121.229.6.166 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-18T12:32:01Z and 2020-09-18T12:49:37Z	2020-09-19 00:31:31
attackspam	Bruteforce detected by fail2ban	2020-09-18 16:34:41
attackspambots	Sep 17 22:27:41 ovpn sshd\[17579\]: Invalid user zhaowei from 121.229.6.166 Sep 17 22:27:41 ovpn sshd\[17579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Sep 17 22:27:42 ovpn sshd\[17579\]: Failed password for invalid user zhaowei from 121.229.6.166 port 41368 ssh2 Sep 17 22:38:06 ovpn sshd\[20165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root Sep 17 22:38:07 ovpn sshd\[20165\]: Failed password for root from 121.229.6.166 port 40838 ssh2	2020-09-18 06:49:54
attack	Sep 16 07:51:37 firewall sshd[2680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Sep 16 07:51:37 firewall sshd[2680]: Invalid user web from 121.229.6.166 Sep 16 07:51:39 firewall sshd[2680]: Failed password for invalid user web from 121.229.6.166 port 37452 ssh2 ...	2020-09-16 20:34:52
attack	2020-09-16 02:48:29,803 fail2ban.actions: WARNING [ssh] Ban 121.229.6.166	2020-09-16 13:05:54
attack	Sep 15 21:30:55 sigma sshd\[25709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=rootSep 15 21:37:21 sigma sshd\[25740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root ...	2020-09-16 04:51:39
attackspam	Aug 14 22:43:54 rancher-0 sshd[1086357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root Aug 14 22:43:56 rancher-0 sshd[1086357]: Failed password for root from 121.229.6.166 port 40200 ssh2 ...	2020-08-15 05:45:14
attack	Jul 28 09:19:23 hidden sshd[29577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Jul 28 09:19:26 hidden sshd[29577]: Failed password for invalid user toy from 121.229.6.166 port 38006 ssh2 Jul 28 09:30:16 hidden sshd[31146]: Invalid user inpre from 121.229.6.166 port 48694	2020-07-28 16:58:20
attackbots	Jul 24 10:27:52 hosting sshd[9328]: Invalid user lewis from 121.229.6.166 port 60652 ...	2020-07-24 19:21:56
attack	Invalid user postgres from 121.229.6.166 port 48758	2020-06-24 07:48:42
attackspam	Jun 14 14:53:13 django-0 sshd\[31024\]: Failed password for root from 121.229.6.166 port 33216 ssh2Jun 14 14:56:43 django-0 sshd\[31100\]: Invalid user pogi12345 from 121.229.6.166Jun 14 14:56:45 django-0 sshd\[31100\]: Failed password for invalid user pogi12345 from 121.229.6.166 port 40922 ssh2 ...	2020-06-14 23:36:29
attackspambots	sshd	2020-06-14 02:28:35
attackbots	prod11 ...	2020-05-14 01:11:14
attack	$f2bV_matches	2020-05-05 19:58:03
attack	May 4 21:09:21 localhost sshd[103347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root May 4 21:09:23 localhost sshd[103347]: Failed password for root from 121.229.6.166 port 33028 ssh2 May 4 21:14:56 localhost sshd[103747]: Invalid user zjw from 121.229.6.166 port 36066 May 4 21:14:56 localhost sshd[103747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 May 4 21:14:56 localhost sshd[103747]: Invalid user zjw from 121.229.6.166 port 36066 May 4 21:14:58 localhost sshd[103747]: Failed password for invalid user zjw from 121.229.6.166 port 36066 ssh2 ...	2020-05-05 05:27:31
attackspambots	SSH Brute-Force Attack	2020-04-24 04:56:39
attackspam	SSH bruteforce (Triggered fail2ban)	2020-04-18 05:08:53
attackbotsspam	SSH Brute-Force attacks	2020-04-14 01:56:00
attackbotsspam	Apr 8 07:15:47 legacy sshd[29782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Apr 8 07:15:49 legacy sshd[29782]: Failed password for invalid user deploy from 121.229.6.166 port 36898 ssh2 Apr 8 07:20:10 legacy sshd[29930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 ...	2020-04-08 13:48:24
