135.148.113.169 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 135.148.113.169 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 29/100

Host and Network Information

• Mitre ATT&CK IDs: T1110 - Brute Force

• Tags: brute force, Bruteforce, Brute-Force, ssh, SSH

• View other sources: Spamhaus VirusTotal

• Country: United States
• Network: AS16276 ovh sas
• Noticed: 1 times
• Protcols Attacked: ssh
• Countries Attacked: Australia
• Passive DNS Results: atjvn7xu.n.yunjiasu.vip zmsjsa.bond dzaugu.bond nghsgs.bond tg3689.com vg2927.com vc5246.com sd6494.com hj7954.com zx2430.com gf9221.com kj5418.com rt7054.com wd3861.com tr5664.com sd3750.com li9084.com bn6242.com jn2205.com jw9272.com uy1562.com er1416.com er8802.com fg6595.com ds3204.com ht1302.com gh8655.com gf8638.com fg6791.com sc8995.com vc6004.com ht2660.com bv8645.com uj4746.com uo1912.com nj5754.com kh5658.com vg6790.com hj7358.com ht3054.com is1956.com zx6335.com bg9265.com bv8646.com ji1031.com ev6939.com ku1719.com xc3207.com tg9480.com dc2190.com gv6163.com gf7712.com vj3762.com www.hj5606.com ts.quhaal.top 135-148-113-169.ipv4.nknlabs.io

Open Ports Detected

22 443 80 8080

CVEs Detected

CVE-2021-23017 CVE-2021-3618

Map

Whois Information

• NetRange: 135.148.0.0 - 135.148.255.255
• CIDR: 135.148.0.0/16
• NetName: OUL-16
• NetHandle: NET-135-148-0-0-1
• Parent: NET135 (NET-135-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: OVH US LLC (OUL-16)
• RegDate: 2020-09-28
• Updated: 2020-09-28
• Ref: https://rdap.arin.net/registry/ip/135.148.0.0
• OrgName: OVH US LLC
• OrgId: OUL-16
• Address: 12110 Sunset Hills
• City: Reston
• StateProv: VA
• PostalCode: 20190
• Country: US
• RegDate: 2016-09-16
• Updated: 2022-10-12
• Ref: https://rdap.arin.net/registry/entity/OUL-16
• OrgTechHandle: NOC32732-ARIN
• OrgTechName: NOC
• OrgTechPhone: +1-844-325-6233
• OrgTechEmail: lir@ovh.net
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32732-ARIN
• OrgAbuseHandle: ABUSE8550-ARIN
• OrgAbuseName: ABUSE
• OrgAbusePhone: +1-844-325-6233
• OrgAbuseEmail: abuse@ovh.us
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE8550-ARIN

Links to attack logs

vultrwarsaw-ssh-bruteforce-ip-list-2023-12-05