146.196.65.21 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 146.196.65.21 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

• Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing

• Tags: Nextray, brute-force, bruteforce, cowrie, cyber security, digital ocean, ioc, malicious, phishing, scanners, ssh, tcp, vultr

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: haley_ssh

• Country: Vietnam
• Network: AS45899 vnpt corp
• Noticed: 1 times
• Protcols Attacked: ssh
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: www.giuongtangdanang.org www.vaitandao.com vaitandao.com gaigoi3m.xyz www.gaigoi3m.xyz www.henhogai.xyz henhogai.xyz www.gai3s.net gai3s.net www.choigai.xyz choigai.xyz alogaigoi.xyz www.alogaigoi.xyz www.alogai.xyz alogai.xyz www.alochich.xyz alochich.xyz www.gaigoi2k.xyz gaigoi2k.xyz www.gaidepvip.xyz gaidepvip.xyz www.henho3mien.net henho3mien.net www.alohang.xyz alohang.xyz gaigoi19.xyz www.gaigoi19.xyz www.henho3mien.com henho3mien.com maybaydem.com www.maybaydem.com gaigoi18.xyz www.gaigoi18.xyz www.gai2k.xyz gai2k.xyz alogaidep.xyz www.alogaidep.xyz www.xlvgroup.vn www.shopthucung.org shopthucung.org dichvugiaytonhadat.com xlvgroup.vn sangoduc.vn www.xaydungnambinh.com xaydungnambinh.com www.nhavuonminhphung.com hinodaiphattin.com www.hinodaiphattin.com www.nuockhoang24h.net lagisneaker.vn www.lagisneaker.vn www.sugar-baby.online sugar-baby.online h2design.vn www.h2design.vn kimbinhland.com thietbiytehcm.com hoatuoi365.net suacuacuondanang.net cuanhomkinh365.com www.cuanhomkinh365.com www.cuacuonphuonganh.com cuacuonphuonganh.com nuockhoang24h.net www.nuockhoangthanglong.com nuockhoangthanglong.com thumuadogocu.net www.thumuadogocu.net www.thanhlydocusg.net thanhlydocusg.net www.giacongquangcao.org giacongquangcao.org nhavuonminhphung.com suabeptugiare.com www.suabeptugiare.com sangodanang.net muaxacnhaxuong.net chuyenchongtham.net vizafood.com thumuaphelieuvn.net giuongtangdanang.org songiada.org giuongtangxuatkhau.org cokhiviet.org

Map

Whois Information

• inetnum: 146.196.64.0 - 146.196.67.255
• netname: VINAHOST-VN
• descr: VINAHOST COMPANY LIMITED
• descr: 351/31 No Trang Long, 13 Ward, Binh Thanh District, Ho Chi Minh City
• admin-c: NTTN1-AP
• tech-c: PVL4-AP
• country: VN
• mnt-by: MAINT-VN-VNNIC
• mnt-lower: MAINT-VN-VNNIC
• mnt-irt: IRT-VNNIC-AP
• status: ALLOCATED PORTABLE
• last-modified: 2018-03-26T09:37:17Z
• irt: IRT-VNNIC-AP
• address: Ha Noi, VietNam
• phone: +84-24-35564944
• fax-no: +84-24-37821462
• e-mail: hm-changed@vnnic.vn
• abuse-mailbox: hm-changed@vnnic.vn
• admin-c: NTTT1-AP
• tech-c: NTTT1-AP
• mnt-by: MAINT-VN-VNNIC
• last-modified: 2017-11-08T09:40:06Z
• person: Nguyen Thi Thanh Nga
• address: VINAHOST-VN
• country: VN
• phone: +84-914310023
• e-mail: nga.nguyen@vinahost.vn
• nic-hdl: NTTN1-AP
• mnt-by: MAINT-VN-VNNIC
• last-modified: 2018-03-26T09:33:08Z
• person: Phan Van Linh
• address: VINAHOST-VN
• country: VN
• phone: +84-986003135
• e-mail: linhpv@vinahost.vn
• nic-hdl: PVL4-AP
• mnt-by: MAINT-VN-VNNIC
• last-modified: 2018-03-26T09:34:09Z
• route: 146.196.64.0/22
• descr: VinaHost Co., Ltd.
• origin: AS7643
• mnt-by: MAINT-VN-VNNIC
• notify: support@vinahost.vn
• last-modified: 2016-04-11T06:50:16Z

Links to attack logs

bruteforce-ip-list-2022-07-13 dofrank-ssh-bruteforce-ip-list-2022-07-29 vultrparis-ssh-bruteforce-ip-list-2022-07-13 dotoronto-ssh-bruteforce-ip-list-2022-07-24