshd[17313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 user=r.r Aug 31 00:43:42 josie sshd[17313]: Failed password for r.r from 113.104.242.151 port 12079........ -------------------------------	2020-09-06 23:17:17
113.104.242.151	attack	Aug 31 00:35:58 josie sshd[15614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 user=r.r Aug 31 00:36:00 josie sshd[15614]: Failed password for r.r from 113.104.242.151 port 10736 ssh2 Aug 31 00:36:01 josie sshd[15615]: Received disconnect from 113.104.242.151: 11: Bye Bye Aug 31 00:38:53 josie sshd[16444]: Invalid user ela from 113.104.242.151 Aug 31 00:38:53 josie sshd[16444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 Aug 31 00:38:55 josie sshd[16444]: Failed password for invalid user ela from 113.104.242.151 port 10386 ssh2 Aug 31 00:38:55 josie sshd[16446]: Received disconnect from 113.104.242.151: 11: Bye Bye Aug 31 00:43:40 josie sshd[17313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 user=r.r Aug 31 00:43:42 josie sshd[17313]: Failed password for r.r from 113.104.242.151 port 12079........ -------------------------------	2020-09-06 14:46:55
113.104.242.151	attack	Aug 31 00:35:58 josie sshd[15614]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 user=r.r Aug 31 00:36:00 josie sshd[15614]: Failed password for r.r from 113.104.242.151 port 10736 ssh2 Aug 31 00:36:01 josie sshd[15615]: Received disconnect from 113.104.242.151: 11: Bye Bye Aug 31 00:38:53 josie sshd[16444]: Invalid user ela from 113.104.242.151 Aug 31 00:38:53 josie sshd[16444]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 Aug 31 00:38:55 josie sshd[16444]: Failed password for invalid user ela from 113.104.242.151 port 10386 ssh2 Aug 31 00:38:55 josie sshd[16446]: Received disconnect from 113.104.242.151: 11: Bye Bye Aug 31 00:43:40 josie sshd[17313]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.151 user=r.r Aug 31 00:43:42 josie sshd[17313]: Failed password for r.r from 113.104.242.151 port 12079........ -------------------------------	2020-09-06 06:52:58
113.104.242.85	attackbots	Jul 4 09:08:14 localhost sshd\[11722\]: Invalid user cheng from 113.104.242.85 Jul 4 09:08:14 localhost sshd\[11722\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.85 Jul 4 09:08:16 localhost sshd\[11722\]: Failed password for invalid user cheng from 113.104.242.85 port 13417 ssh2 Jul 4 09:17:24 localhost sshd\[12290\]: Invalid user mt from 113.104.242.85 Jul 4 09:17:24 localhost sshd\[12290\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.85 ...	2020-07-04 19:24:37
113.104.242.19	attack	Jan 20 09:59:54 dedicated sshd[4884]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.104.242.19 user=root Jan 20 09:59:56 dedicated sshd[4884]: Failed password for root from 113.104.242.19 port 26997 ssh2	2020-01-20 17:15:19
113.104.242.34	attackspambots	Unauthorized connection attempt detected from IP address 113.104.242.34 to port 2220 [J]	2020-01-13 20:25:12

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.104.242.213
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 2931
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.104.242.213.		IN	A

;; AUTHORITY SECTION:
.			312	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111801 1800 900 604800 86400

