103.117.137.126 Threat Intelligence and Host Information

May 03, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.117.137.126 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 21/100

Host and Network Information

  • Country: China
  • Network: AS136146 beijing 3389 network technology co. ltd.
  • Noticed: 3 times
  • Protocols Attacked: mssql
  • Countries Attacked: Poland
  • Passive DNS Results: 1955t.com 308av.com 1977k.com 1877y.com 1889q.com 118ek.com 833sq.com 962xx.com 819xx.com 719xx.com 203xx.com 164wan.com 1238v.com 807xx.com 1966v.com 634wan.com 472wan.com 605xx.com 34jy.com 1955h.com 1866v.com 1988q.com stockchina.com.cn 1899p.com 1877h.com 11j2.com 08yv.com 60of.com 96iv.com 59eg.com 41lo.com 08oj.com 89rv.com 89xv.com 69oy.com 87ro.com 53kv.com 53as.com 04ou.com 42xi.com 09lo.com 02he.com 05li.com 11r7.com 06ti.com 753xx.com 1866k.com 038wan.com yx708.com av309.com 11r6.com 11h9.com yx038.com yx729.com 40wo.com 1889d.com 1889o.com 1955m.com 1899r.com 42ei.com 281av.com 1955i.com 1977b.com 1998z.com 1866m.com 1899b.com 1866z.com 06fo.com 04zu.com 03ce.com 062m.com 08fo.com 1877j.com 118fd.com 53ei.com 08oi.com 53ua.com 96oj.com 87qv.com 50uz.com 89vm.com 89oq.com 60bw.com 69ao.com 53jq.com 979sq.com 051xx.com 810xx.com 607xx.com 854wan.com 866sq.com 739xx.com 504wan.com 047wan.com 429wan.com 209xx.com

Open Ports Detected

3389 5985

Map

Whois Information

  • inetnum: 103.117.136.0 - 103.117.139.255
  • netname: NNTCL-CN
  • descr: Nahe (tianjin) Network Technology Co., Ltd.
  • country: CN
  • org: ORG-NNTC1-AP
  • admin-c: NW351-AP
  • tech-c: NW351-AP
  • abuse-c: AN838-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-NNTCL-CN
  • mnt-routes: MAINT-NNTCL-CN
  • mnt-irt: IRT-NNTCL-CN
  • last-modified: 2020-07-07T04:56:37Z
  • irt: IRT-NNTCL-CN
  • address: HONG KONG YOUMALU
  • address:
  • e-mail: naheyun@vip.qq.com
  • abuse-mailbox: naheyun@vip.qq.com
  • admin-c: NW351-AP
  • tech-c: NW351-AP
  • mnt-by: MAINT-NNTCL-CN
  • last-modified: 2024-04-12T03:57:08Z
  • organisation: ORG-NNTC1-AP
  • org-name: Nahe (tianjin) Network Technology Co., Ltd.
  • org-type: LIR
  • country: CN
  • address: HK mayoujie G5-3022
  • phone: +852.-812244555
  • fax-no: +852.-88339965
  • e-mail: naheyun@vip.qq.com
  • mnt-ref: APNIC-HM
  • mnt-by: APNIC-HM
  • last-modified: 2023-09-05T02:17:34Z
  • role: ABUSE NNTCLCN
  • address: HONG KONG YOUMALU
  • address:
  • country: ZZ
  • phone: +000000000
  • e-mail: naheyun@vip.qq.com
  • admin-c: NW351-AP
  • tech-c: NW351-AP
  • nic-hdl: AN838-AP
  • abuse-mailbox: naheyun@vip.qq.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-04-12T03:58:08Z
  • person: NAHE WANG
  • address: HONGKONG MAYOUJIE LU
  • country: HK
  • phone: +852 -23759876
  • e-mail: naheyun@vip.qq.com
  • nic-hdl: NW351-AP
  • mnt-by: MAINT-NNTCL-CN
  • last-modified: 2018-12-17T03:36:48Z

Links to attack logs

vultrwarsaw-mssql-bruteforce-ip-list-2024-04-29

Share on: