112.66.99.63 - IPInfo

Basic Info

City: Haikou

Region: Hainan

Country: China

Internet Service Provider: ChinaNet Hainan Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB)	2019-11-19 04:18:55

Comments on same subnet:

IP	Type	Details	Datetime
112.66.99.6	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 8000 [J]	2020-01-27 15:15:57
112.66.99.159	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.159 to port 802 [T]	2020-01-10 09:23:22
112.66.99.167	attackspam	Unauthorized connection attempt detected from IP address 112.66.99.167 to port 8899	2020-01-04 08:33:51
112.66.99.25	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.25 to port 8090	2020-01-01 21:33:22
112.66.99.1	attackspambots	Unauthorized connection attempt detected from IP address 112.66.99.1 to port 2095	2019-12-31 08:33:07
112.66.99.6	attackbotsspam	Unauthorized connection attempt detected from IP address 112.66.99.6 to port 3128	2019-12-31 07:42:24
112.66.99.211	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430c47bb86fe825 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 06:48:59
112.66.99.155	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 540f7b87ae62e4fe \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:35:16
112.66.99.74	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 5414bd353ee5eb45 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: ip.skk.moe \| User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 01:09:41

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.99.63
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65058
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.99.63.			IN	A

;; AUTHORITY SECTION:
.			449	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019111801 1800 900 604800 86400

;; Query time: 130 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Nov 19 04:18:52 CST 2019
;; MSG SIZE  rcvd: 116

Host info

Host 63.99.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 63.99.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
37.205.51.40	attackbotsspam	Invalid user redbot from 37.205.51.40 port 45576	2020-08-31 13:45:28
218.29.102.142	attackbotsspam	E-Mail Spam (RBL) [REJECTED]	2020-08-31 14:01:03
160.153.154.6	attackbotsspam	C1,DEF GET /blog/wp-includes/wlwmanifest.xml	2020-08-31 13:51:52
111.132.5.132	attackbotsspam	(smtpauth) Failed SMTP AUTH login from 111.132.5.132 (CN/China/-): 5 in the last 3600 secs	2020-08-31 14:07:06
222.186.30.112	attack	Unauthorized connection attempt detected from IP address 222.186.30.112 to port 22 [T]	2020-08-31 13:52:52
61.177.172.54	attack	Aug 31 05:17:21 ip-172-31-61-156 sshd[32038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.54 user=root Aug 31 05:17:23 ip-172-31-61-156 sshd[32038]: Failed password for root from 61.177.172.54 port 13087 ssh2 ...	2020-08-31 13:37:49
159.89.115.126	attackbotsspam	Aug 31 06:44:41 meumeu sshd[690776]: Invalid user ts3srv from 159.89.115.126 port 39158 Aug 31 06:44:41 meumeu sshd[690776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.115.126 Aug 31 06:44:41 meumeu sshd[690776]: Invalid user ts3srv from 159.89.115.126 port 39158 Aug 31 06:44:43 meumeu sshd[690776]: Failed password for invalid user ts3srv from 159.89.115.126 port 39158 ssh2 Aug 31 06:48:11 meumeu sshd[690890]: Invalid user rli from 159.89.115.126 port 44494 Aug 31 06:48:11 meumeu sshd[690890]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.115.126 Aug 31 06:48:11 meumeu sshd[690890]: Invalid user rli from 159.89.115.126 port 44494 Aug 31 06:48:13 meumeu sshd[690890]: Failed password for invalid user rli from 159.89.115.126 port 44494 ssh2 Aug 31 06:51:42 meumeu sshd[690959]: Invalid user wl from 159.89.115.126 port 53940 ...	2020-08-31 13:33:38
83.97.20.116	attackbotsspam	Port Scan ...	2020-08-31 13:53:55
222.186.175.217	attackspam	2020-08-31T05:24:23.103461shield sshd\[32617\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.217 user=root 2020-08-31T05:24:24.970347shield sshd\[32617\]: Failed password for root from 222.186.175.217 port 18338 ssh2 2020-08-31T05:24:28.699235shield sshd\[32617\]: Failed password for root from 222.186.175.217 port 18338 ssh2 2020-08-31T05:24:32.312807shield sshd\[32617\]: Failed password for root from 222.186.175.217 port 18338 ssh2 2020-08-31T05:24:35.472340shield sshd\[32617\]: Failed password for root from 222.186.175.217 port 18338 ssh2	2020-08-31 13:32:50
152.101.29.177	attackspam	TCP (SYN) 152.101.29.177:64735 -> port 8080, len 40	2020-08-31 13:43:39
113.190.44.166	attackspam	Brute forcing RDP port 3389	2020-08-31 13:59:51
51.158.110.69	attackspambots	Repeated brute force against a port	2020-08-31 13:56:27
80.82.78.100	attack	UDP 80.82.78.100:44484 -> port 1541, len 57	2020-08-31 13:40:01
161.35.119.161	attack	"XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES:	2020-08-31 14:03:52
118.69.187.3	attackbots	1598846234 - 08/31/2020 05:57:14 Host: 118.69.187.3/118.69.187.3 Port: 445 TCP Blocked	2020-08-31 13:48:50

Recently Reported IPs

223.198.169.239	172.36.73.163	131.162.145.84	222.208.132.233
64.112.134.154	54.150.109.125	222.94.163.168	79.153.124.240
222.94.163.43	3.159.164.248	47.77.174.124	222.82.52.249
221.13.12.111	86.134.212.159	220.200.165.201	218.10.73.99
220.181.125.28	220.181.124.153	123.73.30.13	253.241.54.8