121.229.6.166 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Jiangsu Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-09-18T12:32:01Z and 2020-09-18T12:49:37Z	2020-09-19 00:31:31
attackspam	Bruteforce detected by fail2ban	2020-09-18 16:34:41
attackspambots	Sep 17 22:27:41 ovpn sshd\[17579\]: Invalid user zhaowei from 121.229.6.166 Sep 17 22:27:41 ovpn sshd\[17579\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Sep 17 22:27:42 ovpn sshd\[17579\]: Failed password for invalid user zhaowei from 121.229.6.166 port 41368 ssh2 Sep 17 22:38:06 ovpn sshd\[20165\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root Sep 17 22:38:07 ovpn sshd\[20165\]: Failed password for root from 121.229.6.166 port 40838 ssh2	2020-09-18 06:49:54
attack	Sep 16 07:51:37 firewall sshd[2680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Sep 16 07:51:37 firewall sshd[2680]: Invalid user web from 121.229.6.166 Sep 16 07:51:39 firewall sshd[2680]: Failed password for invalid user web from 121.229.6.166 port 37452 ssh2 ...	2020-09-16 20:34:52
attack	2020-09-16 02:48:29,803 fail2ban.actions: WARNING [ssh] Ban 121.229.6.166	2020-09-16 13:05:54
attack	Sep 15 21:30:55 sigma sshd\[25709\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=rootSep 15 21:37:21 sigma sshd\[25740\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root ...	2020-09-16 04:51:39
attackspam	Aug 14 22:43:54 rancher-0 sshd[1086357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root Aug 14 22:43:56 rancher-0 sshd[1086357]: Failed password for root from 121.229.6.166 port 40200 ssh2 ...	2020-08-15 05:45:14
attack	Jul 28 09:19:23 hidden sshd[29577]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Jul 28 09:19:26 hidden sshd[29577]: Failed password for invalid user toy from 121.229.6.166 port 38006 ssh2 Jul 28 09:30:16 hidden sshd[31146]: Invalid user inpre from 121.229.6.166 port 48694	2020-07-28 16:58:20
attackbots	Jul 24 10:27:52 hosting sshd[9328]: Invalid user lewis from 121.229.6.166 port 60652 ...	2020-07-24 19:21:56
attack	Invalid user postgres from 121.229.6.166 port 48758	2020-06-24 07:48:42
attackspam	Jun 14 14:53:13 django-0 sshd\[31024\]: Failed password for root from 121.229.6.166 port 33216 ssh2Jun 14 14:56:43 django-0 sshd\[31100\]: Invalid user pogi12345 from 121.229.6.166Jun 14 14:56:45 django-0 sshd\[31100\]: Failed password for invalid user pogi12345 from 121.229.6.166 port 40922 ssh2 ...	2020-06-14 23:36:29
attackspambots	sshd	2020-06-14 02:28:35
attackbots	prod11 ...	2020-05-14 01:11:14
attack	$f2bV_matches	2020-05-05 19:58:03
attack	May 4 21:09:21 localhost sshd[103347]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 user=root May 4 21:09:23 localhost sshd[103347]: Failed password for root from 121.229.6.166 port 33028 ssh2 May 4 21:14:56 localhost sshd[103747]: Invalid user zjw from 121.229.6.166 port 36066 May 4 21:14:56 localhost sshd[103747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 May 4 21:14:56 localhost sshd[103747]: Invalid user zjw from 121.229.6.166 port 36066 May 4 21:14:58 localhost sshd[103747]: Failed password for invalid user zjw from 121.229.6.166 port 36066 ssh2 ...	2020-05-05 05:27:31
attackspambots	SSH Brute-Force Attack	2020-04-24 04:56:39
attackspam	SSH bruteforce (Triggered fail2ban)	2020-04-18 05:08:53
