122.117.166.13

Basic Info

City: unknown

Region: unknown

Country: Taiwan, Province of China

Internet Service Provider: Chunghwa Telecom Co. Ltd.

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

Type	Details	Datetime
attack	Unauthorized connection attempt detected from IP address 122.117.166.13 to port 23 [J]	2020-03-02 23:00:54
attackbotsspam	Feb 26 22:50:09 debian-2gb-nbg1-2 kernel: \[5013004.367208\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=122.117.166.13 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=16332 DF PROTO=TCP SPT=11118 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0	2020-02-27 06:48:53

Type

Details

Datetime

attack

Unauthorized connection attempt detected from IP address 122.117.166.13 to port 23 [J]

2020-03-02 23:00:54

attackbotsspam

Feb 26 22:50:09 debian-2gb-nbg1-2 kernel: \[5013004.367208\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=122.117.166.13 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=16332 DF PROTO=TCP SPT=11118 DPT=81 WINDOW=14600 RES=0x00 SYN URGP=0

2020-02-27 06:48:53

Comments on same subnet:

IP	Type	Details	Datetime
122.117.166.242	attackspam	Unauthorized connection attempt detected from IP address 122.117.166.242 to port 23 [J]	2020-02-23 19:26:51

Whois info:

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 122.117.166.13
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 56242
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;122.117.166.13.			IN	A

;; AUTHORITY SECTION:
.			440	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020022602 1800 900 604800 86400

;; Query time: 72 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Feb 27 06:48:50 CST 2020
;; MSG SIZE  rcvd: 118

Host info

13.166.117.122.in-addr.arpa domain name pointer 122-117-166-13.HINET-IP.hinet.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
13.166.117.122.in-addr.arpa	name = 122-117-166-13.HINET-IP.hinet.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
52.138.12.225	attackbots	Apr 8 12:24:21 ourumov-web sshd\[18976\]: Invalid user fms from 52.138.12.225 port 36416 Apr 8 12:24:21 ourumov-web sshd\[18976\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.138.12.225 Apr 8 12:24:24 ourumov-web sshd\[18976\]: Failed password for invalid user fms from 52.138.12.225 port 36416 ssh2 ...	2020-04-08 19:17:18
202.79.168.240	attack	Apr 8 12:12:31 MainVPS sshd[17842]: Invalid user admin from 202.79.168.240 port 53758 Apr 8 12:12:31 MainVPS sshd[17842]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.79.168.240 Apr 8 12:12:31 MainVPS sshd[17842]: Invalid user admin from 202.79.168.240 port 53758 Apr 8 12:12:33 MainVPS sshd[17842]: Failed password for invalid user admin from 202.79.168.240 port 53758 ssh2 Apr 8 12:19:27 MainVPS sshd[31520]: Invalid user ubuntu from 202.79.168.240 port 36886 ...	2020-04-08 19:36:57
80.82.70.239	attack	scans 7 times in preceeding hours on the ports (in chronological order) 9427 9417 9418 9423 9411 9421 9406 resulting in total of 70 scans from 80.82.64.0/20 block.	2020-04-08 20:04:03
115.148.235.31	attackbotsspam	2020-04-07 UTC: (2x) - bot,ts3	2020-04-08 19:22:21
51.159.35.138	attackspambots	" "	2020-04-08 19:18:42
183.88.243.230	attack	failed_logins	2020-04-08 19:47:58
180.76.110.70	attack	2020-04-07 UTC: (34x) - admin,client,damian,demo,deploy(2x),ftp_user,git,guest,leon,mc,nproc(4x),ocadmin,oracle,postgres,public,q2server,root(4x),sign,support,test(2x),teste,ubuntu(2x),user(2x),wow	2020-04-08 19:19:50
180.168.141.246	attackspambots	k+ssh-bruteforce	2020-04-08 19:56:37
222.186.175.169	attackspam	[MK-VM3] SSH login failed	2020-04-08 19:45:09
183.250.216.67	attackspam	Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF)	2020-04-08 19:18:23
92.63.194.93	attackspambots	Apr 8 13:43:19 srv206 sshd[13525]: Invalid user user from 92.63.194.93 ...	2020-04-08 19:46:35
121.183.28.207	attack	Automatic report - Port Scan Attack	2020-04-08 19:49:05
159.89.10.77	attack	Apr 7 23:51:13 lanister sshd[1865]: Failed password for invalid user sam from 159.89.10.77 port 59826 ssh2 Apr 7 23:51:12 lanister sshd[1865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.89.10.77 Apr 7 23:51:12 lanister sshd[1865]: Invalid user sam from 159.89.10.77 Apr 7 23:51:13 lanister sshd[1865]: Failed password for invalid user sam from 159.89.10.77 port 59826 ssh2	2020-04-08 19:51:47
191.255.232.53	attackbotsspam	Fail2Ban Ban Triggered (2)	2020-04-08 19:39:21
49.235.88.96	attack	$f2bV_matches	2020-04-08 19:19:16

Recently Reported IPs

35.230.40.152	79.36.220.244	29.172.42.172	153.126.141.19
74.220.219.139	14.173.201.180	167.172.175.9	112.3.30.97
162.243.132.165	134.244.43.64	176.209.242.247	221.229.197.200
94.29.77.250	252.20.83.153	200.224.36.213	119.118.252.175
95.128.37.241	36.126.39.172	9.77.9.244	204.35.194.3