112.66.99.63 - IPInfo

Basic Info

City: Haikou

Region: Hainan

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:18:55

Comments on same subnet:

IP	Type	Details	Datetime
112.66.99.6	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 8000 [J]	2020-01-27 15:15:57
112.66.99.159	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.159 to port 802 [T]	2020-01-10 09:23:22
112.66.99.167	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.167 to port 8899	2020-01-04 08:33:51
112.66.99.25	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.25 to port 8090	2020-01-01 21:33:22
112.66.99.1	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.1 to port 2095	2019-12-31 08:33:07
112.66.99.6	attackbotsspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 3128	2019-12-31 07:42:24
112.66.99.211	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430c47bb86fe825 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:48:59
112.66.99.155	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f7b87ae62e4fe \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:35:16
112.66.99.74	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5414bd353ee5eb45 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:09:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.99.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65058
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.99.63.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111801 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 19 04:18:52 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 63.99.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.99.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
189.112.84.69	attack	portscan	2020-07-01 10:30:42
167.114.3.105	attack	Multiple SSH authentication failures from 167.114.3.105	2020-07-01 10:07:37
138.197.203.43	attackbots	Invalid user anderson from 138.197.203.43 port 33266	2020-07-01 09:48:32
192.241.226.155	attackspam	Automatic report - Banned IP Access	2020-07-01 10:06:08
185.61.84.32	attack	13.05.2020 04:48:37 - SMTP Spam without Auth on hMailserver Detected by ELinOX-hMail-A2F	2020-07-01 09:56:23
200.133.39.24	attack	Jun 30 18:30:02 gestao sshd[5741]: Failed password for root from 200.133.39.24 port 50870 ssh2 Jun 30 18:31:45 gestao sshd[5796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.133.39.24 Jun 30 18:31:47 gestao sshd[5796]: Failed password for invalid user farhan from 200.133.39.24 port 46614 ssh2 ...	2020-07-01 10:26:40
101.21.147.7	attackbotsspam	ThinkPHP code execution attempt: 101.21.147.7 - - [26/Jun/2020:21:34:27 +0100] "GET /index.php?s=index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=phpinfo&vars%5B1%5D%5B%5D=1 HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0"	2020-07-01 10:26:20
118.145.8.50	attackspambots	2020-06-30T14:07:50.077626n23.at sshd[1946067]: Failed password for invalid user aba from 118.145.8.50 port 53599 ssh2 2020-06-30T14:28:07.088244n23.at sshd[1963443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.8.50 user=root 2020-06-30T14:28:08.886131n23.at sshd[1963443]: Failed password for root from 118.145.8.50 port 59751 ssh2 ...	2020-07-01 09:52:40
210.22.78.74	attack	...	2020-07-01 10:32:24
118.25.47.217	attackbotsspam	2020-06-30T14:12:14+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)	2020-07-01 10:15:51
192.241.237.25	attack	TCP (SYN) 192.241.237.25:51751 -> port 7574, len 44	2020-07-01 09:52:23
65.31.127.80	attackspambots	Jun 30 16:58:23 jumpserver sshd[285602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.31.127.80 Jun 30 16:58:23 jumpserver sshd[285602]: Invalid user ahmed from 65.31.127.80 port 41658 Jun 30 16:58:24 jumpserver sshd[285602]: Failed password for invalid user ahmed from 65.31.127.80 port 41658 ssh2 ...	2020-07-01 10:29:47
46.229.168.147	attack	Automatic report - Banned IP Access	2020-07-01 10:17:25
122.226.56.37	attack	TCP (SYN) 122.226.56.37:50246 -> port 445, len 48	2020-07-01 10:10:04
189.4.151.102	attackbotsspam	Multiple SSH authentication failures from 189.4.151.102	2020-07-01 10:08:49

Recently Reported IPs

223.198.169.239	172.36.73.163	131.162.145.84	222.208.132.233
64.112.134.154	54.150.109.125	222.94.163.168	79.153.124.240
222.94.163.43	3.159.164.248	47.77.174.124	222.82.52.249
221.13.12.111	86.134.212.159	220.200.165.201	218.10.73.99
220.181.125.28	220.181.124.153	123.73.30.13	253.241.54.8