118.122.38.37 Threat Intelligence and Host Information

Share on:
Apr 24, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 50/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force, T1110.003 - Password Spraying
  • Tags: 465, BruteForce, Bruteforce, Exchange Online, IMAP, Nextray, Office 365, Password Spray, Port scan, SMTP, SMTP Authenticated, SSH, SigningIn Attepmts, Taxi, Telnet, attack, credential stuff, cyber security, ioc, login, malicious, password spray, phishing, scanner

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4134 chinanet
  • Noticed: 35 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Dominican Republic, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

21 22 8008 8081

CVEs Detected

CVE-2006-20001 CVE-2016-20012 CVE-2019-17567 CVE-2020-13938 CVE-2020-13950 CVE-2020-14145 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-28041 CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-36368 CVE-2021-39275 CVE-2021-40438 CVE-2021-41617 CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690 CVE-2023-27522

Map

Whois Information

  • inetnum: 118.120.0.0 - 118.123.255.255
  • netname: CHINANET-SC
  • descr: CHINANET Sichuan province network
  • descr: China Telecom
  • descr: A12,Xin-Jie-Kou-Wai Street
  • descr: Beijing 100088
  • country: CN
  • admin-c: CH93-AP
  • tech-c: CS408-AP
  • abuse-c: AC1573-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CHINANET-SC
  • mnt-routes: MAINT-CHINANET-SC
  • mnt-irt: IRT-CHINANET-CN
  • last-modified: 2021-06-15T08:05:43Z
  • irt: IRT-CHINANET-CN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • mnt-by: MAINT-CHINANET
  • last-modified: 2022-02-14T07:13:12Z
  • role: ABUSE CHINANETCN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • nic-hdl: AC1573-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-02-14T07:14:09Z
  • role: CHINANET SICHUAN
  • address: No.72,Wen Miao Qian Str Chengdu SiChuan PR China
  • country: CN
  • phone: +86-28-86190657
  • fax-no: +86-25-86190641
  • e-mail: [email protected]
  • admin-c: YZ43-AP
  • tech-c: RL357-AP
  • tech-c: XS16-AP
  • nic-hdl: CS408-AP
  • notify: [email protected]
  • mnt-by: MAINT-CHINANET-SC
  • last-modified: 2013-12-26T03:05:02Z
  • person: Chinanet Hostmaster
  • nic-hdl: CH93-AP
  • e-mail: [email protected]
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • phone: +86-10-58501724
  • fax-no: +86-10-58501724
  • country: CN
  • mnt-by: MAINT-CHINANET
  • last-modified: 2022-02-28T06:53:44Z

Links to attack logs

bruteforce-ip-list-2023-04-24