146.4.66.113 Threat Intelligence and Host Information

Share on:

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 47/100

Host and Network Information

  • Tags: Nextray, RDP, SSH, Telnet, abuse, attack, awssafrica, bruteforce, cyber security, fraud, ioc, ipqs, ipqualityscore, login, malicious, phishing, scanner, telnet, web attack
  • View other sources: Spamhaus VirusTotal

  • Country: Switzerland
  • Network: AS3303 swisscom (schweiz) ag
  • Noticed: 9 times
  • Protcols Attacked: telnet
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, South Africa, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 2 4098c8a10acf77b3c753acd602b99ab0e88f050f1e72edb23c06bc0500926eeb 4098c8a10acf77b3c753acd602b99ab0e88f050f1e72edb23c06bc0500926eeb

Open Ports Detected

123 25 465 53 5432 587

CVEs Detected

CVE-2013-0255 CVE-2013-1899 CVE-2013-1900 CVE-2013-1901 CVE-2013-1902 CVE-2013-1903 CVE-2013-4422 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2014-2669 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-5288 CVE-2016-0766 CVE-2016-0773 CVE-2016-5423 CVE-2016-5424 CVE-2016-7048 CVE-2017-12172 CVE-2017-14798 CVE-2017-7484 CVE-2017-7486 CVE-2017-7546 CVE-2017-7547 CVE-2018-1115 CVE-2019-10127 CVE-2019-10128 CVE-2019-10210 CVE-2019-10211 CVE-2020-25694 CVE-2020-25695 CVE-2021-23214

Map

Whois Information

  • NetRange: 146.2.0.0 - 146.4.255.255
  • CIDR: 146.4.0.0/16, 146.2.0.0/15
  • NetName: RIPE-ERX-146-2-0-0
  • NetHandle: NET-146-2-0-0-1
  • Parent: NET146 (NET-146-0-0-0-0)
  • NetType: Early Registrations, Transferred to RIPE NCC
  • OriginAS:
  • Organization: RIPE Network Coordination Centre (RIPE)
  • RegDate: 2004-02-04
  • Updated: 2004-02-04
  • Comment: These addresses have been further assigned to users in
  • Comment: the RIPE NCC region. Contact information can be found in
  • Ref: https://rdap.arin.net/registry/ip/146.2.0.0
  • OrgName: RIPE Network Coordination Centre
  • OrgId: RIPE
  • Address: P.O. Box 10096
  • City: Amsterdam
  • StateProv:
  • PostalCode: 1001EB
  • Country: NL
  • RegDate:
  • Updated: 2013-07-29
  • Ref: https://rdap.arin.net/registry/entity/RIPE
  • OrgAbuseHandle: ABUSE3850-ARIN
  • OrgAbuseName: Abuse Contact
  • OrgAbusePhone: +31205354444
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
  • OrgTechHandle: RNO29-ARIN
  • OrgTechName: RIPE NCC Operations
  • OrgTechPhone: +31 20 535 4444
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
  • inetnum: 146.4.0.0 - 146.4.255.255
  • netname: CH-BLUEWINDOW-19910115
  • country: CH
  • org: ORG-BA8-RIPE
  • admin-c: BCR1-RIPE
  • tech-c: BCR1-RIPE
  • status: ALLOCATED PA
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: BLUEWINNET-MNT
  • mnt-lower: BLUEWINNET-MNT
  • mnt-routes: BLUEWINNET-MNT
  • mnt-routes: CH-UNISOURCE-MNT
  • created: 2017-11-28T09:55:47Z
  • last-modified: 2021-08-19T11:35:34Z
  • organisation: ORG-BA8-RIPE
  • org-name: Swisscom (Schweiz) AG
  • country: CH
  • org-type: LIR
  • descr: Please do NOT call!
  • descr: *****************
  • descr: use for abuse only > [email protected] <
  • descr: *****************
  • address: Postfach
  • address: 8021
  • address: Zurich
  • address: SWITZERLAND
  • phone: +41 58 221 73 14
  • admin-c: TG267-RIPE
  • admin-c: AC2332-RIPE
  • admin-c: GDM658-RIPE
  • admin-c: EG7936-RIPE
  • admin-c: CE2871-RIPE
  • admin-c: SF3464-RIPE
  • abuse-c: BCR18-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: BLUEWINNET-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: BLUEWINNET-MNT
  • created: 2004-04-17T11:01:54Z
  • last-modified: 2022-05-17T09:16:15Z
  • role: Bluewin Contact Role
  • address: Swisscom (Switzerland) Ltd.
  • address: Internet Service Core Networks
  • address: INI-MBM-BNC
  • address: Binzring 17
  • address: CH-8045 Zurich
  • address: Switzerland
  • abuse-mailbox: [email protected]
  • org: ORG-BA8-RIPE
  • admin-c: CE2871-RIPE
  • admin-c: EG7936-RIPE
  • admin-c: TG267-RIPE
  • admin-c: GDM658-RIPE
  • admin-c: SF3464-RIPE
  • tech-c: EG7936-RIPE
  • tech-c: TG267-RIPE
  • tech-c: GDM658-RIPE
  • tech-c: SF3464-RIPE
  • tech-c: CE2871-RIPE
  • nic-hdl: BCR1-RIPE
  • mnt-by: BLUEWINNET-MNT
  • created: 2003-04-08T08:53:32Z
  • last-modified: 2022-12-05T12:35:44Z
  • route: 146.4.0.0/17
  • descr: Swisscom (Schweiz) AG - SME/Cybernet
  • descr: Provider Local Registry
  • origin: AS3303
  • mnt-lower: CH-UNISOURCE-MNT
  • mnt-lower: BLUEWINNET-MNT
  • mnt-by: CH-UNISOURCE-MNT
  • mnt-by: BLUEWINNET-MNT
  • created: 2017-12-08T13:09:29Z
  • last-modified: 2017-12-08T13:09:29Z

Links to attack logs

awssafrica-telnet-bruteforce-ip-list-2022-01-21 telnet-bruteforce-ip-list-2022-01-11 telnet-bruteforce-ip-list-2022-01-19