49.73.84.142 Threat Intelligence and Host Information

Share on:

Jun 30, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 49.73.84.142 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

Mitre ATT&CK IDs: T1110 - Brute Force
Tags: Nextray, SSH, brazil, bruteforce, canada, china, cowrie, cyber security, fail2ban, france, germany, group, india, ioc, italy, korea, malicious, mexico, phishing, poland, singapore, spain, ssh, ssh bruteforce, taiwan, tsec
View other sources: Spamhaus VirusTotal
Country: China
Network: AS4134 chinanet
Noticed: 1 times
Protcols Attacked: SSH
Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 9 ac5a59554e033f3e513d21ab67872dbe4082eed6255d8302cb912d637751d22e 131e4b36871a55540ffd20e3be40959548cf912c29d2f1c49311fbef7678e233 4b1eb39f1c6a93808d233c6ba36670ddf94fd294de66d55b34f56bf4724ea672 2a6ec94b64af56da63c0cae9e070f7efab67b83a57df46466bd06519132a1cb0 6790d74bcb53f9ebca43b0267cf225aa84bcc8cf9f76dc34d82b5689a1c8db71 1cb66b1fd53b3f57d9ffced9c65a6b71596adea33d092171593e7fc1950cd11a dcf32ff27037424f7d92f71b7ba26910aa3c22ff9fe48938992940b72ee897d2 23577f0eeebafc15f014ddb252e5dbfd7512312dcb880e3392ef992bb92e3a50 7509ca93a3c5b6f53b410af775c5dddea03190152534f0f2cf39960c1a2ff803

Map

Whois Information

inetnum: 49.64.0.0 - 49.95.255.255
netname: CHINANET-JS
descr: CHINANET jiangsu province network
descr: China Telecom
descr: 260 Zhongyang Road,Nanjing 210037
country: CN
admin-c: CH360-AP
tech-c: CS306-AP
tech-c: CN142-AP
abuse-c: AC1573-AP
status: ALLOCATED PORTABLE
notify: [email protected]
mnt-by: APNIC-HM
mnt-lower: MAINT-CHINANET-JS
mnt-routes: MAINT-CHINANET-JS
mnt-irt: IRT-CHINANET-CN
last-modified: 2022-04-26T07:40:27Z
irt: IRT-CHINANET-CN
address: No.31 ,jingrong street,beijing
address: 100032
e-mail: [email protected]
abuse-mailbox: [email protected]
admin-c: CH93-AP
tech-c: CH93-AP
mnt-by: MAINT-CHINANET
last-modified: 2022-02-14T07:13:12Z
role: ABUSE CHINANETCN
address: No.31 ,jingrong street,beijing
address: 100032
country: ZZ
phone: +000000000
e-mail: [email protected]
admin-c: CH93-AP
tech-c: CH93-AP
nic-hdl: AC1573-AP
abuse-mailbox: [email protected]
mnt-by: APNIC-ABUSE
last-modified: 2022-02-14T07:14:09Z
person: CHINANET-JS Hostmaster
nic-hdl: CH360-AP
e-mail: [email protected]
phone: +86-25-86588231
phone: +86-25-86588745
fax-no: +86-25-86588104
country: CN
mnt-by: MAINT-CHINANET-JS
last-modified: 2022-03-15T07:08:59Z
person: CHINANET-JS Network Operations
nic-hdl: CN142-AP
e-mail: [email protected]
phone: +86-25-86588721
phone: +86-25-86788130
phone: +86-25-86788122
phone: +86-25-86588787
fax-no: +86-25-86588104
country: CN
mnt-by: MAINT-CHINANET-JS
last-modified: 2022-03-15T07:09:00Z
person: CHINANET-JS Security Administrater
nic-hdl: CS306-AP
e-mail: [email protected]
phone: +86-25-86588745
phone: +86-25-86588231
fax-no: +86-25-86588104
country: CN
mnt-by: MAINT-CHINANET-JS
last-modified: 2022-03-15T07:09:00Z

Links to attack logs

bruteforce-ip-list-2020-02-10