113.106.11.57 - IPInfo

Basic Info

City: Zhongshan

Region: Guangdong

Country: China

Internet Service Provider: ChinaNet Guangdong Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Jun 16 21:38:59 mail postfix/postscreen[12153]: DNSBL rank 4 for [113.106.11.57]:57126 ...	2020-06-29 04:56:05
attackspambots	May 4 15:49:18 WHD8 postfix/smtpd\[84088\]: warning: unknown\[113.106.11.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 4 15:49:27 WHD8 postfix/smtpd\[84092\]: warning: unknown\[113.106.11.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 4 15:49:40 WHD8 postfix/smtpd\[84088\]: warning: unknown\[113.106.11.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-05-06 04:40:06
spamattack	[2020/03/11 00:16:17] [113.106.11.57:2104-0] User test@luxnetcorp.com.tw AUTH fails. [2020/03/11 00:17:47] [113.106.11.57:2095-0] User test@luxnetcorp.com.tw AUTH fails. [2020/03/11 00:18:19] [113.106.11.57:2101-0] User test@luxnetcorp.com.tw AUTH fails. [2020/03/11 00:18:26] [113.106.11.57:2105-0] User test@luxnetcorp.com.tw AUTH fails. [2020/03/11 00:18:27] [113.106.11.57:2102-0] User test@luxnetcorp.com.tw AUTH fails.	2020-03-11 08:30:26
spambotsattack	[2020/02/26 00:08:02] [113.106.11.57:2098-0] User test@luxnetcorp.com.tw AUTH fails. [2020/02/26 00:08:04] [113.106.11.57:2095-0] User test@luxnetcorp.com.tw AUTH fails. [2020/02/26 00:08:05] [113.106.11.57:2103-0] User test@luxnetcorp.com.tw AUTH fails. [2020/02/26 00:08:07] [113.106.11.57:2102-0] User test@luxnetcorp.com.tw AUTH fails. [2020/02/26 00:08:15] [113.106.11.57:2100-0] User test@luxnetcorp.com.tw AUTH fails.	2020-02-26 09:17:17
attackspam	firewall-block, port(s): 25/tcp	2020-02-25 05:08:17

Comments on same subnet:

IP	Type	Details	Datetime
113.106.11.6	attack	Unauthorized connection attempt detected from IP address 113.106.11.6 to port 1433 [T]	2020-08-29 21:35:39
113.106.11.107	attackbotsspam	06/24/2020-08:04:04.388181 113.106.11.107 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-06-25 01:57:16
113.106.11.116	attackspambots	DATE:2020-04-05 14:45:40, IP:113.106.11.116, PORT:3306 SQL brute force auth on honeypot MySQL/MariaDB server (honey-neo-dc)	2020-04-05 20:52:43
113.106.11.116	attack	3306/tcp [2020-03-08]1pkt	2020-03-09 08:30:46
113.106.11.6	attackbots	Unauthorized connection attempt detected from IP address 113.106.11.6 to port 1433 [J]	2020-01-19 08:29:42
113.106.11.107	attack	01/10/2020-05:50:39.081997 113.106.11.107 Protocol: 6 ET SCAN Suspicious inbound to MSSQL port 1433	2020-01-10 18:07:42
113.106.11.6	attackbotsspam	Port 1433 Scan	2019-12-19 07:10:39
113.106.11.107	attackspam	port scan and connect, tcp 1433 (ms-sql-s)	2019-11-04 02:05:40

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 113.106.11.57
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65371
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;113.106.11.57.			IN	A

;; AUTHORITY SECTION:
.			493	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022401 1800 900 604800 86400

;; Query time: 74 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 25 05:08:15 CST 2020
;; MSG SIZE  rcvd: 117

Host info

Host 57.11.106.113.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 57.11.106.113.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
82.221.105.6	attackbots	MultiHost/MultiPort Probe, Scan, Hack -	2019-10-17 19:23:01
186.207.128.104	attack	Oct 17 12:19:47 [host] sshd[2932]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.207.128.104 user=root Oct 17 12:19:48 [host] sshd[2932]: Failed password for root from 186.207.128.104 port 27528 ssh2 Oct 17 12:25:26 [host] sshd[3028]: Invalid user aw from 186.207.128.104 Oct 17 12:25:26 [host] sshd[3028]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.207.128.104	2019-10-17 19:34:03
222.186.175.150	attackspam	2019-10-17T11:50:55.658504hub.schaetter.us sshd\[31392\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root 2019-10-17T11:50:57.402504hub.schaetter.us sshd\[31392\]: Failed password for root from 222.186.175.150 port 53688 ssh2 2019-10-17T11:51:01.915360hub.schaetter.us sshd\[31392\]: Failed password for root from 222.186.175.150 port 53688 ssh2 2019-10-17T11:51:06.110625hub.schaetter.us sshd\[31392\]: Failed password for root from 222.186.175.150 port 53688 ssh2 2019-10-17T11:51:10.191590hub.schaetter.us sshd\[31392\]: Failed password for root from 222.186.175.150 port 53688 ssh2 ...	2019-10-17 19:54:55
159.65.176.156	attackspam	$f2bV_matches	2019-10-17 19:41:09
139.99.144.191	attackspam	Oct 17 06:18:48 legacy sshd[3296]: Failed password for root from 139.99.144.191 port 54162 ssh2 Oct 17 06:23:45 legacy sshd[3383]: Failed password for root from 139.99.144.191 port 36954 ssh2 ...	2019-10-17 19:38:08
211.152.47.90	attack	Oct 17 07:38:52 firewall sshd[29209]: Failed password for invalid user elly from 211.152.47.90 port 34862 ssh2 Oct 17 07:44:48 firewall sshd[29300]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.152.47.90 user=root Oct 17 07:44:50 firewall sshd[29300]: Failed password for root from 211.152.47.90 port 45580 ssh2 ...	2019-10-17 19:33:19
139.59.17.118	attackbots	$f2bV_matches	2019-10-17 19:57:40
91.74.234.154	attackbots	SSH Brute-Force attacks	2019-10-17 19:54:28
154.213.160.110	attack	Invalid user admin from 154.213.160.110 port 56888	2019-10-17 19:44:05
218.212.16.128	attack	CloudCIX Reconnaissance Scan Detected, PTR: 128.16.212.218.starhub.net.sg.	2019-10-17 19:39:25
222.85.111.179	attackspam	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 04:45:25.	2019-10-17 19:22:21
49.235.84.51	attackspam	Oct 17 08:02:17 server sshd\[16602\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.84.51 user=root Oct 17 08:02:19 server sshd\[16602\]: Failed password for root from 49.235.84.51 port 57542 ssh2 Oct 17 08:09:21 server sshd\[18789\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.84.51 user=root Oct 17 08:09:22 server sshd\[18789\]: Failed password for root from 49.235.84.51 port 45324 ssh2 Oct 17 08:14:15 server sshd\[20546\]: Invalid user ubnt from 49.235.84.51 Oct 17 08:14:15 server sshd\[20546\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.84.51 ...	2019-10-17 19:29:05
200.164.217.212	attackspam	Oct 17 13:35:03 root sshd[29895]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.164.217.212 Oct 17 13:35:05 root sshd[29895]: Failed password for invalid user nagios from 200.164.217.212 port 36217 ssh2 Oct 17 13:51:21 root sshd[30056]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.164.217.212 ...	2019-10-17 19:53:04
171.255.74.85	attackspambots	Attempt to attack host OS, exploiting network vulnerabilities, on 17-10-2019 04:45:23.	2019-10-17 19:26:26
116.196.109.197	attackbotsspam	$f2bV_matches	2019-10-17 19:30:48

Recently Reported IPs

100.1.181.210	13.48.2.133	98.197.91.108	154.78.45.14
89.84.24.240	66.210.184.37	197.71.252.84	27.207.105.136
199.116.115.136	78.23.85.111	123.20.180.20	157.29.80.54
119.189.107.208	195.120.99.152	39.199.21.26	14.187.131.36
63.153.174.100	181.37.41.128	143.75.208.24	129.152.86.59