City: unknown
Region: unknown
Country: China
Internet Service Provider: ChinaNet Hainan Province Network
Hostname: unknown
Organization: unknown
Usage Type: unknown
| Type | Details | Datetime |
|---|---|---|
| attackspam | The IP has triggered Cloudflare WAF. CF-Ray: 5414bd353ee5eb45 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: ip.skk.moe | User-Agent: Mozilla/5.066704189 Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 01:09:41 |
| IP | Type | Details | Datetime |
|---|---|---|---|
| 112.66.99.6 | attackspam | Unauthorized connection attempt detected from IP address 112.66.99.6 to port 8000 [J] |
2020-01-27 15:15:57 |
| 112.66.99.159 | attackspam | Unauthorized connection attempt detected from IP address 112.66.99.159 to port 802 [T] |
2020-01-10 09:23:22 |
| 112.66.99.167 | attackspam | Unauthorized connection attempt detected from IP address 112.66.99.167 to port 8899 |
2020-01-04 08:33:51 |
| 112.66.99.25 | attackspambots | Unauthorized connection attempt detected from IP address 112.66.99.25 to port 8090 |
2020-01-01 21:33:22 |
| 112.66.99.1 | attackspambots | Unauthorized connection attempt detected from IP address 112.66.99.1 to port 2095 |
2019-12-31 08:33:07 |
| 112.66.99.6 | attackbotsspam | Unauthorized connection attempt detected from IP address 112.66.99.6 to port 3128 |
2019-12-31 07:42:24 |
| 112.66.99.211 | attackspam | The IP has triggered Cloudflare WAF. CF-Ray: 5430c47bb86fe825 | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: drop | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: api.skk.moe | User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-12 06:48:59 |
| 112.66.99.155 | attackspambots | The IP has triggered Cloudflare WAF. CF-Ray: 540f7b87ae62e4fe | WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 | WAF_Kind: firewall | CF_Action: challenge | Country: CN | CF_IPClass: noRecord | Protocol: HTTP/1.1 | Method: GET | Host: img.skk.moe | User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 | CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB). |
2019-12-08 01:35:16 |
| 112.66.99.63 | attack | The%20IP%20has%20triggered%20Cloudflare%20WAF.%20Report%20generated%20by%20Cloudflare-WAF-to-AbuseIPDB%20(https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB) |
2019-11-19 04:18:55 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.99.74
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60654
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;112.66.99.74. IN A
;; AUTHORITY SECTION:
. 359 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019120700 1800 900 604800 86400
;; Query time: 120 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Dec 08 01:09:38 CST 2019
;; MSG SIZE rcvd: 116Host 74.99.66.112.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 74.99.66.112.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 37.139.16.227 | attack | Aug 6 06:50:19 hosting sshd[6651]: Invalid user testftp from 37.139.16.227 port 38094 ... |
2019-08-06 12:34:19 |
| 36.235.209.176 | attack | Telnet/23 MH Probe, BF, Hack - |
2019-08-06 12:43:29 |
| 112.85.42.178 | attackbotsspam | Aug 6 05:42:35 piServer sshd\[28163\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.178 user=root Aug 6 05:42:36 piServer sshd\[28163\]: Failed password for root from 112.85.42.178 port 50398 ssh2 Aug 6 05:42:39 piServer sshd\[28163\]: Failed password for root from 112.85.42.178 port 50398 ssh2 Aug 6 05:42:41 piServer sshd\[28163\]: Failed password for root from 112.85.42.178 port 50398 ssh2 Aug 6 05:42:44 piServer sshd\[28163\]: Failed password for root from 112.85.42.178 port 50398 ssh2 ... |
2019-08-06 12:32:08 |
| 123.207.78.83 | attackspambots | 2019-08-06T04:17:07.924446abusebot-8.cloudsearch.cf sshd\[4927\]: Invalid user cod4 from 123.207.78.83 port 33674 |
2019-08-06 12:32:41 |
| 137.117.103.192 | attackspambots | 2019-07-31T20:31:50.739545wiz-ks3 sshd[20155]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.103.192 user=root 2019-07-31T20:31:53.361678wiz-ks3 sshd[20155]: Failed password for root from 137.117.103.192 port 34286 ssh2 2019-07-31T20:32:01.622484wiz-ks3 sshd[20157]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.103.192 user=root 2019-07-31T20:32:04.088920wiz-ks3 sshd[20157]: Failed password for root from 137.117.103.192 port 51068 ssh2 2019-07-31T20:32:12.592425wiz-ks3 sshd[20159]: Invalid user csserver from 137.117.103.192 port 39626 2019-07-31T20:32:12.594427wiz-ks3 sshd[20159]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.117.103.192 2019-07-31T20:32:12.592425wiz-ks3 sshd[20159]: Invalid user csserver from 137.117.103.192 port 39626 2019-07-31T20:32:14.569300wiz-ks3 sshd[20159]: Failed password for invalid user csserver from 137.117.103.192 port 39626 ssh2 201 |
2019-08-06 11:54:17 |
| 138.197.202.133 | attackspam | SSH Brute Force, server-1 sshd[9246]: Failed password for invalid user sftp from 138.197.202.133 port 35184 ssh2 |
2019-08-06 13:08:19 |
| 160.120.177.106 | attackbotsspam | SSH Brute Force, server-1 sshd[10634]: Failed password for invalid user ubnt from 160.120.177.106 port 53533 ssh2 |
2019-08-06 13:03:37 |
| 178.32.218.192 | attackbots | SSH Brute Force, server-1 sshd[14340]: Failed password for invalid user irma from 178.32.218.192 port 50004 ssh2 |
2019-08-06 13:03:00 |
| 112.250.185.99 | attack | Aug 6 01:33:31 DDOS Attack: SRC=112.250.185.99 DST=[Masked] LEN=40 TOS=0x00 PREC=0x00 TTL=47 DF PROTO=TCP SPT=50626 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 |
2019-08-06 12:42:51 |
| 138.197.213.233 | attackbotsspam | Aug 6 04:14:18 vtv3 sshd\[26579\]: Invalid user provider from 138.197.213.233 port 44868 Aug 6 04:14:18 vtv3 sshd\[26579\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 Aug 6 04:14:20 vtv3 sshd\[26579\]: Failed password for invalid user provider from 138.197.213.233 port 44868 ssh2 Aug 6 04:18:34 vtv3 sshd\[28621\]: Invalid user no1 from 138.197.213.233 port 54092 Aug 6 04:18:34 vtv3 sshd\[28621\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 Aug 6 04:30:40 vtv3 sshd\[2336\]: Invalid user bernard from 138.197.213.233 port 48784 Aug 6 04:30:40 vtv3 sshd\[2336\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=138.197.213.233 Aug 6 04:30:43 vtv3 sshd\[2336\]: Failed password for invalid user bernard from 138.197.213.233 port 48784 ssh2 Aug 6 04:34:52 vtv3 sshd\[4229\]: Invalid user telkom from 138.197.213.233 port 35194 Aug 6 04:34:52 vt |
2019-08-06 11:53:56 |
| 112.85.42.177 | attackspambots | Aug 6 06:43:40 yabzik sshd[19091]: Failed password for root from 112.85.42.177 port 11406 ssh2 Aug 6 06:43:54 yabzik sshd[19091]: error: maximum authentication attempts exceeded for root from 112.85.42.177 port 11406 ssh2 [preauth] Aug 6 06:44:00 yabzik sshd[19108]: Failed password for root from 112.85.42.177 port 18440 ssh2 |
2019-08-06 12:33:45 |
| 92.63.194.26 | attack | SSH bruteforce |
2019-08-06 11:56:44 |
| 178.48.6.77 | attack | Automatic report - Banned IP Access |
2019-08-06 13:02:29 |
| 192.236.208.198 | attack | Aug 6 07:32:51 www sshd\[21330\]: Invalid user test3 from 192.236.208.198Aug 6 07:32:53 www sshd\[21330\]: Failed password for invalid user test3 from 192.236.208.198 port 37422 ssh2Aug 6 07:37:29 www sshd\[21347\]: Invalid user mfs from 192.236.208.198 ... |
2019-08-06 12:40:35 |
| 129.145.2.45 | attackbotsspam | Aug 6 04:48:05 microserver sshd[28886]: Invalid user www from 129.145.2.45 port 27728 Aug 6 04:48:05 microserver sshd[28886]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45 Aug 6 04:48:08 microserver sshd[28886]: Failed password for invalid user www from 129.145.2.45 port 27728 ssh2 Aug 6 04:57:17 microserver sshd[30664]: Invalid user hector from 129.145.2.45 port 22339 Aug 6 04:57:17 microserver sshd[30664]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45 Aug 6 05:11:52 microserver sshd[33405]: Invalid user save from 129.145.2.45 port 42474 Aug 6 05:11:52 microserver sshd[33405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.145.2.45 Aug 6 05:11:54 microserver sshd[33405]: Failed password for invalid user save from 129.145.2.45 port 42474 ssh2 Aug 6 05:16:26 microserver sshd[34308]: Invalid user mathilda from 129.145.2.45 port 11509 Aug 6 05:16:26 |
2019-08-06 11:58:59 |