attackbots	Apr 7 14:47:47 host01 sshd[30359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Apr 7 14:47:49 host01 sshd[30359]: Failed password for invalid user ubuntu from 121.229.6.166 port 59490 ssh2 Apr 7 14:50:36 host01 sshd[30904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 ...	2020-04-07 21:57:52
attackbotsspam	Mar 25 17:54:40 home sshd[25022]: Invalid user freeswitch from 121.229.6.166 port 39522 Mar 25 17:54:40 home sshd[25022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Mar 25 17:54:40 home sshd[25022]: Invalid user freeswitch from 121.229.6.166 port 39522 Mar 25 17:54:42 home sshd[25022]: Failed password for invalid user freeswitch from 121.229.6.166 port 39522 ssh2 Mar 25 17:58:29 home sshd[25100]: Invalid user hb from 121.229.6.166 port 34960 Mar 25 17:58:29 home sshd[25100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Mar 25 17:58:29 home sshd[25100]: Invalid user hb from 121.229.6.166 port 34960 Mar 25 17:58:31 home sshd[25100]: Failed password for invalid user hb from 121.229.6.166 port 34960 ssh2 Mar 25 18:00:04 home sshd[25126]: Invalid user admin from 121.229.6.166 port 57150 Mar 25 18:00:04 home sshd[25126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=	2020-03-26 09:54:53
attackspam	2020-02-27T14:24:48.929545shield sshd\[10715\]: Invalid user ts3server from 121.229.6.166 port 60332 2020-02-27T14:24:48.935619shield sshd\[10715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 2020-02-27T14:24:50.163276shield sshd\[10715\]: Failed password for invalid user ts3server from 121.229.6.166 port 60332 ssh2 2020-02-27T14:27:43.865061shield sshd\[11038\]: Invalid user mailman from 121.229.6.166 port 33612 2020-02-27T14:27:43.870794shield sshd\[11038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166	2020-02-27 22:34:55
attack	Feb 19 00:25:07 plex sshd[29715]: Invalid user pengcan from 121.229.6.166 port 54514	2020-02-19 07:44:01
attackbotsspam	Feb 16 15:02:30 silence02 sshd[20161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Feb 16 15:02:32 silence02 sshd[20161]: Failed password for invalid user debian from 121.229.6.166 port 56186 ssh2 Feb 16 15:06:21 silence02 sshd[20458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166	2020-02-16 22:25:50
attack	Feb 9 23:48:28 sd-53420 sshd\[1583\]: Invalid user dsn from 121.229.6.166 Feb 9 23:48:28 sd-53420 sshd\[1583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Feb 9 23:48:30 sd-53420 sshd\[1583\]: Failed password for invalid user dsn from 121.229.6.166 port 34542 ssh2 Feb 9 23:51:02 sd-53420 sshd\[1815\]: Invalid user svl from 121.229.6.166 Feb 9 23:51:02 sd-53420 sshd\[1815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 ...	2020-02-10 07:15:30
attackbots	Unauthorized connection attempt detected from IP address 121.229.6.166 to port 2220 [J]	2020-01-30 19:52:00

Comments on same subnet:

IP	Type	Details	Datetime
121.229.62.94	attackspam	$f2bV_matches	2020-10-08 04:43:13
121.229.62.94	attack	Oct 7 11:54:29 ip-172-31-16-56 sshd\[18142\]: Failed password for root from 121.229.62.94 port 57909 ssh2\ Oct 7 11:55:20 ip-172-31-16-56 sshd\[18167\]: Failed password for root from 121.229.62.94 port 35113 ssh2\ Oct 7 11:56:19 ip-172-31-16-56 sshd\[18182\]: Failed password for root from 121.229.62.94 port 40550 ssh2\ Oct 7 11:57:21 ip-172-31-16-56 sshd\[18195\]: Failed password for root from 121.229.62.94 port 45986 ssh2\ Oct 7 11:58:22 ip-172-31-16-56 sshd\[18208\]: Failed password for root from 121.229.62.94 port 51423 ssh2\	2020-10-07 21:04:40
121.229.62.94	attack	Oct 06 15:29:25 askasleikir sshd[14934]: Failed password for root from 121.229.62.94 port 34694 ssh2	2020-10-07 12:50:45
121.229.63.151	attackbotsspam	$f2bV_matches	2020-09-17 23:24:47
121.229.63.151	attackspambots	Automatic report - Banned IP Access	2020-09-17 15:32:05
121.229.63.151	attack	Sep 16 20:18:14 sip sshd[17283]: Failed password for root from 121.229.63.151 port 26579 ssh2 Sep 16 20:30:47 sip sshd[20544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 16 20:30:49 sip sshd[20544]: Failed password for invalid user build from 121.229.63.151 port 33911 ssh2	2020-09-17 06:38:31
121.229.63.151	attackspam	Sep 16 17:11:33 ns382633 sshd\[17301\]: Invalid user wpyan from 121.229.63.151 port 33869 Sep 16 17:11:33 ns382633 sshd\[17301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 16 17:11:35 ns382633 sshd\[17301\]: Failed password for invalid user wpyan from 121.229.63.151 port 33869 ssh2 Sep 16 17:28:35 ns382633 sshd\[20517\]: Invalid user vendeg from 121.229.63.151 port 64841 Sep 16 17:28:35 ns382633 sshd\[20517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151	2020-09-17 00:18:32
121.229.63.151	attack	(sshd) Failed SSH login from 121.229.63.151 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 03:15:13 server5 sshd[17817]: Invalid user admin from 121.229.63.151 Sep 16 03:15:13 server5 sshd[17817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 16 03:15:15 server5 sshd[17817]: Failed password for invalid user admin from 121.229.63.151 port 18086 ssh2 Sep 16 03:18:16 server5 sshd[2271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 user=root Sep 16 03:18:18 server5 sshd[2271]: Failed password for root from 121.229.63.151 port 56790 ssh2	2020-09-16 16:35:26
121.229.63.151	attackspam	$f2bV_matches	2020-09-14 21:32:11
121.229.63.151	attackbotsspam	Sep 13 19:13:52 php1 sshd\[1387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 user=root Sep 13 19:13:54 php1 sshd\[1387\]: Failed password for root from 121.229.63.151 port 15015 ssh2 Sep 13 19:17:51 php1 sshd\[1687\]: Invalid user shen from 121.229.63.151 Sep 13 19:17:51 php1 sshd\[1687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 13 19:17:53 php1 sshd\[1687\]: Failed password for invalid user shen from 121.229.63.151 port 59207 ssh2	2020-09-14 13:25:27
121.229.63.151	attack	SSH Login Bruteforce	2020-09-14 05:25:01
121.229.63.151	attackspam	reported through recidive - multiple failed attempts(SSH)	2020-08-25 04:05:14
121.229.63.151	attackbotsspam	Aug 2 23:18:09 fhem-rasp sshd[13816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 user=root Aug 2 23:18:12 fhem-rasp sshd[13816]: Failed password for root from 121.229.63.151 port 50784 ssh2 ...	2020-08-03 05:30:16
121.229.63.151	attackbotsspam	Jul 13 04:09:22 onepixel sshd[4142817]: Invalid user trash from 121.229.63.151 port 11756 Jul 13 04:09:22 onepixel sshd[4142817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Jul 13 04:09:22 onepixel sshd[4142817]: Invalid user trash from 121.229.63.151 port 11756 Jul 13 04:09:23 onepixel sshd[4142817]: Failed password for invalid user trash from 121.229.63.151 port 11756 ssh2 Jul 13 04:11:14 onepixel sshd[4143824]: Invalid user dak from 121.229.63.151 port 36024	2020-07-13 12:27:35
121.229.63.151	attackspam	Invalid user reyes from 121.229.63.151 port 40768	2020-07-12 16:35:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.229.6.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40500
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.229.6.166.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013001 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 19:51:56 CST 2020
;; MSG SIZE  rcvd: 117

Host info

166.6.229.121.in-addr.arpa domain name pointer 166.6.229.121.broad.nj.js.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
166.6.229.121.in-addr.arpa	name = 166.6.229.121.broad.nj.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
