117.74.65.215 Threat Intelligence and Host Information

Share on:
May 05, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
  • Tags: DDOS, DDoS, HEAD Floods, KillNet, Killnet, T1498, T1499, cc.py

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4837 china unicom china169 backbone
  • Noticed: 21 times
  • Protcols Attacked: SSH

Open Ports Detected

10001 102 1024 10243 1029 104 1099 110 11000 111 11211 119 12000 123 13 1311 13579 1400 14147 14265 1433 1471 1521 16010 16993 17 1723 179 18081 1883 1911 1935 1962 20000 2002 2012 2021 2022 20547 2067 2079 2082 2083 2086 2087 2095 2096 21 21025 2181 22 2222 23 23023 2323 2332 2375 2443 2455 2480 25105 25565 264 28015 3000 3001 3050 3052 3080 311 3120 3121 3128 32400 3306 33060 3333 3388 3389 3400 3443 3479 3541 3542 3551 3689 37 37215 3749 37777 3790 389 4000 4063 4100 4118 4430 4433 44818 4567 4782 4786 4848 4899 4911 49152 4949 5000 50000 5001 5002 5003 5004 5005 50050 5007 50070 5009 50100 502 51 51106 51235 515 52869 5357 5431 5446 548 5500 554 55443 5555 55553 55554 5560 5601 5672 5800 5906 5909 5938 5984 5985 5986 6000 6001 6002 6005 6009 61613 631 6379 6443 6588 666 6664 6666 6789 70 7003 7004 7171 7443 7474 7547 7548 7657 771 7777 7779 7788 79 7999 80 8000 8001 8004 8006 8009 8010 8011 8013 8016 8019 8024 8025 8032 8035 8038 8041 8044 8045 8060 8064 8069 8071 8072 8082 8084 8086 8087 8089 8090 8093 8098 81 8100 8110 8123 8139 8181 8190 8200 8222 8282 83 8334 84 8444 8448 85 8545 8554 86 8649 87 8728 88 8800 8877 8880 8881 8888 8890 89 8989 9000 9002 9009 9010 9051 9089 9090 9091 9093 9094 9098 9099 9160 9191 92 9200 9201 9295 9304 9306 9530 9600 98 990 992 993 9943 995 999 9990 9993 9994 9998 9999

CVEs Detected

CVE-2004-0174 CVE-2004-0492 CVE-2004-0940 CVE-2004-0942 CVE-2004-1387 CVE-2004-2343 CVE-2005-3352 CVE-2006-20001 CVE-2006-3747 CVE-2006-3918 CVE-2006-5752 CVE-2006-7250 CVE-2007-3304 CVE-2007-5000 CVE-2007-6388 CVE-2007-6750 CVE-2008-1531 CVE-2008-2939 CVE-2008-4298 CVE-2008-4359 CVE-2008-4360 CVE-2008-7270 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1195 CVE-2009-1377 CVE-2009-1378 CVE-2009-1387 CVE-2009-2409 CVE-2009-3245 CVE-2009-3555 CVE-2009-4355 CVE-2010-0010 CVE-2010-0295 CVE-2010-0433 CVE-2010-0740 CVE-2010-0742 CVE-2010-0928 CVE-2010-1899 CVE-2010-2730 CVE-2010-3864 CVE-2010-3972 CVE-2010-4180 CVE-2010-4252 CVE-2010-5298 CVE-2011-0014 CVE-2011-1473 CVE-2011-1945 CVE-2011-3210 CVE-2011-3368 CVE-2011-4108 CVE-2011-4109 CVE-2011-4317 CVE-2011-4362 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2333 CVE-2013-0166 CVE-2013-0169 CVE-2013-1427 CVE-2013-4559 CVE-2013-4560 CVE-2013-5697 CVE-2013-6449 CVE-2014-0076 CVE-2014-0195 CVE-2014-0221 CVE-2014-0224 CVE-2014-0231 CVE-2014-2323 CVE-2014-2324 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3510 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8176 CVE-2014-8275 CVE-2015-0204 CVE-2015-0209 CVE-2015-0228 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3183 CVE-2015-3195 CVE-2015-3200 CVE-2015-4000 CVE-2016-0703 CVE-2016-0704 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176 CVE-2016-7056 CVE-2016-8612 CVE-2017-3735 CVE-2017-9788 CVE-2017-9798 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-19052 CVE-2019-11072 CVE-2021-23017 CVE-2021-34798 CVE-2021-3618 CVE-2021-39275 CVE-2021-40438 CVE-2021-4044 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-37436

Map

Whois Information

  • inetnum: 117.74.64.0 - 117.74.79.255
  • netname: baolirongtong
  • descr: Poly facility (Beijing) Technology Co., Ltd.
  • country: CN
  • admin-c: JX1666-AP
  • tech-c: JX1666-AP
  • abuse-c: AC1601-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: MAINT-CNNIC-AP
  • mnt-lower: MAINT-CNNIC-AP
  • mnt-routes: MAINT-CNNIC-AP
  • mnt-irt: IRT-CNNIC-CN
  • last-modified: 2021-06-16T01:30:52Z
  • irt: IRT-CNNIC-CN
  • address: Beijing, China
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2021-06-16T01:39:57Z
  • role: ABUSE CNNICCN
  • address: Beijing, China
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: IP50-AP
  • tech-c: IP50-AP
  • nic-hdl: AC1601-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-05-14T11:19:01Z
  • person: Jia Xiaojie
  • address: A4, 5th Floor, Tower C, Triumph Plaza, Unit A, No 143,
  • address: Xizhimengwai Street, Xicheng District, Beijing, China.
  • country: CN
  • nic-hdl: JX1666-AP
  • e-mail: [email protected]
  • phone: +86-13911055600
  • mnt-by: MAINT-CNNIC-AP
  • last-modified: 2013-04-25T07:42:02Z
  • route: 117.74.64.0/20
  • descr: CNC Group CHINA169 Hebei Province Network
  • descr: Addresses from CNNIC(YUTELNET)
  • country: CN
  • origin: AS4837
  • mnt-by: MAINT-CNCGROUP-RR
  • last-modified: 2008-09-04T07:55:02Z

Links to attack logs

roxy-ip-list-2023-05-03