112.66.98.99 - IPInfo

Basic Info

City: Haikou

Region: Hainan

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54304a3eb933ebc9 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0101097241 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:49:23

Type

Details

Datetime

attackspam

The IP has triggered Cloudflare WAF. CF-Ray: 54304a3eb933ebc9 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: d.skk.moe | User-Agent: Mozilla/5.0101097241 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).

2019-12-12 04:49:23

Comments on same subnet:

IP	Type	Details	Datetime
112.66.98.86	attackbots	Unauthorised access (Aug 30) SRC=112.66.98.86 LEN=40 TTL=51 ID=13759 TCP DPT=23 WINDOW=6350 SYN	2020-08-31 08:15:47
112.66.98.112	attackspam	Unauthorized connection attempt detected from IP address 112.66.98.112 to port 8123 [J]	2020-03-02 15:04:45
112.66.98.114	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54128ea20951d37e \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/4.038533357 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1) QQBrowser/6.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:13:49
112.66.98.35	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 541560a2cd22e7ed \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:48:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.98.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44162
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.98.99.			IN	A

;; AUTHORITY SECTION:
.			499	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019121101 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Dec 12 04:49:20 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 99.98.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 99.98.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
182.140.133.153	attack	2020-05-0705:53:001jWXam-00071Q-2o\<=info@whatsup2013.chH=$localhost$[46.28.163.15]:44236P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3116id=86a851b8b3984dbe9d6395c6cd19200c2fc55bc694@whatsup2013.chT="Icouldbeyourgoodfriend"fortfarr523@icloud.commonyet1966@yahoo.com2020-05-0705:51:431jWXZV-0006vu-0Z\<=info@whatsup2013.chH=$localhost$[113.190.218.109]:40161P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3053id=ae05ed2f240fda290af402515a8eb79bb85287ee0b@whatsup2013.chT="I'mjustinlovewithyou"forcobbtyler13@gmail.comlazarogarbey96@gmail.com2020-05-0705:51:271jWXZG-0006tT-H9\<=info@whatsup2013.chH=$localhost$[182.140.133.153]:38394P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3085id=2a04b2e1eac1ebe37f7acc60877359450598d4@whatsup2013.chT="NewlikefromNeely"forltjolsen@hotmail.comdillonbrisbin@gmail.com2020-05-0705:51:501jWXZd-0006x5-Ua\<=info@whatsup2013.chH=$localhost$	2020-05-07 15:52:18
104.248.12.166	attackspam	Cowrie Honeypot: Unauthorised SSH/Telnet login attempt with user "elena" at 2020-05-07T05:27:21Z	2020-05-07 15:27:11
36.228.47.19	attack	port scan and connect, tcp 23 (telnet)	2020-05-07 15:36:51
118.100.116.155	attackspambots	May 7 07:42:02 OPSO sshd\[27036\]: Invalid user user from 118.100.116.155 port 59702 May 7 07:42:02 OPSO sshd\[27036\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.100.116.155 May 7 07:42:05 OPSO sshd\[27036\]: Failed password for invalid user user from 118.100.116.155 port 59702 ssh2 May 7 07:45:18 OPSO sshd\[27776\]: Invalid user guan from 118.100.116.155 port 47704 May 7 07:45:18 OPSO sshd\[27776\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.100.116.155	2020-05-07 15:39:40
111.229.191.95	attackspambots	2020-05-07T04:16:26.327537shield sshd\[1204\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.191.95 user=root 2020-05-07T04:16:28.198149shield sshd\[1204\]: Failed password for root from 111.229.191.95 port 52318 ssh2 2020-05-07T04:17:46.252630shield sshd\[1520\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.229.191.95 user=root 2020-05-07T04:17:48.103552shield sshd\[1520\]: Failed password for root from 111.229.191.95 port 39772 ssh2 2020-05-07T04:19:12.598048shield sshd\[1682\]: Invalid user apps from 111.229.191.95 port 55464	2020-05-07 15:41:43
178.252.111.184	attack	May 7 05:53:19 vps670341 sshd[29446]: Invalid user pi from 178.252.111.184 port 36662	2020-05-07 15:45:47
222.186.42.155	attack	detected by Fail2Ban	2020-05-07 15:57:16
212.129.57.201	attack	May 7 01:34:11 NPSTNNYC01T sshd[8539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.57.201 May 7 01:34:13 NPSTNNYC01T sshd[8539]: Failed password for invalid user perforce from 212.129.57.201 port 34248 ssh2 May 7 01:38:54 NPSTNNYC01T sshd[8807]: Failed password for root from 212.129.57.201 port 34034 ssh2 ...	2020-05-07 16:02:13
200.149.231.50	attackspam	2020-05-07T04:57:30.777826Z 15a31c0ac13f New connection: 200.149.231.50:58388 (172.17.0.5:2222) [session: 15a31c0ac13f] 2020-05-07T05:07:41.105426Z bfe3c9fffc24 New connection: 200.149.231.50:34272 (172.17.0.5:2222) [session: bfe3c9fffc24]	2020-05-07 16:02:38
122.51.82.22	attackspam	May 7 08:05:06 vpn01 sshd[9398]: Failed password for root from 122.51.82.22 port 57206 ssh2 ...	2020-05-07 15:33:07
51.255.172.198	attackbots	$f2bV_matches	2020-05-07 16:04:56
157.245.59.139	attackbotsspam	Auto reported by IDS	2020-05-07 15:33:25
112.96.105.200	attackbotsspam	bruteforce detected	2020-05-07 15:49:16
62.84.155.107	attackbotsspam	Port scan detected on ports: 88[TCP], 88[TCP], 88[TCP]	2020-05-07 15:42:04
195.54.167.17	attackspam	May 7 09:14:49 debian-2gb-nbg1-2 kernel: \[11094576.067395\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.167.17 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=23983 PROTO=TCP SPT=43468 DPT=28324 WINDOW=1024 RES=0x00 SYN URGP=0	2020-05-07 15:29:54

Recently Reported IPs

97.96.88.115	111.175.59.142	118.103.68.249	111.175.56.231
191.48.5.168	95.50.234.74	2.13.171.120	153.120.179.137
111.162.154.60	73.204.119.51	111.19.77.242	89.85.209.8
110.177.76.216	125.111.78.229	220.191.241.208	110.80.155.186
73.250.224.75	106.45.0.168	114.254.163.243	246.136.43.80