attackbotsspam	SSH Brute-Force attacks	2020-04-14 01:56:00
attackbotsspam	Apr 8 07:15:47 legacy sshd[29782]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Apr 8 07:15:49 legacy sshd[29782]: Failed password for invalid user deploy from 121.229.6.166 port 36898 ssh2 Apr 8 07:20:10 legacy sshd[29930]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 ...	2020-04-08 13:48:24
attackbots	Apr 7 14:47:47 host01 sshd[30359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Apr 7 14:47:49 host01 sshd[30359]: Failed password for invalid user ubuntu from 121.229.6.166 port 59490 ssh2 Apr 7 14:50:36 host01 sshd[30904]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 ...	2020-04-07 21:57:52
attackbotsspam	Mar 25 17:54:40 home sshd[25022]: Invalid user freeswitch from 121.229.6.166 port 39522 Mar 25 17:54:40 home sshd[25022]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Mar 25 17:54:40 home sshd[25022]: Invalid user freeswitch from 121.229.6.166 port 39522 Mar 25 17:54:42 home sshd[25022]: Failed password for invalid user freeswitch from 121.229.6.166 port 39522 ssh2 Mar 25 17:58:29 home sshd[25100]: Invalid user hb from 121.229.6.166 port 34960 Mar 25 17:58:29 home sshd[25100]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Mar 25 17:58:29 home sshd[25100]: Invalid user hb from 121.229.6.166 port 34960 Mar 25 17:58:31 home sshd[25100]: Failed password for invalid user hb from 121.229.6.166 port 34960 ssh2 Mar 25 18:00:04 home sshd[25126]: Invalid user admin from 121.229.6.166 port 57150 Mar 25 18:00:04 home sshd[25126]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=	2020-03-26 09:54:53
attackspam	2020-02-27T14:24:48.929545shield sshd\[10715\]: Invalid user ts3server from 121.229.6.166 port 60332 2020-02-27T14:24:48.935619shield sshd\[10715\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 2020-02-27T14:24:50.163276shield sshd\[10715\]: Failed password for invalid user ts3server from 121.229.6.166 port 60332 ssh2 2020-02-27T14:27:43.865061shield sshd\[11038\]: Invalid user mailman from 121.229.6.166 port 33612 2020-02-27T14:27:43.870794shield sshd\[11038\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166	2020-02-27 22:34:55
attack	Feb 19 00:25:07 plex sshd[29715]: Invalid user pengcan from 121.229.6.166 port 54514	2020-02-19 07:44:01
attackbotsspam	Feb 16 15:02:30 silence02 sshd[20161]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Feb 16 15:02:32 silence02 sshd[20161]: Failed password for invalid user debian from 121.229.6.166 port 56186 ssh2 Feb 16 15:06:21 silence02 sshd[20458]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166	2020-02-16 22:25:50
attack	Feb 9 23:48:28 sd-53420 sshd\[1583\]: Invalid user dsn from 121.229.6.166 Feb 9 23:48:28 sd-53420 sshd\[1583\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 Feb 9 23:48:30 sd-53420 sshd\[1583\]: Failed password for invalid user dsn from 121.229.6.166 port 34542 ssh2 Feb 9 23:51:02 sd-53420 sshd\[1815\]: Invalid user svl from 121.229.6.166 Feb 9 23:51:02 sd-53420 sshd\[1815\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.6.166 ...	2020-02-10 07:15:30
attackbots	Unauthorized connection attempt detected from IP address 121.229.6.166 to port 2220 [J]	2020-01-30 19:52:00

