117.21.31.131 Threat Intelligence and Host Information

Feb 07, 2024 ipinfopage

General

IP Address
117.21.31.131
IPv4 Address
Location
🇨🇳 Nanchang, China
CN
Network
AS4134
Chinanet
Threat Score
55/100
High Risk
cowriecybersecurityiocmaliciousNextrayphishingssh
Attack Intelligence
MITRE ATT&CK Techniques
T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force
Geographic Location
Country
China
City
Nanchang
Region
Jiangxi
Coordinates
28.6840, 115.8531
Network Information
ASN
AS4134
Organization
Chinanet
Network
AS4134 Chinanet
WHOIS Information
inetnum
117.21.0.0 - 117.21.255.255
netname
CHINANET-JX
descr
Beijing 100032
country
CN
admin-c
XY1-AP
tech-c
WW49-AP
abuse-c
AC1573-AP
status
ALLOCATED PORTABLE
mnt-by
MAINT-CHINANET
mnt-lower
MAINT-IP-WWF
mnt-routes
MAINT-IP-WWF
mnt-irt
IRT-CHINANET-CN
last-modified
2022-02-28T06:53:44Z
irt
IRT-CHINANET-CN
address
100032
e-mail
anti-spam@chinatelecom.cn
abuse-mailbox
anti-spam@chinatelecom.cn
role
JXDCB NET
phone
+86-10-58501724
nic-hdl
CH93-AP
notify
56561125@qq.com
person
Chinanet Hostmaster
fax-no
+86-10-58501724

  • Country: China
  • Network: AS4134 chinanet
  • Noticed: 26 times
  • Protocols Attacked: telnet
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: atrust.candlelight.tech crm.candlelight.tech www.candlelight.tech atrust.sangforsangfor.top
Disclaimer
This page contains threat intelligence information for the IPv4 address 117.21.31.131 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.