112.66.97.73 - IPInfo

Basic Info

City: Haikou

Region: Hainan

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 54171d0e0878e80d \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: blog.skk.moe \| User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:38:32

Type

Details

Datetime

attackspambots

The IP has triggered Cloudflare WAF. CF-Ray: 54171d0e0878e80d | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: blog.skk.moe | User-Agent: Mozilla/5.051975669 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-08 04:38:32

Comments on same subnet:

IP	Type	Details	Datetime
112.66.97.41	attack	Unauthorized connection attempt detected from IP address 112.66.97.41 to port 21	2020-05-31 03:06:48
112.66.97.253	attackbotsspam	Web Server Scan. RayID: 593404aeac290540, UA: Mozilla/4.066686748 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1), Country: CN	2020-05-21 04:12:06
112.66.97.225	attackspambots	Unauthorized connection attempt detected from IP address 112.66.97.225 to port 3389 [J]	2020-03-03 02:24:27
112.66.97.231	attack	Unauthorized connection attempt detected from IP address 112.66.97.231 to port 8000 [J]	2020-03-02 19:11:12
112.66.97.95	attack	Unauthorized connection attempt detected from IP address 112.66.97.95 to port 3128 [J]	2020-03-02 18:42:40
112.66.97.98	attackbotsspam	Unauthorized connection attempt detected from IP address 112.66.97.98 to port 8899 [J]	2020-03-02 16:47:14
112.66.97.40	attackbotsspam	Unauthorized connection attempt detected from IP address 112.66.97.40 to port 8001 [T]	2020-01-10 09:23:59
112.66.97.57	attackspambots	Unauthorized connection attempt detected from IP address 112.66.97.57 to port 8001 [T]	2020-01-10 09:23:39
112.66.97.59	attack	Unauthorized connection attempt detected from IP address 112.66.97.59 to port 801 [T]	2020-01-10 08:57:30

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.97.73
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1744
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.97.73.			IN	A

;; AUTHORITY SECTION:
.			364	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019120701 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 04:38:29 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 73.97.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 73.97.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
91.204.188.50	attack	Nov 24 05:54:09 cavern sshd[3608]: Failed password for root from 91.204.188.50 port 46890 ssh2	2019-11-24 13:56:02
180.95.148.3	attackspam	Automatic report - Banned IP Access	2019-11-24 13:27:01
185.209.0.32	attackbots	Nov 24 06:22:57 mc1 kernel: \[5859216.636441\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.32 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=30921 PROTO=TCP SPT=48363 DPT=3036 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 06:23:14 mc1 kernel: \[5859233.093041\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.32 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=24182 PROTO=TCP SPT=48363 DPT=3016 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 24 06:24:24 mc1 kernel: \[5859303.269114\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:11:a9:7b:d2:74:7f:6e:37:e3:08:00 SRC=185.209.0.32 DST=159.69.205.51 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=9217 PROTO=TCP SPT=48363 DPT=3014 WINDOW=1024 RES=0x00 SYN URGP=0 ...	2019-11-24 13:38:32
59.25.197.146	attackspambots	Nov 24 05:25:21 icinga sshd[62284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.25.197.146 Nov 24 05:25:23 icinga sshd[62284]: Failed password for invalid user hp from 59.25.197.146 port 51592 ssh2 Nov 24 05:59:51 icinga sshd[28945]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.25.197.146 ...	2019-11-24 13:33:50
27.69.242.187	attackspambots	2019-11-24T05:28:52.122316abusebot-5.cloudsearch.cf sshd\[14814\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.69.242.187 user=root	2019-11-24 13:36:22
112.21.191.252	attackspambots	Nov 24 01:54:49 firewall sshd[5128]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.21.191.252 Nov 24 01:54:49 firewall sshd[5128]: Invalid user ker from 112.21.191.252 Nov 24 01:54:51 firewall sshd[5128]: Failed password for invalid user ker from 112.21.191.252 port 45256 ssh2 ...	2019-11-24 13:32:55
141.98.80.101	attackbotsspam	Nov 24 06:46:33 mail postfix/smtpd[19247]: warning: unknown[141.98.80.101]: SASL PLAIN authentication failed: Nov 24 06:46:33 mail postfix/smtpd[19657]: warning: unknown[141.98.80.101]: SASL PLAIN authentication failed: Nov 24 06:46:45 mail postfix/smtpd[19954]: warning: unknown[141.98.80.101]: SASL PLAIN authentication failed: Nov 24 06:46:45 mail postfix/smtpd[20132]: warning: unknown[141.98.80.101]: SASL PLAIN authentication failed:	2019-11-24 13:59:40
142.93.218.11	attackbots	Nov 24 00:31:22 linuxvps sshd\[64059\]: Invalid user snefrid from 142.93.218.11 Nov 24 00:31:22 linuxvps sshd\[64059\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.218.11 Nov 24 00:31:23 linuxvps sshd\[64059\]: Failed password for invalid user snefrid from 142.93.218.11 port 41824 ssh2 Nov 24 00:38:48 linuxvps sshd\[3466\]: Invalid user named from 142.93.218.11 Nov 24 00:38:48 linuxvps sshd\[3466\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=142.93.218.11	2019-11-24 13:44:36
125.141.139.9	attackspam	Nov 24 06:56:22 vps691689 sshd[5358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.141.139.9 Nov 24 06:56:24 vps691689 sshd[5358]: Failed password for invalid user renate from 125.141.139.9 port 44772 ssh2 ...	2019-11-24 14:04:42
92.247.83.86	attackspam	[2019-11-2405:54:37 0100]info[cpaneld]92.247.83.86-aswsa"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluseraswsa$has_cpuser_filefailed$[2019-11-2405:54:37 0100]info[cpaneld]92.247.83.86-aswsa"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluseraswsa$has_cpuser_filefailed$[2019-11-2405:54:37 0100]info[cpaneld]92.247.83.86-aswsa"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluseraswsa$has_cpuser_filefailed$[2019-11-2405:54:37 0100]info[cpaneld]92.247.83.86-aswsa"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluseraswsa$has_cpuser_filefailed$[2019-11-2405:54:38 0100]info[cpaneld]92.247.83.86-aswsa"POST/login/\?login_only=1HTTP/1.1"FAILEDLOGINcpaneld:invalidcpaneluseraswsa$has_cpuser_filefailed$	2019-11-24 13:38:53
193.70.88.213	attackspam	Nov 24 06:40:09 mail sshd[21142]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.88.213 Nov 24 06:40:12 mail sshd[21142]: Failed password for invalid user !@#$ from 193.70.88.213 port 33880 ssh2 Nov 24 06:46:22 mail sshd[22106]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.70.88.213	2019-11-24 13:58:54
139.59.89.195	attack	Nov 24 07:00:07 MK-Soft-VM8 sshd[5767]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.59.89.195 Nov 24 07:00:09 MK-Soft-VM8 sshd[5767]: Failed password for invalid user guest from 139.59.89.195 port 52670 ssh2 ...	2019-11-24 14:02:20
42.104.97.231	attack	Nov 24 06:45:56 mail sshd[22041]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.104.97.231 Nov 24 06:45:58 mail sshd[22041]: Failed password for invalid user hhh159 from 42.104.97.231 port 6028 ssh2 Nov 24 06:52:35 mail sshd[23211]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.104.97.231	2019-11-24 14:00:03
138.197.180.102	attackbotsspam	Invalid user fujii from 138.197.180.102 port 46338	2019-11-24 14:03:27
103.101.52.48	attackspambots	Brute-force attempt banned	2019-11-24 13:46:33

Recently Reported IPs

111.224.249.102	154.148.87.225	166.17.202.85	20.11.14.194
124.152.109.56	111.224.221.25	111.224.221.19	218.209.34.226
176.144.199.187	105.109.55.12	111.206.221.19	60.103.172.113
75.44.128.178	73.185.245.104	111.206.36.141	82.94.134.79
111.175.58.253	111.175.56.56	97.74.36.79	110.87.215.32