202.79.174.139 Threat Intelligence and Host Information

Jun 05, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 202.79.174.139 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 37/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, msiexec, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: Singapore
  • Network:
  • Noticed: 30 times
  • Protocols Attacked: mssql
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: 23kp.live 1851kp.vip 1693kp.vip 1601kp.vip 4559kp.vip hh66mm.live hh55nn.live ii11hh.live gg44ii.live aa11xx.live ww11xx.live ww22nn.live aa77ww.live dd22vv.live dd11dd.live cc33ss.live hh55aa.live ss99hh.live xx11nn.live dd11tt.live ww11ff.live ss66hh.live mm55uu.live mm66dd.live tt33pp.live tt88zz.live vv77nn.live tt88yy.live vv11dd.live yy66mm.live pp66xx.live bb33jj.live mm22xx.live hh77mm.live ss88pp.live zz88yy.live ii77rr.live gg55hh.live pp22xx.live ii33vv.live ii33mm.live ee55ii.live ee88jj.live uu88nn.live uu99uu.live nn33uu.live ee22ww.live bb77hh.live nn33ii.live nn33mm.live kk55aa.live kk22uu.live kk66cc.live kk44vv.live rr44qq.live rr77uu.live ff44cc.live vv44uu.live dd66bb.live ee88uu.live qq33rr.live tt66xx.live rr55aa.live vv55mm.live hh88hh.live qq44mm.live hh44cc.live ii66jj.live ii66xx.live pp66ss.live vv99uu.live jj44rr.live ee11ee.live nn88xx.live hh33vv.live bb11gg.live ff66qq.live gg88zz.live qq11zz.live gg77vv.live ss77cc.live zz77vv.live kk99ww.live ii11nn.live bb99ee.live ff22ii.live cc11ss.live mm44yy.live aa77ss.live cc33ff.live cc88vv.live mm88yy.live dd77zz.live ff66mm.live pp99ww.live pp22pp.live cc55ee.live tt99ii.live mm22ff.live kk66rr.live skyued.com

Open Ports Detected

3306 33060 5357

Map

Whois Information

  • inetnum: 202.79.168.0 - 202.79.175.255
  • netname: CTG79-168-KR
  • descr: CTG Server Ltd.
  • country: KR
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • abuse-c: AC2487-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-RCPL-SG
  • mnt-irt: IRT-CTG-HK
  • last-modified: 2022-03-30T17:10:01Z
  • irt: IRT-CTG-HK
  • address: 202 ,2/F Kam Sang BLDG 257,Des Voeux RD Central Hong Kong
  • e-mail: cs.mail@ctgserver.com
  • abuse-mailbox: cs.mail@ctgserver.com
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2025-01-15T01:11:37Z
  • role: ABUSE CTGHK
  • country: ZZ
  • address: 202 ,2/F Kam Sang BLDG 257,Des Voeux RD Central Hong Kong
  • phone: +000000000
  • e-mail: cs.mail@ctgserver.com
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: AC2487-AP
  • abuse-mailbox: cs.mail@ctgserver.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-01-15T01:11:59Z
  • role: RACKIP CONSULTANCY PTE LTD administrator
  • address: 399 Chai Wan Road, Chai Wan, Hong Kong
  • country: SG
  • phone: +603-7806-1316
  • fax-no: +603-7806-1316
  • e-mail: abuse@rackip.com
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: RCPL3-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2021-08-30T06:13:42Z
  • route: 202.79.174.0/24
  • origin: AS152194
  • descr: RACKIP CONSULTANCY PTE. LTD.
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2024-03-31T12:41:32Z
  • route: 202.79.174.0/24
  • origin: AS64050
  • descr: RACKIP CONSULTANCY PTE. LTD.
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2020-05-20T05:25:53Z

Links to attack logs

mssql-bruteforce-ip-list-2020-10-04 mssql-bruteforce-ip-list-2020-11-09 ****** awsbah-mssql-bruteforce-ip-list-2020-08-28 nmap-scanning-hosts-2020-10-04 ****** aws-mssql-bruteforce-ip-list-2021-03-10 nmap-scanning-list-2020-11-09 ******

Share on: