106.75.11.20 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
106.75.119.202	attackbots	Oct 11 17:06:25 ip-172-31-61-156 sshd[24195]: Failed password for root from 106.75.119.202 port 43954 ssh2 Oct 11 17:09:02 ip-172-31-61-156 sshd[24300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Oct 11 17:09:05 ip-172-31-61-156 sshd[24300]: Failed password for root from 106.75.119.202 port 60582 ssh2 Oct 11 17:09:02 ip-172-31-61-156 sshd[24300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Oct 11 17:09:05 ip-172-31-61-156 sshd[24300]: Failed password for root from 106.75.119.202 port 60582 ssh2 ...	2020-10-12 03:33:38
106.75.119.202	attack	SSH login attempts.	2020-10-11 19:28:17
106.75.119.202	attackspambots	Oct 7 23:23:10 localhost sshd[2695821]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Oct 7 23:23:12 localhost sshd[2695821]: Failed password for root from 106.75.119.202 port 54237 ssh2 ...	2020-10-08 01:27:17
106.75.119.202	attackbotsspam	Oct 7 16:02:10 itv-usvr-01 sshd[19745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Oct 7 16:02:12 itv-usvr-01 sshd[19745]: Failed password for root from 106.75.119.202 port 39161 ssh2 Oct 7 16:08:37 itv-usvr-01 sshd[19975]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Oct 7 16:08:40 itv-usvr-01 sshd[19975]: Failed password for root from 106.75.119.202 port 41088 ssh2 Oct 7 16:11:37 itv-usvr-01 sshd[20201]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Oct 7 16:11:39 itv-usvr-01 sshd[20201]: Failed password for root from 106.75.119.202 port 60130 ssh2	2020-10-07 17:35:25
106.75.110.232	attackspambots	Aug 27 21:05:57 marvibiene sshd[44616]: Invalid user admin from 106.75.110.232 port 47714 Aug 27 21:05:57 marvibiene sshd[44616]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.110.232 Aug 27 21:05:57 marvibiene sshd[44616]: Invalid user admin from 106.75.110.232 port 47714 Aug 27 21:05:59 marvibiene sshd[44616]: Failed password for invalid user admin from 106.75.110.232 port 47714 ssh2	2020-08-28 09:52:09
106.75.119.202	attack	SSH brute-force attempt	2020-08-23 05:25:59
106.75.118.223	attackbotsspam	srvr2: (mod_security) mod_security (id:920350) triggered by 106.75.118.223 (CN/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 22:23:24 [error] 751673#0: 794349 [client 106.75.118.223] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159804140468.061763"] [ref "o0,13v21,13"], client: 106.75.118.223, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-22 06:36:40
106.75.11.251	attack	Aug 18 04:25:39 v26 sshd[24606]: Invalid user sridhar from 106.75.11.251 port 37018 Aug 18 04:25:39 v26 sshd[24606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.11.251 Aug 18 04:25:42 v26 sshd[24606]: Failed password for invalid user sridhar from 106.75.11.251 port 37018 ssh2 Aug 18 04:25:42 v26 sshd[24606]: Received disconnect from 106.75.11.251 port 37018:11: Bye Bye [preauth] Aug 18 04:25:42 v26 sshd[24606]: Disconnected from 106.75.11.251 port 37018 [preauth] Aug 18 04:30:14 v26 sshd[25240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.11.251 user=mysql Aug 18 04:30:16 v26 sshd[25240]: Failed password for mysql from 106.75.11.251 port 35290 ssh2 Aug 18 04:30:16 v26 sshd[25240]: Received disconnect from 106.75.11.251 port 35290:11: Bye Bye [preauth] Aug 18 04:30:16 v26 sshd[25240]: Disconnected from 106.75.11.251 port 35290 [preauth] ........ ----------------------------------------------- https://www.bl	2020-08-19 19:07:49
106.75.11.251	attackbotsspam	Aug 18 04:25:39 v26 sshd[24606]: Invalid user sridhar from 106.75.11.251 port 37018 Aug 18 04:25:39 v26 sshd[24606]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.11.251 Aug 18 04:25:42 v26 sshd[24606]: Failed password for invalid user sridhar from 106.75.11.251 port 37018 ssh2 Aug 18 04:25:42 v26 sshd[24606]: Received disconnect from 106.75.11.251 port 37018:11: Bye Bye [preauth] Aug 18 04:25:42 v26 sshd[24606]: Disconnected from 106.75.11.251 port 37018 [preauth] Aug 18 04:30:14 v26 sshd[25240]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.11.251 user=mysql Aug 18 04:30:16 v26 sshd[25240]: Failed password for mysql from 106.75.11.251 port 35290 ssh2 Aug 18 04:30:16 v26 sshd[25240]: Received disconnect from 106.75.11.251 port 35290:11: Bye Bye [preauth] Aug 18 04:30:16 v26 sshd[25240]: Disconnected from 106.75.11.251 port 35290 [preauth] ........ ----------------------------------------------- https://www.bl	2020-08-19 07:23:09
106.75.119.202	attackspam	Aug 13 02:16:15 journals sshd\[21188\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Aug 13 02:16:18 journals sshd\[21188\]: Failed password for root from 106.75.119.202 port 41324 ssh2 Aug 13 02:20:40 journals sshd\[21601\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root Aug 13 02:20:41 journals sshd\[21601\]: Failed password for root from 106.75.119.202 port 44914 ssh2 Aug 13 02:24:58 journals sshd\[21976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.119.202 user=root ...	2020-08-13 10:16:21
106.75.110.232	attackbotsspam	Aug 9 22:59:28 [host] sshd[30511]: pam_unix(sshd: Aug 9 22:59:30 [host] sshd[30511]: Failed passwor Aug 9 23:03:11 [host] sshd[30575]: pam_unix(sshd:	2020-08-10 05:05:16
106.75.119.202	attack	Aug 9 08:44:21 fhem-rasp sshd[20876]: Failed password for root from 106.75.119.202 port 41573 ssh2 Aug 9 08:44:22 fhem-rasp sshd[20876]: Disconnected from authenticating user root 106.75.119.202 port 41573 [preauth] ...	2020-08-09 14:58:52
106.75.110.232	attackbots	Aug 8 10:53:13 gw1 sshd[16949]: Failed password for root from 106.75.110.232 port 40286 ssh2 ...	2020-08-08 14:51:15
106.75.110.232	attack	Aug 2 06:59:28 vps639187 sshd\[4323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.110.232 user=root Aug 2 06:59:30 vps639187 sshd\[4323\]: Failed password for root from 106.75.110.232 port 36422 ssh2 Aug 2 07:02:41 vps639187 sshd\[4351\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.75.110.232 user=root ...	2020-08-02 13:54:10
106.75.110.232	attack	Invalid user manna from 106.75.110.232 port 53762	2020-07-25 08:42:02

