Go
120.52.120.166
is a
Hacker
100 %
China
Report Abuse
1034attacks reported
834Brute-ForceSSH
76Brute-Force
45SSH
27Port ScanBrute-ForceSSH
21HackingBrute-ForceSSH
17uncategorized
5Hacking
2Bad Web Bot
1Port Scan
1Port ScanBrute-Force
...
1abuse reported
1Email SpamPort ScanHackingBrute-ForceExploited Host
from 150 distinct reporters
and 9 distinct sources : BadIPs.com, Blocklist.de, darklist.de, FireHOL, Charles Haley, NoThink.org, NormShield.com, GreenSnow.co, AbuseIPDB
120.52.120.166 was first signaled at 2017-12-02 14:01 and last record was at 2019-07-27 21:24.
IP

120.52.120.166

Organization
China Unicom IP network
Localisation
China
Beijing, Beijing
NetRange : First & Last IP
120.52.0.0 - 120.52.255.255
Network CIDR
120.52.0.0/16

Cybercrime IP Feeds

Date UTC Category Sub Categories Source List Source Logs
2019-04-06 11:13 attacks Brute-ForceSSH AbuseIPDB Apr 6 20:13:03 MK-Soft-VM5 sshd\[9683\]: Invalid user doctor from 120.52.120.166 port 35077 Apr 6 20:13:03 MK-Soft-VM5 sshd\[9683\]: pam_unix\(sshd:au
2019-04-06 05:56 attacks Port Scan AbuseIPDB SSH/RDP/Plesk/Webmin sniffing
2019-04-06 04:00 attacks Brute-ForceSSH AbuseIPDB Apr 6 13:00:53 MK-Soft-VM3 sshd\[7176\]: Invalid user servercsgo from 120.52.120.166 port 39430 Apr 6 13:00:53 MK-Soft-VM3 sshd\[7176\]: pam_unix\(ssh
2019-04-05 20:54 attacks Brute-ForceSSH AbuseIPDB Apr 6 07:54:46 srv206 sshd[9255]: Invalid user zabix from 120.52.120.166 Apr 6 07:54:46 srv206 sshd[9255]: pam_unix(sshd:auth): authentication failure
2019-04-05 14:43 attacks HackingBrute-ForceSSH AbuseIPDB SSH authentication failure x 6 reported by Fail2Ban
2019-04-05 11:03 attacks Brute-ForceSSH AbuseIPDB Apr 5 07:35:49 *** sshd[2828]: Failed password for invalid user mysql from 120.52.120.166 port 42167 ssh2
2019-04-05 05:29 attacks Brute-ForceSSH AbuseIPDB Apr 5 15:29:00 debian sshd\[2311\]: Invalid user csgo from 120.52.120.166 port 40522 Apr 5 15:29:00 debian sshd\[2311\]: pam_unix\(sshd:auth\): authen
2019-04-05 01:05 attacks Brute-ForceSSH AbuseIPDB Apr 5 10:04:59 localhost sshd\[19348\]: Invalid user frank from 120.52.120.166 port 37494 Apr 5 10:04:59 localhost sshd\[19348\]: pam_unix\(sshd:auth\
2019-04-04 12:34 attacks Brute-ForceSSH AbuseIPDB Apr 4 21:34:40 MK-Soft-VM5 sshd\[22752\]: Invalid user dan from 120.52.120.166 port 49506 Apr 4 21:34:40 MK-Soft-VM5 sshd\[22752\]: pam_unix\(sshd:aut
2019-04-04 11:28 attacks Brute-ForceSSH AbuseIPDB Tried sshing with brute force.
2019-04-04 11:07 attacks Brute-ForceSSH AbuseIPDB Triggered by Fail2Ban
2019-04-04 11:02 attacks Brute-ForceSSH AbuseIPDB  
2019-04-04 10:30 attacks Brute-ForceSSH AbuseIPDB Apr 4 21:29:29 mail sshd[28816]: Invalid user system from 120.52.120.166
2019-04-04 08:23 attacks Brute-ForceSSH AbuseIPDB Apr 4 17:23:42 MK-Soft-VM3 sshd\[21599\]: Invalid user recruit from 120.52.120.166 port 45381 Apr 4 17:23:42 MK-Soft-VM3 sshd\[21599\]: pam_unix\(sshd
2019-04-04 02:48 attacks Brute-ForceSSH AbuseIPDB Apr 4 13:48:21 vps647732 sshd[21120]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Apr 4 13:
2019-04-03 12:47 attacks Brute-ForceSSH AbuseIPDB Triggered by Fail2Ban at Vostok web server
2019-04-03 05:25 attacks Brute-ForceSSH AbuseIPDB Apr 3 15:20:25 marquez sshd[4367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Apr 3 15:20:
2019-04-03 05:10 attacks Brute-ForceSSH AbuseIPDB Apr 3 15:02:52 marquez sshd[23903]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Apr 3 15:02
2019-04-03 05:09 attacks Brute-ForceSSH AbuseIPDB Apr 3 10:08:47 Tower sshd[21551]: Connection from 120.52.120.166 port 39338 on 192.168.10.220 port 22 Apr 3 10:08:52 Tower sshd[21551]: Invalid user g
2019-04-02 22:51 attacks Brute-ForceSSH AbuseIPDB SSH invalid-user multiple login try
