116.228.71.198 Threat Intelligence and Host Information

Share on:
Mar 04, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Host and Network Information

  • Tags: brute force, bruteforce, mssql, nmap, port-scan, ssh, vultr

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4812 china telecom (group)
  • Noticed: 23 times
  • Protcols Attacked: mssql
  • Countries Attacked: Australia, France, Spain
  • Passive DNS Results: www.gleamify.net oa.dfgroup.cn dfgroup.cn

Open Ports Detected

1723 443 5000 6001 6002 7000 80 8001 8010 8084 8085 8093 8098 8101 8105 8200 83 8881 90 9001 9002 9028 9100 9876 9998 9999

CVEs Detected

CVE-2008-1446 CVE-2009-1535 CVE-2009-2521 CVE-2009-4444 CVE-2009-4445 CVE-2010-1899 CVE-2010-2730 CVE-2010-3972 CVE-2015-1635 CVE-2017-7269

Map

Whois Information

  • inetnum: 116.224.0.0 - 116.239.255.255
  • netname: CHINANET-SH
  • descr: CHINANET Shanghai province network
  • descr: China Telecom
  • descr: No.31,jingrong street
  • descr: Beijing 100032
  • country: CN
  • admin-c: WWQ4-AP
  • tech-c: WWQ4-AP
  • abuse-c: AC1573-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CHINANET-SH
  • mnt-routes: MAINT-CHINANET-SH
  • mnt-irt: IRT-CHINANET-CN
  • last-modified: 2021-06-15T08:06:29Z
  • irt: IRT-CHINANET-CN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • mnt-by: MAINT-CHINANET
  • last-modified: 2022-02-14T07:13:12Z
  • role: ABUSE CHINANETCN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • nic-hdl: AC1573-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-02-14T07:14:09Z
  • person: Weng Wen Qian
  • address: Room 2405,357 Songlin Road,Shanghai 200122
  • country: CN
  • phone: +86-21-68405784
  • fax-no: +86-21-50623458
  • e-mail: [email protected]
  • nic-hdl: WWQ4-AP
  • mnt-by: MAINT-CHINANET-SH
  • last-modified: 2023-02-07T08:25:17Z

Links to attack logs

nmap-scanning-list-2022-09-27 nmap-scanning-list-2022-07-13 vultrparis-mssql-bruteforce-ip-list-2021-10-24 dolondon-mssql-bruteforce-ip-list-2021-11-29 vultrparis-mssql-bruteforce-ip-list-2022-01-31 nmap-scanning-list-2022-01-06 nmap-scanning-list-2022-10-02 nmap-scanning-list-2022-01-19 vultrparis-mssql-bruteforce-ip-list-2021-12-03 nmap-scanning-list-2021-12-12 vultrmadrid-mssql-bruteforce-ip-list-2022-07-20 dobengaluru-mssql-bruteforce-ip-list-2022-10-12 mssql-bruteforce-ip-list-2022-10-02