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 106.75.11.20
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61426
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;106.75.11.20.			IN	A

;; AUTHORITY SECTION:
.			235	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031901 1800 900 604800 86400

;; Query time: 122 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Mar 20 12:38:25 CST 2022
;; MSG SIZE  rcvd: 105

HOST信息:

Host 20.11.75.106.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 20.11.75.106.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
165.22.104.67	attackspambots	$f2bV_matches	2020-09-04 15:45:51
114.141.132.88	attackbots	Sep 4 03:41:36 Tower sshd[9952]: Connection from 114.141.132.88 port 44608 on 192.168.10.220 port 22 rdomain "" Sep 4 03:41:38 Tower sshd[9952]: Invalid user philip from 114.141.132.88 port 44608 Sep 4 03:41:38 Tower sshd[9952]: error: Could not get shadow information for NOUSER Sep 4 03:41:38 Tower sshd[9952]: Failed password for invalid user philip from 114.141.132.88 port 44608 ssh2 Sep 4 03:41:39 Tower sshd[9952]: Received disconnect from 114.141.132.88 port 44608:11: Bye Bye [preauth] Sep 4 03:41:39 Tower sshd[9952]: Disconnected from invalid user philip 114.141.132.88 port 44608 [preauth]	2020-09-04 15:56:57
51.83.125.8	attack	<6 unauthorized SSH connections	2020-09-04 16:03:19
157.245.74.244	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-09-04 15:38:13
118.69.71.106	attack	fail2ban	2020-09-04 15:53:52
58.213.114.238	attackspambots	Sep 4 09:14:07 icecube postfix/smtpd[63487]: disconnect from unknown[58.213.114.238] ehlo=1 auth=0/1 quit=1 commands=2/3	2020-09-04 15:54:14
45.142.120.166	attackspam	2020-09-04 09:45:28 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=csf@no-server.de$ 2020-09-04 09:45:29 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=csf@no-server.de$ 2020-09-04 09:45:54 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=reflex@no-server.de$ 2020-09-04 09:46:02 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=reflex@no-server.de$ 2020-09-04 09:46:28 dovecot_login authenticator failed for $User$ \[45.142.120.166\]: 535 Incorrect authentication data $set_id=belyaev@no-server.de$ ...	2020-09-04 15:52:59
185.127.24.58	attackspambots	05:45:44.173 1 SMTPI-000168([185.127.24.58]) failed to open 'no-reply@womble.org'. Connection from [185.127.24.58]:62412. Error Code=unknown user account 06:09:36.205 1 SMTPI-000174([185.127.24.58]) failed to open 'no-reply@womble.org'. Connection from [185.127.24.58]:50052. Error Code=unknown user account ...	2020-09-04 15:51:53
124.207.165.138	attack	Invalid user user from 124.207.165.138 port 46230	2020-09-04 15:50:45
112.64.33.38	attack	SSH brutforce	2020-09-04 16:04:19
118.217.34.67	attackbots	Sep 3 18:46:40 mellenthin postfix/smtpd[20702]: NOQUEUE: reject: RCPT from unknown[118.217.34.67]: 554 5.7.1 Service unavailable; Client host [118.217.34.67] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/118.217.34.67 / https://www.spamhaus.org/sbl/query/SBLCSS; from= to= proto=ESMTP helo=<[118.217.34.67]>	2020-09-04 16:02:59
79.143.188.234	attack	Invalid user oracle from 79.143.188.234 port 43444	2020-09-04 15:59:17
86.108.43.243	attackspam	SMB Server BruteForce Attack	2020-09-04 15:53:17
191.96.72.251	attackbotsspam	Sep 2 18:26:20 our-server-hostname postfix/smtpd[803]: connect from unknown[191.96.72.251] Sep 2 18:26:20 our-server-hostname postfix/smtpd[32675]: connect from unknown[191.96.72.251] Sep 2 18:26:21 our-server-hostname postfix/smtpd[32766]: connect from unknown[191.96.72.251] Sep x@x Sep x@x Sep 2 18:26:21 our-server-hostname postfix/smtpd[803]: disconnect from unknown[1 .... truncated .... x@x Sep x@x Sep x@x Sep x@x Sep 2 18:35:11 our-server-hostname postfix/smtpd[1705]: disconnect from unknown[191.96.72.251] Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep 2 18:35:12 our-server-hostname postfix/smtpd[1816]: disconnect from unknown[191.96.72.251] Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep x@x Sep 2 18:35:14 our-server-hostname postfix/smtpd[402]: disconnect from unknown[191......... -------------------------------	2020-09-04 15:50:30
222.186.173.154	attackbots	Sep 4 00:33:06 dignus sshd[25377]: Failed password for root from 222.186.173.154 port 13406 ssh2 Sep 4 00:33:10 dignus sshd[25377]: Failed password for root from 222.186.173.154 port 13406 ssh2 Sep 4 00:33:14 dignus sshd[25377]: Failed password for root from 222.186.173.154 port 13406 ssh2 Sep 4 00:33:17 dignus sshd[25377]: Failed password for root from 222.186.173.154 port 13406 ssh2 Sep 4 00:33:20 dignus sshd[25377]: Failed password for root from 222.186.173.154 port 13406 ssh2 ...	2020-09-04 15:34:17

最近上报的IP列表

106.75.109.111	106.75.11.36	106.75.110.208	168.101.138.132
106.75.114.185	106.75.115.221	106.75.116.220	106.75.116.63
106.75.117.49	171.134.223.189	106.75.118.252	106.75.119.180
106.75.120.24	106.75.120.36	106.75.120.44	106.75.120.53
106.75.120.72	106.75.126.158	106.75.136.104	106.75.145.201

基本信息:

用户上报:

相同子网IP讨论:

WHOIS信息:

DIG信息:

HOST信息:

NSLOOKUP信息:

相关IP信息:

最新评论:

最近上报的IP列表