117.74.65.207 Threat Intelligence and Host Information

Share on:
May 05, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
  • Tags: DDOS, DDoS, HEAD Floods, KillNet, Killnet, T1498, T1499, cc.py

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4837 china unicom china169 backbone
  • Noticed: 21 times
  • Protcols Attacked: SSH

Open Ports Detected

100 1000 10000 10001 102 1023 1024 104 1099 11 110 11000 111 1111 113 119 12000 1234 1337 14147 14265 1433 1471 15 1521 16010 1604 16992 16993 17000 1723 179 18081 18245 1911 1935 1962 2000 20000 2020 2022 2048 2052 2053 20547 2067 2082 2083 2086 2087 2095 21025 2121 2181 22 222 2222 22222 23 2323 2332 23424 2404 2455 2480 25565 2601 264 27017 28015 3000 3001 3002 3050 3080 3128 3129 32400 32764 3306 33060 3307 3333 3400 3541 3551 37215 37777 3780 3790 389 4000 4022 4040 4063 4117 4118 4321 4369 443 4433 444 4445 448 44818 4567 465 4782 4786 4840 4848 4899 4911 49153 4949 5000 5001 5003 5004 5005 5006 50070 5009 5010 51106 51235 515 5190 5222 52869 5357 541 5431 5432 548 554 55443 5555 55553 55554 5560 5601 5672 5900 5901 5984 5985 5986 6000 60001 6001 6002 6003 6005 6008 6009 6010 61613 636 6379 646 6666 6667 6789 70 7000 7003 7070 7080 7170 7474 7548 7657 771 7777 7778 7779 7788 789 7999 8000 8001 8002 8003 8004 8008 8009 801 8010 8013 8018 8020 8021 8022 8023 8025 8030 8033 8037 8040 8044 8046 805 8050 8053 8054 8060 8066 8069 8080 8085 8086 8087 8089 8093 8095 8097 8098 81 8100 8104 8110 8112 8123 8139 8140 8200 8291 83 8333 8334 84 8443 8444 8448 8500 8554 8649 8728 873 88 8808 8834 8877 8880 8881 8889 8890 90 9000 9002 9003 9010 902 9020 9042 9051 9090 9093 9094 9096 9098 91 9100 9160 9191 9199 92 9200 9300 9305 9306 943 9527 9595 9600 98 990 9943 995 9990 9993 9997 9999

CVEs Detected

CVE-2010-5298 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-8176 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2015-4000 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799 CVE-2016-0800 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-2842 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7056 CVE-2017-3735 CVE-2020-1938 CVE-2021-4044

Map

Whois Information

  • inetnum: 117.74.64.0 - 117.74.79.255
  • netname: baolirongtong
  • descr: Poly facility (Beijing) Technology Co., Ltd.
  • country: CN
  • admin-c: JX1666-AP
  • tech-c: JX1666-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-CNNIC-CN
  • last-modified: 2021-06-16T01:30:52Z
  • irt: IRT-CNNIC-CN
  • address: Beijing, China
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-06-16T01:39:57Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Jia Xiaojie
  • address: A4, 5th Floor, Tower C, Triumph Plaza, Unit A, No 143,
  • address: Xizhimengwai Street, Xicheng District, Beijing, China.
  • country: CN
  • nic-hdl: JX1666-AP
  • e-mail: [email protected]
  • phone: +86-13911055600
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-04-25T07:42:02Z
  • route: 117.74.64.0/20
  • descr: CNC Group CHINA169 Hebei Province Network
  • descr: Addresses from CNNIC(YUTELNET)
  • country: CN
  • origin: AS4837
  • mnt-by: MAINT-CNCGROUP-RR
  • last-modified: 2008-09-04T07:55:02Z

Links to attack logs

roxy-ip-list-2023-05-03