119.235.50.5 Threat Intelligence and Host Information

Share on:
May 05, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 70/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
  • Tags: Cyclops, DDOS, DDoS, Gamardeon, HEAD Floods, HermeticWiper, IsaacWiper, KillNet, Killnet, PartyTicket, T1498, T1499, WhisperGate, attack ddos, botnet, cc.py, ddos, list ips, russia, russian, ukraine
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: cleantalk_30d, cleantalk_updated_30d, socks_proxy_1d, socks_proxy_30d, socks_proxy_7d, stopforumspam, stopforumspam_180d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d

  • Country: India
  • Network: AS45582 vainavi industies
  • Noticed: 28 times
  • Protcols Attacked: SSH
  • Countries Attacked: Russian Federation

Malware Detected on Host

Count: 7 aa1d58bb45d3e83521c6327ea97bbd9cfeb939a12fa67809409c553ee777ce2e 2f7975daf7b15cccd5faf01656fea50a2d55fceb7b4ccc32723449354fe94c6c d906d2235c89f77da91e21f4f91f5ead55dd36b3dcf3089acdd64a356ea88754 877795d0da4add9c7c3f639542158dcd5657b0868840f85da56ab0d719d2ed1c 3aa2e62de66797e9b6f7e026b2a217d4c6d71c936c7fc4e36699118274cd47ef 3aa2e62de66797e9b6f7e026b2a217d4c6d71c936c7fc4e36699118274cd47ef 6d5036a062abb0a1dcf498c145809a067ff893ca1a14f1b5430a49e7c42a0fe8

Open Ports Detected

161 2000 2080 8291 8728

Map

Whois Information

  • inetnum: 119.235.50.0 - 119.235.50.255
  • netname: VAINAVIINDUSTRIESLTD
  • descr: Vainavi Industries Ltd
  • country: IN
  • admin-c: GP370-AP
  • tech-c: PS638-AP
  • status: ASSIGNED NON-PORTABLE
  • notify: [email protected]
  • mnt-by: MAINT-VAINAVIINDUSTRIESLTD-IN
  • mnt-lower: MAINT-VAINAVIINDUSTRIESLTD-IN
  • mnt-routes: MAINT-VAINAVIINDUSTRIESLTD-IN
  • mnt-irt: IRT-VAINAVIINDUSTRIESLTD-IN
  • last-modified: 2013-02-11T10:18:42Z
  • irt: IRT-VAINAVIINDUSTRIESLTD-IN
  • address: VAINAVI TOWERS, 1-8-741
  • address: PRAKASHNAGAR, BEGUMPET
  • address: HYDERABAD - 500 090
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: GP370-AP
  • tech-c: PS638-AP
  • mnt-by: MAINT-VAINAVIINDUSTRIESLTD-IN
  • last-modified: 2023-04-26T06:03:08Z
  • person: Govind Putta
  • address: Vainavi Industries Ltd. VAINAVI TOWERS,1-8-741,
  • address: Prakash nagar, Begumpet, Hyderabad-500016
  • country: IN
  • phone: +91-40-71156767
  • e-mail: [email protected]
  • nic-hdl: GP370-AP
  • mnt-by: MAINT-VAINAVIINDUSTRIESLTD-IN
  • last-modified: 2023-04-26T06:01:50Z
  • person: Padmaja S
  • address: VAINAVI TOWERS,1-8-741 Prakash nagar, Begumpet, Hyderabad-500016
  • country: IN
  • phone: +91-040-71156767
  • e-mail: [email protected]
  • nic-hdl: PS638-AP
  • mnt-by: MAINT-IN-VAINAVIINDUSTRIESLTD
  • last-modified: 2023-04-26T06:01:24Z
  • route: 119.235.50.0/24
  • descr: VAINAVIINDUSTRIESLTD
  • origin: AS45582
  • mnt-by: MAINT-VAINAVIINDUSTRIESLTD-IN
  • mnt-routes: MAINT-VAINAVIINDUSTRIESLTD-IN
  • last-modified: 2020-07-30T11:47:42Z

Links to attack logs

roxy-ip-list-2023-05-03