112.66.99.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 8000 [J]	2020-01-27 15:15:57
attackbotsspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 3128	2019-12-31 07:42:24

Comments on same subnet:

IP	Type	Details	Datetime
112.66.99.159	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.159 to port 802 [T]	2020-01-10 09:23:22
112.66.99.167	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.167 to port 8899	2020-01-04 08:33:51
112.66.99.25	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.25 to port 8090	2020-01-01 21:33:22
112.66.99.1	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.1 to port 2095	2019-12-31 08:33:07
112.66.99.211	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430c47bb86fe825 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:48:59
112.66.99.155	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f7b87ae62e4fe \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:35:16
112.66.99.74	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5414bd353ee5eb45 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:09:41
112.66.99.63	attack	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:18:55

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.99.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38785
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.99.6.			IN	A

;; AUTHORITY SECTION:
.			546	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019123001 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Dec 31 07:42:21 CST 2019
;; MSG SIZE  rcvd: 115

Host info

Host 6.99.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.99.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
106.12.36.173	attackbotsspam	Dec 1 09:36:16 h2177944 sshd\[26301\]: Invalid user fredericka. from 106.12.36.173 port 38316 Dec 1 09:36:16 h2177944 sshd\[26301\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.36.173 Dec 1 09:36:18 h2177944 sshd\[26301\]: Failed password for invalid user fredericka. from 106.12.36.173 port 38316 ssh2 Dec 1 09:40:22 h2177944 sshd\[26492\]: Invalid user nerehiza from 106.12.36.173 port 43160 ...	2019-12-01 17:49:21
99.29.90.25	attackspambots	pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.29.90.25 user=root Failed password for root from 99.29.90.25 port 42483 ssh2 Invalid user asdfg1234% from 99.29.90.25 port 38527 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=99.29.90.25 Failed password for invalid user asdfg1234% from 99.29.90.25 port 38527 ssh2	2019-12-01 18:25:05
178.128.90.40	attackspambots	Dec 1 11:08:40 vps666546 sshd\[21954\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 user=root Dec 1 11:08:42 vps666546 sshd\[21954\]: Failed password for root from 178.128.90.40 port 42408 ssh2 Dec 1 11:12:00 vps666546 sshd\[22038\]: Invalid user admin from 178.128.90.40 port 49216 Dec 1 11:12:00 vps666546 sshd\[22038\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.128.90.40 Dec 1 11:12:02 vps666546 sshd\[22038\]: Failed password for invalid user admin from 178.128.90.40 port 49216 ssh2 ...	2019-12-01 18:19:52
49.235.79.183	attackspam	Dec 1 17:10:23 webhost01 sshd[13693]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.235.79.183 Dec 1 17:10:26 webhost01 sshd[13693]: Failed password for invalid user sharalyn from 49.235.79.183 port 46194 ssh2 ...	2019-12-01 18:21:22
112.64.170.178	attack	SSH Brute-Force reported by Fail2Ban	2019-12-01 18:07:12
119.93.132.243	attack	DATE:2019-12-01 07:26:22, IP:119.93.132.243, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2019-12-01 18:12:48
193.188.22.229	attack	2019-12-01T10:23:34.123915abusebot-8.cloudsearch.cf sshd\[28032\]: Invalid user sftptest from 193.188.22.229 port 2875	2019-12-01 18:25:54
125.71.215.213	attackspam	2019-12-01T06:17:19.977596hub.schaetter.us sshd\[15142\]: Invalid user flaatten from 125.71.215.213 port 60924 2019-12-01T06:17:19.987929hub.schaetter.us sshd\[15142\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.71.215.213 2019-12-01T06:17:21.900371hub.schaetter.us sshd\[15142\]: Failed password for invalid user flaatten from 125.71.215.213 port 60924 ssh2 2019-12-01T06:26:02.900202hub.schaetter.us sshd\[15187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.71.215.213 user=sshd 2019-12-01T06:26:04.943307hub.schaetter.us sshd\[15187\]: Failed password for sshd from 125.71.215.213 port 37666 ssh2 ...	2019-12-01 18:24:00
45.82.153.80	attack	Nov 30 00:02:59 xzibhostname postfix/smtpd[11021]: connect from unknown[45.82.153.80] Nov 30 00:03:05 xzibhostname postfix/smtpd[11021]: warning: unknown[45.82.153.80]: SASL LOGIN authentication failed: authentication failure Nov 30 00:03:05 xzibhostname postfix/smtpd[11021]: lost connection after AUTH from unknown[45.82.153.80] Nov 30 00:03:05 xzibhostname postfix/smtpd[11021]: disconnect from unknown[45.82.153.80] Nov 30 00:03:05 xzibhostname postfix/smtpd[10085]: connect from unknown[45.82.153.80] Nov 30 00:03:11 xzibhostname postfix/smtpd[10085]: warning: unknown[45.82.153.80]: SASL LOGIN authentication failed: authentication failure Nov 30 00:03:12 xzibhostname postfix/smtpd[10085]: lost connection after AUTH from unknown[45.82.153.80] Nov 30 00:03:12 xzibhostname postfix/smtpd[10085]: disconnect from unknown[45.82.153.80] Nov 30 00:03:17 xzibhostname postfix/smtpd[11021]: connect from unknown[45.82.153.80] Nov 30 00:03:26 xzibhostname postfix/smtpd[11021]: warning........ -------------------------------	2019-12-01 18:09:23
79.7.109.226	attackspambots	Dec 01 00:35:23 askasleikir sshd[83389]: Failed password for root from 79.7.109.226 port 42166 ssh2 Dec 01 00:15:11 askasleikir sshd[82886]: Failed password for invalid user darklady from 79.7.109.226 port 47880 ssh2 Dec 01 00:30:03 askasleikir sshd[83260]: Failed password for root from 79.7.109.226 port 34372 ssh2	2019-12-01 18:07:53
82.64.30.16	attackbots	" "	2019-12-01 18:24:28
51.68.195.146	attack	Port scan on 1 port(s): 139	2019-12-01 17:53:30
185.81.128.112	attackbotsspam	12/01/2019-01:26:52.043994 185.81.128.112 Protocol: 6 ET SCAN NMAP -sS window 1024	2019-12-01 17:52:01
182.71.108.154	attackspambots	fail2ban	2019-12-01 17:56:42
37.220.176.38	attackbotsspam	Automatic report - Port Scan Attack	2019-12-01 18:10:05

Recently Reported IPs

221.213.75.14	221.13.12.125	221.13.12.61	221.1.70.189
220.250.63.73	220.250.63.63	219.143.174.202	219.136.222.79
210.74.15.139	180.180.44.170	180.167.37.166	180.137.9.252
171.36.134.182	171.36.130.39	145.255.3.17	134.175.102.60
124.235.138.3	124.193.191.52	166.249.30.65	124.156.192.62