112.66.108.112

Basic Info

City: Haikou

Region: Hainan

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 05:22:34

Comments on same subnet:

IP	Type	Details	Datetime
112.66.108.185	attackspam	Unauthorized connection attempt detected from IP address 112.66.108.185 to port 999 [J]	2020-03-02 21:36:14
112.66.108.92	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540fe74d1f6fd366 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:05:15
112.66.108.128	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f519dae11eabb \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.038533357 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1) QQBrowser/6.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:13:02
112.66.108.17	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54168ea45acb98c3 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:03:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.108.112
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 53675
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.108.112.			IN	A

;; AUTHORITY SECTION:
.			505	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019122502 1800 900 604800 86400

;; Query time: 101 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 26 05:22:31 CST 2019
;; MSG SIZE  rcvd: 118

Host info

Host 112.108.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 112.108.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
198.211.120.99	attackbots	Apr 21 13:56:48 work-partkepr sshd\[960\]: Invalid user fi from 198.211.120.99 port 32934 Apr 21 13:56:48 work-partkepr sshd\[960\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=198.211.120.99 ...	2020-04-22 03:18:23
120.70.100.89	attack	Invalid user yp from 120.70.100.89 port 51378	2020-04-22 03:49:15
138.197.110.41	attack	Invalid user git from 138.197.110.41 port 46246	2020-04-22 03:38:59
193.112.98.79	attackbots	Invalid user cx from 193.112.98.79 port 51212	2020-04-22 03:20:40
138.68.226.175	attackspam	Apr 22 01:37:26 itv-usvr-01 sshd[9540]: Invalid user ek from 138.68.226.175 Apr 22 01:37:26 itv-usvr-01 sshd[9540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 Apr 22 01:37:26 itv-usvr-01 sshd[9540]: Invalid user ek from 138.68.226.175 Apr 22 01:37:29 itv-usvr-01 sshd[9540]: Failed password for invalid user ek from 138.68.226.175 port 59884 ssh2 Apr 22 01:44:54 itv-usvr-01 sshd[9946]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.68.226.175 user=root Apr 22 01:44:56 itv-usvr-01 sshd[9946]: Failed password for root from 138.68.226.175 port 41524 ssh2	2020-04-22 03:40:10
117.7.204.67	attackbotsspam	Invalid user admin from 117.7.204.67 port 46687	2020-04-22 03:52:12
180.101.248.148	attackbots	Apr 21 20:24:45 Ubuntu-1404-trusty-64-minimal sshd\[18760\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.248.148 user=root Apr 21 20:24:47 Ubuntu-1404-trusty-64-minimal sshd\[18760\]: Failed password for root from 180.101.248.148 port 45410 ssh2 Apr 21 20:31:52 Ubuntu-1404-trusty-64-minimal sshd\[30416\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.101.248.148 user=root Apr 21 20:31:53 Ubuntu-1404-trusty-64-minimal sshd\[30416\]: Failed password for root from 180.101.248.148 port 60582 ssh2 Apr 21 20:35:33 Ubuntu-1404-trusty-64-minimal sshd\[32534\]: Invalid user yt from 180.101.248.148	2020-04-22 03:28:09
159.65.136.196	attackbotsspam	srv02 Mass scanning activity detected Target: 27122 ..	2020-04-22 03:33:33
158.69.204.172	attackspambots	Apr 22 00:34:59 webhost01 sshd[14417]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=158.69.204.172 Apr 22 00:35:01 webhost01 sshd[14417]: Failed password for invalid user postgres from 158.69.204.172 port 32876 ssh2 ...	2020-04-22 03:34:29
162.209.247.77	attack	Invalid user os from 162.209.247.77 port 49126	2020-04-22 03:31:54
148.70.27.59	attackbotsspam	Lines containing failures of 148.70.27.59 Apr 19 17:51:48 penfold sshd[12458]: Invalid user ftpuser from 148.70.27.59 port 60618 Apr 19 17:51:48 penfold sshd[12458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.27.59 Apr 19 17:51:51 penfold sshd[12458]: Failed password for invalid user ftpuser from 148.70.27.59 port 60618 ssh2 Apr 19 17:51:54 penfold sshd[12458]: Received disconnect from 148.70.27.59 port 60618:11: Bye Bye [preauth] Apr 19 17:51:54 penfold sshd[12458]: Disconnected from invalid user ftpuser 148.70.27.59 port 60618 [preauth] Apr 19 18:04:10 penfold sshd[13392]: Invalid user test from 148.70.27.59 port 38888 Apr 19 18:04:10 penfold sshd[13392]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=148.70.27.59 Apr 19 18:04:12 penfold sshd[13392]: Failed password for invalid user test from 148.70.27.59 port 38888 ssh2 Apr 19 18:04:13 penfold sshd[13392]: Received disconnec........ ------------------------------	2020-04-22 03:37:00
139.59.136.254	attackbotsspam	Apr 21 21:24:37 DAAP sshd[16147]: Invalid user sn from 139.59.136.254 port 52618 Apr 21 21:24:37 DAAP sshd[16147]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.136.254 Apr 21 21:24:37 DAAP sshd[16147]: Invalid user sn from 139.59.136.254 port 52618 Apr 21 21:24:39 DAAP sshd[16147]: Failed password for invalid user sn from 139.59.136.254 port 52618 ssh2 Apr 21 21:32:51 DAAP sshd[16346]: Invalid user admin from 139.59.136.254 port 52006 ...	2020-04-22 03:37:46
202.137.155.94	attackbotsspam	Invalid user admin from 202.137.155.94 port 58085	2020-04-22 03:16:49
183.109.79.253	attack	DATE:2020-04-21 21:15:59, IP:183.109.79.253, PORT:ssh SSH brute force auth (docker-dc)	2020-04-22 03:26:11
191.235.94.168	attackspambots	Invalid user test from 191.235.94.168 port 44830	2020-04-22 03:21:05

Recently Reported IPs

43.232.237.211	201.240.173.186	102.40.200.22	112.230.46.92
219.240.178.50	52.97.160.5	100.49.5.248	201.147.89.40
102.189.124.2	101.20.159.159	121.233.95.159	91.230.61.55
223.84.196.135	112.213.126.113	91.201.214.132	93.88.47.194
95.12.130.229	111.229.89.117	36.88.45.207	56.72.30.223