112.66.108.34 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.108.185	attackspam	Unauthorized connection attempt detected from IP address 112.66.108.185 to port 999 [J]	2020-03-02 21:36:14
112.66.108.112	attackspambots	HTTP/80/443 Probe, BF, WP, Hack -	2019-12-26 05:22:34
112.66.108.92	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540fe74d1f6fd366 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 06:05:15
112.66.108.128	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f519dae11eabb \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.038533357 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1) QQBrowser/6.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:13:02
112.66.108.17	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54168ea45acb98c3 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:03:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.108.34
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 501
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.108.34.			IN	A

;; AUTHORITY SECTION:
.			160	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022030302 1800 900 604800 86400

;; Query time: 14 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 04 11:45:59 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 34.108.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 34.108.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
54.36.163.141	attackbots	Dec 15 09:49:49 TORMINT sshd\[10202\]: Invalid user student from 54.36.163.141 Dec 15 09:49:49 TORMINT sshd\[10202\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.36.163.141 Dec 15 09:49:51 TORMINT sshd\[10202\]: Failed password for invalid user student from 54.36.163.141 port 34564 ssh2 ...	2019-12-16 03:07:39
222.186.180.147	attack	SSH auth scanning - multiple failed logins	2019-12-16 03:12:03
106.12.34.56	attackbotsspam	Dec 15 19:34:30 localhost sshd\[116739\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.34.56 user=mysql Dec 15 19:34:32 localhost sshd\[116739\]: Failed password for mysql from 106.12.34.56 port 56446 ssh2 Dec 15 19:43:17 localhost sshd\[117055\]: Invalid user carwile from 106.12.34.56 port 42202 Dec 15 19:43:17 localhost sshd\[117055\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.34.56 Dec 15 19:43:19 localhost sshd\[117055\]: Failed password for invalid user carwile from 106.12.34.56 port 42202 ssh2 ...	2019-12-16 03:46:40
165.227.39.133	attack	Dec 15 07:37:01 mockhub sshd[14346]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.39.133 Dec 15 07:37:02 mockhub sshd[14346]: Failed password for invalid user hung from 165.227.39.133 port 56392 ssh2 ...	2019-12-16 03:22:00
187.12.167.85	attackbotsspam	Dec 15 20:13:33 sd-53420 sshd\[24885\]: User root from 187.12.167.85 not allowed because none of user's groups are listed in AllowGroups Dec 15 20:13:33 sd-53420 sshd\[24885\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.167.85 user=root Dec 15 20:13:35 sd-53420 sshd\[24885\]: Failed password for invalid user root from 187.12.167.85 port 45084 ssh2 Dec 15 20:19:53 sd-53420 sshd\[27255\]: Invalid user vopni from 187.12.167.85 Dec 15 20:19:53 sd-53420 sshd\[27255\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=187.12.167.85 ...	2019-12-16 03:46:00
75.143.100.75	attackbots	75.143.100.0/24 blocked	2019-12-16 03:08:39
180.190.166.172	attackspam	1576421382 - 12/15/2019 15:49:42 Host: 180.190.166.172/180.190.166.172 Port: 445 TCP Blocked	2019-12-16 03:14:53
