112.66.111.21 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.111.6	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 541353298c7beb81 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:17:55

Type

Details

Datetime

112.66.111.6

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 541353298c7beb81 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:17:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.111.21
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19603
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.111.21.			IN	A

;; AUTHORITY SECTION:
.			295	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022022700 1800 900 604800 86400

;; Query time: 55 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 27 16:08:18 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 21.111.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 21.111.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
13.236.121.242	attackbotsspam	RDP	2019-11-14 07:56:37
118.24.149.248	attackspam	2019-11-13T23:41:46.988809shield sshd\[16638\]: Invalid user hanspetter from 118.24.149.248 port 36730 2019-11-13T23:41:46.992934shield sshd\[16638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.149.248 2019-11-13T23:41:49.118167shield sshd\[16638\]: Failed password for invalid user hanspetter from 118.24.149.248 port 36730 ssh2 2019-11-13T23:46:00.198646shield sshd\[16949\]: Invalid user ts3server from 118.24.149.248 port 43486 2019-11-13T23:46:00.203206shield sshd\[16949\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.149.248	2019-11-14 08:01:17
222.186.173.238	attackbotsspam	Nov 14 05:17:07 gw1 sshd[1742]: Failed password for root from 222.186.173.238 port 4712 ssh2 Nov 14 05:17:21 gw1 sshd[1742]: Failed password for root from 222.186.173.238 port 4712 ssh2 Nov 14 05:17:21 gw1 sshd[1742]: error: maximum authentication attempts exceeded for root from 222.186.173.238 port 4712 ssh2 [preauth] ...	2019-11-14 08:17:31
167.71.159.129	attackspam	Nov 14 01:13:00 MK-Soft-Root1 sshd[7816]: Failed password for root from 167.71.159.129 port 40350 ssh2 ...	2019-11-14 08:20:36
83.103.98.211	attack	Nov 13 23:23:17 zeus sshd[12023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.103.98.211 Nov 13 23:23:19 zeus sshd[12023]: Failed password for invalid user sophia from 83.103.98.211 port 59270 ssh2 Nov 13 23:27:22 zeus sshd[12122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=83.103.98.211 Nov 13 23:27:23 zeus sshd[12122]: Failed password for invalid user fichthorn from 83.103.98.211 port 4387 ssh2	2019-11-14 08:12:56
103.133.176.197	attack	Nov 13 22:58:11 sshgateway sshd\[19125\]: Invalid user oktawia from 103.133.176.197 Nov 13 22:58:11 sshgateway sshd\[19125\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.133.176.197 Nov 13 22:58:14 sshgateway sshd\[19125\]: Failed password for invalid user oktawia from 103.133.176.197 port 59664 ssh2	2019-11-14 07:55:43
65.197.211.33	attackbots	[DoS Attack: ACK Scan] from source: 65.203.135.33, port 443, Wednesday, November 13, 2019 14:32:46 [DoS Attack: ACK Scan] from source: 65.203.135.33, port 443, Wednesday, November 13, 2019 14:32:45 [DoS Attack: ACK Scan] from source: 65.197.211.33, port 443, Wednesday, November 13, 2019 14:32:42 [DoS Attack: ACK Scan] from source: 65.197.211.33, port 443, Wednesday, November 13, 2019 14:32:40 [DoS Attack: ACK Scan] from source: 65.197.211.33, port 443, Wednesday, November 13, 2019 14:32:25 [DoS Attack: ACK Scan] from source: 65.197.211.33, port 443, Wednesday, November 13, 2019 14:32:24 [DoS Attack: ACK Scan] from source: 65.203.135.33, port 443, Wednesday, November 13, 2019 14:32:24 [DoS Attack: ACK Scan] from source: 65.197.211.33, port 443, Wednesday, November 13, 2019 14:32:20 [DoS Attack: ACK Scan] from source: 65.197.211.33, port 443, Wednesday, November 13, 2019 14:32:19	2019-11-14 08:05:15
51.83.2.148	attackspam	Automatic report - XMLRPC Attack	2019-11-14 08:14:10
129.204.202.89	attackbots	Nov 13 13:44:58 php1 sshd\[18138\]: Invalid user sven from 129.204.202.89 Nov 13 13:44:58 php1 sshd\[18138\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.202.89 Nov 13 13:44:59 php1 sshd\[18138\]: Failed password for invalid user sven from 129.204.202.89 port 43100 ssh2 Nov 13 13:49:17 php1 sshd\[18487\]: Invalid user riexinger from 129.204.202.89 Nov 13 13:49:17 php1 sshd\[18487\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.204.202.89	2019-11-14 07:52:40
104.236.230.165	attackspam	SSH bruteforce (Triggered fail2ban)	2019-11-14 07:46:11
217.178.19.212	attackbots	3588/tcp 3588/tcp 3588/tcp... [2019-11-13]61pkt,1pt.(tcp)	2019-11-14 08:00:12
220.186.79.69	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/220.186.79.69/ CN - 1H : (451) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 220.186.79.69 CIDR : 220.186.0.0/16 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 29 3H - 75 6H - 127 12H - 187 24H - 195 DateTime : 2019-11-13 23:58:02 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-11-14 08:06:10
139.199.59.31	attackbotsspam	Invalid user lemmon from 139.199.59.31 port 28682	2019-11-14 08:04:19
140.143.183.71	attackspambots	Nov 14 01:01:10 * sshd[7637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=140.143.183.71 Nov 14 01:01:11 * sshd[7637]: Failed password for invalid user 000000000 from 140.143.183.71 port 49700 ssh2	2019-11-14 08:19:35
117.4.185.183	attack	IMAP	2019-11-14 08:15:54

Recently Reported IPs

112.66.111.85	112.66.208.107	112.66.208.10	112.66.208.199
112.66.208.8	112.66.209.185	112.66.208.246	112.66.209.222
112.66.209.226	112.66.209.192	112.66.209.236	112.66.209.8
112.66.209.9	112.66.209.98	112.66.209.37	112.66.210.254
112.66.210.237	112.66.211.211	112.66.211.226	112.66.210.207