203.158.166.6 - IPInfo

Basic Info

City: unknown

Region: unknown

Country: Thailand

Internet Service Provider: Rajamangala Institute of Technology

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackspam	Port Scan detected! ...	2020-07-11 09:09:39
attack	IP 203.158.166.6 attacked honeypot on port: 1433 at 7/9/2020 1:21:06 PM	2020-07-10 04:41:48
attackbots	firewall-block, port(s): 1433/tcp	2020-03-13 14:22:46
attackbotsspam	TH_APNIC-HM_<177>1582433769 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 203.158.166.6:56634	2020-02-23 14:28:38
attack	TH_APNIC-HM_<177>1580050165 [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 203.158.166.6:52229	2020-01-26 23:03:35
attackbots	Port 1433 Scan	2019-10-21 08:05:34

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.158.166.6
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42608
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.158.166.6.			IN	A

;; AUTHORITY SECTION:
.			587	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019102001 1800 900 604800 86400

;; Query time: 103 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Oct 21 08:05:31 CST 2019
;; MSG SIZE  rcvd: 117

Host info

Host 6.166.158.203.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 6.166.158.203.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
201.111.115.56	attackspambots	Unauthorized connection attempt detected from IP address 201.111.115.56 to port 80	2020-02-26 05:08:51
94.183.195.19	attackspambots	8080/tcp [2020-02-25]1pkt	2020-02-26 05:31:29
168.0.81.236	attackbots	Automatic report - Port Scan Attack	2020-02-26 05:20:47
41.250.41.136	attack	Feb 25 17:35:22 pmg postfix/postscreen\[13337\]: HANGUP after 2 from \[41.250.41.136\]:56459 in tests after SMTP handshake	2020-02-26 05:19:53
66.70.189.209	attackbotsspam	Feb 25 21:48:03 jane sshd[31560]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=66.70.189.209 Feb 25 21:48:04 jane sshd[31560]: Failed password for invalid user test from 66.70.189.209 port 59309 ssh2 ...	2020-02-26 05:06:40
116.247.81.99	attackbots	Automatic report - SSH Brute-Force Attack	2020-02-26 05:24:04
185.176.27.250	attackspam	Feb 25 21:14:26 h2177944 kernel: \[5859445.681923\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=13796 PROTO=TCP SPT=49985 DPT=57712 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 25 21:14:26 h2177944 kernel: \[5859445.681936\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=13796 PROTO=TCP SPT=49985 DPT=57712 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 25 21:38:13 h2177944 kernel: \[5860872.168841\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=58178 PROTO=TCP SPT=49985 DPT=57521 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 25 21:38:13 h2177944 kernel: \[5860872.168854\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.250 DST=85.214.117.9 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=58178 PROTO=TCP SPT=49985 DPT=57521 WINDOW=1024 RES=0x00 SYN URGP=0 Feb 25 22:14:23 h2177944 kernel: \[5863041.499776\] \[UFW BLOCK\] IN=venet0 OUT= MAC= SRC=185.176.27.250 DST=85.	2020-02-26 05:37:00
159.89.194.160	attackbotsspam	Feb 25 22:55:13 pkdns2 sshd\[42995\]: Invalid user webmaster from 159.89.194.160Feb 25 22:55:15 pkdns2 sshd\[42995\]: Failed password for invalid user webmaster from 159.89.194.160 port 34372 ssh2Feb 25 22:59:36 pkdns2 sshd\[43152\]: Invalid user ts3 from 159.89.194.160Feb 25 22:59:39 pkdns2 sshd\[43152\]: Failed password for invalid user ts3 from 159.89.194.160 port 46512 ssh2Feb 25 23:04:02 pkdns2 sshd\[43326\]: Invalid user xvwei from 159.89.194.160Feb 25 23:04:04 pkdns2 sshd\[43326\]: Failed password for invalid user xvwei from 159.89.194.160 port 58652 ssh2 ...	2020-02-26 05:39:16
222.113.245.44	attackspam	85/tcp [2020-02-25]1pkt	2020-02-26 05:07:17
189.242.8.173	attack	81/tcp [2020-02-25]1pkt	2020-02-26 05:15:14
177.204.12.142	attack	81/tcp [2020-02-25]1pkt	2020-02-26 05:13:39
178.204.240.210	attackbots	445/tcp [2020-02-25]1pkt	2020-02-26 04:59:44
124.218.93.202	attack	Port probing on unauthorized port 23	2020-02-26 05:04:11
103.99.200.37	attackbotsspam	Feb 25 22:08:09 markkoudstaal sshd[28083]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.99.200.37 Feb 25 22:08:10 markkoudstaal sshd[28083]: Failed password for invalid user r00t from 103.99.200.37 port 57971 ssh2 Feb 25 22:08:18 markkoudstaal sshd[28099]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.99.200.37	2020-02-26 05:22:39
1.53.115.22	attack	suspicious action Tue, 25 Feb 2020 13:35:35 -0300	2020-02-26 05:02:25

Recently Reported IPs

185.40.12.107	176.142.120.237	80.211.183.86	202.164.36.12
178.182.230.250	125.63.188.51	118.24.201.132	79.132.191.201
128.108.168.73	76.83.92.62	31.1.70.183	169.246.192.162
150.185.198.215	10.122.215.128	14.251.202.10	160.155.159.222
69.185.107.176	83.204.138.215	65.52.209.86	159.143.225.150