Must be a valid IPv4 or IPv6 ip address, e.g. 127.0.0.1 or 2001:DB8:0:0:8:800:200C:417A
Basic Info

City: Haikou

Region: Hainan

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:
Type Details Datetime
attack
The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)
2019-11-19 04:18:55
Comments on same subnet:
IP Type Details Datetime
112.66.99.6 attackspam
Unauthorized connection attempt detected from IP address 112.66.99.6 to port 8000 [J]
2020-01-27 15:15:57
112.66.99.159 attackspam
Unauthorized connection attempt detected from IP address 112.66.99.159 to port 802 [T]
2020-01-10 09:23:22
112.66.99.167 attackspam
Unauthorized connection attempt detected from IP address 112.66.99.167 to port 8899
2020-01-04 08:33:51
112.66.99.25 attackspambots
Unauthorized connection attempt detected from IP address 112.66.99.25 to port 8090
2020-01-01 21:33:22
112.66.99.1 attackspambots
Unauthorized connection attempt detected from IP address 112.66.99.1 to port 2095
2019-12-31 08:33:07
112.66.99.6 attackbotsspam
Unauthorized connection attempt detected from IP address 112.66.99.6 to port 3128
2019-12-31 07:42:24
112.66.99.211 attackspam
The IP has triggered Cloudflare WAF. CF-Ray: 5430c47bb86fe825 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).
2019-12-12 06:48:59
112.66.99.155 attackspambots
The IP has triggered Cloudflare WAF. CF-Ray: 540f7b87ae62e4fe | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).
2019-12-08 01:35:16
112.66.99.74 attackspam
The IP has triggered Cloudflare WAF. CF-Ray: 5414bd353ee5eb45 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).
2019-12-08 01:09:41
Whois info:
b
Dig info:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.99.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65058
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.99.63.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111801 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 19 04:18:52 CST 2019
;; MSG SIZE  rcvd: 116
Host info
Host 63.99.66.112.in-addr.arpa. not found: 3(NXDOMAIN)
Nslookup info:
Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.99.66.112.in-addr.arpa: NXDOMAIN
Related IP info:
Related comments:
IP Type Details Datetime
189.112.84.69 attack
portscan
2020-07-01 10:30:42
167.114.3.105 attack
Multiple SSH authentication failures from 167.114.3.105
2020-07-01 10:07:37
138.197.203.43 attackbots
Invalid user anderson from 138.197.203.43 port 33266
2020-07-01 09:48:32
192.241.226.155 attackspam
Automatic report - Banned IP Access
2020-07-01 10:06:08
185.61.84.32 attack
13.05.2020 04:48:37 - SMTP Spam without Auth on hMailserver 
Detected by ELinOX-hMail-A2F
2020-07-01 09:56:23
200.133.39.24 attack
Jun 30 18:30:02 gestao sshd[5741]: Failed password for root from 200.133.39.24 port 50870 ssh2
Jun 30 18:31:45 gestao sshd[5796]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.133.39.24 
Jun 30 18:31:47 gestao sshd[5796]: Failed password for invalid user farhan from 200.133.39.24 port 46614 ssh2
...
2020-07-01 10:26:40
101.21.147.7 attackbotsspam
ThinkPHP code execution attempt: 
101.21.147.7 - - [26/Jun/2020:21:34:27 +0100] "GET /index.php?s=index/%5Cthink%5Capp/invokefunction&function=call_user_func_array&vars%5B0%5D=phpinfo&vars%5B1%5D%5B%5D=1 HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0"
2020-07-01 10:26:20
118.145.8.50 attackspambots
2020-06-30T14:07:50.077626n23.at sshd[1946067]: Failed password for invalid user aba from 118.145.8.50 port 53599 ssh2
2020-06-30T14:28:07.088244n23.at sshd[1963443]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.145.8.50  user=root
2020-06-30T14:28:08.886131n23.at sshd[1963443]: Failed password for root from 118.145.8.50 port 59751 ssh2
...
2020-07-01 09:52:40
210.22.78.74 attack
...
2020-07-01 10:32:24
118.25.47.217 attackbotsspam
2020-06-30T14:12:14+0200 Failed SSH Authentication/Brute Force Attack. (Server 9)
2020-07-01 10:15:51
192.241.237.25 attack
 TCP (SYN) 192.241.237.25:51751 -> port 7574, len 44
2020-07-01 09:52:23
65.31.127.80 attackspambots
Jun 30 16:58:23 jumpserver sshd[285602]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.31.127.80 
Jun 30 16:58:23 jumpserver sshd[285602]: Invalid user ahmed from 65.31.127.80 port 41658
Jun 30 16:58:24 jumpserver sshd[285602]: Failed password for invalid user ahmed from 65.31.127.80 port 41658 ssh2
...
2020-07-01 10:29:47
46.229.168.147 attack
Automatic report - Banned IP Access
2020-07-01 10:17:25
122.226.56.37 attack
 TCP (SYN) 122.226.56.37:50246 -> port 445, len 48
2020-07-01 10:10:04
189.4.151.102 attackbotsspam
Multiple SSH authentication failures from 189.4.151.102
2020-07-01 10:08:49

Recently Reported IPs

223.198.169.239 172.36.73.163 131.162.145.84 222.208.132.233
64.112.134.154 54.150.109.125 222.94.163.168 79.153.124.240
222.94.163.43 3.159.164.248 47.77.174.124 222.82.52.249
221.13.12.111 86.134.212.159 220.200.165.201 218.10.73.99
220.181.125.28 220.181.124.153 123.73.30.13 253.241.54.8