Comments on same subnet:

IP	Type	Details	Datetime
121.229.62.94	attackspam	$f2bV_matches	2020-10-08 04:43:13
121.229.62.94	attack	Oct 7 11:54:29 ip-172-31-16-56 sshd\[18142\]: Failed password for root from 121.229.62.94 port 57909 ssh2\ Oct 7 11:55:20 ip-172-31-16-56 sshd\[18167\]: Failed password for root from 121.229.62.94 port 35113 ssh2\ Oct 7 11:56:19 ip-172-31-16-56 sshd\[18182\]: Failed password for root from 121.229.62.94 port 40550 ssh2\ Oct 7 11:57:21 ip-172-31-16-56 sshd\[18195\]: Failed password for root from 121.229.62.94 port 45986 ssh2\ Oct 7 11:58:22 ip-172-31-16-56 sshd\[18208\]: Failed password for root from 121.229.62.94 port 51423 ssh2\	2020-10-07 21:04:40
121.229.62.94	attack	Oct 06 15:29:25 askasleikir sshd[14934]: Failed password for root from 121.229.62.94 port 34694 ssh2	2020-10-07 12:50:45
121.229.63.151	attackbotsspam	$f2bV_matches	2020-09-17 23:24:47
121.229.63.151	attackspambots	Automatic report - Banned IP Access	2020-09-17 15:32:05
121.229.63.151	attack	Sep 16 20:18:14 sip sshd[17283]: Failed password for root from 121.229.63.151 port 26579 ssh2 Sep 16 20:30:47 sip sshd[20544]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 16 20:30:49 sip sshd[20544]: Failed password for invalid user build from 121.229.63.151 port 33911 ssh2	2020-09-17 06:38:31
121.229.63.151	attackspam	Sep 16 17:11:33 ns382633 sshd\[17301\]: Invalid user wpyan from 121.229.63.151 port 33869 Sep 16 17:11:33 ns382633 sshd\[17301\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 16 17:11:35 ns382633 sshd\[17301\]: Failed password for invalid user wpyan from 121.229.63.151 port 33869 ssh2 Sep 16 17:28:35 ns382633 sshd\[20517\]: Invalid user vendeg from 121.229.63.151 port 64841 Sep 16 17:28:35 ns382633 sshd\[20517\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151	2020-09-17 00:18:32
121.229.63.151	attack	(sshd) Failed SSH login from 121.229.63.151 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Sep 16 03:15:13 server5 sshd[17817]: Invalid user admin from 121.229.63.151 Sep 16 03:15:13 server5 sshd[17817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 16 03:15:15 server5 sshd[17817]: Failed password for invalid user admin from 121.229.63.151 port 18086 ssh2 Sep 16 03:18:16 server5 sshd[2271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 user=root Sep 16 03:18:18 server5 sshd[2271]: Failed password for root from 121.229.63.151 port 56790 ssh2	2020-09-16 16:35:26
121.229.63.151	attackspam	$f2bV_matches	2020-09-14 21:32:11
121.229.63.151	attackbotsspam	Sep 13 19:13:52 php1 sshd\[1387\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 user=root Sep 13 19:13:54 php1 sshd\[1387\]: Failed password for root from 121.229.63.151 port 15015 ssh2 Sep 13 19:17:51 php1 sshd\[1687\]: Invalid user shen from 121.229.63.151 Sep 13 19:17:51 php1 sshd\[1687\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Sep 13 19:17:53 php1 sshd\[1687\]: Failed password for invalid user shen from 121.229.63.151 port 59207 ssh2	2020-09-14 13:25:27
121.229.63.151	attack	SSH Login Bruteforce	2020-09-14 05:25:01
121.229.63.151	attackspam	reported through recidive - multiple failed attempts(SSH)	2020-08-25 04:05:14
121.229.63.151	attackbotsspam	Aug 2 23:18:09 fhem-rasp sshd[13816]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 user=root Aug 2 23:18:12 fhem-rasp sshd[13816]: Failed password for root from 121.229.63.151 port 50784 ssh2 ...	2020-08-03 05:30:16
121.229.63.151	attackbotsspam	Jul 13 04:09:22 onepixel sshd[4142817]: Invalid user trash from 121.229.63.151 port 11756 Jul 13 04:09:22 onepixel sshd[4142817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=121.229.63.151 Jul 13 04:09:22 onepixel sshd[4142817]: Invalid user trash from 121.229.63.151 port 11756 Jul 13 04:09:23 onepixel sshd[4142817]: Failed password for invalid user trash from 121.229.63.151 port 11756 ssh2 Jul 13 04:11:14 onepixel sshd[4143824]: Invalid user dak from 121.229.63.151 port 36024	2020-07-13 12:27:35
121.229.63.151	attackspam	Invalid user reyes from 121.229.63.151 port 40768	2020-07-12 16:35:57

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.229.6.166
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 40500
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.229.6.166.			IN	A

;; AUTHORITY SECTION:
.			393	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020013001 1800 900 604800 86400

;; Query time: 106 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 30 19:51:56 CST 2020
;; MSG SIZE  rcvd: 117

