118.193.59.97 Threat Intelligence and Host Information

Jun 02, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 118.193.59.97 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

  • Tags: 0xBFKX, brute force, bruteforce, Bruteforce, Brute-Force, cowrie, cyber security, fail2ban, ioc, malicious, Nextray, phishing, ssh, SSH

  • View other sources: Spamhaus VirusTotal

  • Country: Germany
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10001 10004 10008 10009 10014 10015 10016 10023 10024 10027 10029 10030 10032 10033 10034 10036 10041 10043 10046 10047 10048 10066 10071 10081 10083 10106 10123 10134 10205 10240 10243 10250 10255 10324 10348 10393 10443 10480 10554 10909 10911 11000 11002 11027 11110 11111 11112 11180 11210 11211 11288 11300 11371 11434 11596 11920 12000 12016 12082 12103 12107 12112 12114 12121 12125 12131 12132 12138 12140 12146 12147 12148 12149 12150 12154 12155 12157 12159 12162 12166 12171 12172 12180 12185 12187 12188 12194 12200 12202 12207 12212 12213 12216 12218 12221 12223 12224 12227 12228 12230 12234 12235 12238 12241 12242 12244 12247 12249 12250 12251 12258 12259 12262 12267 12269 12271 12278 12281 12287 12288 12289 12294 12301 12305 12310 12311 12313 12315 12324 12325 12330 12331 12333 12336 12353 12358 12364 12365 12367 12368 12370 12371 12375 12379 12381 12384 12385 12388 12391 12392 12396 12397 12400 12403 12410 12412 12415 12417 12419 12423 12425 12430 12436 12446 12449 12451 12453 12454 12460 12461 12465 12466 12468 12473 12475 12477 12483 12488 12496 12497 12498 12505 12519 12537 12539 12542 12544 12549 12555 12559 12561 12565 12567 12569 12570 12572 12576 12579 12580 12587 13001 13128 13228 13380 13579 14130 14147 14265 14344 14400 14404 14407 14443 14825 14873 14875 14897 14909 15002 15006 15038 15042 15503 15555 16001 16003 16006 16008 16009 16010 16017 16021 16022 16025 16027 16033 16036 16040 16042 16044 16045 16047 16052 16053 16060 16065 16067 16072 16073 16082 16083 16088 16089 16090 16091 16096 16100 16400 16404 16800 16992 16993 17000 17020 17082 17084 17100 17182 17773 17780 18000 18008 18009 18016 18019 18020 18025 18029 18030 18032 18040 18048 18060 18061 18064 18067 18068 18072 18080 18081 18084 18087 18089 18090 18100 18103 18106 18107 18109 18112 18239 18245 19000 19084 19200 19443 19902 20000 20001 20030 20053 20080 20084 20106 20182 20202 20256 20547 20880 20894 21025 21082 21233 21235 21237 21240 21243 21246 21247 21248 21261 21269 21271 21273 21278 21284 21291 21293 21294 21296 21297 21299 21302 21308 21313 21317 21324 21326 21327 21329 21357 21379 21500 21515 22 22000 22082 22222 22556 22705 23023 23424 24181 24510 24808 25001 25004 25005 25006 25084 25565 27015 28015 28080 29840 29842 29984 666

Map

Whois Information

  • inetnum: 118.193.58.0 - 118.193.59.255
  • netname: UCLOUD-DE
  • descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
  • country: DE
  • admin-c: UITH2-AP
  • tech-c: UITH2-AP
  • abuse-c: AU164-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-UCLOUD-HK
  • mnt-irt: IRT-UCLOUD-HK
  • last-modified: 2023-03-09T08:10:13Z
  • irt: IRT-UCLOUD-HK
  • address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
  • e-mail: pn-wan@ucloud.cn
  • abuse-mailbox: hegui@ucloud.cn
  • admin-c: UITH2-AP
  • tech-c: UITH2-AP
  • mnt-by: MAINT-UCLOUD-HK
  • last-modified: 2024-11-26T05:46:59Z
  • role: ABUSE UCLOUDHK
  • country: ZZ
  • address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
  • phone: +000000000
  • e-mail: pn-wan@ucloud.cn
  • admin-c: UITH2-AP
  • tech-c: UITH2-AP
  • nic-hdl: AU164-AP
  • abuse-mailbox: hegui@ucloud.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-11-26T05:47:25Z
  • role: UCLOUD INFORMATION TECHNOLOGY HK LIMITED
  • address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong
  • country: HK
  • phone: +000000000
  • e-mail: u-ipnic@ucloud.cn
  • admin-c: UITH2-AP
  • tech-c: UITH2-AP
  • nic-hdl: UITH2-AP
  • notify: hegui@ucloud.cn
  • mnt-by: MAINT-UCLOUD-HK
  • last-modified: 2022-05-16T03:54:14Z
  • route: 118.193.59.0/24
  • origin: AS135377
  • descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
  • mnt-by: MAINT-UCLOUD-HK
  • last-modified: 2023-03-10T09:31:30Z
  • country: DE

Links to attack logs

bruteforce-ip-list-2023-10-20 digitaloceanfrankfurt-ssh-bruteforce-ip-list-2023-08-19 digitaloceanfrankfurt-ssh-bruteforce-ip-list-2023-09-22 digitaloceansingapore-ssh-bruteforce-ip-list-2023-10-21 ****** digitaloceanlondon-ssh-bruteforce-ip-list-2023-08-26 vultrmadrid-ssh-bruteforce-ip-list-2023-07-23 ****** vultrparis-ssh-bruteforce-ip-list-2023-10-12 ******

Share on: