203.252.166.120

Basic Info

City: unknown

Region: unknown

Country: Korea Republic of

Internet Service Provider: Konkuk University

Hostname: unknown

Organization: unknown

Usage Type: University/College/School

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	Sep 8 09:30:40 lcdev sshd\[13744\]: Invalid user webadmin from 203.252.166.120 Sep 8 09:30:40 lcdev sshd\[13744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120 Sep 8 09:30:42 lcdev sshd\[13744\]: Failed password for invalid user webadmin from 203.252.166.120 port 41298 ssh2 Sep 8 09:35:03 lcdev sshd\[14103\]: Invalid user ubuntu from 203.252.166.120 Sep 8 09:35:03 lcdev sshd\[14103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120	2019-09-09 03:44:23
attack	Sep 7 14:37:09 lcdev sshd\[15058\]: Invalid user 12345 from 203.252.166.120 Sep 7 14:37:09 lcdev sshd\[15058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120 Sep 7 14:37:10 lcdev sshd\[15058\]: Failed password for invalid user 12345 from 203.252.166.120 port 53284 ssh2 Sep 7 14:42:26 lcdev sshd\[15652\]: Invalid user 123456 from 203.252.166.120 Sep 7 14:42:26 lcdev sshd\[15652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120	2019-09-08 08:53:58

Type

Details

Datetime

attackbotsspam

Sep  8 09:30:40 lcdev sshd\[13744\]: Invalid user webadmin from 203.252.166.120
Sep  8 09:30:40 lcdev sshd\[13744\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120
Sep  8 09:30:42 lcdev sshd\[13744\]: Failed password for invalid user webadmin from 203.252.166.120 port 41298 ssh2
Sep  8 09:35:03 lcdev sshd\[14103\]: Invalid user ubuntu from 203.252.166.120
Sep  8 09:35:03 lcdev sshd\[14103\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120

2019-09-09 03:44:23

attack

Sep  7 14:37:09 lcdev sshd\[15058\]: Invalid user 12345 from 203.252.166.120
Sep  7 14:37:09 lcdev sshd\[15058\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120
Sep  7 14:37:10 lcdev sshd\[15058\]: Failed password for invalid user 12345 from 203.252.166.120 port 53284 ssh2
Sep  7 14:42:26 lcdev sshd\[15652\]: Invalid user 123456 from 203.252.166.120
Sep  7 14:42:26 lcdev sshd\[15652\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.252.166.120

2019-09-08 08:53:58

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 203.252.166.120
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25174
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;203.252.166.120.		IN	A

;; AUTHORITY SECTION:
.			3600	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019090701 1800 900 604800 86400

;; Query time: 3 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Sep 08 08:53:27 CST 2019
;; MSG SIZE  rcvd: 119

Host info

Host 120.166.252.203.in-addr.arpa. not found: 3(NXDOMAIN)

Nslookup info:

Server:		67.207.67.2
Address:	67.207.67.2#53

** server can't find 120.166.252.203.in-addr.arpa: NXDOMAIN

Related IP info:

Related comments:

IP	Type	Details	Datetime
46.227.152.110	attack	Automatic report - Banned IP Access	2020-09-07 21:51:49
61.145.178.134	attackspambots	Sep 7 08:40:54 ns382633 sshd\[28316\]: Invalid user admin from 61.145.178.134 port 39968 Sep 7 08:40:54 ns382633 sshd\[28316\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.145.178.134 Sep 7 08:40:56 ns382633 sshd\[28316\]: Failed password for invalid user admin from 61.145.178.134 port 39968 ssh2 Sep 7 08:59:42 ns382633 sshd\[31162\]: Invalid user teamspeak from 61.145.178.134 port 57726 Sep 7 08:59:42 ns382633 sshd\[31162\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.145.178.134	2020-09-07 21:53:30
36.80.97.187	attackbots	Port probing on unauthorized port 445	2020-09-07 21:15:36
109.206.14.149	attackspambots	Unauthorised access (Sep 6) SRC=109.206.14.149 LEN=52 TTL=54 ID=22107 DF TCP DPT=445 WINDOW=8192 SYN	2020-09-07 21:49:02
14.17.114.65	attackbotsspam	TCP (SYN) 14.17.114.65:53594 -> port 20402, len 44	2020-09-07 21:19:20
117.146.37.170	attackspam	Sep 7 13:17:29 host sshd[16464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.146.37.170 user=root Sep 7 13:17:31 host sshd[16464]: Failed password for root from 117.146.37.170 port 57788 ssh2 ...	2020-09-07 21:52:36
112.85.42.74	attackbotsspam	Sep 7 06:09:20 dignus sshd[2447]: Failed password for root from 112.85.42.74 port 57156 ssh2 Sep 7 06:09:23 dignus sshd[2447]: Failed password for root from 112.85.42.74 port 57156 ssh2 Sep 7 06:09:25 dignus sshd[2447]: Failed password for root from 112.85.42.74 port 57156 ssh2 Sep 7 06:11:29 dignus sshd[2690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.74 user=root Sep 7 06:11:31 dignus sshd[2690]: Failed password for root from 112.85.42.74 port 20044 ssh2 ...	2020-09-07 21:18:26
129.226.117.160	attack	Sep 7 12:01:39 vmd17057 sshd[29811]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.226.117.160 Sep 7 12:01:42 vmd17057 sshd[29811]: Failed password for invalid user design from 129.226.117.160 port 38026 ssh2 ...	2020-09-07 21:17:40
141.98.10.214	attack	Sep 7 14:58:26 haigwepa sshd[27908]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=141.98.10.214 Sep 7 14:58:27 haigwepa sshd[27908]: Failed password for invalid user admin from 141.98.10.214 port 35971 ssh2 ...	2020-09-07 21:43:49
222.186.30.76	attackspambots	Sep 7 09:44:28 NPSTNNYC01T sshd[6886]: Failed password for root from 222.186.30.76 port 15705 ssh2 Sep 7 09:44:31 NPSTNNYC01T sshd[6886]: Failed password for root from 222.186.30.76 port 15705 ssh2 Sep 7 09:44:34 NPSTNNYC01T sshd[6886]: Failed password for root from 222.186.30.76 port 15705 ssh2 ...	2020-09-07 21:47:27
49.128.174.248	attackbots	Honeypot attack, port: 445, PTR: 49.128.174-248.static-mumbai.wnet.net.in.	2020-09-07 21:48:16
190.104.229.218	attack	20/9/6@12:54:01: FAIL: Alarm-Network address from=190.104.229.218 20/9/6@12:54:02: FAIL: Alarm-Network address from=190.104.229.218 ...	2020-09-07 21:24:54
45.129.33.6	attackbots	TCP (SYN) 45.129.33.6:58891 -> port 31052, len 44	2020-09-07 21:46:59
185.132.53.194	attackspambots	TCP (SYN) 185.132.53.194:35644 -> port 22, len 48	2020-09-07 21:20:33
218.164.111.166	attackspam	Honeypot attack, port: 445, PTR: 218-164-111-166.dynamic-ip.hinet.net.	2020-09-07 21:38:19

Recently Reported IPs

217.218.216.2	80.154.181.131	37.68.55.33	135.83.142.90
93.189.206.186	122.240.207.204	187.201.145.146	177.156.187.5
150.242.199.13	59.91.231.240	75.80.168.42	211.199.191.219
96.133.82.68	138.201.128.152	175.101.12.202	142.145.91.201
190.97.253.236	116.251.73.149	45.95.33.202	14.232.244.126