180.168.55.66 Threat Intelligence and Host Information

Sep 18, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 180.168.55.66 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 19/100

Host and Network Information

  • Country: China
  • Network: AS4812 china telecom (group)
  • Noticed: 2 times
  • Protocols Attacked: telnet
  • Countries Attacked: Poland
  • Passive DNS Results: www.shkingtree.com kingtree.baowuhk.com.cn

Malware Detected on Host

Count: 1 e907b3d6554cb716b60bf6cb6c7ede21dbaddeba5dd56eb898275d99bfe7236b

Open Ports Detected

2002 221 3000 3002 3102 3211 3478 39090 5000 554 6443 7080 7443 8082 83 8443 9000 9090 9189 9999

CVEs Detected

CVE-2019-10383 CVE-2019-10384 CVE-2019-10401 CVE-2019-10402 CVE-2019-10403 CVE-2019-10404 CVE-2019-10405 CVE-2019-10406 CVE-2020-2099 CVE-2020-2100 CVE-2020-2101 CVE-2020-2102 CVE-2020-2103 CVE-2020-2104 CVE-2020-2105 CVE-2020-2160 CVE-2020-2161 CVE-2020-2162 CVE-2020-2163 CVE-2020-2220 CVE-2020-2221 CVE-2020-2222 CVE-2020-2223 CVE-2020-2229 CVE-2020-2230 CVE-2020-2231 CVE-2021-21602 CVE-2021-21603 CVE-2021-21604 CVE-2021-21605 CVE-2021-21606 CVE-2021-21607 CVE-2021-21608 CVE-2021-21609 CVE-2021-21610 CVE-2021-21611 CVE-2021-21615 CVE-2021-21639 CVE-2021-21640 CVE-2021-21670 CVE-2021-21682 CVE-2021-21683 CVE-2021-21685 CVE-2021-21686 CVE-2021-21687 CVE-2021-21688 CVE-2021-21689 CVE-2021-21690 CVE-2021-21691 CVE-2021-21692 CVE-2021-21693 CVE-2021-21694 CVE-2021-21695 CVE-2021-21696 CVE-2021-21697 CVE-2021-23017 CVE-2021-28165 CVE-2021-3618 CVE-2022-0538 CVE-2022-2048 CVE-2022-20612 CVE-2022-27201 CVE-2022-34174 CVE-2022-36899 CVE-2022-36900 CVE-2022-43416 CVE-2022-43422 CVE-2022-43423 CVE-2022-43424 CVE-2022-43428 CVE-2022-43429 CVE-2023-27899 CVE-2023-27900 CVE-2023-27901 CVE-2023-27902 CVE-2023-27903 CVE-2023-27904 CVE-2023-35141 CVE-2023-36478 CVE-2023-39151 CVE-2023-43494 CVE-2023-43495 CVE-2023-43496 CVE-2023-43497 CVE-2023-43498 CVE-2023-44487 CVE-2024-23897 CVE-2024-43044 CVE-2024-43045

Map

Whois Information

  • inetnum: 180.168.55.64 - 180.168.55.67
  • netname: BISHOU
  • descr: Shanghai Bishouzhan Enterprise Management Consulting Co., Ltd.
  • country: CN
  • admin-c: LM1924-AP
  • tech-c: LM1924-AP
  • abuse-c: AC1591-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: MAINT-CHINANET-SH
  • mnt-irt: IRT-CHINANET-SH
  • last-modified: 2022-01-12T13:19:24Z
  • irt: IRT-CHINANET-SH
  • address: 14F NO.211,Information Building Century Avenue Shanghai, China
  • e-mail: shizhiming.sh@chinatelecom.cn
  • abuse-mailbox: shizhiming.sh@chinatelecom.cn
  • admin-c: WWQ4-AP
  • tech-c: WWQ4-AP
  • mnt-by: MAINT-CHINANET-SH
  • last-modified: 2024-09-05T00:37:23Z
  • role: ABUSE CHINANETSH
  • country: ZZ
  • address: 14F NO.211,Information Building Century Avenue Shanghai, China
  • phone: +000000000
  • e-mail: shizhiming.sh@chinatelecom.cn
  • admin-c: WWQ4-AP
  • tech-c: WWQ4-AP
  • nic-hdl: AC1591-AP
  • abuse-mailbox: shizhiming.sh@chinatelecom.cn
  • mnt-by: APNIC-ABUSE
  • last-modified: 2024-09-05T00:38:43Z
  • person: Liu Min
  • address: Room NBL-03, No.282, Huaihai RD.(M), Shanghai,200021
  • country: CN
  • phone: +86-21-13918201565
  • fax-no: +86-21-12345678
  • e-mail: liumin@126.com
  • nic-hdl: LM1924-AP
  • mnt-by: MAINT-CHINANET-SH
  • last-modified: 2011-04-29T08:42:01Z

Links to attack logs

vultrwarsaw-telnet-bruteforce-ip-list-2024-09-17

Share on: