112.66.104.56 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.104.41	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5410875db8eeeb29 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:36:01

Type

Details

Datetime

112.66.104.41

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5410875db8eeeb29 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:36:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.104.56
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 27941
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.104.56.			IN	A

;; AUTHORITY SECTION:
.			105	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022701 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 03:09:59 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 56.104.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 56.104.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
112.85.42.186	attackbotsspam	Oct 18 22:00:44 areeb-Workstation sshd[25252]: Failed password for root from 112.85.42.186 port 32304 ssh2 ...	2019-10-19 00:43:08
85.113.210.58	attackspambots	Oct 18 14:44:06 dedicated sshd[9511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.113.210.58 user=root Oct 18 14:44:08 dedicated sshd[9511]: Failed password for root from 85.113.210.58 port 32449 ssh2	2019-10-19 00:36:09
45.55.188.133	attack	Oct 18 11:54:41 xtremcommunity sshd\[648756\]: Invalid user elaine from 45.55.188.133 port 57811 Oct 18 11:54:41 xtremcommunity sshd\[648756\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.188.133 Oct 18 11:54:44 xtremcommunity sshd\[648756\]: Failed password for invalid user elaine from 45.55.188.133 port 57811 ssh2 Oct 18 11:58:57 xtremcommunity sshd\[648846\]: Invalid user gallery from 45.55.188.133 port 49353 Oct 18 11:58:57 xtremcommunity sshd\[648846\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.188.133 ...	2019-10-19 00:22:53
216.126.228.10	attackbots	port scan and connect, tcp 80 (http)	2019-10-19 00:10:12
220.133.98.95	attackbotsspam	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/220.133.98.95/ TW - 1H : (163) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : TW NAME ASN : ASN3462 IP : 220.133.98.95 CIDR : 220.133.0.0/16 PREFIX COUNT : 390 UNIQUE IP COUNT : 12267520 WYKRYTE ATAKI Z ASN3462 : 1H - 6 3H - 22 6H - 39 12H - 87 24H - 158 DateTime : 2019-10-18 13:37:45 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-19 00:26:59
188.40.177.83	attack	Oct 18 18:32:33 MK-Soft-VM7 sshd[21537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.40.177.83 Oct 18 18:32:35 MK-Soft-VM7 sshd[21537]: Failed password for invalid user fokus from 188.40.177.83 port 43414 ssh2 ...	2019-10-19 00:50:14
142.44.211.229	attackspambots	2019-10-17T16:55:09.1131271495-001 sshd\[20955\]: Invalid user zhouh from 142.44.211.229 port 49252 2019-10-17T16:55:09.1162801495-001 sshd\[20955\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=229.ip-142-44-211.net 2019-10-17T16:55:10.7309451495-001 sshd\[20955\]: Failed password for invalid user zhouh from 142.44.211.229 port 49252 ssh2 2019-10-17T17:15:53.2582011495-001 sshd\[21821\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=229.ip-142-44-211.net user=root 2019-10-17T17:15:54.8632431495-001 sshd\[21821\]: Failed password for root from 142.44.211.229 port 40330 ssh2 2019-10-17T17:19:22.0824871495-001 sshd\[21963\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=229.ip-142-44-211.net user=root 2019-10-17T17:19:24.1236361495-001 sshd\[21963\]: Failed password for root from 142.44.211.229 port 51252 ssh2 ...	2019-10-19 00:37:47
190.28.121.159	attackbotsspam	2019-10-14 00:48:04,784 fail2ban.actions [843]: NOTICE [sshd] Ban 190.28.121.159 2019-10-14 03:52:55,066 fail2ban.actions [843]: NOTICE [sshd] Ban 190.28.121.159 2019-10-14 07:02:12,172 fail2ban.actions [843]: NOTICE [sshd] Ban 190.28.121.159 ...	2019-10-19 00:35:13
222.186.175.215	attackbotsspam	Oct 18 18:06:54 root sshd[25272]: Failed password for root from 222.186.175.215 port 9958 ssh2 Oct 18 18:07:00 root sshd[25272]: Failed password for root from 222.186.175.215 port 9958 ssh2 Oct 18 18:07:05 root sshd[25272]: Failed password for root from 222.186.175.215 port 9958 ssh2 Oct 18 18:07:11 root sshd[25272]: Failed password for root from 222.186.175.215 port 9958 ssh2 ...	2019-10-19 00:08:26
79.187.192.249	attack	Oct 18 14:20:20 legacy sshd[9588]: Failed password for root from 79.187.192.249 port 55154 ssh2 Oct 18 14:24:17 legacy sshd[9690]: Failed password for root from 79.187.192.249 port 46082 ssh2 ...	2019-10-19 00:40:23
79.137.72.40	attackbots	$f2bV_matches	2019-10-19 00:19:05
170.80.225.135	attack	Oct 18 13:37:44 odroid64 sshd\[19850\]: User root from 170.80.225.135 not allowed because not listed in AllowUsers Oct 18 13:37:45 odroid64 sshd\[19850\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=170.80.225.135 user=root Oct 18 13:37:47 odroid64 sshd\[19850\]: Failed password for invalid user root from 170.80.225.135 port 46837 ssh2 ...	2019-10-19 00:24:14
118.69.244.146	attackbotsspam	www.geburtshaus-fulda.de 118.69.244.146 \[18/Oct/2019:13:37:17 +0200\] "POST /wp-login.php HTTP/1.1" 200 5785 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0" www.geburtshaus-fulda.de 118.69.244.146 \[18/Oct/2019:13:37:20 +0200\] "POST /wp-login.php HTTP/1.1" 200 5789 "-" "Mozilla/5.0 $X11\; Ubuntu\; Linux x86_64\; rv:62.0$ Gecko/20100101 Firefox/62.0"	2019-10-19 00:39:51
123.215.174.102	attackbotsspam	Oct 18 14:09:12 XXX sshd[47123]: Invalid user ksrkm from 123.215.174.102 port 47289	2019-10-19 00:07:26
124.205.114.11	attack	Oct 18 15:16:15 server sshd\[19622\]: Invalid user webadm from 124.205.114.11 Oct 18 15:16:15 server sshd\[19622\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.205.114.11 Oct 18 15:16:17 server sshd\[19622\]: Failed password for invalid user webadm from 124.205.114.11 port 51969 ssh2 Oct 18 15:34:28 server sshd\[24564\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.205.114.11 user=root Oct 18 15:34:30 server sshd\[24564\]: Failed password for root from 124.205.114.11 port 37283 ssh2 ...	2019-10-19 00:09:45

Recently Reported IPs

112.66.104.253	112.66.104.70	112.66.105.169	112.66.105.212
112.66.105.251	112.66.105.222	112.74.185.95	112.74.179.151
112.74.107.132	112.71.111.108	112.67.60.152	112.66.99.59
112.66.99.52	112.74.38.58	112.74.58.116	112.73.82.47
112.74.21.96	112.66.99.109	112.74.77.168	112.74.92.176