114.199.75.111 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 114.199.75.111 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Known Malicious Host 🔴 75/100

Host and Network Information

• Tags: port 22, scanners, ssh, tcp/22, TOR, VPN, vultr

• Known tor exit node

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: tor_exits_1d, tor_exits_30d, tor_exits_7d, tor_exits

• Known TOR node
• Country: Hong Kong
• Network: AS45250 vocom international telecommunications ap area
• Noticed: 50 times
• Protocols Attacked: ssh
• Countries Attacked: France, United States of America

Malware Detected on Host

Count: 13 7282e2fdb25b07554b082f5cf1697315ed5ce3005f985cbe96a34da965869db5 2ce399a329b20c97bec49d1ecd1315aca646c5a0dd95e4b9bbffc9b52a9a528d a896be5e1f5b7d498d6556c9d64fe6407b70360e36dd3f47ee46da9367748ff6 a4a63515b6bd2562e94430e10629c0c9e69309b2281dc857628cd537909c0352 e746ba510b706bc06b084ce84d6cd7e417137efde85bf12e421fdf21fd677943 f046b65739764aa74d38bfaf666094d45ad087b3bc6430c5a19c599b1735a54e 949c6737d24f301ca7ea79dfd0936614bb3158ca66be70a842e7e0a7510d8616 5ec5871b702ab135831503398816c6d1572c3371c48531dc3ffee82c4562dc4e 90db512a30aa82bf5a3f800bd1c5c26861b592bc7841b43f800eef31cec6a081 5dca574173ec29eab508ab797c6af88456d9960cc56f42d7b86a06eae0cee317

Open Ports Detected

22 9001 9030

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

• inetnum: 114.199.72.0 - 114.199.75.255
• netname: VITTW2-AP
• descr: Vocom
• country: TW
• admin-c: VITI1-AP
• tech-c: VITI1-AP
• abuse-c: AV303-AP
• status: ALLOCATED NON-PORTABLE
• mnt-by: MAINT-VITNET-AP
• mnt-irt: IRT-VITNET-AP
• last-modified: 2021-06-22T14:06:08Z
• irt: IRT-VITNET-AP
• address: 921 Lurline Drive
• address: Foster City
• address: CA, 94404, USA
• e-mail: network-abuse@vocom.com
• abuse-mailbox: network-abuse@vocom.com
• admin-c: VITI1-AP
• tech-c: VITI1-AP
• mnt-by: MAINT-VITNET-AP
• last-modified: 2024-03-13T01:34:20Z
• role: ABUSE VITNETAP
• address: 921 Lurline Drive
• address: Foster City
• address: CA, 94404, USA
• country: ZZ
• phone: +000000000
• e-mail: network-abuse@vocom.com
• admin-c: VITI1-AP
• tech-c: VITI1-AP
• nic-hdl: AV303-AP
• abuse-mailbox: network-abuse@vocom.com
• mnt-by: APNIC-ABUSE
• last-modified: 2024-03-13T01:34:35Z
• role: VOCOM INTERNATIONAL TELECOMMUNICATION INC - netw
• address: 709 CRANE AVENUE, FOSTER CITY, CA 94404
• country: US
• phone: +1-213-627-8999
• fax-no: +1-213-627-9919
• e-mail: bo.gao@vocom.com
• admin-c: VITI1-AP
• tech-c: VITI1-AP
• nic-hdl: VITI1-AP
• mnt-by: MAINT-VITNET-AP
• last-modified: 2008-09-04T07:54:27Z
• route: 114.199.75.0/24
• origin: AS45250
• descr: Vocom International Telecommunication Inc.
• mnt-by: MAINT-HK-BOGAO
• last-modified: 2020-11-17T05:25:33Z

Links to attack logs

vultrparis-ssh-bruteforce-ip-list-2024-03-10