121.57.227.249

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Neimeng Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5435ea1a9eb5e4b8 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:45:59

Type

Details

Datetime

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 5435ea1a9eb5e4b8 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 06:45:59

Comments on same subnet:

IP	Type	Details	Datetime
121.57.227.123	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5437c6623e0799a7 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.081397758 Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 05:39:50
121.57.227.42	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54316b601825e7f9 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:21:19
121.57.227.104	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5438567d18ede4d9 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 02:37:29
121.57.227.23	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5436794c78bfd352 \| WAF_Rule_ID: 1122843 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 9_1 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13B143 Safari/601.1 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 00:45:00
121.57.227.234	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54174333fb4feb8d \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:17:17

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.57.227.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49847
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.57.227.249.			IN	A

;; AUTHORITY SECTION:
.			165	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 114 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 06:45:56 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 249.227.57.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 249.227.57.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
157.245.175.51	attack	Dec 4 06:53:09 foo sshd[25174]: Did not receive identification string from 157.245.175.51 Dec 4 06:55:39 foo sshd[25202]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.175.51 user=r.r Dec 4 06:55:41 foo sshd[25202]: Failed password for r.r from 157.245.175.51 port 33072 ssh2 Dec 4 06:55:41 foo sshd[25202]: Received disconnect from 157.245.175.51: 11: Normal Shutdown, Thank you for playing [preauth] Dec 4 06:56:15 foo sshd[25210]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.175.51 user=r.r Dec 4 06:56:17 foo sshd[25210]: Failed password for r.r from 157.245.175.51 port 60458 ssh2 Dec 4 06:56:17 foo sshd[25210]: Received disconnect from 157.245.175.51: 11: Normal Shutdown, Thank you for playing [preauth] Dec 4 06:57:41 foo sshd[25230]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.245.175.51 user=r.r Dec 4 06:57:43........ -------------------------------	2019-12-05 06:11:46
119.27.189.46	attack	Dec 4 21:27:49 MK-Soft-VM8 sshd[15014]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.27.189.46 Dec 4 21:27:50 MK-Soft-VM8 sshd[15014]: Failed password for invalid user birgitt from 119.27.189.46 port 59778 ssh2 ...	2019-12-05 05:51:48
112.197.0.125	attack	Dec 4 17:15:04 sshd: Connection from 112.197.0.125 port 11781 Dec 4 17:15:05 sshd: Invalid user 170 from 112.197.0.125 Dec 4 17:15:05 sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.197.0.125 Dec 4 17:15:07 sshd: Failed password for invalid user 170 from 112.197.0.125 port 11781 ssh2 Dec 4 17:15:07 sshd: Received disconnect from 112.197.0.125: 11: Bye Bye [preauth]	2019-12-05 05:39:00
54.38.33.178	attackspambots	Dec 4 21:28:54 MK-Soft-VM6 sshd[6771]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.33.178 Dec 4 21:28:56 MK-Soft-VM6 sshd[6771]: Failed password for invalid user angerer from 54.38.33.178 port 50798 ssh2 ...	2019-12-05 05:52:34
