112.66.104.148

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.104.41	attack	The IP has triggered Cloudflare WAF. CF-Ray: 5410875db8eeeb29 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:36:01

Type

Details

Datetime

112.66.104.41

attack

The IP has triggered Cloudflare WAF. CF-Ray: 5410875db8eeeb29 | WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/4.054101423 Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1) | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:36:01

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.104.148
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12559
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.104.148.			IN	A

;; AUTHORITY SECTION:
.			414	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022031801 1800 900 604800 86400

;; Query time: 60 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 19 10:42:07 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 148.104.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 148.104.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.149.242.9	attackbotsspam	2020-07-11T20:19:42.294276mail.standpoint.com.ua sshd[6753]: Invalid user khariton from 220.149.242.9 port 51848 2020-07-11T20:19:42.296848mail.standpoint.com.ua sshd[6753]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.149.242.9 2020-07-11T20:19:42.294276mail.standpoint.com.ua sshd[6753]: Invalid user khariton from 220.149.242.9 port 51848 2020-07-11T20:19:44.552659mail.standpoint.com.ua sshd[6753]: Failed password for invalid user khariton from 220.149.242.9 port 51848 ssh2 2020-07-11T20:21:46.332204mail.standpoint.com.ua sshd[7024]: Invalid user liyujiang from 220.149.242.9 port 39383 ...	2020-07-12 01:38:33
49.233.214.188	attack	Jul 11 17:27:27 h2646465 sshd[16832]: Invalid user admin from 49.233.214.188 Jul 11 17:27:27 h2646465 sshd[16832]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.214.188 Jul 11 17:27:27 h2646465 sshd[16832]: Invalid user admin from 49.233.214.188 Jul 11 17:27:30 h2646465 sshd[16832]: Failed password for invalid user admin from 49.233.214.188 port 35358 ssh2 Jul 11 17:34:44 h2646465 sshd[17607]: Invalid user yth from 49.233.214.188 Jul 11 17:34:44 h2646465 sshd[17607]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.214.188 Jul 11 17:34:44 h2646465 sshd[17607]: Invalid user yth from 49.233.214.188 Jul 11 17:34:46 h2646465 sshd[17607]: Failed password for invalid user yth from 49.233.214.188 port 39076 ssh2 Jul 11 17:37:21 h2646465 sshd[18188]: Invalid user speech-dispatcher from 49.233.214.188 ...	2020-07-12 01:31:41
106.13.24.164	attack	Invalid user amavisd from 106.13.24.164 port 34056	2020-07-12 02:04:11
106.13.233.5	attack	Jul 11 17:39:40 lnxded64 sshd[7940]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.233.5 Jul 11 17:39:42 lnxded64 sshd[7940]: Failed password for invalid user adam1 from 106.13.233.5 port 34220 ssh2 Jul 11 17:45:59 lnxded64 sshd[9519]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.233.5	2020-07-12 02:03:27
107.174.46.67	attackbotsspam	(sshd) Failed SSH login from 107.174.46.67 (US/United States/107-174-46-67-host.colocrossing.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 11 19:04:22 amsweb01 sshd[20916]: Did not receive identification string from 107.174.46.67 port 42532 Jul 11 19:04:34 amsweb01 sshd[20931]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.174.46.67 user=root Jul 11 19:04:36 amsweb01 sshd[20931]: Failed password for root from 107.174.46.67 port 56254 ssh2 Jul 11 19:04:43 amsweb01 sshd[20935]: Invalid user oracle from 107.174.46.67 port 33884 Jul 11 19:04:45 amsweb01 sshd[20935]: Failed password for invalid user oracle from 107.174.46.67 port 33884 ssh2	2020-07-12 02:02:16
201.62.73.92	attackbotsspam	Jul 11 18:20:35 hell sshd[22696]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.62.73.92 Jul 11 18:20:37 hell sshd[22696]: Failed password for invalid user daniel from 201.62.73.92 port 59292 ssh2 ...	2020-07-12 01:42:14
82.65.104.195	attack	Jul 11 18:58:57 h2608077 sshd[2338]: Invalid user pi from 82.65.104.195 Jul 11 18:58:57 h2608077 sshd[2340]: Invalid user pi from 82.65.104.195 ...	2020-07-12 01:26:21
116.203.28.70	attackspambots	Invalid user daniel from 116.203.28.70 port 35762	2020-07-12 02:00:07
190.215.112.122	attackspambots	Jul 11 15:52:07 XXX sshd[27900]: Invalid user ashish from 190.215.112.122 port 48724	2020-07-12 01:46:30
49.235.167.59	attackbots	Fail2Ban Ban Triggered	2020-07-12 01:31:25
191.238.211.167	attackspambots	Jul 11 11:54:22 lanister sshd[12288]: Invalid user satomi from 191.238.211.167 Jul 11 11:54:22 lanister sshd[12288]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=191.238.211.167 Jul 11 11:54:22 lanister sshd[12288]: Invalid user satomi from 191.238.211.167 Jul 11 11:54:24 lanister sshd[12288]: Failed password for invalid user satomi from 191.238.211.167 port 60984 ssh2	2020-07-12 01:46:05
122.51.222.42	attackspam	2020-07-11T13:49:32.424816na-vps210223 sshd[2104]: Failed password for invalid user fujino from 122.51.222.42 port 35050 ssh2 2020-07-11T13:51:38.849880na-vps210223 sshd[8011]: Invalid user malvern from 122.51.222.42 port 57092 2020-07-11T13:51:38.853243na-vps210223 sshd[8011]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.222.42 2020-07-11T13:51:38.849880na-vps210223 sshd[8011]: Invalid user malvern from 122.51.222.42 port 57092 2020-07-11T13:51:40.476390na-vps210223 sshd[8011]: Failed password for invalid user malvern from 122.51.222.42 port 57092 ssh2 ...	2020-07-12 01:56:54
198.46.152.196	attackspambots	Jul 11 19:04:44 prod4 sshd\[18041\]: Invalid user konitada from 198.46.152.196 Jul 11 19:04:46 prod4 sshd\[18041\]: Failed password for invalid user konitada from 198.46.152.196 port 56468 ssh2 Jul 11 19:08:09 prod4 sshd\[19662\]: Invalid user jensen from 198.46.152.196 ...	2020-07-12 01:44:21
109.115.187.35	attack	reported through recidive - multiple failed attempts(SSH)	2020-07-12 02:01:54
5.51.111.195	attackspam	Invalid user teva from 5.51.111.195 port 51554	2020-07-12 01:36:00

Recently Reported IPs

112.66.104.135	112.66.104.164	112.66.104.191	57.31.55.14
112.66.104.207	112.66.104.83	112.66.105.131	107.157.165.104
112.66.105.141	112.66.105.158	112.66.105.184	136.62.167.150
112.66.105.187	112.74.135.83	112.74.186.65	112.74.188.181
112.74.209.100	112.74.40.219	112.74.50.9	112.74.58.193