222.211.70.242 Threat Intelligence and Host Information

Share on:
May 16, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 222.211.70.242 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 38/100

Host and Network Information

  • Tags: Nextray, Port scan, cyber security, ioc, malicious, nmap, phishing, port-scan

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS38283 chinanet sichuan telecom internet data center
  • Noticed: 4 times
  • Protcols Attacked: mssql
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 6 86748ca8f8d7764648307f41a99a8246af9f805d956ed1907e0df749bbe1c229 a3aa732fc29d53bfa5b3057b64f0793be11b085074081c29a9e11db3fb3ec7c9 15ce6f8a5030f3cb807202ca98d268ea4a60d52f7dd76aa177f2730f59d7a688 18cbe708d78ae0b13393beed6a8d60587de9f1d6a747d05bd16f436b18521624 8fa7160ebaed68c6443c6b58027949dc40bf2222f17d0fad7d121b5c2dc8fbfe ac8e827156a2e5db0a788e1172a2f314f3a0724ed7a0835162d477e6633bb5f9

Map

Whois Information

  • inetnum: 222.208.0.0 - 222.215.255.255
  • netname: CHINANET-SC
  • descr: CHINANET Sichuan province network
  • descr: China Telecom
  • descr: A12,Xin-Jie-Kou-Wai Street
  • descr: Beijing 100088
  • country: CN
  • admin-c: CH93-AP
  • tech-c: CS408-AP
  • abuse-c: AC1573-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CHINANET-SC
  • mnt-routes: MAINT-CHINANET-SC
  • mnt-irt: IRT-CHINANET-CN
  • last-modified: 2021-06-15T08:06:39Z
  • irt: IRT-CHINANET-CN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • mnt-by: MAINT-CHINANET
  • last-modified: 2022-02-14T07:13:12Z
  • role: ABUSE CHINANETCN
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: CH93-AP
  • tech-c: CH93-AP
  • nic-hdl: AC1573-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-02-14T07:14:09Z
  • role: CHINANET SICHUAN
  • address: No.72,Wen Miao Qian Str Chengdu SiChuan PR China
  • country: CN
  • phone: +86-28-86190657
  • fax-no: +86-25-86190641
  • e-mail: [email protected]
  • admin-c: YZ43-AP
  • tech-c: RL357-AP
  • tech-c: XS16-AP
  • nic-hdl: CS408-AP
  • notify: [email protected]
  • mnt-by: MAINT-CHINANET-SC
  • last-modified: 2013-12-26T03:05:02Z
  • person: Chinanet Hostmaster
  • nic-hdl: CH93-AP
  • e-mail: [email protected]
  • address: No.31 ,jingrong street,beijing
  • address: 100032
  • phone: +86-10-58501724
  • fax-no: +86-10-58501724
  • country: CN
  • mnt-by: MAINT-CHINANET
  • last-modified: 2022-02-28T06:53:44Z

Links to attack logs

nmap-scanning-list-2022-08-10 dobengaluru-mssql-bruteforce-ip-list-2022-09-01