2.98.45.166 - IPInfo

Basic Info

City: Manchester

Region: England

Country: United Kingdom

Internet Service Provider: TalkTalk Communications Limited

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Nov 14 06:55:27 sauna sshd[214136]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.98.45.166 Nov 14 06:55:27 sauna sshd[214138]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2.98.45.166 ...	2019-11-14 14:13:39
attackbotsspam	2019-11-08T06:30:50.831302hub.schaetter.us sshd\[30167\]: Invalid user pi from 2.98.45.166 port 43467 2019-11-08T06:30:50.851951hub.schaetter.us sshd\[30169\]: Invalid user pi from 2.98.45.166 port 43468 2019-11-08T06:30:50.953490hub.schaetter.us sshd\[30167\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-2-98-45-166.as13285.net 2019-11-08T06:30:50.975414hub.schaetter.us sshd\[30169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host-2-98-45-166.as13285.net 2019-11-08T06:30:52.407618hub.schaetter.us sshd\[30169\]: Failed password for invalid user pi from 2.98.45.166 port 43468 ssh2 ...	2019-11-08 15:35:33
attackspambots	$f2bV_matches	2019-10-31 14:22:39
attackbotsspam	Invalid user pi from 2.98.45.166 port 40956	2019-10-27 02:14:19

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 2.98.45.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55118
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;2.98.45.166.			IN	A

;; AUTHORITY SECTION:
.			538	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102601 1800 900 604800 86400

;; Query time: 113 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Oct 27 02:14:15 CST 2019
;; MSG SIZE  rcvd: 115

Host info

166.45.98.2.in-addr.arpa domain name pointer host-2-98-45-166.as13285.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
166.45.98.2.in-addr.arpa	name = host-2-98-45-166.as13285.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.38.145.253	attack	Jun 12 08:12:33 srv01 postfix/smtpd\[17157\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 08:13:10 srv01 postfix/smtpd\[17157\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 08:13:26 srv01 postfix/smtpd\[17157\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 08:13:32 srv01 postfix/smtpd\[21304\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Jun 12 08:14:13 srv01 postfix/smtpd\[24586\]: warning: unknown\[46.38.145.253\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-06-12 14:26:58
101.99.29.254	attack	2020-06-12T06:39:55.977214shield sshd\[11057\]: Invalid user mmoseley from 101.99.29.254 port 49034 2020-06-12T06:39:55.982969shield sshd\[11057\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.29.254 2020-06-12T06:39:58.465206shield sshd\[11057\]: Failed password for invalid user mmoseley from 101.99.29.254 port 49034 ssh2 2020-06-12T06:44:54.565872shield sshd\[12218\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.99.29.254 user=bin 2020-06-12T06:44:57.097879shield sshd\[12218\]: Failed password for bin from 101.99.29.254 port 48406 ssh2	2020-06-12 15:03:34
52.211.98.205	attackspam	C1,DEF GET /2020/wp-login.php	2020-06-12 14:55:16
66.249.155.244	attackbotsspam	Jun 12 11:36:50 gw1 sshd[4020]: Failed password for root from 66.249.155.244 port 38060 ssh2 ...	2020-06-12 14:50:06
209.239.116.197	attackbots	Jun 12 07:51:04 pornomens sshd\[4785\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.239.116.197 user=root Jun 12 07:51:05 pornomens sshd\[4785\]: Failed password for root from 209.239.116.197 port 33774 ssh2 Jun 12 07:53:11 pornomens sshd\[4817\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.239.116.197 user=root ...	2020-06-12 14:48:34
193.112.213.248	attackbots	2020-06-12T05:56:24.213305n23.at sshd[24023]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.213.248 2020-06-12T05:56:24.204994n23.at sshd[24023]: Invalid user admin from 193.112.213.248 port 42664 2020-06-12T05:56:26.151070n23.at sshd[24023]: Failed password for invalid user admin from 193.112.213.248 port 42664 ssh2 ...	2020-06-12 14:24:45
14.162.84.177	attack	Honeypot attack, port: 445, PTR: static.vnpt.vn.	2020-06-12 14:40:27
111.230.219.156	attackbotsspam	Jun 12 06:35:14 minden010 sshd[23521]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.219.156 Jun 12 06:35:16 minden010 sshd[23521]: Failed password for invalid user xe from 111.230.219.156 port 55666 ssh2 Jun 12 06:40:53 minden010 sshd[26543]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.230.219.156 ...	2020-06-12 14:36:11
113.161.64.22	attackbotsspam	2020-06-12T05:55:15.684811shield sshd\[27970\]: Invalid user stu2 from 113.161.64.22 port 33679 2020-06-12T05:55:15.689346shield sshd\[27970\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.64.22 2020-06-12T05:55:17.920948shield sshd\[27970\]: Failed password for invalid user stu2 from 113.161.64.22 port 33679 ssh2 2020-06-12T05:57:19.099923shield sshd\[28357\]: Invalid user eg from 113.161.64.22 port 64159 2020-06-12T05:57:19.104900shield sshd\[28357\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=113.161.64.22	2020-06-12 14:39:24
45.40.202.134	attackspambots	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-login.php	2020-06-12 14:48:01
116.253.212.194	attackspambots	(pop3d) Failed POP3 login from 116.253.212.194 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: Jun 12 08:26:06 ir1 dovecot[2885757]: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=116.253.212.194, lip=5.63.12.44, session=	2020-06-12 14:32:59
103.58.100.56	attack	Jun 11 22:07:11 mockhub sshd[3466]: Failed password for root from 103.58.100.56 port 39902 ssh2 ...	2020-06-12 14:30:04
222.186.175.217	attackbotsspam	Jun 12 08:44:49 minden010 sshd[13201]: Failed password for root from 222.186.175.217 port 37694 ssh2 Jun 12 08:44:53 minden010 sshd[13201]: Failed password for root from 222.186.175.217 port 37694 ssh2 Jun 12 08:44:56 minden010 sshd[13201]: Failed password for root from 222.186.175.217 port 37694 ssh2 Jun 12 08:45:00 minden010 sshd[13201]: Failed password for root from 222.186.175.217 port 37694 ssh2 ...	2020-06-12 15:04:03
40.39.109.187	attackbotsspam		2020-06-12 14:55:32
218.21.240.24	attack	Tried sshing with brute force.	2020-06-12 14:35:26

Recently Reported IPs

92.23.147.227	180.34.192.47	202.166.138.177	202.101.184.152
120.102.118.55	80.149.198.9	196.196.193.212	70.70.16.63
185.72.217.91	83.217.138.149	147.158.211.203	136.204.224.149
66.27.46.178	181.95.26.115	105.228.211.197	139.211.68.72
152.246.45.217	112.91.165.95	113.114.27.103	193.55.163.42