2019-04-02 22:42 attacks Brute-ForceSSH AbuseIPDB Apr 3 14:42:25 itv-usvr-01 sshd[14486]: Invalid user musicbot from 120.52.120.166
2019-04-02 18:34 attacks Brute-ForceSSH AbuseIPDB Apr 3 05:27:32 lnxweb62 sshd[20464]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Apr 3 05:2
2019-04-02 13:53 attacks Brute-ForceSSH AbuseIPDB Apr 3 00:53:45 * sshd[2619]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Apr 3 00:53:47 * s
2019-04-02 12:57 attacks Brute-ForceSSH AbuseIPDB Apr 2 21:50:07 dev0-dcfr-rnet sshd\[27158\]: Invalid user va from 120.52.120.166 Apr 2 21:50:07 dev0-dcfr-rnet sshd\[27158\]: pam_unix\(sshd:auth\): a
2019-04-02 09:23 attacks Brute-ForceSSH AbuseIPDB SSH-Bruteforce
2019-04-02 09:09 attacks Brute-ForceSSH AbuseIPDB Apr 2 14:05:49 123flo sshd[43376]: Invalid user vagrant from 120.52.120.166 Apr 2 14:05:49 123flo sshd[43376]: pam_unix(sshd:auth): authentication fai
2019-04-02 07:31 attacks Brute-ForceSSH AbuseIPDB Apr 2 16:22:37 dev0-dcfr-rnet sshd\[25841\]: Invalid user q from 120.52.120.166 Apr 2 16:22:37 dev0-dcfr-rnet sshd\[25841\]: pam_unix\(sshd:auth\): au
2019-04-02 01:52 attacks Brute-ForceSSH AbuseIPDB Apr 2 12:51:39 mail sshd[10382]: Invalid user se from 120.52.120.166
2019-04-01 18:08 attacks Brute-ForceSSH AbuseIPDB Apr 2 05:07:16 host sshd\[11800\]: Invalid user fa from 120.52.120.166 port 44004 Apr 2 05:07:16 host sshd\[11800\]: pam_unix\(sshd:auth\): authentica
2019-04-01 13:34 attacks Brute-ForceSSH AbuseIPDB SSH-BruteForce
2019-04-01 10:24 attacks Brute-ForceSSH AbuseIPDB Apr 1 19:24:27 localhost sshd\[78370\]: Invalid user yo from 120.52.120.166 port 47859 Apr 1 19:24:27 localhost sshd\[78370\]: pam_unix\(sshd:auth\):
2019-04-01 10:05 attacks Brute-ForceSSH AbuseIPDB Apr 1 19:05:53 localhost sshd\[77689\]: Invalid user dn from 120.52.120.166 port 44986 Apr 1 19:05:53 localhost sshd\[77689\]: pam_unix\(sshd:auth\):
2019-04-01 04:01 attacks Brute-ForceSSH AbuseIPDB Invalid user dev from 120.52.120.166 port 38993
2019-03-31 21:25 attacks Brute-ForceSSH AbuseIPDB  
2019-03-31 16:11 attacks Brute-Force AbuseIPDB Jan 23 02:12:33 vtv3 sshd\[21411\]: Invalid user priscila from 120.52.120.166 port 48787 Jan 23 02:12:33 vtv3 sshd\[21411\]: pam_unix\(sshd:auth\): au
2019-03-31 15:57 attacks HackingBrute-ForceSSH AbuseIPDB SSH authentication failure x 7 reported by Fail2Ban
2019-03-31 12:14 attacks Brute-ForceSSH AbuseIPDB Multiple failed SSH logins
2019-03-31 11:03 attacks Brute-ForceSSH AbuseIPDB Mar 31 05:37:13 *** sshd[16084]: Failed password for invalid user avis from 120.52.120.166 port 34816 ssh2 Mar 31 05:42:02 *** sshd[16235]: Failed pas
2019-03-31 07:09 attacks Brute-ForceSSH AbuseIPDB Mar 31 18:09:17 icinga sshd[17271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Mar 31 18:0
2019-03-31 05:05 attacks Brute-ForceSSH AbuseIPDB [ssh] SSH attack
2019-03-31 00:58 attacks Brute-ForceSSH AbuseIPDB Mar 31 11:57:29 host sshd\[6035\]: Invalid user fa from 120.52.120.166 port 59392 Mar 31 11:57:29 host sshd\[6035\]: pam_unix\(sshd:auth\): authentica
2019-03-31 00:06 attacks Brute-ForceSSH AbuseIPDB Mar 31 10:56:20 ns341937 sshd[22250]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Mar 31 10
2019-03-30 19:04 attacks Brute-ForceSSH AbuseIPDB  
2019-03-30 17:28 attacks Brute-ForceSSH AbuseIPDB Mar 31 04:28:55 HiS01 sshd\[20804\]: Invalid user api from 120.52.120.166 Mar 31 04:28:55 HiS01 sshd\[20804\]: pam_unix\(sshd:auth\): authentication f
2019-03-30 15:16 attacks Brute-ForceSSH AbuseIPDB (sshd) Failed SSH login from 120.52.120.166 (-): 5 in the last 3600 secs
2019-03-30 10:19 attacks SSH AbuseIPDB $f2bV_matches
2019-03-30 09:17 attacks Brute-ForceSSH AbuseIPDB Mar 30 19:17:04 bouncer sshd\[19529\]: Invalid user student from 120.52.120.166 port 54520 Mar 30 19:17:04 bouncer sshd\[19529\]: pam_unix\(sshd:auth\
