Mediocre security and privacy on China backbone IP...

Viruses and worms
1

Checked IP at ZhengZhou GIANT Computer Network Technology Co.
Consider vuln.: https://www.cvedetails.com/vulnerability-list/vendor_id-2889/Filezilla.html
0-day DOS vuln. exists for FileZilla Server version 0.9.41 beta; UNIX emulated by File_Zilla

See: https://www.shodan.io/host/122.114.156.212
Re: bad overall rating here: https://privacyscore.org/site/128181/
What is going on there (info credits GreyNoise Visualizer)

Name Category Intention Confidence First Seen Last Updated HTTP_ALT_SCANNER_LOW activity Null low 2019-03-05 2019-03-05 JBOSS_WORM worm malicious medium 2019-03-05 2019-03-05 PHPMYADMIN_WORM worm malicious high 2019-03-03 2019-03-05 WEB_SCANNER_LOW activity Null low 2019-03-03 2019-03-05 IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 worm malicious high 2019-03-03 2019-03-03 WEB_CRAWLER activity Null high 2019-03-03 2019-03-05

Security checks: Security Checks for http://122.114.156.212
Susceptible to man-in-the-middle attacks
Vulnerabilities can be uncovered more easily
Vulnerable to cross-site attacks
Emails can be fraudulently sent

polonus (volunteer website security analyst and website error-hunter)

2

More of this can be checked via GreyNoise Visualizer, via Shodan and also via HoneyDB.
Re: https://riskdiscovery.com/honeydb/host/222.72.137.42

Name Category Intention Confidence First Seen Last Updated IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 worm malicious high 2019-03-15 2019-03-15 HTTP_ALT_SCANNER_LOW activity Null low 2019-03-15 2019-03-15 JBOSS_WORM worm malicious medium 2019-03-15 2019-03-15 PHPMYADMIN_WORM worm malicious high 2019-03-15 2019-03-15 WEB_CRAWLER activity Null high 2019-03-15 2019-03-15 WEB_SCANNER_LOW activity Null low 2019-03-15 2019-03-15 JBOSS_WORM worm malicious medium 2019-03-09 2019-03-09 PHPMYADMIN_WORM worm malicious high 2019-03-09 2019-03-09 WEB_CRAWLER activity Null high 2019-03-09 2019-03-09 HTTP_ALT_SCANNER_LOW activity Null low 2019-03-08 2019-03-08 WEB_SCANNER_LOW activity Null low 2019-03-08 2019-03-08 JBOSS_WORM worm malicious medium 2019-02-28 2019-02-28 PHPMYADMIN_WORM worm malicious high 2019-02-28 2019-02-28 WEB_CRAWLER activity Null high 2019-02-28 2019-02-28 HTTP_ALT_SCANNER_LOW activity Null low 2019-02-28 2019-02-28 WEB_SCANNER_LOW activity Null low 2019-02-28 2019-02-28 PHP_WORM worm malicious high 2019-02-24 2019-02-28 WEB_CRAWLER activity Null high 2019-02-24 2019-02-24 WEB_SCANNER_HIGH activity Null high 2019-02-24 2019-03-15 JBOSS_WORM worm malicious medium 2019-02-08 2019-02-08
Also: https://www.shodan.io/host/47.107.149.199

The HoneyDB results are somewhat older: https://riskdiscovery.com/honeydb/host/222.72.137.42

