112.66.99.28 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: None

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.99.6	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 8000 [J]	2020-01-27 15:15:57
112.66.99.159	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.159 to port 802 [T]	2020-01-10 09:23:22
112.66.99.167	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.167 to port 8899	2020-01-04 08:33:51
112.66.99.25	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.25 to port 8090	2020-01-01 21:33:22
112.66.99.1	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.1 to port 2095	2019-12-31 08:33:07
112.66.99.6	attackbotsspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 3128	2019-12-31 07:42:24
112.66.99.211	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430c47bb86fe825 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:48:59
112.66.99.155	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f7b87ae62e4fe \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:35:16
112.66.99.74	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5414bd353ee5eb45 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:09:41
112.66.99.63	attack	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:18:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.99.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64400
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.99.28.			IN	A

;; AUTHORITY SECTION:
.			572	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030102 1800 900 604800 86400

;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 02 11:35:29 CST 2022
;; MSG SIZE  rcvd: 105

Host info

Host 28.99.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 28.99.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
177.128.143.241	attack	$f2bV_matches	2019-07-24 23:33:39
123.16.222.52	attackspam	2019-07-24T05:17:01.069507abusebot.cloudsearch.cf sshd\[2867\]: Invalid user admin from 123.16.222.52 port 42972	2019-07-25 00:31:42
167.99.66.166	attackspam	Jul 24 16:28:06 [host] sshd[12920]: Invalid user test from 167.99.66.166 Jul 24 16:28:06 [host] sshd[12920]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.66.166 Jul 24 16:28:08 [host] sshd[12920]: Failed password for invalid user test from 167.99.66.166 port 38692 ssh2	2019-07-24 22:57:44
111.230.46.229	attack	Jul 24 11:20:43 OPSO sshd\[11866\]: Invalid user tui from 111.230.46.229 port 51408 Jul 24 11:20:43 OPSO sshd\[11866\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.46.229 Jul 24 11:20:45 OPSO sshd\[11866\]: Failed password for invalid user tui from 111.230.46.229 port 51408 ssh2 Jul 24 11:24:56 OPSO sshd\[12250\]: Invalid user sahil from 111.230.46.229 port 59298 Jul 24 11:24:56 OPSO sshd\[12250\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.46.229	2019-07-24 23:25:20
54.175.56.31	attack	Jul 24 05:18:28 TCP Attack: SRC=54.175.56.31 DST=[Masked] LEN=250 TOS=0x00 PREC=0x00 TTL=236 DF PROTO=TCP SPT=46774 DPT=80 WINDOW=913 RES=0x00 ACK PSH URGP=0	2019-07-24 23:36:11
177.23.74.121	attack	$f2bV_matches	2019-07-24 23:08:21
187.109.56.127	attack	$f2bV_matches	2019-07-24 23:37:38
176.88.226.108	attackspam	Caught in portsentry honeypot	2019-07-24 23:11:50
139.129.130.253	attack	Automatic report - Banned IP Access	2019-07-24 23:17:42
54.36.54.24	attackbots	Jul 22 16:15:10 sanyalnet-cloud-vps4 sshd[10140]: Connection from 54.36.54.24 port 55424 on 64.137.160.124 port 23 Jul 22 16:15:11 sanyalnet-cloud-vps4 sshd[10140]: Address 54.36.54.24 maps to ip-54-36-54.eu, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! Jul 22 16:15:11 sanyalnet-cloud-vps4 sshd[10140]: Invalid user baptiste from 54.36.54.24 Jul 22 16:15:11 sanyalnet-cloud-vps4 sshd[10140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.54.24 Jul 22 16:15:13 sanyalnet-cloud-vps4 sshd[10140]: Failed password for invalid user baptiste from 54.36.54.24 port 55424 ssh2 Jul 22 16:15:13 sanyalnet-cloud-vps4 sshd[10140]: Received disconnect from 54.36.54.24: 11: Bye Bye [preauth] Jul 22 16:40:34 sanyalnet-cloud-vps4 sshd[10337]: Connection from 54.36.54.24 port 59733 on 64.137.160.124 port 23 Jul 22 16:40:35 sanyalnet-cloud-vps4 sshd[10337]: Address 54.36.54.24 maps to ip-54-36-54.eu, but this does not ma........ -------------------------------	2019-07-24 23:23:14
107.170.63.221	attackspam	2019-07-24T21:35:12.414874enmeeting.mahidol.ac.th sshd\[3403\]: Invalid user er from 107.170.63.221 port 40032 2019-07-24T21:35:12.429313enmeeting.mahidol.ac.th sshd\[3403\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.63.221 2019-07-24T21:35:15.077295enmeeting.mahidol.ac.th sshd\[3403\]: Failed password for invalid user er from 107.170.63.221 port 40032 ssh2 ...	2019-07-25 00:12:58
117.0.35.153	attackspambots	Jul 24 16:09:37 apollo sshd\[23906\]: Failed password for root from 117.0.35.153 port 51689 ssh2Jul 24 16:09:41 apollo sshd\[23908\]: Invalid user admin from 117.0.35.153Jul 24 16:09:44 apollo sshd\[23908\]: Failed password for invalid user admin from 117.0.35.153 port 50091 ssh2 ...	2019-07-24 23:29:49
103.60.160.136	attackbots	WordPress XMLRPC scan :: 103.60.160.136 0.192 BYPASS [24/Jul/2019:21:54:45 1000] [censored_1] "GET /xmlrpc.php HTTP/1.1" 405 53 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1"	2019-07-24 23:42:23
77.247.110.103	attackbots	\[2019-07-24 12:02:02\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-24T12:02:02.635-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="7011442038079252",SessionID="0x7f06f8009f28",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.103/5071",ACLName="no_extension_match" \[2019-07-24 12:06:48\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-24T12:06:48.239-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="1011442038079252",SessionID="0x7f06f83e80f8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.103/5070",ACLName="no_extension_match" \[2019-07-24 12:11:06\] SECURITY\[20812\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-07-24T12:11:06.824-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="011442038079252",SessionID="0x7f06f804c2c8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.110.103/5070",ACLName="n	2019-07-25 00:12:26
191.240.65.50	attackbots	$f2bV_matches	2019-07-24 23:40:56

Recently Reported IPs

112.66.99.240	112.66.99.42	112.67.130.180	112.67.160.103
112.67.160.111	112.67.160.135	112.67.160.136	112.67.160.2
112.67.160.242	112.67.160.35	112.67.160.43	112.67.160.95
112.67.161.100	112.67.161.137	112.67.161.142	112.67.161.146
112.67.161.185	112.67.161.190	112.67.161.227	112.67.161.229