2019-03-30 04:43 attacks Brute-ForceSSH AbuseIPDB Tried sshing with brute force.
2019-03-30 04:15 attacks Brute-ForceSSH AbuseIPDB many_ssh_attempts
2019-03-30 03:42 attacks Brute-ForceSSH AbuseIPDB ssh_attempt
2017-12-02 14:01 attacks FTP Brute-ForceHacking AbuseIPDB Nov 17 11:08:04 server6 sshd[22116]: Failed password for invalid user developer from 120.52.120.166 port 7432 ssh2 Nov 17 11:08:04 server6 sshd[22114]
2018-12-04 14:51 attacks Brute-ForceSSH AbuseIPDB Dec 5 01:51:49 amit sshd\[20422\]: Invalid user marson from 120.52.120.166 Dec 5 01:51:49 amit sshd\[20422\]: pam_unix\(sshd:auth\): authentication fa
2018-12-04 15:01 attacks Brute-ForceSSH AbuseIPDB SSH Bruteforce @ SigaVPN honeypot
2018-12-04 15:19 attacks Brute-ForceSSH AbuseIPDB  
2018-12-04 15:29 attacks Brute-ForceSSH AbuseIPDB Dec 5 03:29:15 server01 sshd\[21470\]: Invalid user support from 120.52.120.166 Dec 5 03:29:15 server01 sshd\[21470\]: pam_unix\(sshd:auth\): authenti
2018-12-04 18:07 attacks Brute-ForceSSH AbuseIPDB Dec 5 04:07:15 **** sshd[11860]: Invalid user marily from 120.52.120.166 port 34710
2018-12-04 18:22 attacks Brute-ForceSSH AbuseIPDB  
2018-12-04 20:47 attacks SSH AbuseIPDB Dec 5 06:47:02 sshgateway sshd\[26428\]: Invalid user hama from 120.52.120.166 Dec 5 06:47:02 sshgateway sshd\[26428\]: pam_unix\(sshd:auth\): authent
2018-12-04 20:51 attacks Brute-ForceSSH AbuseIPDB Dec 5 07:51:35 icinga sshd[32673]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.52.120.166 Dec 5 07:51:
2018-12-04 21:37 attacks Brute-ForceSSH AbuseIPDB Dec 5 07:37:18 *** sshd[8309]: Invalid user admin from 120.52.120.166
2019-03-29 18:18 attacks bi_any_0_1d BadIPs.com  
2019-03-29 18:19 attacks bi_any_1_7d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_1d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_30d BadIPs.com  
2019-03-29 18:19 attacks bi_any_2_7d BadIPs.com  
2019-03-29 18:19 attacks Bad Web Bot bi_badbots_1_7d BadIPs.com  
2019-03-29 18:19 attacks Brute-Force bi_bruteforce_1_7d BadIPs.com  
2019-03-29 18:19 attacks bi_default_1_7d BadIPs.com  
2019-03-29 18:19 attacks bi_default_2_30d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_sshd_0_1d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_sshd_1_7d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_sshd_2_30d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_0_1d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_1_7d BadIPs.com  
2019-03-29 18:20 attacks SSH bi_ssh_2_30d BadIPs.com  
2019-03-29 18:20 attacks bi_unknown_1_7d BadIPs.com  
2019-03-29 18:20 attacks bi_unknown_2_30d BadIPs.com  
2019-03-29 18:21 attacks blocklist_de Blocklist.de  
2019-03-29 18:21 attacks SSH blocklist_de_ssh Blocklist.de  
2019-03-29 18:23 attacks darklist_de darklist.de  
2019-03-29 18:27 attacks firehol_level2 FireHOL  
2019-03-29 18:27 attacks firehol_level4 FireHOL  
2019-03-29 18:34 attacks SSH haley_ssh Charles Haley  
2019-05-30 09:29 attacks Bad Web Bot bi_badbots_0_1d BadIPs.com  
2019-05-30 09:29 attacks Brute-Force bi_bruteforce_0_1d BadIPs.com  
2019-06-03 22:59 attacks SSH nt_ssh_7d NoThink.org  
2019-06-13 13:36 attacks bi_default_0_1d BadIPs.com  
2019-06-13 13:36 attacks bi_unknown_0_1d BadIPs.com  
2019-06-27 22:19 attacks Web App AttackApache Attack blocklist_de_apache Blocklist.de  
2019-06-27 22:19 attacks Brute-Force blocklist_de_bruteforce Blocklist.de  
2019-06-30 19:29 attacks Brute-Force normshield_all_bruteforce NormShield.com  
2019-06-30 19:29 attacks Brute-Force normshield_high_bruteforce NormShield.com  
2019-07-06 13:39 attacks blocklist_de_strongips Blocklist.de  
2019-07-18 01:02 attacks Fraud VoIP blocklist_de_sip Blocklist.de  
2019-07-27 21:24 attacks greensnow GreenSnow.co  
only last 50 and first 10 AbuseIPDB logs are shown

Threats Categories :

abuse
IPs used to spam forum, boards, blogs or smtp servers, automated web scripts or scrappers (bad bots)
anonymizer
Onion Router IP addresses. TOR network IPs, TOR exit points, socks or ssl proxy.
attacks
bruteforce ssh/ftp/system account, IPs that have been detected by fail2ban, ports scan, vulnerabilities scan, DDoS.
malware
Addresses that have been identified distributing malware, form-grabber and stealer, Viruses, Worms, Trojans, Ransomware, Adware, Spyware

Whois

inetnum: 120.52.0.0 - 120.52.255.255
netname: CU-CDC
descr: CHINA UNICOM CLOUD DATA COMPANY LIMITED
descr: A133, Xidan North Avenue, Xicheng District, Beijing.
admin-c: ZM909-AP
tech-c: ZM909-AP
country: CN
mnt-by: MAINT-CNNIC-AP
mnt-lower: MAINT-CNNIC-AP
mnt-routes: MAINT-CNNIC-AP
mnt-irt: IRT-CNNIC-CN
status: ALLOCATED PORTABLE
last-modified: 2014-06-26T01:26:01Z
source: APNIC

irt: IRT-CNNIC-CN
address: Beijing, China
e-mail: ipas@cnnic.cn
abuse-mailbox: ipas@cnnic.cn
admin-c: IP50-AP
tech-c: IP50-AP
auth: # Filtered
remarks: Please note that CNNIC is not an ISP and is not
remarks: empowered to investigate complaints of network abuse.
remarks: Please contact the tech-c or admin-c of the network.
mnt-by: MAINT-CNNIC-AP
last-modified: 2017-11-01T08:57:39Z
source: APNIC

person: Xin Xing
address: A133,Xidan North Avenue, Xicheng District, Beijing
country: CN
phone: +86-18618215599
e-mail: xingxin2@chinaunicom.cn
nic-hdl: ZM909-AP
mnt-by: MAINT-CNNIC-AP
last-modified: 2013-10-12T09:06:01Z
source: APNIC
most specific ip range is highlighted
Updated : 2019-07-01