103.117.137.167 Threat Intelligence and Host Information

Apr 20, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.117.137.167 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 7/100

Host and Network Information

  • Country: China
  • Network: AS136146 beijing 3389 network technology co. ltd.
  • Noticed: 1 times
  • Protocols Attacked: mssql
  • Passive DNS Results: zl.gswn.cc zl.gswb.cc gszfa.net gsxzm.cn gsxzg.cn gszgs.net gsxg.wang a.gsxzn.cn a.gsxzb.cn a.gsxzv.cn www.gsxzc.cn www.gszfp.cn www.gszfq.cn www.gszfw.cn www.gsglo.cn gov-3.icu gov-2.icu gov-4.icu gov-5.icu gov-6.icu gov-1.icu gov-19.icu gov-10.icu gov-8.icu gov-7.icu 1-3-7.icu 1-3-12.icu 1-3-9.icu 1-3-11.icu 1-3-8.icu 1-3-13.icu 1-3-5.icu 1-3-22.icu 1-3-10.icu 1-3-6.icu 1-3-15.icu 1-3-19.icu 1-3-21.icu 1-3-16.icu 1-3-17.icu 1-3-23.icu 1-3-18.icu w10s-q.icu w4s-q.icu w15s-q.icu w5s-q.icu w18s-q.icu w13s-q.icu w8s-q.icu w1s-q.icu w3s-q.icu w17s-q.icu w6s-q.icu w11s-q.icu w16s-q.icu w7s-q.icu w9s-q.icu w2s-q.icu w12s-q.icu w20s-q.icu w14s-q.icu w19s-q.icu 328110.com

Open Ports Detected

137 21 5985

Map

Whois Information

  • inetnum: 103.117.136.0 - 103.117.139.255
  • netname: NNTCL-CN
  • descr: Nahe (tianjin) Network Technology Co., Ltd.
  • country: CN
  • org: ORG-NNTC1-AP
  • admin-c: NW351-AP
  • tech-c: NW351-AP
  • abuse-c: AN838-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-NNTCL-CN
  • mnt-routes: MAINT-NNTCL-CN
  • mnt-irt: IRT-NNTCL-CN
  • last-modified: 2020-07-07T04:56:37Z
  • irt: IRT-NNTCL-CN
  • address: HONG KONG YOUMALU
  • address:
  • e-mail: naheyun@vip.qq.com
  • abuse-mailbox: naheyun@vip.qq.com
  • admin-c: NW351-AP
  • tech-c: NW351-AP
  • mnt-by: MAINT-NNTCL-CN
  • last-modified: 2024-04-12T03:57:08Z
  • organisation: ORG-NNTC1-AP
  • org-name: Nahe (tianjin) Network Technology Co., Ltd.
  • org-type: LIR
  • country: CN
  • address: HK mayoujie G5-3022
  • phone: +852.-812244555
  • fax-no: +852.-88339965
  • e-mail: naheyun@vip.qq.com
  • mnt-ref: APNIC-HM
  • mnt-by: APNIC-HM
  • last-modified: 2023-09-05T02:17:34Z
  • role: ABUSE NNTCLCN
  • address: HONG KONG YOUMALU
  • address:
  • country: ZZ
  • phone: +000000000
  • e-mail: naheyun@vip.qq.com
  • admin-c: NW351-AP
  • tech-c: NW351-AP
  • nic-hdl: AN838-AP
  • abuse-mailbox: naheyun@vip.qq.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-04-12T03:58:08Z
  • person: NAHE WANG
  • address: HONGKONG MAYOUJIE LU
  • country: HK
  • phone: +852 -23759876
  • e-mail: naheyun@vip.qq.com
  • nic-hdl: NW351-AP
  • mnt-by: MAINT-NNTCL-CN
  • last-modified: 2018-12-17T03:36:48Z

Links to attack logs

digitaloceanfrankfurt-mssql-bruteforce-ip-list-2024-04-13

Share on: