112.66.111.6 - IPInfo

Basic Info

City: Haikou

Region: Hainan

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 541353298c7beb81 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:17:55

Type

Details

Datetime

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 541353298c7beb81 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/4.074482891 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:17:55

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.111.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40964
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.111.6.			IN	A

;; AUTHORITY SECTION:
.			444	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 03:17:52 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 6.111.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.111.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.74.4.226	attack	Unauthorized connection attempt from IP address 182.74.4.226 on Port 445(SMB)	2019-11-07 05:06:37
132.145.170.174	attackspam	Nov 6 15:51:28 hcbbdb sshd\[7782\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.170.174 user=root Nov 6 15:51:31 hcbbdb sshd\[7782\]: Failed password for root from 132.145.170.174 port 57593 ssh2 Nov 6 15:55:46 hcbbdb sshd\[8247\]: Invalid user test from 132.145.170.174 Nov 6 15:55:46 hcbbdb sshd\[8247\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=132.145.170.174 Nov 6 15:55:47 hcbbdb sshd\[8247\]: Failed password for invalid user test from 132.145.170.174 port 41676 ssh2	2019-11-07 05:13:18
176.37.75.236	attackbotsspam	Brute Force Attack	2019-11-07 04:49:21
171.221.242.85	attackspambots	Unauthorised access (Nov 6) SRC=171.221.242.85 LEN=40 TTL=50 ID=2579 TCP DPT=8080 WINDOW=45381 SYN	2019-11-07 04:45:02
212.64.127.106	attackbotsspam	2019-11-05 13:46:17 server sshd[70963]: Failed password for invalid user root from 212.64.127.106 port 46137 ssh2	2019-11-07 04:57:25
51.75.248.241	attackbots	Nov 7 02:08:46 gw1 sshd[6163]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.75.248.241 Nov 7 02:08:48 gw1 sshd[6163]: Failed password for invalid user demo from 51.75.248.241 port 34170 ssh2 ...	2019-11-07 05:10:33
37.49.231.122	attackbots	37.49.231.122 was recorded 6 times by 6 hosts attempting to connect to the following ports: 8291. Incident counter (4h, 24h, all-time): 6, 20, 24	2019-11-07 05:14:05
45.143.220.46	attackbotsspam	\[2019-11-06 16:10:51\] NOTICE\[2601\] chan_sip.c: Registration from '"300" \' failed for '45.143.220.46:5122' - Wrong password \[2019-11-06 16:10:51\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-06T16:10:51.577-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="300",SessionID="0x7fdf2c2fde48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.143.220.46/5122",Challenge="589e2855",ReceivedChallenge="589e2855",ReceivedHash="91506c651077ed3c7a71f16722838119" \[2019-11-06 16:10:51\] NOTICE\[2601\] chan_sip.c: Registration from '"300" \' failed for '45.143.220.46:5122' - Wrong password \[2019-11-06 16:10:51\] SECURITY\[2634\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-11-06T16:10:51.674-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="300",SessionID="0x7fdf2c17e0f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.1	2019-11-07 05:19:49
182.61.59.143	attack	Tried sshing with brute force.	2019-11-07 04:45:32
188.165.221.36	attackbotsspam	SASL broute force	2019-11-07 04:51:18
54.37.205.162	attackbots	$f2bV_matches	2019-11-07 05:04:03
162.221.27.162	attackspam	Unauthorized connection attempt from IP address 162.221.27.162 on Port 445(SMB)	2019-11-07 05:16:24
91.121.114.69	attackspam	Fail2Ban Ban Triggered	2019-11-07 05:07:45
192.99.152.101	attackspam	Nov 6 17:30:19 firewall sshd[10304]: Failed password for invalid user library from 192.99.152.101 port 45372 ssh2 Nov 6 17:33:42 firewall sshd[10440]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.99.152.101 user=root Nov 6 17:33:44 firewall sshd[10440]: Failed password for root from 192.99.152.101 port 55182 ssh2 ...	2019-11-07 04:57:56
51.15.221.53	attackspambots	until 2019-11-06T16:54:54+00:00, observations: 21, bad account names: 2	2019-11-07 04:52:17

Recently Reported IPs

67.204.232.17	88.88.125.162	202.219.173.204	106.39.189.88
149.170.184.183	106.11.154.83	98.190.215.139	73.145.186.211
60.230.123.16	103.192.227.199	77.226.178.0	86.107.29.12
60.13.7.241	151.63.6.169	115.41.160.59	60.13.7.30
86.136.2.85	222.74.44.91	110.151.14.207	58.248.202.136