117.50.11.205	attack	Dec 4 20:20:05 localhost sshd\[26229\]: Invalid user monique from 117.50.11.205 Dec 4 20:20:05 localhost sshd\[26229\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.11.205 Dec 4 20:20:07 localhost sshd\[26229\]: Failed password for invalid user monique from 117.50.11.205 port 53750 ssh2 Dec 4 20:25:47 localhost sshd\[26492\]: Invalid user tienbuen from 117.50.11.205 Dec 4 20:25:47 localhost sshd\[26492\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.50.11.205 ...	2019-12-05 05:56:12
71.6.142.86	attack	" "	2019-12-05 05:42:03
118.27.2.75	attackspambots	2019-12-04T21:33:06.912502abusebot-3.cloudsearch.cf sshd\[19048\]: Invalid user jocelynn from 118.27.2.75 port 41204	2019-12-05 05:42:58
222.186.42.4	attackspambots	Dec 2 09:46:32 microserver sshd[56083]: Failed none for root from 222.186.42.4 port 36094 ssh2 Dec 2 09:46:32 microserver sshd[56083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Dec 2 09:46:35 microserver sshd[56083]: Failed password for root from 222.186.42.4 port 36094 ssh2 Dec 2 09:46:38 microserver sshd[56083]: Failed password for root from 222.186.42.4 port 36094 ssh2 Dec 2 09:46:41 microserver sshd[56083]: Failed password for root from 222.186.42.4 port 36094 ssh2 Dec 2 10:12:20 microserver sshd[60106]: Failed none for root from 222.186.42.4 port 49472 ssh2 Dec 2 10:12:20 microserver sshd[60106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.4 user=root Dec 2 10:12:22 microserver sshd[60106]: Failed password for root from 222.186.42.4 port 49472 ssh2 Dec 2 10:12:25 microserver sshd[60106]: Failed password for root from 222.186.42.4 port 49472 ssh2 Dec 2 10:12:29 microserve	2019-12-05 05:39:37
148.70.201.162	attackspam	Dec 4 16:58:20 linuxvps sshd\[52147\]: Invalid user ftpuser from 148.70.201.162 Dec 4 16:58:20 linuxvps sshd\[52147\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.201.162 Dec 4 16:58:22 linuxvps sshd\[52147\]: Failed password for invalid user ftpuser from 148.70.201.162 port 38098 ssh2 Dec 4 17:05:39 linuxvps sshd\[56454\]: Invalid user mysql from 148.70.201.162 Dec 4 17:05:39 linuxvps sshd\[56454\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.201.162	2019-12-05 06:07:22
210.92.105.120	attackbotsspam	Dec 5 01:36:08 areeb-Workstation sshd[18114]: Failed password for uucp from 210.92.105.120 port 44910 ssh2 ...	2019-12-05 05:36:42
137.74.167.250	attack	Dec 4 22:20:54 v22018086721571380 sshd[16235]: Failed password for invalid user nakayama from 137.74.167.250 port 48500 ssh2	2019-12-05 05:42:35
88.204.214.123	attackspam	no	2019-12-05 06:10:05
190.143.142.162	attackspam	Dec 4 22:34:54 OPSO sshd\[30679\]: Invalid user squid from 190.143.142.162 port 47092 Dec 4 22:34:54 OPSO sshd\[30679\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.143.142.162 Dec 4 22:34:56 OPSO sshd\[30679\]: Failed password for invalid user squid from 190.143.142.162 port 47092 ssh2 Dec 4 22:42:39 OPSO sshd\[32752\]: Invalid user matlary from 190.143.142.162 port 54354 Dec 4 22:42:39 OPSO sshd\[32752\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.143.142.162	2019-12-05 06:01:05
222.186.173.142	attackbots	Dec 4 22:58:15 sd-53420 sshd\[3862\]: User root from 222.186.173.142 not allowed because none of user's groups are listed in AllowGroups Dec 4 22:58:15 sd-53420 sshd\[3862\]: Failed none for invalid user root from 222.186.173.142 port 27404 ssh2 Dec 4 22:58:16 sd-53420 sshd\[3862\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Dec 4 22:58:17 sd-53420 sshd\[3862\]: Failed password for invalid user root from 222.186.173.142 port 27404 ssh2 Dec 4 22:58:20 sd-53420 sshd\[3862\]: Failed password for invalid user root from 222.186.173.142 port 27404 ssh2 ...	2019-12-05 05:59:54
111.230.241.245	attackbots	SSH brutforce	2019-12-05 05:40:47

Recently Reported IPs

49.7.6.149	49.7.3.81	38.106.21.186	36.32.3.91
36.32.3.76	35.233.197.181	35.197.88.134	27.224.137.50
27.224.137.15	27.224.136.22	39.72.202.72	5.62.39.235
245.67.194.183	223.166.75.132	221.13.12.189	221.13.12.174
221.13.12.161	221.0.23.24	220.181.108.80	220.181.51.124