117.159.163.130

Basic Info

City: unknown

Region: unknown

Country: China

Internet Service Provider: China Mobile Communications Corporation

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attackbotsspam	ET SCAN Suspicious inbound to MSSQL port 1433 - port: 1433 proto: TCP cat: Potentially Bad Traffic	2020-06-06 08:27:54
attack	Unauthorized connection attempt detected from IP address 117.159.163.130 to port 1433 [T]	2020-01-09 01:34:33

Comments on same subnet:

No discussion about this subnet yet..

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 117.159.163.130
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55032
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;117.159.163.130.		IN	A

;; AUTHORITY SECTION:
.			521	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020010801 1800 900 604800 86400

;; Query time: 121 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jan 09 01:34:22 CST 2020
;; MSG SIZE  rcvd: 119

Host info

Host 130.163.159.117.in-addr.arpa not found: 2(SERVFAIL)

Nslookup info:

;; Got SERVFAIL reply from 100.100.2.136, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.138
Address:	100.100.2.138#53

** server can't find 130.163.159.117.in-addr.arpa: SERVFAIL

Related IP info:

Related comments:

IP	Type	Details	Datetime
218.5.112.41	attack	RDP Scan	2019-12-10 06:19:45
149.56.129.112	attack	Dec 9 23:30:44 * sshd[5102]: Failed password for invalid user manage from 149.56.129.112 port 49094 ssh2 Dec 9 23:40:46 * sshd[5311]: Failed password for invalid user operator from 149.56.129.112 port 40656 ssh2 Dec 9 23:45:52 * sshd[5455]: Failed password for invalid user masa_kwok from 149.56.129.112 port 50472 ssh2 Dec 9 23:50:50 * sshd[5517]: Failed password for invalid user cib from 149.56.129.112 port 60286 ssh2 Dec 10 00:11:57 *** sshd[5966]: Failed password for invalid user ketcham from 149.56.129.112 port 43110 ssh2	2019-12-10 06:23:51
203.234.19.83	attackspam	2019-12-09T22:16:47.903081abusebot.cloudsearch.cf sshd\[31274\]: Invalid user admin from 203.234.19.83 port 44656 2019-12-09T22:16:47.910293abusebot.cloudsearch.cf sshd\[31274\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.234.19.83	2019-12-10 06:35:36
61.218.4.130	attackbots	Dec 9 21:11:07 lnxweb61 sshd[22872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.218.4.130	2019-12-10 06:39:06
202.83.172.43	attack	port scan and connect, tcp 1433 (ms-sql-s)	2019-12-10 06:34:51
54.39.138.251	attackspam	Dec 9 12:10:59 home sshd[1530]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 user=root Dec 9 12:11:01 home sshd[1530]: Failed password for root from 54.39.138.251 port 45856 ssh2 Dec 9 12:18:00 home sshd[1620]: Invalid user pcap from 54.39.138.251 port 53194 Dec 9 12:18:00 home sshd[1620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 Dec 9 12:18:00 home sshd[1620]: Invalid user pcap from 54.39.138.251 port 53194 Dec 9 12:18:02 home sshd[1620]: Failed password for invalid user pcap from 54.39.138.251 port 53194 ssh2 Dec 9 12:24:47 home sshd[1704]: Invalid user gaowen from 54.39.138.251 port 33670 Dec 9 12:24:47 home sshd[1704]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=54.39.138.251 Dec 9 12:24:47 home sshd[1704]: Invalid user gaowen from 54.39.138.251 port 33670 Dec 9 12:24:49 home sshd[1704]: Failed password for invalid user gaowen from 54.	2019-12-10 06:31:19
84.213.176.207	attack	12/09/2019-23:14:04.637979 84.213.176.207 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 89	2019-12-10 06:28:28
106.13.125.84	attack	2019-12-09T17:16:15.198289abusebot-3.cloudsearch.cf sshd\[30926\]: Invalid user drago from 106.13.125.84 port 41446	2019-12-10 06:17:55
159.89.169.137	attackspam	Dec 9 08:17:04 wbs sshd\[8354\]: Invalid user Reijo from 159.89.169.137 Dec 9 08:17:04 wbs sshd\[8354\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.169.137 Dec 9 08:17:06 wbs sshd\[8354\]: Failed password for invalid user Reijo from 159.89.169.137 port 36166 ssh2 Dec 9 08:23:25 wbs sshd\[9042\]: Invalid user agogino from 159.89.169.137 Dec 9 08:23:25 wbs sshd\[9042\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.169.137	2019-12-10 06:09:08
83.97.20.46	attackspambots	Dec 10 01:17:36 debian-2gb-vpn-nbg1-1 kernel: [308242.610043] [UFW BLOCK] IN=eth0 OUT= MAC=96:00:00:38:96:44:d2:74:7f:6e:37:e3:08:00 SRC=83.97.20.46 DST=78.46.192.101 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=37336 DPT=1521 WINDOW=65535 RES=0x00 SYN URGP=0	2019-12-10 06:34:04
80.211.158.23	attack	Dec 9 23:31:45 MK-Soft-Root1 sshd[28599]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.211.158.23 Dec 9 23:31:47 MK-Soft-Root1 sshd[28599]: Failed password for invalid user admin from 80.211.158.23 port 47258 ssh2 ...	2019-12-10 06:38:47
104.161.34.97	attackspam	MultiHost/MultiPort Probe, Scan, Hack -	2019-12-10 06:12:47
104.140.188.46	attackbotsspam	52311/tcp 9595/tcp 10443/tcp... [2019-10-09/12-09]54pkt,12pt.(tcp),1pt.(udp)	2019-12-10 06:40:40
58.218.67.150	attack	REQUESTED PAGE: /phpmyadmin	2019-12-10 06:05:06
104.140.188.6	attackspam	firewall-block, port(s): 161/udp	2019-12-10 06:23:24

Recently Reported IPs

1.53.194.181	222.249.224.40	109.208.101.225	116.115.210.249
81.144.99.255	12.121.90.32	220.171.67.14	99.14.2.149
218.108.218.12	24.148.162.110	222.51.249.183	218.103.129.172
201.187.109.106	183.91.195.200	182.122.119.132	175.155.235.13
175.4.222.69	7.190.242.127	171.4.178.121	180.222.125.242