118.180.177.103 Threat Intelligence and Host Information

Share on:
Feb 19, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 118.180.177.103 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: attack, blacklist, botnet, bruteforce, cowrie, cyber security, digital ocean, initiator ip, ioc, login, malicious, Malicious IP, mirai, Nextray, phishing, scan, scanner, SSH, tcp, telnet, Telnet, vultr

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4134 chinanet
  • Noticed: 45 times
  • Protocols Attacked: telnet
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Singapore, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

102 1023 1024 1025 104 110 113 1177 119 1200 122 1234 131 1400 143 1471 1494 1515 1521 1599 179 1801 1883 1911 1926 195 1981 2000 2002 2008 2049 2081 2082 2086 2087 2154 2181 2222 2250 23 2323 2345 2379 2404 2455 2480 2628 264 3000 3001 3050 3053 3056 3071 3091 3094 3128 3260 3268 3269 3299 3301 3306 3310 3333 3388 3389 3409 3443 3460 3522 3541 3542 3551 3555 3689 3780 3790 389 4000 4063 4064 4157 4242 427 4282 4321 4369 4433 444 4443 447 4500 4506 4567 4747 4786 4848 4899 4911 5000 5001 5005 5007 502 5025 503 515 5172 5201 522 5432 548 5555 5560 5591 5601 5858 587 5900 5901 5907 5984 6000 6001 6002 6080 6262 631 636 6379 6443 6543 6633 6653 666 6666 6667 6668 6697 675 6887 6955 6998 7001 7071 7171 7415 7510 7548 7657 771 772 7777 789 7989 7999 8000 8008 8009 8010 8032 8040 8064 8085 8086 8087 81 82 83 843 873 88 97 98 992 993 995

CVEs Detected

CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2016-1247 CVE-2016-4450 CVE-2017-20005 CVE-2017-7529 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

Map

Whois Information

  • inetnum: 118.180.0.0 - 118.183.255.255
  • netname: CHINANET-GS
  • descr: CHINANET Gansu province network
  • descr: China Telecom
  • descr: No.31,jingrong street
  • descr: Beijing 100032
  • country: CN
  • admin-c: YZ37-AP
  • tech-c: YZ37-AP
  • abuse-c: AC1573-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CHINANET-GS
  • mnt-routes: MAINT-CHINANET-GS
  • mnt-irt: IRT-CHINANET-CN
  • last-modified: 2021-06-15T08:06:37Z
  • irt: IRT-CHINANET-CN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • mnt-by: MAINT-CHINANET
  • last-modified: 2023-10-08T08:55:58Z
  • role: ABUSE CHINANETCN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • nic-hdl: AC1573-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-10-08T08:56:49Z
  • person: Yang Zhanrong
  • address: CHINA,LANZHOU,No.405 Pingliang Road
  • country: CN
  • phone: +86-931-8395823
  • e-mail: [email protected]
  • nic-hdl: YZ37-AP
  • mnt-by: MAINT-CHINANET-GS
  • last-modified: 2020-03-12T07:56:08Z

Links to attack logs

dofrank-telnet-bruteforce-ip-list-2022-10-09 dotoronto-telnet-bruteforce-ip-list-2022-10-23 ** dotoronto-telnet-bruteforce-ip-list-2023-02-07 vultrwarsaw-telnet-bruteforce-ip-list-2022-10-07 dosing-telnet-bruteforce-ip-list-2022-10-15 dosing-telnet-bruteforce-ip-list-2023-02-06 ** **