213.184.244.203	attackbotsspam	SSH Bruteforce @ SigaVPN honeypot	2019-08-03 09:54:10
185.222.211.74	attackspambots	20 attempts against mh-misbehave-ban on hill.magehost.pro	2019-08-03 09:15:25
73.29.192.106	attackbots	2019-08-02T21:22:40.352251stark.klein-stark.info sshd\[7767\]: Invalid user admin from 73.29.192.106 port 52126 2019-08-02T21:22:40.358305stark.klein-stark.info sshd\[7767\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-73-29-192-106.hsd1.nj.comcast.net 2019-08-02T21:22:42.622802stark.klein-stark.info sshd\[7767\]: Failed password for invalid user admin from 73.29.192.106 port 52126 ssh2 ...	2019-08-03 09:09:22
54.38.82.14	attack	Aug 2 20:11:47 vps200512 sshd\[25869\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 user=root Aug 2 20:11:49 vps200512 sshd\[25869\]: Failed password for root from 54.38.82.14 port 59547 ssh2 Aug 2 20:11:50 vps200512 sshd\[25871\]: Invalid user admin from 54.38.82.14 Aug 2 20:11:50 vps200512 sshd\[25871\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.38.82.14 Aug 2 20:11:52 vps200512 sshd\[25871\]: Failed password for invalid user admin from 54.38.82.14 port 43828 ssh2	2019-08-03 09:18:11
139.162.113.204	attackspambots	3389BruteforceFW21	2019-08-03 09:47:41
91.247.110.1	attackbots	[portscan] Port scan	2019-08-03 09:07:13
139.199.163.136	attackbotsspam	Automatic report - Banned IP Access	2019-08-03 09:44:50
112.85.42.172	attack	19/8/2@20:49:02: FAIL: Alarm-SSH address from=112.85.42.172 ...	2019-08-03 09:08:03
118.167.195.164	attack	23/tcp [2019-08-02]1pkt	2019-08-03 09:51:17
181.65.77.211	attackbotsspam	02.08.2019 22:28:53 SSH access blocked by firewall	2019-08-03 09:39:14
123.9.125.89	attack	37215/tcp 37215/tcp [2019-08-02]2pkt	2019-08-03 09:48:50
138.201.243.66	attack	21 attempts against mh-misbehave-ban on sand.magehost.pro	2019-08-03 09:35:35
190.180.161.143	attackspambots	Aug 3 01:53:55 s64-1 sshd[3656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.180.161.143 Aug 3 01:53:58 s64-1 sshd[3656]: Failed password for invalid user 3 from 190.180.161.143 port 41249 ssh2 Aug 3 01:59:24 s64-1 sshd[3813]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.180.161.143 ...	2019-08-03 09:34:17
178.128.158.199	attackspambots	Jul 31 17:44:50 ghostname-secure sshd[4775]: Failed password for invalid user wangyi from 178.128.158.199 port 37040 ssh2 Jul 31 17:44:50 ghostname-secure sshd[4775]: Received disconnect from 178.128.158.199: 11: Bye Bye [preauth] Jul 31 17:50:15 ghostname-secure sshd[4821]: Failed password for invalid user bj from 178.128.158.199 port 48076 ssh2 Jul 31 17:50:15 ghostname-secure sshd[4821]: Received disconnect from 178.128.158.199: 11: Bye Bye [preauth] Jul 31 17:54:25 ghostname-secure sshd[4870]: Failed password for daemon from 178.128.158.199 port 44886 ssh2 Jul 31 17:54:25 ghostname-secure sshd[4870]: Received disconnect from 178.128.158.199: 11: Bye Bye [preauth] Jul 31 17:58:35 ghostname-secure sshd[4914]: Failed password for invalid user ct from 178.128.158.199 port 41918 ssh2 Jul 31 17:58:35 ghostname-secure sshd[4914]: Received disconnect from 178.128.158.199: 11: Bye Bye [preauth] Jul 31 18:02:44 ghostname-secure sshd[4936]: Failed password for invalid user web........ -------------------------------	2019-08-03 09:03:46
129.213.156.171	attackbotsspam	[ssh] SSH attack	2019-08-03 09:53:11

Recently Reported IPs

106.111.94.199	187.74.66.86	124.106.41.140	113.113.58.0
103.254.56.106	177.139.218.79	149.129.39.212	103.242.105.180
111.90.150.253	107.12.103.16	222.188.149.134	178.63.193.201
27.255.77.212	117.192.115.222	74.63.228.22	25.191.59.86
34.82.205.130	11.29.171.81	155.231.64.149	106.240.27.97