GreyNoise

tag first seen last updated confidence
JBOSS_WORM 2019-03-08 2019-03-08 medium
PHPMYADMIN_WORM 2019-03-08 2019-03-08 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2019-03-08 2019-03-08 high
WEB_CRAWLER 2019-03-08 2019-03-08 high
HTTP_ALT_SCANNER_LOW 2019-03-07 2019-03-07 low
PHP_WORM 2019-03-07 2019-03-07 high
WEB_SCANNER_LOW 2019-03-07 2019-03-07 low
HTTP_ALT_SCANNER_HIGH 2019-02-25 2019-03-08 high
JBOSS_WORM 2019-02-25 2019-02-25 medium
PHPMYADMIN_WORM 2019-02-25 2019-02-25 high
WEB_CRAWLER 2019-02-25 2019-02-25 high
WEB_SCANNER_HIGH 2019-02-25 2019-03-08 high
PHP_WORM 2019-02-24 2019-02-26 high
WEB_SCANNER_LOW 2019-02-24 2019-02-24 low
HTTP_ALT_SCANNER_LOW 2019-02-20 2019-02-20 low
JBOSS_WORM 2019-02-20 2019-02-20 medium
PHPMYADMIN_WORM 2019-02-20 2019-02-20 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2019-02-20 2019-02-20 high
WEB_CRAWLER 2019-02-20 2019-02-20 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2019-02-20 2019-02-25 high
WEB_SCANNER_LOW 2019-02-20 2019-02-20 low
HTTP_ALT_SCANNER_LOW 2019-02-17 2019-02-17 low
JBOSS_WORM 2019-02-17 2019-02-17 medium
PHPMYADMIN_WORM 2019-02-17 2019-02-17 high
WEB_CRAWLER 2019-02-17 2019-02-17 high
WEB_SCANNER_LOW 2019-02-17 2019-02-17 low
JBOSS_WORM 2019-01-31 2019-01-31 medium
HTTP_ALT_SCANNER_LOW 2019-01-31 2019-01-31 low
PHPMYADMIN_WORM 2019-01-31 2019-01-31 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2019-01-31 2019-01-31 high
WEB_CRAWLER 2019-01-31 2019-01-31 high
WEB_SCANNER_LOW 2019-01-31 2019-01-31 low
JBOSS_WORM 2019-01-23 2019-01-23 medium
HTTP_ALT_SCANNER_LOW 2019-01-23 2019-01-23 low
PHPMYADMIN_WORM 2019-01-23 2019-01-23 high
WEB_SCANNER_LOW 2019-01-23 2019-01-23 low
WEB_CRAWLER 2019-01-23 2019-01-23 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2019-01-23 2019-01-23 high
HTTP_ALT_SCANNER_LOW 2019-01-20 2019-01-20 low
PHP_WORM 2019-01-20 2019-01-20 high
WEB_SCANNER_LOW 2019-01-19 2019-01-20 low
HTTP_ALT_SCANNER_LOW 2019-01-15 2019-01-15 low
JBOSS_WORM 2019-01-15 2019-01-15 medium
PHPMYADMIN_WORM 2019-01-15 2019-01-15 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2019-01-15 2019-01-15 high
WEB_CRAWLER 2019-01-15 2019-01-15 high
WEB_SCANNER_LOW 2019-01-15 2019-01-15 low
PHP_WORM 2019-01-11 2019-01-11 high
HTTP_ALT_SCANNER_LOW 2019-01-09 2019-01-09 low
JBOSS_WORM 2019-01-09 2019-01-09 medium
PHPMYADMIN_WORM 2019-01-09 2019-01-09 high
WEB_SCANNER_LOW 2019-01-09 2019-01-09 low
WEB_CRAWLER 2019-01-09 2019-01-09 high
HTTP_ALT_SCANNER_LOW 2019-01-01 2019-01-01 low
WEB_SCANNER_LOW 2019-01-01 2019-01-01 low
PHP_WORM 2018-12-29 2019-01-01 high
PHP_WORM 2018-12-29 2018-12-29 high
HTTP_ALT_SCANNER_LOW 2018-12-26 2018-12-26 low
JBOSS_WORM 2018-12-26 2018-12-27 medium
PHPMYADMIN_WORM 2018-12-26 2018-12-27 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2018-12-26 2018-12-27 high
WEB_CRAWLER 2018-12-26 2018-12-27 high
WEB_SCANNER_LOW 2018-12-26 2018-12-26 low
HTTP_ALT_SCANNER_LOW 2018-12-08 2018-12-08 low
JBOSS_WORM 2018-12-08 2018-12-08 medium
PHPMYADMIN_WORM 2018-12-08 2018-12-08 high
WEB_CRAWLER 2018-12-08 2018-12-08 high
IIS_WEBDAV_REMOTE_CODE_EXECUTION_CVE_2017_7269 2018-12-08 2018-12-08 high
WEB_SCANNER_LOW 2018-12-08 2018-12-08 low

polonus (volunteer 3rd party cold reconnaissance website security analyst and website error-hunter)