103.56.113.6 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Hong Kong

运营商(isp): Unit D 12/F Seabright Plaza 9-23 Shell St North Point

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): Commercial

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	SSH login attempts with user root.	2019-11-30 07:04:48

相同子网IP讨论:

IP	类型	评论内容	时间
103.56.113.224	attack	2020-08-01T06:21:17.820048linuxbox-skyline sshd[18798]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.56.113.224 user=root 2020-08-01T06:21:19.886689linuxbox-skyline sshd[18798]: Failed password for root from 103.56.113.224 port 36932 ssh2 ...	2020-08-01 22:15:21
103.56.113.224	attackspambots	Invalid user zky from 103.56.113.224 port 52984	2020-08-01 16:10:08
103.56.113.224	attackspambots	Jul 28 10:01:36 fhem-rasp sshd[2317]: Invalid user di from 103.56.113.224 port 41608 ...	2020-07-28 16:57:57
103.56.113.224	attackspambots	(sshd) Failed SSH login from 103.56.113.224 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 25 23:24:24 grace sshd[7130]: Invalid user elliott from 103.56.113.224 port 35110 Jul 25 23:24:26 grace sshd[7130]: Failed password for invalid user elliott from 103.56.113.224 port 35110 ssh2 Jul 25 23:30:21 grace sshd[8262]: Invalid user stu from 103.56.113.224 port 57888 Jul 25 23:30:23 grace sshd[8262]: Failed password for invalid user stu from 103.56.113.224 port 57888 ssh2 Jul 25 23:35:15 grace sshd[8989]: Invalid user sjl from 103.56.113.224 port 43914	2020-07-26 05:39:03
103.56.113.224	attackbotsspam	Jul 21 04:53:56 ip-172-31-62-245 sshd\[10376\]: Invalid user cacti from 103.56.113.224\ Jul 21 04:53:58 ip-172-31-62-245 sshd\[10376\]: Failed password for invalid user cacti from 103.56.113.224 port 43832 ssh2\ Jul 21 04:55:58 ip-172-31-62-245 sshd\[10411\]: Invalid user arlindo from 103.56.113.224\ Jul 21 04:56:00 ip-172-31-62-245 sshd\[10411\]: Failed password for invalid user arlindo from 103.56.113.224 port 47774 ssh2\ Jul 21 04:58:01 ip-172-31-62-245 sshd\[10455\]: Invalid user cc from 103.56.113.224\	2020-07-21 16:33:43
103.56.113.224	attack	Jul 16 17:40:01 hosting sshd[30171]: Invalid user cloud from 103.56.113.224 port 60382 ...	2020-07-16 23:30:52
103.56.113.224	attack	"fail2ban match"	2020-06-15 21:08:20
103.56.113.224	attackspam	2020-06-12 03:53:14,365 fail2ban.actions [937]: NOTICE [sshd] Ban 103.56.113.224 2020-06-12 04:24:22,479 fail2ban.actions [937]: NOTICE [sshd] Ban 103.56.113.224 2020-06-12 04:56:16,452 fail2ban.actions [937]: NOTICE [sshd] Ban 103.56.113.224 2020-06-12 05:27:34,700 fail2ban.actions [937]: NOTICE [sshd] Ban 103.56.113.224 2020-06-12 05:59:10,910 fail2ban.actions [937]: NOTICE [sshd] Ban 103.56.113.224 ...	2020-06-12 12:14:07
103.56.113.224	attack	$f2bV_matches	2020-06-09 19:59:13
103.56.113.224	attackbotsspam	Jun 6 11:33:48 mail sshd[7994]: Failed password for root from 103.56.113.224 port 39536 ssh2 ...	2020-06-08 02:46:08
103.56.113.224	attackbotsspam	Jun 5 15:04:53 santamaria sshd\[30021\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.56.113.224 user=root Jun 5 15:04:55 santamaria sshd\[30021\]: Failed password for root from 103.56.113.224 port 39336 ssh2 Jun 5 15:08:51 santamaria sshd\[30100\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.56.113.224 user=root ...	2020-06-05 21:13:25
103.56.113.224	attackbotsspam	fail2ban -- 103.56.113.224 ...	2020-06-03 17:33:58
103.56.113.224	attackbotsspam	2020-05-31T09:57:21.6634001240 sshd\[6200\]: Invalid user alexandru from 103.56.113.224 port 33162 2020-05-31T09:57:21.6678221240 sshd\[6200\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.56.113.224 2020-05-31T09:57:23.7147611240 sshd\[6200\]: Failed password for invalid user alexandru from 103.56.113.224 port 33162 ssh2 ...	2020-05-31 18:57:38
103.56.113.69	attack	SSH Brute Force	2020-04-29 13:43:24
103.56.113.69	attack	Unauthorized connection attempt detected from IP address 103.56.113.69 to port 2220 [J]	2020-02-05 10:34:05

