203.229.206.22 Threat Intelligence and Host Information

Share on:

May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 70/100

Host and Network Information

Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
Tags: Brute-Force, Bruteforce, Nextray, SSH, Telnet, attack, aws, brute-force, bruteforce, cowrie, cyber security, digital ocean, ioc, login, malicious, phishing, scanner, scanners, ssh, tcp, vultr
View other sources: Spamhaus VirusTotal
Country: Korea, Republic of
Network: AS55586 the catholic university of korea
Noticed: 50 times
Protcols Attacked: ssh
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Singapore, Spain, Turkey, Ukraine, United Kingdom, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 7 a0ee131ef784e271c8d3749de724def97bcff6ad7eca49d60601ace2db39fcdc 9300cd667b6da2c03f962b36510665e314f3c8c2c7eae0be9a22a7836c2e3134 6b7cbb2815ecf79a9cd9ab9495f502587c80c09c82acd568cb510cc7c730c155 09a8334732e99fd97805269811deadaca5d4f28ab2b9d0fcf48f26ad38c6e883 09a8334732e99fd97805269811deadaca5d4f28ab2b9d0fcf48f26ad38c6e883 f98f5ab7c62c81ccc6d53ca224624e348c0ed12dcd0b2350b3a1ff0a4a5f8e0f 25576c995ed43e08ffd44b9c0b398e355341455773abb9f6d45826b87b058871

Open Ports Detected

80 9000

CVEs Detected

CVE-2006-20001 CVE-2016-1546 CVE-2016-4975 CVE-2016-4979 CVE-2016-5387 CVE-2016-8612 CVE-2016-8740 CVE-2016-8743 CVE-2017-15710 CVE-2017-15715 CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2017-9788 CVE-2017-9798 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2019-0196 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-10082 CVE-2019-10092 CVE-2019-10098 CVE-2019-17567 CVE-2020-11985 CVE-2020-13938 CVE-2020-1927 CVE-2020-1934 CVE-2020-35452 CVE-2021-26690 CVE-2021-26691 CVE-2021-33193 CVE-2021-34798 CVE-2021-39275 CVE-2021-40438 CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690

Map

Whois Information

query : 203.229.206.22
IPv4주소 : 203.229.128.0 - 203.229.255.255 (/17)
기관명 : 주식회사 케이티
서비스명 : KORNET
주소 : 경기도 성남시 분당구 불정로 90
우편번호 : 13606
할당일자 : 19960601
이름 : IP주소 담당자
전화번호 : +82-2-500-6630
전자우편 : [email protected]
IPv4주소 : 203.229.206.0 - 203.229.206.255 (/24)
기관명 : 가톨릭대학교
네트워크 구분 : CUSTOMER
주소 : 경기도 부천시 원미구
우편번호 : 420-102
할당내역 등록일 : 20150317
이름 : IP주소 담당자
전화번호 : +82-2-500-6630
전자우편 : [email protected]
IPv4 Address : 203.229.128.0 - 203.229.255.255 (/17)
Organization Name : Korea Telecom
Service Name : KORNET
Address : Gyeonggi-do Bundang-gu, Seongnam-si Buljeong-ro 90
Zip Code : 13606
Registration Date : 19960601
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : [email protected]
IPv4 Address : 203.229.206.0 - 203.229.206.255 (/24)
Organization Name : Gatoldaehakgyo
Network Type : CUSTOMER
Address : Wonmi-Gu Bucheon-Si Gyeonggi-Do
Zip Code : 420-102
Registration Date : 20150317
Name : IP Manager
Phone : +82-2-500-6630
E-Mail : [email protected]

Links to attack logs