180.166.240.99

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: ChinaNet Shanghai Province Network

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbots	k+ssh-bruteforce	2020-10-13 23:53:46
attackbots	Oct 13 06:19:59 journals sshd\[72964\]: Invalid user mireya from 180.166.240.99 Oct 13 06:19:59 journals sshd\[72964\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 Oct 13 06:20:01 journals sshd\[72964\]: Failed password for invalid user mireya from 180.166.240.99 port 60570 ssh2 Oct 13 06:23:58 journals sshd\[73365\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 user=root Oct 13 06:23:59 journals sshd\[73365\]: Failed password for root from 180.166.240.99 port 53354 ssh2 ...	2020-10-13 15:08:36
attackbotsspam	Oct 12 22:45:46 abendstille sshd\[638\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 user=root Oct 12 22:45:49 abendstille sshd\[638\]: Failed password for root from 180.166.240.99 port 35442 ssh2 Oct 12 22:47:20 abendstille sshd\[3010\]: Invalid user username from 180.166.240.99 Oct 12 22:47:20 abendstille sshd\[3010\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 Oct 12 22:47:21 abendstille sshd\[3010\]: Failed password for invalid user username from 180.166.240.99 port 51588 ssh2 ...	2020-10-13 07:46:53
attackbots	Sep 20 06:28:32 ns382633 sshd\[18968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 user=root Sep 20 06:28:34 ns382633 sshd\[18968\]: Failed password for root from 180.166.240.99 port 59174 ssh2 Sep 20 06:43:01 ns382633 sshd\[21707\]: Invalid user admin1 from 180.166.240.99 port 50238 Sep 20 06:43:01 ns382633 sshd\[21707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 Sep 20 06:43:03 ns382633 sshd\[21707\]: Failed password for invalid user admin1 from 180.166.240.99 port 50238 ssh2	2020-09-21 02:11:54
attack	Sep 20 06:28:32 ns382633 sshd\[18968\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 user=root Sep 20 06:28:34 ns382633 sshd\[18968\]: Failed password for root from 180.166.240.99 port 59174 ssh2 Sep 20 06:43:01 ns382633 sshd\[21707\]: Invalid user admin1 from 180.166.240.99 port 50238 Sep 20 06:43:01 ns382633 sshd\[21707\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 Sep 20 06:43:03 ns382633 sshd\[21707\]: Failed password for invalid user admin1 from 180.166.240.99 port 50238 ssh2	2020-09-20 18:12:33
attackbots	Invalid user oracle from 180.166.240.99 port 51068	2020-05-16 07:14:41
attackbots	20 attempts against mh-ssh on cloud	2020-05-13 18:36:12
attackspam	Invalid user dqz from 180.166.240.99 port 49776	2020-03-30 07:29:59
attackbots	Mar 23 01:59:46 firewall sshd[16574]: Invalid user scarlet from 180.166.240.99 Mar 23 01:59:48 firewall sshd[16574]: Failed password for invalid user scarlet from 180.166.240.99 port 47822 ssh2 Mar 23 02:02:28 firewall sshd[16762]: Invalid user jayna from 180.166.240.99 ...	2020-03-23 13:18:13
attackbots	Mar 13 15:39:31 localhost sshd\[8378\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 user=root Mar 13 15:39:33 localhost sshd\[8378\]: Failed password for root from 180.166.240.99 port 36328 ssh2 Mar 13 15:41:07 localhost sshd\[8507\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.166.240.99 user=root	2020-03-13 22:49:05

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 180.166.240.99
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21216
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;180.166.240.99.			IN	A

;; AUTHORITY SECTION:
.			540	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020031300 1800 900 604800 86400

;; Query time: 108 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Mar 13 22:49:00 CST 2020
;; MSG SIZE  rcvd: 118

Host info

99.240.166.180.in-addr.arpa domain name pointer tz-china.com.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
99.240.166.180.in-addr.arpa	name = tz-china.com.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
193.112.74.137	attackspam	Dec 13 06:11:18 ms-srv sshd[55652]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.74.137 user=root Dec 13 06:11:19 ms-srv sshd[55652]: Failed password for invalid user root from 193.112.74.137 port 37023 ssh2	2020-02-03 05:22:03
110.137.80.117	attackbotsspam	DATE:2020-02-02 16:06:48, IP:110.137.80.117, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-03 05:02:40
193.112.65.233	attackspambots	Jan 9 08:45:39 ms-srv sshd[62601]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.65.233 Jan 9 08:45:41 ms-srv sshd[62601]: Failed password for invalid user nagesh from 193.112.65.233 port 56268 ssh2	2020-02-03 05:32:04
193.112.89.32	attackspambots	Unauthorized connection attempt detected from IP address 193.112.89.32 to port 2220 [J]	2020-02-03 05:11:08
193.112.69.117	attack	Jan 31 02:57:01 ms-srv sshd[6620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.69.117 Jan 31 02:57:03 ms-srv sshd[6620]: Failed password for invalid user utente from 193.112.69.117 port 56361 ssh2	2020-02-03 05:28:01
171.22.76.85	attack	This IP is one of many that have been hacking my devices. They have attached some indexing software to my playstore account and on my devices. I am consistantly being watched and redirected on the internet. They intercept any kind of communication going both in and out of my devices.	2020-02-03 04:57:13
193.112.82.195	attack	Dec 15 04:54:51 ms-srv sshd[63877]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.82.195 Dec 15 04:54:53 ms-srv sshd[63877]: Failed password for invalid user admin1 from 193.112.82.195 port 52299 ssh2	2020-02-03 05:14:16
105.0.6.169	spambotsattackproxynormal	thieves are using it to steal phones	2020-02-03 05:12:40
197.210.226.115	attackbotsspam	Fail2Ban Ban Triggered	2020-02-03 05:18:33
106.51.138.64	attack	DATE:2020-02-02 16:06:42, IP:106.51.138.64, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-03 05:15:50
190.83.139.21	attack	Unauthorized connection attempt detected from IP address 190.83.139.21 to port 23 [J]	2020-02-03 05:06:55
204.48.21.31	attack	DATE:2020-02-02 19:03:33, IP:204.48.21.31, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc)	2020-02-03 04:58:36
105.172.76.229	attack	DATE:2020-02-02 16:06:40, IP:105.172.76.229, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)	2020-02-03 05:20:53
117.55.241.3	attackbotsspam	Unauthorized connection attempt detected from IP address 117.55.241.3 to port 2220 [J]	2020-02-03 05:20:10
193.112.71.80	attackbots	Jan 27 18:40:35 ms-srv sshd[17986]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.112.71.80 Jan 27 18:40:37 ms-srv sshd[17986]: Failed password for invalid user vds from 193.112.71.80 port 39408 ssh2	2020-02-03 05:25:28

Recently Reported IPs

193.70.79.88	62.210.100.192	150.129.143.212	95.217.73.247
187.15.89.211	85.75.228.83	45.177.94.83	35.202.157.96
223.185.130.92	104.244.77.95	202.83.28.186	144.217.254.159
190.204.183.27	216.221.44.228	125.91.17.195	172.217.173.3
217.182.33.33	144.217.206.177	85.26.211.83	149.129.54.112