202.95.1.13 Threat Intelligence and Host Information

Share on:
Jul 23, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 202.95.1.13 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: Malicious IP, NETBIOS, Nextray, RDP, Scanner, Webattack, admin, badrequest, blacklist, botnet, bruteforce, cyber security, ioc, malicious, mirai, nmap, phishing, port-scan, probing, scan, scanning, smtp, ssh, tcp, webscan, webscanner, webscanner bruteforce web app attack, win, windows, wordpress

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: ciarmy

  • Country: China
  • Network: AS64050 bgpnet global asn
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: 2300719.com 2300718.com 2300717.com 23007159.com 230714.com 23071360.com xn–xhq9mk5hq41a.cc 23071260.com 230712.com 23071160.com 2300711.com 2300710.com 23071060.com 23070960.com 2300709.com 2300708.com 23070860.com 23070761.com 23070760.com 23070660.com 200705.com 2300706.com 2300707.com 23070460.com 23070360.com 2300702.com 23070260.com 23070160.com 2300630.com 2300629.com 2300628.com 23062860.com 23062960.com 23063060.com 2300627.com 23062760.com 23062560.top 23062560.com 2300625.com 23062460.com 2300624.com 2300621.com 23061960.com 2306190.com 2300618.com 23061760.com 23061660.com 23061560.com 23061460.com 2300616.com 2300614.com 2300615.com 2300613.com 23061360.com 2300612.com 23061260.com 2300611.com 23061160.com 23061060.com 23060960.com 23061080.com 23060980.com 23060660.com 23060560.com 23060460.com 23060580.com 23053160.com 23060180.com 23060280.com dafuh.xyz yugui.iielpcs.cn 1023514.com 23053180.com 98230523.com mzf.cliclifaka.top

Open Ports Detected

2080 22 443 80 888 9090

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617

Map

Whois Information

  • inetnum: 202.95.0.0 - 202.95.31.255
  • netname: RCPL-SG
  • descr: RACKIP CONSULTANCY PTE. LTD.
  • country: SG
  • org: ORG-RCPL1-AP
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • abuse-c: AR825-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-RCPL-SG
  • mnt-routes: MAINT-RCPL-SG
  • mnt-irt: IRT-RCPL-SG
  • last-modified: 2020-06-03T13:05:29Z
  • irt: IRT-RCPL-SG
  • address: 399 Chai Wan Road, Chai Wan, Hong Kong
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2023-04-12T03:58:02Z
  • organisation: ORG-RCPL1-AP
  • org-name: RACKIP CONSULTANCY PTE. LTD.
  • country: SG
  • phone: +65 6255 8133
  • fax-no: +65 6251 6559
  • e-mail: [email protected]
  • mnt-ref: APNIC-HM
  • mnt-by: APNIC-HM
  • last-modified: 2017-10-11T01:30:06Z
  • role: ABUSE RCPLSG
  • address: 399 Chai Wan Road, Chai Wan, Hong Kong
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: AR825-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-04-12T03:58:22Z
  • role: RACKIP CONSULTANCY PTE LTD administrator
  • address: 399 Chai Wan Road, Chai Wan, Hong Kong
  • country: SG
  • phone: +603-7806-1316
  • fax-no: +603-7806-1316
  • e-mail: [email protected]
  • admin-c: RCPL3-AP
  • tech-c: RCPL3-AP
  • nic-hdl: RCPL3-AP
  • mnt-by: MAINT-RCPL-SG
  • last-modified: 2021-08-30T06:13:42Z

Links to attack logs

nmap-scanning-list-2022-09-22