112.66.96.164 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.96.51	attackspam	Unauthorized connection attempt detected from IP address 112.66.96.51 to port 8080 [J]	2020-03-02 21:36:36
112.66.96.27	attackbots	Unauthorized connection attempt detected from IP address 112.66.96.27 to port 8000 [J]	2020-01-27 14:47:20
112.66.96.172	attack	Unauthorized connection attempt detected from IP address 112.66.96.172 to port 6666 [J]	2020-01-22 07:26:23
112.66.96.200	attack	Unauthorized connection attempt detected from IP address 112.66.96.200 to port 8118 [J]	2020-01-22 07:26:05
112.66.96.60	attackspambots	Unauthorized connection attempt detected from IP address 112.66.96.60 to port 80 [J]	2020-01-21 02:20:40
112.66.96.31	attackspam	Unauthorized connection attempt detected from IP address 112.66.96.31 to port 80 [J]	2020-01-19 14:20:11
112.66.96.218	attackspambots	Unauthorized connection attempt detected from IP address 112.66.96.218 to port 82 [T]	2020-01-10 08:58:07
112.66.96.251	attackbots	Unauthorized connection attempt detected from IP address 112.66.96.251 to port 803 [T]	2020-01-10 08:57:51
112.66.96.245	attackbotsspam	The IP has triggered Cloudflare WAF. CF-Ray: 5430d8dfa88ad34a \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0184010163 Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 07:41:15
112.66.96.159	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 5414eeb87ff8ebb9 \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: api.skk.moe \| User-Agent: Mozilla/4.049897920 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:36:37
112.66.96.146	attackspambots	The IP has triggered Cloudflare WAF. CF-Ray: 5415f7e6c900eb39 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: disqus.skk.moe \| User-Agent: Mozilla/5.067805899 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 03:18:42
112.66.96.174	attack	The IP has triggered Cloudflare WAF. CF-Ray: 540fa094cb6eeb5d \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.064213590 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:22:14

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.96.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18859
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.96.164.			IN	A

;; AUTHORITY SECTION:
.			600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022021202 1800 900 604800 86400

;; Query time: 15 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Feb 13 09:41:20 CST 2022
;; MSG SIZE  rcvd: 106

Host info

Host 164.96.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 164.96.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
220.129.49.205	attackspam	Honeypot attack, port: 23, PTR: 220-129-49-205.dynamic-ip.hinet.net.	2019-08-04 13:02:43
179.189.201.95	attackspam	$f2bV_matches	2019-08-04 13:16:43
191.240.88.133	attackbotsspam	$f2bV_matches	2019-08-04 12:52:47
118.244.196.123	attackbots	Aug 4 00:05:50 vps200512 sshd\[23806\]: Invalid user test1 from 118.244.196.123 Aug 4 00:05:50 vps200512 sshd\[23806\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.244.196.123 Aug 4 00:05:51 vps200512 sshd\[23806\]: Failed password for invalid user test1 from 118.244.196.123 port 56076 ssh2 Aug 4 00:09:37 vps200512 sshd\[23960\]: Invalid user louisa from 118.244.196.123 Aug 4 00:09:37 vps200512 sshd\[23960\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.244.196.123	2019-08-04 12:41:31
86.102.108.53	attack	Honeypot attack, port: 445, PTR: PTR record not found	2019-08-04 13:18:53
157.230.85.180	attackbots	Invalid user admin from 157.230.85.180 port 38308	2019-08-04 13:15:29
125.24.170.123	attackspam	Honeypot attack, port: 445, PTR: node-xob.pool-125-24.dynamic.totinternet.net.	2019-08-04 13:13:31
62.102.148.69	attackbots	Aug 4 04:37:41 ns37 sshd[2964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.102.148.69 Aug 4 04:37:43 ns37 sshd[2964]: Failed password for invalid user user from 62.102.148.69 port 41755 ssh2 Aug 4 04:37:48 ns37 sshd[2966]: Failed password for root from 62.102.148.69 port 41187 ssh2	2019-08-04 12:33:53
61.32.112.246	attack	SSH-BruteForce	2019-08-04 12:37:33
62.197.120.198	attack	Aug 4 05:27:48 MK-Soft-Root1 sshd\[26641\]: Invalid user cmbp from 62.197.120.198 port 57676 Aug 4 05:27:48 MK-Soft-Root1 sshd\[26641\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.197.120.198 Aug 4 05:27:51 MK-Soft-Root1 sshd\[26641\]: Failed password for invalid user cmbp from 62.197.120.198 port 57676 ssh2 ...	2019-08-04 12:39:08
49.88.112.56	attackspambots	Aug 4 04:07:20 ip-172-31-1-72 sshd\[14290\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.56 user=root Aug 4 04:07:21 ip-172-31-1-72 sshd\[14290\]: Failed password for root from 49.88.112.56 port 27328 ssh2 Aug 4 04:07:43 ip-172-31-1-72 sshd\[14323\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.56 user=root Aug 4 04:07:45 ip-172-31-1-72 sshd\[14323\]: Failed password for root from 49.88.112.56 port 41531 ssh2 Aug 4 04:08:03 ip-172-31-1-72 sshd\[14325\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.56 user=root	2019-08-04 12:48:37
220.83.161.249	attackbotsspam	Aug 4 06:08:22 vps647732 sshd[27697]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.83.161.249 Aug 4 06:08:23 vps647732 sshd[27697]: Failed password for invalid user ftpuser from 220.83.161.249 port 33552 ssh2 ...	2019-08-04 12:38:17
24.124.89.74	attack	23	2019-08-04 12:43:48
185.74.4.189	attack	Aug 4 00:51:53 xtremcommunity sshd\[28685\]: Invalid user vbox from 185.74.4.189 port 56678 Aug 4 00:51:53 xtremcommunity sshd\[28685\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.189 Aug 4 00:51:55 xtremcommunity sshd\[28685\]: Failed password for invalid user vbox from 185.74.4.189 port 56678 ssh2 Aug 4 00:56:58 xtremcommunity sshd\[28843\]: Invalid user igadam from 185.74.4.189 port 55390 Aug 4 00:56:58 xtremcommunity sshd\[28843\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.189 ...	2019-08-04 13:14:52
83.219.146.26	attack	DATE:2019-08-04 02:48:14, IP:83.219.146.26, PORT:telnet - Telnet brute force auth on a honeypot server (epe-dc)	2019-08-04 13:04:52

Recently Reported IPs

112.66.111.84	112.67.168.249	112.67.197.45	112.74.90.108
112.74.106.34	112.80.136.18	112.80.136.208	112.80.136.194
112.80.137.111	112.80.137.236	112.80.136.77	112.80.137.194
112.80.137.161	112.80.137.74	112.80.137.38	112.80.136.253
112.80.137.84	112.80.137.59	112.80.138.121	112.80.138.111