14.63.168.71 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 14.63.168.71 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• View other sources: Spamhaus VirusTotal

• Country: South Korea
• Network:
• Noticed: 30 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: relay-aazosamao.live grep01-rakkuaa.info grep01-rakkuaa.vip grep08ruakku.co wallet.auorne.life jp.mercaril.shop www.amazon-account.support amazon-account.support 9g5q6b481iftizjxmiraccin4y4y81n55zl8teofiupeakvp.xyz eu2aqjof1mtxvjcj4jqw8tai0dshrlvytvj8hddl69q5kz48.xyz sk2cxmb7q1es26635tc0imvo77nrwvmpuson20mnwiecalg9.xyz www.sk2cxmb7q1es26635tc0imvo77nrwvmpuson20mnwiecalg9.xyz www.djd8wrljhm6bc3dqs8mdcbh9hlrsv4naxdcvgjhzx43tqngi.xyz djd8wrljhm6bc3dqs8mdcbh9hlrsv4naxdcvgjhzx43tqngi.xyz www.9hvu2u18d3u9dlljsowyyr09mvn4v49efuvrx6fx6myoqhnp.xyz 9hvu2u18d3u9dlljsowyyr09mvn4v49efuvrx6fx6myoqhnp.xyz wnab8xhem30ax78z4tsdq5erqfl42nbbdnx9q1q0ih0slxb0.xyz www.wnab8xhem30ax78z4tsdq5erqfl42nbbdnx9q1q0ih0slxb0.xyz

Map

Whois Information

• inetnum: 14.32.0.0 - 14.95.255.255
• netname: KORNET
• descr: Korea Telecom
• admin-c: IM667-AP
• tech-c: IM667-AP
• country: KR
• status: ALLOCATED PORTABLE
• mnt-by: MNT-KRNIC-AP
• mnt-irt: IRT-KRNIC-KR
• last-modified: 2017-03-30T06:39:01Z
• irt: IRT-KRNIC-KR
• address: 9, Jinheung-gil, Naju-si, Jeollanam-do
• e-mail: irt@nic.or.kr
• abuse-mailbox: irt@nic.or.kr
• admin-c: IM574-AP
• tech-c: IM574-AP
• mnt-by: MNT-KRNIC-AP
• last-modified: 2025-09-04T01:00:01Z
• person: IP Manager
• address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90
• country: KR
• phone: +82-2-500-6630
• e-mail: kornet_ip@kt.com
• nic-hdl: IM667-AP
• mnt-by: MNT-KRNIC-AP
• last-modified: 2017-03-28T06:37:04Z
• inetnum: 14.32.0.0 - 14.95.255.255
• netname: KORNET-KR
• descr: Korea Telecom
• country: KR
• admin-c: IA9-KR
• tech-c: IM9-KR
• status: ALLOCATED PORTABLE
• mnt-by: MNT-KRNIC-AP
• mnt-irt: IRT-KRNIC-KR
• changed: hostmaster@nic.or.kr 20240912
• person: IP Manager
• address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90
• address: KT Head Office
• country: KR
• phone: +82-2-500-6630
• e-mail: kornet_ip@kt.com
• nic-hdl: IA9-KR
• mnt-by: MNT-KRNIC-AP
• changed: hostmaster@nic.or.kr 20240912
• person: IP Manager
• address: Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90
• address: KT Head Office
• country: KR
• phone: +82-2-500-6630
• e-mail: kornet_ip@kt.com
• nic-hdl: IM9-KR
• mnt-by: MNT-KRNIC-AP
• changed: hostmaster@nic.or.kr 20240912

Links to attack logs

****** bruteforce-ip-list-2020-04-15 ****** ******