130.149.232.146 Threat Intelligence and Host Information

Share on:

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Possibly Malicious Host 🟢 29/100

Host and Network Information

  • Tags: Nextray, bruteforce, cyber security, ioc, malicious, phishing, ssh
  • View other sources: Spamhaus VirusTotal

  • Country: Germany
  • Network: AS680 verein zur foerderung eines deutschen forschungsnetzes e.v.
  • Noticed: 2 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: rasp146cem.aot.tu-berlin.de

Map

Whois Information

  • NetRange: 130.138.0.0 - 130.149.255.255
  • CIDR: 130.138.0.0/15, 130.140.0.0/14, 130.144.0.0/14, 130.148.0.0/15
  • NetName: RIPE-ERX-130-138-0-0
  • NetHandle: NET-130-138-0-0-1
  • Parent: NET130 (NET-130-0-0-0-0)
  • NetType: Early Registrations, Transferred to RIPE NCC
  • OriginAS:
  • Organization: RIPE Network Coordination Centre (RIPE)
  • RegDate: 2003-11-12
  • Updated: 2003-11-12
  • Comment: These addresses have been further assigned to users in
  • Comment: the RIPE NCC region. Contact information can be found in
  • Ref: https://rdap.arin.net/registry/ip/130.138.0.0
  • OrgName: RIPE Network Coordination Centre
  • OrgId: RIPE
  • Address: P.O. Box 10096
  • City: Amsterdam
  • StateProv:
  • PostalCode: 1001EB
  • Country: NL
  • RegDate:
  • Updated: 2013-07-29
  • Ref: https://rdap.arin.net/registry/entity/RIPE
  • OrgTechHandle: RNO29-ARIN
  • OrgTechName: RIPE NCC Operations
  • OrgTechPhone: +31 20 535 4444
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
  • OrgAbuseHandle: ABUSE3850-ARIN
  • OrgAbuseName: Abuse Contact
  • OrgAbusePhone: +31205354444
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
  • inetnum: 130.149.0.0 - 130.149.255.255
  • netname: TUB
  • descr: TU Berlin, campus network
  • country: DE
  • admin-c: MF14745-RIPE
  • tech-c: TH5476-RIPE
  • status: LEGACY
  • mnt-by: DFN-LIR-MNT
  • mnt-lower: DFN-LIR-MNT
  • mnt-routes: DFN-MNT
  • mnt-irt: IRT-DFN-CERT
  • created: 2002-04-04T09:04:50Z
  • last-modified: 2019-12-04T13:05:29Z
  • role: tubIT Hostmaster
  • address: Technische Universitaet Berlin
  • address: tubIT / IT-Service Center
  • address: Sekretariat EN 50
  • address: Einsteinufer 17
  • address: 10587 Berlin
  • address: Germany
  • phone: +49 30 314 28800
  • fax-no: +49 30 314 21060
  • nic-hdl: TH5476-RIPE
  • mnt-by: DFN-NTFY
  • created: 2014-12-11T15:56:45Z
  • last-modified: 2016-11-23T11:41:32Z
  • person: Michael Flachsel
  • address: Technische Universitaet Berlin
  • address: tubIT / IT-Service Center
  • address: Sekretariat EN 50
  • address: Einsteinufer 17
  • address: 10587 Berlin
  • address: Germany
  • phone: +49 30 314 78572
  • nic-hdl: MF14745-RIPE
  • mnt-by: DFN-NTFY
  • created: 2014-12-11T15:52:09Z
  • last-modified: 2014-12-11T15:52:09Z
  • route: 130.149.0.0/16
  • descr: TUB
  • origin: AS1275
  • mnt-by: DFN-MNT
  • created: 1970-01-01T00:00:00Z
  • last-modified: 2001-09-22T09:32:38Z
  • route: 130.149.0.0/16
  • descr: TUB
  • origin: AS680
  • mnt-by: DFN-MNT
  • created: 1970-01-01T00:00:00Z
  • last-modified: 2010-02-18T12:50:43Z

Links to attack logs

bruteforce-ip-list-2020-01-13