116.198.217.231 Threat Intelligence and Host Information
Aug 03, 2024
ipinfopage
General
IP Address
116.198.217.231
Location
🇨🇳 China
Network
AS137699
Threat Score
61/100
Attack Intelligence
MITRE ATT&CK Techniques
T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Open Ports Detected
222
Geographic Location
Country
China
City
Unknown
Region
Unknown
Coordinates
34.7732, 113.7220
Network Information
ASN
AS137699
Organization
CHINATELECOM Jiangsu Suqian IDC network
Network
AS137699 CHINATELECOM Jiangsu Suqian IDC network
WHOIS Information
inetnum
116.198.0.0 - 116.198.255.255
netname
JDCOM
descr
Beijing Jingdong 360 Degree E-commerce Co., Ltd.
country
CN
admin-c
IP50-AP
tech-c
IP50-AP
abuse-c
AC1601-AP
status
ALLOCATED PORTABLE
mnt-by
MAINT-CNNIC-AP
mnt-irt
IRT-JDCOM-CN
mnt-lower
MAINT-CNNIC-AP
mnt-routes
MAINT-CNNIC-AP
last-modified
2017-08-25T01:22:02Z
irt
IRT-JDCOM-CN
address
B block 16 layer
e-mail
networking@jd.com
abuse-mailbox
ipas@cnnic.cn
role
ABUSE CNNICCN
phone
+86-010-56348965
nic-hdl
WD815-AP
person
Wang Dayong
Attack Logs
| Date | Target Location | Protocol | Link |
|---|---|---|---|
| 2024-07-29 | London, UK | SSH | View Log |
- Country: China
- Network: AS137699 chinatelecom jiangsu suqian idc network
- Noticed: 3 times
- Protocols Attacked: ssh
- Countries Attacked: Australia
- Passive DNS Results: dfscomputer.com
CVEs Detected
CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618 CVE-2023-44487
Disclaimer
This page contains threat intelligence information for the IPv4 address 116.198.217.231 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.