112.66.98.3 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: unknown

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
112.66.98.86	attackbots	Unauthorised access (Aug 30) SRC=112.66.98.86 LEN=40 TTL=51 ID=13759 TCP DPT=23 WINDOW=6350 SYN	2020-08-31 08:15:47
112.66.98.112	attackspam	Unauthorized connection attempt detected from IP address 112.66.98.112 to port 8123 [J]	2020-03-02 15:04:45
112.66.98.99	attackspam	The IP has triggered Cloudflare WAF. CF-Ray: 54304a3eb933ebc9 \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: d.skk.moe \| User-Agent: Mozilla/5.0101097241 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 Safari/537.36 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-12 04:49:23
112.66.98.114	attack	The IP has triggered Cloudflare WAF. CF-Ray: 54128ea20951d37e \| WAF_Rule_ID: 53b8357af6d244d3a132bcf913c3a388 \| WAF_Kind: firewall \| CF_Action: drop \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: theme-suka.skk.moe \| User-Agent: Mozilla/4.038533357 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1) QQBrowser/6.0 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 04:13:49
112.66.98.35	attackbots	The IP has triggered Cloudflare WAF. CF-Ray: 541560a2cd22e7ed \| WAF_Rule_ID: 3b40188685924a32bf11d40edea05a27 \| WAF_Kind: firewall \| CF_Action: challenge \| Country: CN \| CF_IPClass: noRecord \| Protocol: HTTP/1.1 \| Method: GET \| Host: img.skk.moe \| User-Agent: Mozilla/5.084743666 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134 \| CF_DC: LAX. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/SukkaW/Cloudflare-WAF-to-AbuseIPDB).	2019-12-08 02:48:21

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 112.66.98.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20956
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;112.66.98.3.			IN	A

;; AUTHORITY SECTION:
.			282	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400

;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 14:11:36 CST 2022
;; MSG SIZE  rcvd: 104

Host info

Host 3.98.66.112.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 3.98.66.112.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
119.4.225.108	attack	2019-07-28T15:22:12.365247abusebot-5.cloudsearch.cf sshd\[28172\]: Invalid user bing841121 from 119.4.225.108 port 37369	2019-07-28 23:49:51
112.118.236.96	attackbotsspam	112.118.236.96 - - [28/Jul/2019:14:21:48 +0200] "GET /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 112.118.236.96 - - [28/Jul/2019:14:21:53 +0200] "POST /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 112.118.236.96 - - [28/Jul/2019:14:21:53 +0200] "GET /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 112.118.236.96 - - [28/Jul/2019:14:22:04 +0200] "POST /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 112.118.236.96 - - [28/Jul/2019:14:22:13 +0200] "GET /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 112.118.236.96 - - [28/Jul/2019:14:22:24 +0200] "GET /wp-login.php HTTP/1.1" 200 4403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2019-07-28 23:45:09
182.74.217.122	attack	Jul 28 05:42:48 cumulus sshd[18491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.217.122 user=r.r Jul 28 05:42:50 cumulus sshd[18491]: Failed password for r.r from 182.74.217.122 port 48151 ssh2 Jul 28 05:42:50 cumulus sshd[18491]: Received disconnect from 182.74.217.122 port 48151:11: Bye Bye [preauth] Jul 28 05:42:50 cumulus sshd[18491]: Disconnected from 182.74.217.122 port 48151 [preauth] Jul 28 05:57:56 cumulus sshd[18917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.74.217.122 user=r.r Jul 28 05:57:58 cumulus sshd[18917]: Failed password for r.r from 182.74.217.122 port 60789 ssh2 Jul 28 05:57:58 cumulus sshd[18917]: Received disconnect from 182.74.217.122 port 60789:11: Bye Bye [preauth] Jul 28 05:57:58 cumulus sshd[18917]: Disconnected from 182.74.217.122 port 60789 [preauth] Jul 28 06:01:41 cumulus sshd[19023]: pam_unix(sshd:auth): authentication failure; lognam........ -------------------------------	2019-07-28 23:23:03
192.42.116.16	attack	Jul 28 13:34:11 mail sshd\[29883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.42.116.16 user=root Jul 28 13:34:13 mail sshd\[29883\]: Failed password for root from 192.42.116.16 port 60484 ssh2 Jul 28 13:34:15 mail sshd\[29883\]: Failed password for root from 192.42.116.16 port 60484 ssh2 Jul 28 13:34:17 mail sshd\[29883\]: Failed password for root from 192.42.116.16 port 60484 ssh2 Jul 28 13:34:20 mail sshd\[29883\]: Failed password for root from 192.42.116.16 port 60484 ssh2	2019-07-28 23:33:40
206.201.5.117	attack	Jul 28 14:01:01 microserver sshd[30918]: Invalid user cream from 206.201.5.117 port 40906 Jul 28 14:01:01 microserver sshd[30918]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.201.5.117 Jul 28 14:01:03 microserver sshd[30918]: Failed password for invalid user cream from 206.201.5.117 port 40906 ssh2 Jul 28 14:06:00 microserver sshd[31579]: Invalid user ariane123 from 206.201.5.117 port 59856 Jul 28 14:06:00 microserver sshd[31579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.201.5.117 Jul 28 14:20:46 microserver sshd[33507]: Invalid user viva from 206.201.5.117 port 60224 Jul 28 14:20:46 microserver sshd[33507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=206.201.5.117 Jul 28 14:20:49 microserver sshd[33507]: Failed password for invalid user viva from 206.201.5.117 port 60224 ssh2 Jul 28 14:25:47 microserver sshd[34137]: Invalid user Warrior from 206.201.5.117 port 50942 J	2019-07-28 23:46:11
110.44.123.47	attackspam	Jul 28 16:23:35 vps sshd[31693]: Failed password for root from 110.44.123.47 port 59614 ssh2 Jul 28 16:37:02 vps sshd[32156]: Failed password for root from 110.44.123.47 port 44480 ssh2 ...	2019-07-29 00:26:23
68.183.95.238	attack	2019-07-28T14:51:13.560486abusebot-6.cloudsearch.cf sshd\[2257\]: Invalid user tab from 68.183.95.238 port 56118	2019-07-28 23:27:11
168.232.129.174	attackbots	Jul 28 06:29:10 roadrisk sshd[8380]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=168.232.129.174 user=r.r Jul 28 06:29:12 roadrisk sshd[8380]: Failed password for r.r from 168.232.129.174 port 41293 ssh2 Jul 28 06:29:15 roadrisk sshd[8380]: Failed password for r.r from 168.232.129.174 port 41293 ssh2 Jul 28 06:29:17 roadrisk sshd[8380]: Failed password for r.r from 168.232.129.174 port 41293 ssh2 Jul 28 06:29:19 roadrisk sshd[8380]: Failed password for r.r from 168.232.129.174 port 41293 ssh2 Jul 28 06:29:21 roadrisk sshd[8380]: Failed password for r.r from 168.232.129.174 port 41293 ssh2 Jul 28 06:29:24 roadrisk sshd[8380]: Failed password for r.r from 168.232.129.174 port 41293 ssh2 Jul 28 06:29:24 roadrisk sshd[8380]: Disconnecting: Too many authentication failures for r.r from 168.232.129.174 port 41293 ssh2 [preauth] Jul 28 06:29:24 roadrisk sshd[8380]: PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ru........ -------------------------------	2019-07-28 23:59:20
79.154.176.156	attackbots	2019-07-28T14:18:49.195460abusebot-3.cloudsearch.cf sshd\[17165\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=156.red-79-154-176.dynamicip.rima-tde.net user=root	2019-07-29 00:33:48
52.224.216.167	attack	Jul 28 11:27:02 TORMINT sshd\[17569\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.224.216.167 user=root Jul 28 11:27:03 TORMINT sshd\[17569\]: Failed password for root from 52.224.216.167 port 58580 ssh2 Jul 28 11:36:28 TORMINT sshd\[18078\]: Invalid user abc from 52.224.216.167 Jul 28 11:36:28 TORMINT sshd\[18078\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.224.216.167 ...	2019-07-28 23:47:27
212.83.148.177	attackbotsspam	Portscan or hack attempt detected by psad/fwsnort	2019-07-29 00:38:33
194.219.126.110	attack	2019-07-28T14:53:25.932152abusebot-8.cloudsearch.cf sshd\[31163\]: Invalid user virtualbox from 194.219.126.110 port 52543	2019-07-28 23:33:04
58.250.60.2	attackbotsspam	Jul 28 13:19:43 mail sshd[3101]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.60.2 user=root Jul 28 13:19:45 mail sshd[3101]: Failed password for root from 58.250.60.2 port 16673 ssh2 Jul 28 13:42:22 mail sshd[5979]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.60.2 user=root Jul 28 13:42:24 mail sshd[5979]: Failed password for root from 58.250.60.2 port 49221 ssh2 Jul 28 13:46:57 mail sshd[6478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.250.60.2 user=root Jul 28 13:46:59 mail sshd[6478]: Failed password for root from 58.250.60.2 port 47553 ssh2 ...	2019-07-28 23:26:40
197.38.249.126	attackspambots	Jul 28 13:13:32 majoron sshd[17708]: Invalid user admin from 197.38.249.126 port 35127 Jul 28 13:13:32 majoron sshd[17708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.38.249.126 Jul 28 13:13:34 majoron sshd[17708]: Failed password for invalid user admin from 197.38.249.126 port 35127 ssh2 Jul 28 13:13:34 majoron sshd[17708]: Connection closed by 197.38.249.126 port 35127 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=197.38.249.126	2019-07-28 23:51:39
52.63.48.248	attack	xmlrpc attack	2019-07-29 00:32:16

Recently Reported IPs

94.41.92.111	111.61.106.194	138.128.59.129	178.72.76.150
156.220.153.53	103.153.136.102	120.85.116.49	98.151.56.240
218.62.214.54	148.252.128.222	23.146.242.49	134.209.93.175
191.53.135.133	177.12.28.204	41.39.64.242	190.119.186.93
94.139.252.35	62.234.239.211	35.198.86.189	177.128.115.244