20.239.187.13 Threat Intelligence and Host Information
Jun 19, 2024
ipinfopage
General
IP Address
20.239.187.13
Location
🇭🇰 Central, Hong Kong
Network
AS8075
Threat Score
19/100
Attack Intelligence
Open Ports Detected
22
Geographic Location
Country
Hong Kong
City
Central
Region
Central and Western District
Coordinates
22.2908, 114.1501
Network Information
ASN
AS8075
Organization
MICROSOFT-CORP-MSN-AS-BLOCK
Network
AS8075 MICROSOFT-CORP-MSN-AS-BLOCK
WHOIS Information
NetRange
20.192.0.0 - 20.255.255.255
CIDR
20.192.0.0/10
NetName
MSFT
NetHandle
NET-20-192-0-0-1
Parent
NET20 (NET-20-0-0-0-0)
NetType
Direct Allocation
OriginAS
Organization
Microsoft Corporation (MSFT)
RegDate
1998-07-10
Updated
2024-03-18
Ref
https://rdap.arin.net/registry/entity/MSFT
OrgName
Microsoft Corporation
OrgId
MSFT
Address
One Microsoft Way
City
Redmond
StateProv
WA
PostalCode
98052
Country
US
Comment
* IOC@microsoft.com
OrgAbuseHandle
MAC74-ARIN
OrgAbuseName
Microsoft Abuse Contact
OrgAbusePhone
+1-425-882-8080
OrgAbuseEmail
abuse@microsoft.com
OrgAbuseRef
https://rdap.arin.net/registry/entity/MAC74-ARIN
Attack Logs
| Date | Target Location | Protocol | Link |
|---|---|---|---|
| 2024-05-21 | Perth, Australia | MULTIPLE | View Log |
- Country: Hong Kong
- Network: AS8075 microsoft corporation
- Noticed: 2 times
- Protocols Attacked: SSH
- Passive DNS Results: gao.qinlu.gq www.x043.com x043.com www.b884.com b884.com www.b373.com b373.com v6848.com www.v6848.com www.v5790.com www.bb365s.com bb365s.com www.b844.com v5790.com b844.com v5708.com www.v5708.com www.v9801.com v9801.com www.v9803.com v9803.com www.x156.cc x156.cc x9950.com www.x9950.com www.t0266.com t0233.com t0266.com t0244.com www.t0233.com www.t0244.com t0155.com t0211.com www.t0211.com www.t0155.com dqty.com 3beaxnqk.n.funnullv27.com www.qiuvip99.com h5down.qiuvip99.com qiuvip99.com m.qiuvip99.com v48882.com www.v48882.com www.v5514.com v5514.com www.v473h.com v473h.com v473j.com www.v473j.com www.b365e.cc b365e.cc www.b365g.cc b365g.cc www.b365f.cc b365f.cc www.b365j.cc www.b365h.cc b365j.cc b365h.cc www.b365m.cc b365m.cc www.b365k.cc b365k.cc www.v473.cc v473.cc www.v473a.com v473a.com www.v473b.com v473b.com v473l.com www.v473l.com www.v473k.com v473k.com v473f.com www.v473f.com v473c.com www.v473c.com v473i.com www.v473i.com www.t0079.com t0079.com api-nntv36.com api-nntv7.com 149nnys.com 134nnys.com
CVEs Detected
CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618 CVE-2023-44487
Disclaimer
This page contains threat intelligence information for the IPv4 address 20.239.187.13 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.