112.66.107.192

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.107.70	attack	Unauthorized connection attempt detected from IP address 112.66.107.70 to port 8082 [J]	2020-03-02 20:34:45
112.66.107.228	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 541755e7a874999b \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:05:42
112.66.107.110	attack	The IP has triggered Cloudflare WAF. CF-Ray: 541760960bd7eb91 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:13:22

Type

Details

Datetime

112.66.107.70

attack

Unauthorized connection attempt detected from IP address 112.66.107.70 to port 8082 [J]

2020-03-02 20:34:45

112.66.107.228

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 541755e7a874999b | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: theme-suka.skk.moe | User-Agent: Mozilla/5.077692140 Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 06:05:42

112.66.107.110

attack

The IP has triggered Cloudflare WAF. CF-Ray: 541760960bd7eb91 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:13:22

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.107.192
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16068
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.107.192.			IN	A

;; AUTHORITY SECTION:
.			158	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 13:32:20 CST 2022
;; MSG SIZE  rcvd: 107

Host info

Host 192.107.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 192.107.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
217.21.210.85	attack	Brute-force attempt banned	2020-06-30 08:32:43
218.92.0.246	attackbots	Scanned 27 times in the last 24 hours on port 22	2020-06-30 08:12:08
80.82.65.253	attackspam	Triggered: repeated knocking on closed ports.	2020-06-30 08:23:28
54.38.187.211	attack	54.38.187.211 - - [30/Jun/2020:00:05:05 +0100] "POST /wp-login.php HTTP/1.1" 200 2020 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.38.187.211 - - [30/Jun/2020:00:05:06 +0100] "POST /wp-login.php HTTP/1.1" 200 2019 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 54.38.187.211 - - [30/Jun/2020:00:05:06 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-06-30 08:06:42
190.16.93.190	attack	Jun 30 02:06:08 eventyay sshd[27174]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.16.93.190 Jun 30 02:06:10 eventyay sshd[27174]: Failed password for invalid user paolo from 190.16.93.190 port 50984 ssh2 Jun 30 02:09:12 eventyay sshd[27276]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.16.93.190 ...	2020-06-30 08:17:31
173.212.201.28	attackspambots	Jun 29 19:48:00 fwservlet sshd[28833]: Invalid user test1 from 173.212.201.28 Jun 29 19:48:00 fwservlet sshd[28833]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.201.28 Jun 29 19:48:02 fwservlet sshd[28833]: Failed password for invalid user test1 from 173.212.201.28 port 55682 ssh2 Jun 29 19:48:02 fwservlet sshd[28833]: Received disconnect from 173.212.201.28 port 55682:11: Bye Bye [preauth] Jun 29 19:48:02 fwservlet sshd[28833]: Disconnected from 173.212.201.28 port 55682 [preauth] Jun 29 19:55:56 fwservlet sshd[29071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=173.212.201.28 user=nagios Jun 29 19:55:58 fwservlet sshd[29071]: Failed password for nagios from 173.212.201.28 port 49790 ssh2 Jun 29 19:55:58 fwservlet sshd[29071]: Received disconnect from 173.212.201.28 port 49790:11: Bye Bye [preauth] Jun 29 19:55:58 fwservlet sshd[29071]: Disconnected from 173.212.201.28 port........ -------------------------------	2020-06-30 08:21:15
49.230.68.27	attack	Unauthorized connection attempt from IP address 49.230.68.27 on Port 445(SMB)	2020-06-30 08:25:41
201.247.246.18	attackspam	20/6/29@15:45:51: FAIL: Alarm-Network address from=201.247.246.18 20/6/29@15:45:51: FAIL: Alarm-Network address from=201.247.246.18 ...	2020-06-30 08:20:20
188.119.40.247	attackbots	1593461067 - 06/29/2020 22:04:27 Host: 188.119.40.247/188.119.40.247 Port: 445 TCP Blocked	2020-06-30 08:18:11
218.92.0.253	attack	Jun 30 02:12:31 minden010 sshd[22187]: Failed password for root from 218.92.0.253 port 20163 ssh2 Jun 30 02:12:35 minden010 sshd[22187]: Failed password for root from 218.92.0.253 port 20163 ssh2 Jun 30 02:12:38 minden010 sshd[22187]: Failed password for root from 218.92.0.253 port 20163 ssh2 Jun 30 02:12:41 minden010 sshd[22187]: Failed password for root from 218.92.0.253 port 20163 ssh2 ...	2020-06-30 08:27:17
118.189.74.228	attackbotsspam	Jun 30 03:49:23 webhost01 sshd[10501]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.189.74.228 Jun 30 03:49:24 webhost01 sshd[10501]: Failed password for invalid user tester from 118.189.74.228 port 40258 ssh2 ...	2020-06-30 08:30:24
189.163.231.93	attack	DATE:2020-06-29 21:45:36, IP:189.163.231.93, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq)	2020-06-30 08:30:08
73.84.178.240	attack	port scan and connect, tcp 81 (hosts2-ns)	2020-06-30 08:06:18
120.92.212.238	attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-30 08:39:13
138.68.106.62	attackspambots	SSH / Telnet Brute Force Attempts on Honeypot	2020-06-30 08:22:59

Recently Reported IPs

112.66.107.101	112.66.107.226	112.66.107.15	112.66.107.237
112.66.107.236	112.66.107.212	112.66.107.69	112.66.107.251
112.66.108.137	112.66.107.83	112.66.108.161	112.66.108.190
112.66.108.187	112.66.108.217	112.66.107.8	112.66.108.178
112.66.108.86	112.66.108.37	112.66.108.9	112.66.109.118