;; Query time: 118 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 19 03:52:48 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 213.242.104.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 213.242.104.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
150.109.6.70	attack	2019-12-06T10:19:21.363295abusebot-8.cloudsearch.cf sshd\[14003\]: Invalid user ddddd from 150.109.6.70 port 33836	2019-12-06 18:28:43
195.154.119.48	attack	Dec 6 10:50:42 fr01 sshd[10203]: Invalid user mitchard from 195.154.119.48 Dec 6 10:50:42 fr01 sshd[10203]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.154.119.48 Dec 6 10:50:42 fr01 sshd[10203]: Invalid user mitchard from 195.154.119.48 Dec 6 10:50:44 fr01 sshd[10203]: Failed password for invalid user mitchard from 195.154.119.48 port 40628 ssh2 ...	2019-12-06 18:33:12
217.72.1.254	attackspambots	postfix	2019-12-06 18:21:49
139.155.151.50	attackspambots	2019-12-06T09:51:21.193451abusebot-4.cloudsearch.cf sshd\[23697\]: Invalid user bond from 139.155.151.50 port 36228	2019-12-06 18:22:41
2001:41d0:1008:2b0f::	attackbots	C1,WP GET /suche/wp-login.php	2019-12-06 18:11:56
157.245.0.181	attackbotsspam	CMS brute force ...	2019-12-06 18:11:16
212.174.55.34	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-12-06 18:03:09
51.15.9.27	attackbots	Automatic report - XMLRPC Attack	2019-12-06 18:33:31
14.29.162.139	attackbotsspam	2019-12-06T06:39:24.305520shield sshd\[3905\]: Invalid user chun-lin from 14.29.162.139 port 10669 2019-12-06T06:39:24.309997shield sshd\[3905\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.162.139 2019-12-06T06:39:26.530355shield sshd\[3905\]: Failed password for invalid user chun-lin from 14.29.162.139 port 10669 ssh2 2019-12-06T06:46:05.149314shield sshd\[5662\]: Invalid user waugaman from 14.29.162.139 port 15330 2019-12-06T06:46:05.153463shield sshd\[5662\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.29.162.139	2019-12-06 18:27:28
106.13.181.68	attack	2019-12-06T10:05:49.618639shield sshd\[13028\]: Invalid user 123 from 106.13.181.68 port 55584 2019-12-06T10:05:49.622812shield sshd\[13028\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.68 2019-12-06T10:05:52.087601shield sshd\[13028\]: Failed password for invalid user 123 from 106.13.181.68 port 55584 ssh2 2019-12-06T10:13:43.802341shield sshd\[14217\]: Invalid user myshell1234 from 106.13.181.68 port 33870 2019-12-06T10:13:43.806653shield sshd\[14217\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.181.68	2019-12-06 18:23:23
159.65.146.250	attackbots	2019-12-06T10:00:20.953575abusebot-6.cloudsearch.cf sshd\[4070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.65.146.250 user=root	2019-12-06 18:31:01
129.126.130.196	attack	2019-12-06T10:53:03.717916 sshd[14133]: Invalid user borret from 129.126.130.196 port 57424 2019-12-06T10:53:03.732275 sshd[14133]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.126.130.196 2019-12-06T10:53:03.717916 sshd[14133]: Invalid user borret from 129.126.130.196 port 57424 2019-12-06T10:53:06.372965 sshd[14133]: Failed password for invalid user borret from 129.126.130.196 port 57424 ssh2 2019-12-06T10:59:34.104565 sshd[14245]: Invalid user inkstone from 129.126.130.196 port 36082 ...	2019-12-06 18:36:32
140.143.57.159	attackbots	$f2bV_matches	2019-12-06 18:11:34
119.29.170.202	attackbotsspam	Dec 6 10:54:04 server sshd\[17845\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.170.202 user=root Dec 6 10:54:06 server sshd\[17845\]: Failed password for root from 119.29.170.202 port 53020 ssh2 Dec 6 11:14:49 server sshd\[23629\]: Invalid user louk from 119.29.170.202 Dec 6 11:14:49 server sshd\[23629\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.29.170.202 Dec 6 11:14:51 server sshd\[23629\]: Failed password for invalid user louk from 119.29.170.202 port 53184 ssh2 ...	2019-12-06 18:21:08
180.168.70.190	attackbots	Dec 6 12:01:09 server sshd\[4314\]: Invalid user mccartney from 180.168.70.190 Dec 6 12:01:09 server sshd\[4314\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.70.190 Dec 6 12:01:11 server sshd\[4314\]: Failed password for invalid user mccartney from 180.168.70.190 port 35726 ssh2 Dec 6 12:11:05 server sshd\[6984\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.168.70.190 user=root Dec 6 12:11:07 server sshd\[6984\]: Failed password for root from 180.168.70.190 port 34709 ssh2 ...	2019-12-06 18:36:12

Recently Reported IPs

17.105.123.112	156.240.106.72	62.74.95.239	91.10.143.130
108.90.99.178	78.18.125.111	207.180.250.173	106.35.36.142
212.76.77.67	155.185.50.165	180.97.64.86	79.134.205.163
84.146.202.37	188.150.168.100	173.162.246.52	191.246.201.149
151.106.27.169	109.31.176.192	152.93.229.159	71.154.73.110