181.41.216.130	attackspambots	Dec 15 21:49:29 mail postfix/smtpd\[15093\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\<7btcvm0h1wk3jy57@titovmed.ru\> to=\ proto=ESMTP helo=\<\[181.41.216.130\]\> Dec 15 21:49:29 mail postfix/smtpd\[15093\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\<7btcvm0h1wk3jy57@titovmed.ru\> to=\ proto=ESMTP helo=\<\[181.41.216.130\]\> Dec 15 21:49:29 mail postfix/smtpd\[15093\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\<7btcvm0h1wk3jy57@titovmed.ru\> to=\ proto=ESMTP helo=\<\[181.41.216.130\]\> Dec 15 21:49:29 mail postfix/smtpd\[15093\]: NOQUEUE: reject: RCPT from unknown\[181.41.216.130\]: 554 5.7.1 \: Relay access denied\; from=\<7btcvm0h1wk3jy57@titovmed.ru\> to=\ proto=ESMTP helo=\<\[181.41.216.130\]\> De	2019-12-16 03:23:43
123.207.5.190	attack	Dec 15 16:16:54 sd-53420 sshd\[9728\]: Invalid user ident from 123.207.5.190 Dec 15 16:16:54 sd-53420 sshd\[9728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.5.190 Dec 15 16:16:55 sd-53420 sshd\[9728\]: Failed password for invalid user ident from 123.207.5.190 port 51856 ssh2 Dec 15 16:22:32 sd-53420 sshd\[11213\]: Invalid user upload from 123.207.5.190 Dec 15 16:22:32 sd-53420 sshd\[11213\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.207.5.190 ...	2019-12-16 03:30:24
222.186.175.163	attackbots	--- report --- Dec 15 15:53:40 sshd: Connection from 222.186.175.163 port 4138 Dec 15 15:53:44 sshd: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.163 user=root Dec 15 15:53:46 sshd: Failed password for root from 222.186.175.163 port 4138 ssh2 Dec 15 15:53:47 sshd: Received disconnect from 222.186.175.163: 11: [preauth]	2019-12-16 03:14:39
212.144.102.107	attackbots	Dec 15 19:08:14 hcbbdb sshd\[25426\]: Invalid user PASSWORD12 from 212.144.102.107 Dec 15 19:08:14 hcbbdb sshd\[25426\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Dec 15 19:08:16 hcbbdb sshd\[25426\]: Failed password for invalid user PASSWORD12 from 212.144.102.107 port 58934 ssh2 Dec 15 19:13:43 hcbbdb sshd\[26067\]: Invalid user Password0147 from 212.144.102.107 Dec 15 19:13:43 hcbbdb sshd\[26067\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107	2019-12-16 03:26:32
128.199.95.60	attack	Dec 15 22:38:32 areeb-Workstation sshd[2913]: Failed password for backup from 128.199.95.60 port 38422 ssh2 ...	2019-12-16 03:43:29
148.70.226.228	attackspambots	$f2bV_matches	2019-12-16 03:42:06
176.67.81.10	attack	\[2019-12-15 14:12:03\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '176.67.81.10:55098' - Wrong password \[2019-12-15 14:12:03\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-15T14:12:03.688-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="50866",SessionID="0x7f0fb4477cf8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/176.67.81.10/55098",Challenge="5115a6c4",ReceivedChallenge="5115a6c4",ReceivedHash="2a653c5e6a03c84a1f3343c4c13f352d" \[2019-12-15 14:12:20\] NOTICE\[2839\] chan_sip.c: Registration from '\' failed for '176.67.81.10:64060' - Wrong password \[2019-12-15 14:12:20\] SECURITY\[2857\] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2019-12-15T14:12:20.791-0500",Severity="Error",Service="SIP",EventVersion="2",AccountID="47887",SessionID="0x7f0fb46f0f98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/176.67.8	2019-12-16 03:22:33
165.227.203.162	attackspambots	Dec 15 11:38:12 TORMINT sshd\[16246\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.203.162 user=root Dec 15 11:38:14 TORMINT sshd\[16246\]: Failed password for root from 165.227.203.162 port 39896 ssh2 Dec 15 11:43:48 TORMINT sshd\[16491\]: Invalid user slivermoon from 165.227.203.162 Dec 15 11:43:48 TORMINT sshd\[16491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=165.227.203.162 ...	2019-12-16 03:15:18

Recently Reported IPs

104.149.22.184	112.66.108.6	104.149.70.232	104.149.63.190
104.149.74.125	112.66.108.60	104.149.74.82	104.149.75.48
104.149.74.91	104.149.74.122	104.149.74.96	104.149.74.93
104.149.64.254	104.149.63.161	104.149.63.188	112.66.108.68
104.152.108.65	104.152.109.137	104.152.168.19	104.154.182.91