112.66.106.150

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.106.218	attack	Unauthorized connection attempt detected from IP address 112.66.106.218 to port 8080	2019-12-31 06:31:00
112.66.106.87	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540f2ea2d96a9965 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:18:11

Type

Details

Datetime

112.66.106.218

attack

Unauthorized connection attempt detected from IP address 112.66.106.218 to port 8080

2019-12-31 06:31:00

112.66.106.87

attack

The IP has triggered Cloudflare WAF. CF-Ray: 540f2ea2d96a9965 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: disqus.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 03:18:11

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.106.150
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50365
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.106.150.			IN	A

;; AUTHORITY SECTION:
.			299	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 22:04:13 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 150.106.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 150.106.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
87.226.165.143	attackspam	May 26 21:58:37 cdc sshd[1023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=87.226.165.143 user=root May 26 21:58:39 cdc sshd[1023]: Failed password for invalid user root from 87.226.165.143 port 55770 ssh2	2020-05-27 05:50:47
140.238.153.125	attack	May 26 20:32:48 edebian sshd[5762]: Failed password for invalid user mysql from 140.238.153.125 port 17199 ssh2 ...	2020-05-27 05:31:32
222.65.249.48	attack	May 26 18:17:08 vps sshd[265988]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.65.249.48 May 26 18:17:09 vps sshd[265988]: Failed password for invalid user art from 222.65.249.48 port 46240 ssh2 May 26 18:22:33 vps sshd[288835]: Invalid user phpmy from 222.65.249.48 port 7968 May 26 18:22:33 vps sshd[288835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.65.249.48 May 26 18:22:35 vps sshd[288835]: Failed password for invalid user phpmy from 222.65.249.48 port 7968 ssh2 ...	2020-05-27 05:27:03
139.59.10.42	attack	Too many connections or unauthorized access detected from Arctic banned ip	2020-05-27 05:58:50
94.16.117.246	attack	Invalid user su from 94.16.117.246 port 52950	2020-05-27 05:57:03
172.245.10.253	attackbots	May 26 18:09:41 debian-2gb-nbg1-2 kernel: \[12768179.526152\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=172.245.10.253 DST=195.201.40.59 LEN=52 TOS=0x02 PREC=0x00 TTL=116 ID=19871 DF PROTO=TCP SPT=64183 DPT=3389 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0	2020-05-27 05:29:20
187.149.85.35	attackbotsspam	Brute force attempt	2020-05-27 05:54:53
167.114.252.133	attackspam	May 25 04:59:05 olgosrv01 sshd[1536]: Address 167.114.252.133 maps to mylino.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 25 04:59:05 olgosrv01 sshd[1536]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.252.133 user=r.r May 25 04:59:07 olgosrv01 sshd[1536]: Failed password for r.r from 167.114.252.133 port 54960 ssh2 May 25 04:59:07 olgosrv01 sshd[1536]: Received disconnect from 167.114.252.133: 11: Bye Bye [preauth] May 25 05:14:28 olgosrv01 sshd[2669]: Address 167.114.252.133 maps to mylino.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! May 25 05:14:28 olgosrv01 sshd[2669]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.252.133 user=r.r May 25 05:14:30 olgosrv01 sshd[2669]: Failed password for r.r from 167.114.252.133 port 53632 ssh2 May 25 05:14:30 olgosrv01 sshd[2669]: Received disconnect from 167.114.252........ -------------------------------	2020-05-27 05:39:44
74.254.199.5	attack	May 26 19:59:08 pve1 sshd[5471]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=74.254.199.5 May 26 19:59:10 pve1 sshd[5471]: Failed password for invalid user nfs from 74.254.199.5 port 32798 ssh2 ...	2020-05-27 05:48:27
211.25.119.131	attack	2020-05-26T23:08:29.697488centos sshd[28058]: Failed password for invalid user admin from 211.25.119.131 port 38647 ssh2 2020-05-26T23:12:23.570521centos sshd[28298]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.25.119.131 user=root 2020-05-26T23:12:25.865070centos sshd[28298]: Failed password for root from 211.25.119.131 port 4156 ssh2 ...	2020-05-27 05:49:42
104.206.128.42	attackspam	1590514879 - 05/26/2020 19:41:19 Host: 104.206.128.42/104.206.128.42 Port: 21 TCP Blocked	2020-05-27 05:52:57
91.121.91.82	attack	Invalid user chek from 91.121.91.82 port 50340	2020-05-27 05:47:21
83.97.20.35	attack	firewall-block, port(s): 123/tcp, 389/tcp, 3333/tcp, 8333/tcp, 8554/tcp	2020-05-27 05:33:41
222.186.173.142	attackspambots	2020-05-26T21:36:19.281561shield sshd\[5474\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root 2020-05-26T21:36:21.379954shield sshd\[5474\]: Failed password for root from 222.186.173.142 port 35830 ssh2 2020-05-26T21:36:23.783121shield sshd\[5474\]: Failed password for root from 222.186.173.142 port 35830 ssh2 2020-05-26T21:36:27.265117shield sshd\[5474\]: Failed password for root from 222.186.173.142 port 35830 ssh2 2020-05-26T21:36:30.160532shield sshd\[5474\]: Failed password for root from 222.186.173.142 port 35830 ssh2	2020-05-27 05:43:26
177.34.101.245	attackspam	Automatic report - Port Scan Attack	2020-05-27 05:46:49

Recently Reported IPs

45.186.203.242	156.216.131.143	81.68.162.120	45.168.180.162
54.163.23.92	35.222.17.115	116.72.202.204	101.205.148.45
195.58.62.138	212.85.90.136	5.181.43.90	106.195.3.239
1.2.189.170	189.165.15.229	43.229.227.162	185.59.245.233
120.14.133.224	143.255.2.223	115.124.79.93	200.37.140.36