Host info

166.6.229.121.in-addr.arpa domain name pointer 166.6.229.121.broad.nj.js.dynamic.163data.com.cn.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
166.6.229.121.in-addr.arpa	name = 166.6.229.121.broad.nj.js.dynamic.163data.com.cn.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
180.241.126.192	attackbots	23/tcp [2019-10-28]1pkt	2019-10-29 02:52:53
186.113.208.184	attackspam	28.10.2019 12:48:26 - SMTP Spam without Auth on hMailserver Detected by ELinOX-hMail-A2F	2019-10-29 02:29:07
95.79.249.35	attack	Oct 28 19:18:30 vmanager6029 sshd\[30476\]: Invalid user pi from 95.79.249.35 port 46628 Oct 28 19:18:30 vmanager6029 sshd\[30476\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.79.249.35 Oct 28 19:18:30 vmanager6029 sshd\[30478\]: Invalid user pi from 95.79.249.35 port 46632	2019-10-29 03:05:23
79.7.188.117	attack	IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/79.7.188.117/ IT - 1H : (134) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : IT NAME ASN : ASN3269 IP : 79.7.188.117 CIDR : 79.6.0.0/15 PREFIX COUNT : 550 UNIQUE IP COUNT : 19507712 ATTACKS DETECTED ASN3269 : 1H - 8 3H - 17 6H - 22 12H - 38 24H - 81 DateTime : 2019-10-28 12:48:17 INFO : Port Scan TELNET Detected and Blocked by ADMIN - data recovery	2019-10-29 02:32:40
14.207.197.233	attackbots	54068/udp [2019-10-28]1pkt	2019-10-29 03:05:58
167.114.210.86	attackbotsspam	Oct 28 15:55:11 odroid64 sshd\[22824\]: Invalid user dbps from 167.114.210.86 Oct 28 15:55:11 odroid64 sshd\[22824\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.114.210.86 ...	2019-10-29 02:47:29
42.104.97.238	attackbots	Oct 28 09:51:35 firewall sshd[2036]: Failed password for root from 42.104.97.238 port 57007 ssh2 Oct 28 09:54:53 firewall sshd[2120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=42.104.97.238 user=root Oct 28 09:54:55 firewall sshd[2120]: Failed password for root from 42.104.97.238 port 20749 ssh2 ...	2019-10-29 02:39:03
170.81.35.26	attackspambots	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	2019-10-29 02:37:57
36.224.81.102	attackbotsspam	445/tcp [2019-10-28]1pkt	2019-10-29 02:43:26
78.102.176.145	attack	...	2019-10-29 02:45:52
178.62.240.29	attackbots	Oct 28 08:37:42 web9 sshd\[16736\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.240.29 user=root Oct 28 08:37:44 web9 sshd\[16736\]: Failed password for root from 178.62.240.29 port 39996 ssh2 Oct 28 08:41:11 web9 sshd\[17214\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.240.29 user=root Oct 28 08:41:14 web9 sshd\[17214\]: Failed password for root from 178.62.240.29 port 59141 ssh2 Oct 28 08:44:53 web9 sshd\[17674\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=178.62.240.29 user=root	2019-10-29 02:55:16
187.189.225.85	attackspam	Invalid user admin from 187.189.225.85 port 52511	2019-10-29 02:47:00
115.213.133.195	attackspam	SSH Scan	2019-10-29 03:06:28
188.131.238.91	attackbots	Oct 28 19:37:05 lnxmail61 sshd[22635]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=188.131.238.91 Oct 28 19:37:07 lnxmail61 sshd[22635]: Failed password for invalid user it2 from 188.131.238.91 port 55526 ssh2 Oct 28 19:41:43 lnxmail61 sshd[23512]: Failed password for root from 188.131.238.91 port 36480 ssh2	2019-10-29 02:41:58
177.53.241.131	attackspam	2019-10-28T12:20:11.763578abusebot-8.cloudsearch.cf sshd\[13643\]: Invalid user zp from 177.53.241.131 port 42251	2019-10-29 02:29:49

Recently Reported IPs

106.111.94.199	187.74.66.86	124.106.41.140	113.113.58.0
103.254.56.106	177.139.218.79	149.129.39.212	103.242.105.180
111.90.150.253	107.12.103.16	222.188.149.134	178.63.193.201
27.255.77.212	117.192.115.222	74.63.228.22	25.191.59.86
34.82.205.130	11.29.171.81	155.231.64.149	106.240.27.97