140.233.190.114 Threat Intelligence and Host Information

Mar 13, 2026 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 140.233.190.114 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

Tags: 32-bit, AgentTesla, Amadey, AmateraStealer, arm, ascii, AsyncRAT, AteraAgent, base64, botnetdomain, c, c2-monitor-auto, censys, ClearFake, ClickFix, CoinMiner, connectwise, cowrie, DarkCloud, DarkVisionRAT, DDoSAgent, digital ocean, dionaea, dropped-by-amadey, dropped-by-Phorpiex, elf, Encoded, encrypted, EpsilonStealer, EternalRocks, exe, fatt, fbf543, Fuery, gafgyt, geofenced, GoToResolve, GuLoader, honeytrap, img, Kaiji, kinsing, macOS, mailoney, Metasploit, meterpreter, mips, mirai, Mozi, msi, NirCmd, njRAT, obfuscated, opendir, p0f, payload, portscan, powershell, ps1, pw-cs2026, py, rar, rat, redtail, RemcosRAT, rev-base64-loader, rustystealer, SalatStealer, scanners, sensor-tagged, sentrypeer, sh, Simplerrm, skimmer, SmartLoader, stealer, suricata, tanner, ToxicEye, tpot, ua-wget, USA, vbs, Vidar, VIPKeylogger, vultr, x86, xml, xmrig, xworm, zip
View other sources: Spamhaus VirusTotal

Country: United States
Network:
Noticed: 6 times
Protocols Attacked: portscan

Malware Detected on Host

Count: 5 ac3808558b7dd7dd51b800d98499145e5031895e04732b487787f8fdc6d40562 cc2e73eb93ec7a76c007d078f328e0a2c817f231f9d1e35b647c9c371d3cbc98 e0f508a9feff1e80ff985b78751921c2cb1608589c4800ad7e417719622687f2 1aa2df01d4a6d619f2f42eb0adfc2b158ccb58bd4d8b96d2a629afee8ceec75e b7db4a9d8eefbc5cd91d9e3a79ece553321978cc26f3260385e513fdeda85473

Open Ports Detected

135 22 445 5985

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2020-0796 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2024-6387 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

NetRange: 140.233.128.0 - 140.233.255.255
CIDR: 140.233.128.0/17
NetName: RIPE
NetHandle: NET-140-233-128-0-1
Parent: NET140 (NET-140-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2024-02-05
Updated: 2025-02-10
Ref: https://rdap.arin.net/registry/ip/140.233.128.0
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN

Share on: