118.107.46.134 Threat Intelligence and Host Information

Share on:
Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 118.107.46.134 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 43/100

Host and Network Information

  • Mitre ATT&CK IDs: T1595 - Active Scanning

  • Tags: Bruteforce, Brute-Force, scan, scanners, sip, sipvicious, ssh, SSH, vultr

  • View other sources: Spamhaus VirusTotal

  • Country: Singapore
  • Network: AS64050 bgpnet global asn
  • Noticed: 4 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia, France
  • Passive DNS Results: kpd365.me kpd441.me sfw101.vip sfw135.vip kpd380.vip kpd316.me sfw130.me kpd560.me sdh003.me kpd4.vip kpd374.vip kkppdd27.com sfw120.me sfw81.vip kpd416.me kpd623.me sfw117.me sfw145.vip kpd346.vip vvv-kpd.com kdh308.me www-kpd.me kdh007.me sfw107.me sfw142.vip kpd545.me sfw139.me sdh73.me kpd1204.me www.wangzhuan22.me wangzhuan22.me kdhapp.me kdhapp.com caodama6.com kpdheilongjiang.com kpd2020.vip kpdanhui.com vvv-kpd.net www-kpd.pw www-kpd.net www.www-kpd.net sfw747.me kdh302.com sfw264.vip kdh406.me kpd1321.me sfw265.vip kdh395.me sfw762.me kdh295.com kdh400.me kdh280.com sfw749.me kpd432.me kpd338.vip kpd354.me kpd381.me sfw110.me sfw187.me sfw70.vip kdh300.me kdh283.me kpd667.me sfw723.me sfw710.me kpd1296.me sdh249.me sfw204.vip sfw217.vip sfw254.vip sfw678.me kpd1294.me sfw192.vip sfw242.vip sfw207.vip kdh360.me kpd1234.me kpd1230.me kpd1214.me kdh348.me kpd1254.me kpd011.vip kdh340.me kpd083.vip kdh333.me kpd008.vip kpd004.vip kdh336.me kdh340.com kdh316.com kdh339.com kdh338.com kdh314.com kdh351.com kdh322.com kdh323.com kdh334.com kdh312.com kdh348.com kdh358.com kdh336.com kdh325.com kdh327.com kdh317.com kdh356.com kdh345.com kdh353.com kdh332.com kdh335.com kdh359.com kdh331.com kdh343.com kdh344.com kdh330.com kdh337.com sfw633.me sfw179.vip kpd411.vip sfw164.vip kpd306.vip kpd483.me kpd343.vip kpd411.me kpd353.me kpd397.me sdh72.me sfw118.me kpd370.vip sfw198.me kpd631.me sdh63.me sdh66.me sdh85.me sfw130.vip kpd357.me kpd475.me kpd046.com sfw199.me kpd371.me kdh258.me kpd603.me kpd380.me kpd633.me sfw106.vip sfw104.me sfw125.vip sfw106.me kdh280.me sfw119.vip kpd484.me kpd663.me sfw149.me sfw97.vip kpd353.vip sfw109.me kpd542.me sfw124.me kpd070.com sfw65.vip sfw79.vip kpd332.me kpd620.me kpd625.me kpd448.me sfw101.me sfw114.me kpd451.me sfw115.me kpd447.me sfw118.vip sfw123.vip kpd655.me kdh326.me kpd346.me kpd347.vip kpd459.me kpd359.vip sdh006.me kpd379.vip sfw190.me sfw149.vip vvv-kpd.me kpd365.vip sdh67.me sfw189.me kpd430.me kpd341.me sfw168.me kpd541.me kpd538.me kpd388.vip sfw153.me kpd362.vip kdh319.me sfw87.vip kpd303.vip sfw143.vip sdh71.me kpd382.vip kpd394.me kpd308.vip sfw127.me sfw112.me kpd349.me kpd421.me kpd302.me kdh325.me sfw113.vip kpd322.vip kkppdd15.com kpd433.me kpd323.vip sfw63.vip sfw163.me kpd307.vip kpd019.com kpd0.vip kdh287.me sfw62.vip kpd427.me kkppdd39.com kdh261.me sfw108.vip kpd352.me hulayilalei.com kpd393.vip kpd510.me kpd331.me dapaofang6.com kdh294.com kdh275.com kdh307.com kdh292.com kdh265.com kdh276.com kdh299.com kdh283.com kdh264.com kdh293.com 3939.pw kpdchongqing.com kpdgansu.com wangzhuan999.me kdh289.com kdh308.com kdh290.com kdh270.com kdh399.me kdh403.me sfw742.me sfw768.me kpd1309.me kdh300.com kdh306.com kdh310.com kdh284.com kdh277.com kdh261.com kdh267.com sdh262.me sfw755.me sdh266.me kdh391.me sfw744.me sfw770.me sfw260.vip sfw746.me kdh393.me sfw765.me sfw753.me kdh394.me sfw769.me sdh268.me kdh392.me sdh269.me sdh265.me sfw262.vip sfw273.vip sfw764.me sfw266.vip sfw269.vip sfw267.vip sfw272.vip sfw270.vip sfw745.me sfw758.me kpd1303.me sfw752.me sfw751.me sfw757.me kdh397.me kpd1302.me kpd1314.me kpd1310.me kpd1305.me kpd1317.me kdh303.com kpd1313.me kpd1320.me kpd1308.me kpd1322.me kdh278.com kdh287.com kdh291.com kdh296.com kdh297.com kdh304.com kdh268.com kdh262.com kdh269.com kdh272.com kdh274.com sfw600.me sfw604.me kpd305.vip sdh004.me kpd368.vip kpd332.vip sfw129.me sfw179.me kpd479.me kpd372.me sfw197.me kpd460.me kpd487.me kpd384.me sdh82.me kpd3.vip wangzhuan777.me sfw714.me sfw669.me sfw686.me sfw682.me kpd1269.me sfw228.vip sfw185.vip sfw197.vip sdh201.me kpd1291.me kdh388.me kpd1237.me kpd1245.me kpd1236.me kdh387.me kpd034.vip kpd096.vip kdh334.me kdh0018.me kdh0015.me sfw175.vip sfw184.vip kpd423.vip kpd406.vip sfw177.vip kpd1203.me kdhapp.pw kpd.life kpdguangxi.com kpdguangdong.com wangzuan444.vip wangzuan222.vip tg.sfwwoainizhongguo.com tg.kpdwoainizhongguo.com kpd679.me sfw159.vip sfw158.vip sfw151.vip sfw157.vip sfw618.me sfw594.me sfw597.me kpd399.vip sfw103.me kpd309.vip kdh304.me sfw157.me kpd367.vip kpd385.vip kkppdd57.com sfw116.me sfw185.me kpd312.me kpd311.vip kdh312.me kpd351.me sfw112.vip kpd335.vip sfw141.vip kpd327.vip sfw178.me sfw93.vip sfw85.vip kpd387.me sdh84.me kpd355.me sdh70.me sdh90.me kdh284.me kdh004.me sdh008.me sfw665.me sdh252.me sdh221.me sfw687.me sfw719.me sfw721.me sfw725.me sfw683.me sdh208.me sdh205.me sdh229.me sfw661.me sdh230.me sfw253.vip sfw219.vip sfw230.vip sfw245.vip kpd1298.me sfw252.vip kpd1286.me sfw227.vip sfw223.vip sfw257.vip sfw225.vip sfw235.vip kdh374.me kpd1231.me kdh380.me kpd1212.me kdh357.me kpd1253.me kpd1244.me kdh375.me kpd1258.me kpd1256.me kpd1226.me kpd1264.me kpd1208.me kdh337.me kdh346.me kpd001.vip kdh345.me kpd089.vip kpd057.vip kpd072.vip kpd016.vip sdh146.me kdh0013.me wangzuan333.vip www.wangzuan333.vip 0011.pw sfw613.me sfw161.vip kdh260.me kdh285.me kefuxianlt.com kefuxiantv.com kpd352.vip kpd327.me sfw110.vip sdh61.me kdh328.me sfw137.me sfw100.vip sfw64.vip kdh306.me kpd485.me kpd360.me kdh318.me kpd382.me kdh252.me sdh005.me sdh009.me yindao1bet.tiaokpd7.com yindaobet.tiaokpd3.com yindaodyj.tiaokpd1.com yindaodyj.tiaokpd0.com kpd073.vip kpd039.vip kpd026.vip kpd009.vip kdh0020.me kdh0010.me kdh0012.me kdh0011.me 0044.pw 3535.pw wangzhuan88.me sfw602.me sfw616.me sfw593.me kpd397.vip sfw611.me wangzhuan555.com wangzhuan444.com kpd371.vip kpd389.vip kpd366.vip kpd452.me kpd376.vip

Open Ports Detected

22 80 8888 9002

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

  • inetnum: 118.107.40.0 - 118.107.47.255
  • netname: CTG107-40-HK
  • descr: CTG Server Ltd.
  • country: HK
  • admin-c: BCPL4-AP
  • tech-c: BCPL4-AP
  • abuse-c: AC2487-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: MAINT-RCPL-SG
  • mnt-irt: IRT-CTG-HK
  • last-modified: 2022-03-30T17:10:00Z
  • irt: IRT-CTG-HK
  • address: 202 ,2/F Kam Sang BLDG 257,Des Voeux RD Central Hong Kong
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2023-11-22T00:31:27Z
  • role: ABUSE CTGHK
  • address: 202 ,2/F Kam Sang BLDG 257,Des Voeux RD Central Hong Kong
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: AC2487-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-11-22T00:32:26Z
  • role: BGP CONSULTANCY PTE LTD administrator
  • address: 399 Chai Wan Road, Chai Wan, Hong Kong
  • country: HK
  • phone: +603-7806-1316
  • e-mail: [email protected]
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: BCPL4-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2017-03-14T09:18:17Z
  • route: 118.107.46.0/24
  • origin: AS152194
  • descr: RACKIP CONSULTANCY PTE. LTD.
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2024-03-30T16:01:37Z
  • route: 118.107.46.0/24
  • origin: AS64050
  • descr: RACKIP CONSULTANCY PTE. LTD.
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2020-05-20T04:57:36Z

Links to attack logs

digitaloceanfrankfurt-ssh-bruteforce-ip-list-2024-03-31 vultrparis-ssh-bruteforce-ip-list-2024-04-01