121.57.166.134

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Neimeng Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 121.57.166.134 to port 6656 [T]	2020-01-26 08:19:35

Comments on same subnet:

IP	Type	Details	Datetime
121.57.166.112	attackbotsspam	Unauthorized connection attempt detected from IP address 121.57.166.112 to port 6656 [T]	2020-01-30 17:26:08
121.57.166.133	attackbots	Unauthorized connection attempt detected from IP address 121.57.166.133 to port 6656 [T]	2020-01-29 20:05:38
121.57.166.129	attackbots	Unauthorized connection attempt detected from IP address 121.57.166.129 to port 6656 [T]	2020-01-28 08:28:49
121.57.166.225	attack	Unauthorized connection attempt detected from IP address 121.57.166.225 to port 6656 [T]	2020-01-26 08:19:10

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 121.57.166.134
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 39023
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;121.57.166.134.			IN	A

;; AUTHORITY SECTION:
.			225	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020012502 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sun Jan 26 08:19:32 CST 2020
;; MSG SIZE  rcvd: 118

Host info

Host 134.166.57.121.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 134.166.57.121.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
45.136.110.48	attackbotsspam	Nov 9 14:00:07 h2177944 kernel: \[6179994.437514\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.48 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=24091 PROTO=TCP SPT=50518 DPT=9128 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 14:02:03 h2177944 kernel: \[6180110.152984\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.48 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=249 ID=41595 PROTO=TCP SPT=50518 DPT=8339 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 14:17:06 h2177944 kernel: \[6181012.849596\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.48 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=26527 PROTO=TCP SPT=50518 DPT=9321 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 14:23:37 h2177944 kernel: \[6181404.125895\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.48 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=16727 PROTO=TCP SPT=50518 DPT=9063 WINDOW=1024 RES=0x00 SYN URGP=0 Nov 9 14:46:40 h2177944 kernel: \[6182786.252186\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=45.136.110.48 DST=85.214.117.9	2019-11-09 22:39:34
114.246.11.178	attack	$f2bV_matches	2019-11-09 22:59:42
63.34.247.85	attack	WordPress wp-login brute force :: 63.34.247.85 0.128 BYPASS [09/Nov/2019:14:57:36 0000] www.[censored_4] "POST /wp-login.php HTTP/1.1" 200 1559 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"	2019-11-09 23:07:07
212.129.140.89	attackbots	Nov 4 08:42:46 new sshd[31714]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.140.89 user=r.r Nov 4 08:42:47 new sshd[31714]: Failed password for r.r from 212.129.140.89 port 45942 ssh2 Nov 4 08:42:47 new sshd[31714]: Received disconnect from 212.129.140.89: 11: Bye Bye [preauth] Nov 4 09:07:18 new sshd[5857]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.140.89 user=r.r Nov 4 09:07:20 new sshd[5857]: Failed password for r.r from 212.129.140.89 port 58356 ssh2 Nov 4 09:07:20 new sshd[5857]: Received disconnect from 212.129.140.89: 11: Bye Bye [preauth] Nov 4 09:12:15 new sshd[7273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.129.140.89 user=r.r Nov 4 09:12:16 new sshd[7273]: Failed password for r.r from 212.129.140.89 port 50651 ssh2 Nov 4 09:12:17 new sshd[7273]: Received disconnect from 212.129.140.89: 11: Bye........ -------------------------------	2019-11-09 22:54:32
67.222.96.142	attackspam	Automatic report - XMLRPC Attack	2019-11-09 22:31:01
122.166.174.142	attackbots	09.11.2019 11:28:56 - RDP Login Fail Detected by https://www.elinox.de/RDP-Wächter	2019-11-09 22:38:23
182.140.140.2	attackspam	2019-11-09T15:55:52.870725 sshd[14162]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.140.140.2 user=mysql 2019-11-09T15:55:54.987646 sshd[14162]: Failed password for mysql from 182.140.140.2 port 50332 ssh2 2019-11-09T16:01:28.841579 sshd[14259]: Invalid user service from 182.140.140.2 port 54630 2019-11-09T16:01:28.854569 sshd[14259]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.140.140.2 2019-11-09T16:01:28.841579 sshd[14259]: Invalid user service from 182.140.140.2 port 54630 2019-11-09T16:01:30.765321 sshd[14259]: Failed password for invalid user service from 182.140.140.2 port 54630 ssh2 ...	2019-11-09 23:10:19
165.227.143.23	attackspambots	Joomla Admin : try to force the door...	2019-11-09 22:36:21
202.98.213.218	attack	Nov 9 15:04:19 MK-Soft-Root2 sshd[27198]: Failed password for root from 202.98.213.218 port 27508 ssh2 ...	2019-11-09 22:46:18
176.31.250.160	attackspam	Nov 9 08:53:01 server sshd\[31316\]: User root from 176.31.250.160 not allowed because listed in DenyUsers Nov 9 08:53:01 server sshd\[31316\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.160 user=root Nov 9 08:53:03 server sshd\[31316\]: Failed password for invalid user root from 176.31.250.160 port 36372 ssh2 Nov 9 08:56:55 server sshd\[11911\]: Invalid user taemspeak4 from 176.31.250.160 port 45306 Nov 9 08:56:55 server sshd\[11911\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=176.31.250.160	2019-11-09 22:34:37
118.24.95.153	attack	Nov 9 04:51:41 auw2 sshd\[32169\]: Invalid user 123 from 118.24.95.153 Nov 9 04:51:41 auw2 sshd\[32169\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.95.153 Nov 9 04:51:43 auw2 sshd\[32169\]: Failed password for invalid user 123 from 118.24.95.153 port 52100 ssh2 Nov 9 04:57:26 auw2 sshd\[32605\]: Invalid user dg10111 from 118.24.95.153 Nov 9 04:57:26 auw2 sshd\[32605\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.24.95.153	2019-11-09 23:12:46
199.249.230.112	attack	Automatic report - XMLRPC Attack	2019-11-09 23:11:50
120.132.13.196	attack	F2B jail: sshd. Time: 2019-11-09 15:57:56, Reported by: VKReport	2019-11-09 23:09:14
106.12.86.240	attack	Nov 9 10:28:27 firewall sshd[9728]: Invalid user testuser from 106.12.86.240 Nov 9 10:28:29 firewall sshd[9728]: Failed password for invalid user testuser from 106.12.86.240 port 50502 ssh2 Nov 9 10:34:22 firewall sshd[9832]: Invalid user clucarel from 106.12.86.240 ...	2019-11-09 22:33:00
106.13.1.203	attack	Nov 8 13:53:26 server sshd\[10946\]: Failed password for invalid user ts_server from 106.13.1.203 port 39394 ssh2 Nov 9 13:17:25 server sshd\[24434\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Nov 9 13:17:27 server sshd\[24434\]: Failed password for root from 106.13.1.203 port 44480 ssh2 Nov 9 13:29:12 server sshd\[27537\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.1.203 user=root Nov 9 13:29:14 server sshd\[27537\]: Failed password for root from 106.13.1.203 port 38340 ssh2 ...	2019-11-09 22:41:42

Recently Reported IPs

168.117.149.76	49.85.96.86	249.85.163.204	246.112.254.215
42.117.243.53	232.178.35.125	2a01:4f8:110:512d::2	117.74.74.48
1.182.193.125	1.70.76.44	156.47.116.32	156.165.54.180
223.10.22.240	203.77.5.51	129.251.214.166	183.166.241.227
183.165.10.46	182.108.168.29	203.247.90.187	180.169.182.102