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 103.56.113.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46485
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;103.56.113.6.			IN	A

;; AUTHORITY SECTION:
.			401	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019112901 1800 900 604800 86400

;; Query time: 116 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Nov 30 07:04:45 CST 2019
;; MSG SIZE  rcvd: 116

HOST信息:

Host 6.113.56.103.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.113.56.103.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
89.248.168.176	attackspam	firewall-block, port(s): 4444/tcp, 4445/tcp	2019-10-20 07:08:15
103.27.238.41	attackspam	Web Probe / Attack NCT	2019-10-20 06:55:46
188.166.117.213	attackspambots	SSH-BruteForce	2019-10-20 06:46:02
37.145.3.163	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/37.145.3.163/ RU - 1H : (148) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : RU NAME ASN : ASN8402 IP : 37.145.3.163 CIDR : 37.145.0.0/20 PREFIX COUNT : 1674 UNIQUE IP COUNT : 1840128 ATTACKS DETECTED ASN8402 : 1H - 1 3H - 1 6H - 2 12H - 4 24H - 7 DateTime : 2019-10-19 22:14:17 INFO : Port SSH 22 Scan Detected and Blocked by ADMIN - data recovery	2019-10-20 06:51:56
81.242.114.175	attackbots	Automatic report - Port Scan Attack	2019-10-20 06:38:09
191.96.25.105	attackbotsspam	Oct 20 00:21:45 bouncer sshd\[22258\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.25.105 user=root Oct 20 00:21:47 bouncer sshd\[22258\]: Failed password for root from 191.96.25.105 port 44618 ssh2 Oct 20 00:42:55 bouncer sshd\[22413\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.96.25.105 user=root ...	2019-10-20 06:53:54
54.39.147.2	attack	Oct 19 22:10:02 SilenceServices sshd[31271]: Failed password for root from 54.39.147.2 port 37406 ssh2 Oct 19 22:14:44 SilenceServices sshd[1940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.147.2 Oct 19 22:14:47 SilenceServices sshd[1940]: Failed password for invalid user guest from 54.39.147.2 port 56214 ssh2	2019-10-20 06:35:41
58.137.140.172	attack	DATE:2019-10-20 00:02:01, IP:58.137.140.172, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-10-20 07:07:57
59.120.189.234	attackspambots	SSHScan	2019-10-20 07:04:17
88.202.190.153	attackspambots	10/19/2019-22:14:05.962935 88.202.190.153 Protocol: 6 ET DROP Dshield Block Listed Source group 1	2019-10-20 06:59:40
157.245.98.160	attack	Oct 18 11:14:32 hostnameis sshd[11418]: Invalid user nrpe from 157.245.98.160 Oct 18 11:14:32 hostnameis sshd[11418]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.98.160 Oct 18 11:14:34 hostnameis sshd[11418]: Failed password for invalid user nrpe from 157.245.98.160 port 38702 ssh2 Oct 18 11:14:34 hostnameis sshd[11418]: Received disconnect from 157.245.98.160: 11: Bye Bye [preauth] Oct 18 11:26:25 hostnameis sshd[11475]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.98.160 user=r.r Oct 18 11:26:27 hostnameis sshd[11475]: Failed password for r.r from 157.245.98.160 port 34152 ssh2 Oct 18 11:26:27 hostnameis sshd[11475]: Received disconnect from 157.245.98.160: 11: Bye Bye [preauth] Oct 18 11:30:51 hostnameis sshd[11499]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.98.160 user=r.r Oct 18 11:30:53 hostnameis sshd[11499........ ------------------------------	2019-10-20 06:44:16
185.174.130.54	attackspambots	ssh failed login	2019-10-20 06:46:50
185.164.72.251	attackspambots	Oct 19 23:47:10 icinga sshd[38459]: Failed password for root from 185.164.72.251 port 49024 ssh2 Oct 19 23:47:20 icinga sshd[38479]: Failed password for root from 185.164.72.251 port 33502 ssh2 ...	2019-10-20 06:33:35
58.221.49.157	attackbots	10/19/2019-18:05:23.647432 58.221.49.157 Protocol: 6 ET SCAN Suspicious inbound to mySQL port 3306	2019-10-20 06:56:08
124.113.218.35	attackbotsspam	Brute force SMTP login attempts.	2019-10-20 06:44:45

最近上报的IP列表

116.252.0.64	110.177.79.107	106.39.189.114	103.62.232.13
101.124.22.1	101.78.18.1	36.110.199.9	35.201.136.218
91.192.44.102	173.245.52.169	143.150.168.117	124.235.138.121
124.160.236.194	94.158.39.231	27.71.232.142	212.232.40.60
111.38.216.94	13.82.225.162	36.65.75.121	186.115.158.26