113.116.57.104

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	(sshd) Failed SSH login from 113.116.57.104 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 10 05:37:52 amsweb01 sshd[4961]: Invalid user gitlab from 113.116.57.104 port 59754 Apr 10 05:37:54 amsweb01 sshd[4961]: Failed password for invalid user gitlab from 113.116.57.104 port 59754 ssh2 Apr 10 05:50:05 amsweb01 sshd[6582]: Invalid user user from 113.116.57.104 port 56356 Apr 10 05:50:07 amsweb01 sshd[6582]: Failed password for invalid user user from 113.116.57.104 port 56356 ssh2 Apr 10 05:58:17 amsweb01 sshd[7703]: Invalid user obus from 113.116.57.104 port 56068	2020-04-10 12:51:11

Type

Details

Datetime

attackspambots

(sshd) Failed SSH login from 113.116.57.104 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Apr 10 05:37:52 amsweb01 sshd[4961]: Invalid user gitlab from 113.116.57.104 port 59754
Apr 10 05:37:54 amsweb01 sshd[4961]: Failed password for invalid user gitlab from 113.116.57.104 port 59754 ssh2
Apr 10 05:50:05 amsweb01 sshd[6582]: Invalid user user from 113.116.57.104 port 56356
Apr 10 05:50:07 amsweb01 sshd[6582]: Failed password for invalid user user from 113.116.57.104 port 56356 ssh2
Apr 10 05:58:17 amsweb01 sshd[7703]: Invalid user obus from 113.116.57.104 port 56068

2020-04-10 12:51:11

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.116.57.104
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18463
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.116.57.104.			IN	A

;; AUTHORITY SECTION:
.			350	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020040903 1800 900 604800 86400

;; Query time: 42 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Apr 10 12:51:07 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 104.57.116.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 104.57.116.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
138.68.178.64	attackspambots	Invalid user library1 from 138.68.178.64 port 42980	2020-05-30 17:57:31
102.129.224.62	attack	102.129.224.62 was recorded 5 times by 4 hosts attempting to connect to the following ports: 123. Incident counter (4h, 24h, all-time): 5, 9, 73	2020-05-30 17:39:22
139.59.23.14	attackbots	May 30 06:23:32 ns382633 sshd\[25239\]: Invalid user dept from 139.59.23.14 port 46570 May 30 06:23:32 ns382633 sshd\[25239\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.23.14 May 30 06:23:34 ns382633 sshd\[25239\]: Failed password for invalid user dept from 139.59.23.14 port 46570 ssh2 May 30 06:38:23 ns382633 sshd\[28766\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.23.14 user=root May 30 06:38:25 ns382633 sshd\[28766\]: Failed password for root from 139.59.23.14 port 53998 ssh2	2020-05-30 17:41:06
196.27.127.61	attackbots	SSH Brute Force	2020-05-30 17:49:35
68.183.12.127	attackbots	May 30 11:24:41 journals sshd\[101113\]: Invalid user devops from 68.183.12.127 May 30 11:24:41 journals sshd\[101113\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.12.127 May 30 11:24:43 journals sshd\[101113\]: Failed password for invalid user devops from 68.183.12.127 port 33068 ssh2 May 30 11:28:40 journals sshd\[101541\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.183.12.127 user=root May 30 11:28:41 journals sshd\[101541\]: Failed password for root from 68.183.12.127 port 39734 ssh2 ...	2020-05-30 17:52:02
49.233.88.126	attackspambots	2020-05-29T21:47:28.370325linuxbox-skyline sshd[15866]: Invalid user oracle from 49.233.88.126 port 58408 ...	2020-05-30 17:38:09
45.40.198.93	attackbotsspam	SSH Brute-Forcing (server1)	2020-05-30 18:03:45
45.125.222.120	attackbots	prod11 ...	2020-05-30 17:28:20
52.178.134.108	attackbots	Last visit 2020-05-29 08:06:35	2020-05-30 17:53:36
188.166.5.84	attackbotsspam	" "	2020-05-30 17:33:45
138.197.151.129	attackspam	May 30 09:35:30 cdc sshd[20718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.151.129 May 30 09:35:32 cdc sshd[20718]: Failed password for invalid user rso from 138.197.151.129 port 45964 ssh2	2020-05-30 17:35:56
34.96.228.73	attackspambots	Invalid user sparky from 34.96.228.73 port 39936	2020-05-30 18:04:22
129.226.61.157	attack	$f2bV_matches	2020-05-30 17:43:12
106.12.90.45	attack	frenzy	2020-05-30 17:33:00
45.238.232.42	attackbotsspam	$f2bV_matches	2020-05-30 17:47:53

Recently Reported IPs

103.96.232.130	78.22.61.76	27.186.144.2	209.50.62.36
45.254.26.45	14.204.145.108	45.32.216.70	137.74.39.5
83.52.3.177	189.42.110.107	200.89.174.235	94.23.101.187
182.148.179.253	45.254.26.90	139.59.85.120	94.152.193.13
62.210.206.78	220.89.215.94	80.5.80.56	119.236.65.240