150.136.59.104 Threat Intelligence and Host Information

Share on:
Mar 17, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 150.136.59.104 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

  • Tags: cowrie, cyber security, ioc, malicious, Nextray, phishing, ssh

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh

  • Country: United States
  • Network: AS31898 oracle corporation
  • Noticed: 30 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: codeforcville.org www.codeforcville.org

Open Ports Detected

22 443 80

CVEs Detected

CVE-2006-20001 CVE-2007-4723 CVE-2008-0462 CVE-2008-1731 CVE-2008-1792 CVE-2008-2629 CVE-2008-4633 CVE-2008-4710 CVE-2008-5996 CVE-2008-5998 CVE-2008-5999 CVE-2008-6020 CVE-2008-6134 CVE-2008-6135 CVE-2008-6137 CVE-2008-6383 CVE-2008-6413 CVE-2008-6835 CVE-2008-6836 CVE-2008-6908 CVE-2008-6909 CVE-2008-6910 CVE-2008-6972 CVE-2008-7150 CVE-2008-7151 CVE-2009-0382 CVE-2009-0796 CVE-2009-0817 CVE-2009-0818 CVE-2009-1035 CVE-2009-1036 CVE-2009-1037 CVE-2009-1047 CVE-2009-1069 CVE-2009-1249 CVE-2009-1342 CVE-2009-1343 CVE-2009-1344 CVE-2009-1501 CVE-2009-1505 CVE-2009-1507 CVE-2009-1823 CVE-2009-2074 CVE-2009-2075 CVE-2009-2076 CVE-2009-2077 CVE-2009-2078 CVE-2009-2079 CVE-2009-2083 CVE-2009-2237 CVE-2009-2291 CVE-2009-2299 CVE-2009-2370 CVE-2009-2371 CVE-2009-2572 CVE-2009-2610 CVE-2009-3121 CVE-2009-3122 CVE-2009-3156 CVE-2009-3157 CVE-2009-3206 CVE-2009-3207 CVE-2009-3210 CVE-2009-3350 CVE-2009-3351 CVE-2009-3353 CVE-2009-3354 CVE-2009-3363 CVE-2009-3435 CVE-2009-3437 CVE-2009-3442 CVE-2009-3479 CVE-2009-3488 CVE-2009-3568 CVE-2009-3648 CVE-2009-3650 CVE-2009-3651 CVE-2009-3652 CVE-2009-3653 CVE-2009-3654 CVE-2009-3656 CVE-2009-3657 CVE-2009-3778 CVE-2009-3779 CVE-2009-3780 CVE-2009-3782 CVE-2009-3783 CVE-2009-3784 CVE-2009-3785 CVE-2009-3786 CVE-2009-3914 CVE-2009-3915 CVE-2009-3916 CVE-2009-3917 CVE-2009-3918 CVE-2009-3919 CVE-2009-3920 CVE-2009-3921 CVE-2009-3922 CVE-2009-4042 CVE-2009-4043 CVE-2009-4044 CVE-2009-4061 CVE-2009-4062 CVE-2009-4063 CVE-2009-4064 CVE-2009-4065 CVE-2009-4066 CVE-2009-4119 CVE-2009-4207 CVE-2009-4296 CVE-2009-4429 CVE-2009-4513 CVE-2009-4514 CVE-2009-4515 CVE-2009-4516 CVE-2009-4517 CVE-2009-4518 CVE-2009-4520 CVE-2009-4524 CVE-2009-4525 CVE-2009-4526 CVE-2009-4527 CVE-2009-4528 CVE-2009-4532 CVE-2009-4533 CVE-2009-4534 CVE-2009-4557 CVE-2009-4558 CVE-2009-4559 CVE-2009-4602 CVE-2009-4771 CVE-2009-4772 CVE-2009-4773 CVE-2009-4829 CVE-2009-4990 CVE-2009-5096 CVE-2010-0370 CVE-2010-0697 CVE-2010-0752 CVE-2010-1074 CVE-2010-1107 CVE-2010-1108 CVE-2010-1303 CVE-2010-1358 CVE-2010-1362 CVE-2010-1530 CVE-2010-1536 CVE-2010-1539 CVE-2010-1543 CVE-2010-1584 CVE-2010-1958 CVE-2010-1976 CVE-2010-1984 CVE-2010-1998 CVE-2010-2000 CVE-2010-2001 CVE-2010-2002 CVE-2010-2030 CVE-2010-2048 CVE-2010-2123 CVE-2010-2125 CVE-2010-2158 CVE-2010-2352 CVE-2010-2353 CVE-2010-2724 CVE-2010-3423 CVE-2010-4519 CVE-2010-4520 CVE-2010-4521 CVE-2010-4775 CVE-2010-4813 CVE-2011-0899 CVE-2011-1066 CVE-2011-1176 CVE-2011-1661 CVE-2011-1662 CVE-2011-1663 CVE-2011-1664 CVE-2011-2688 CVE-2011-4113 CVE-2011-4560 CVE-2011-5030 CVE-2012-0914 CVE-2012-1056 CVE-2012-1057 CVE-2012-1060 CVE-2012-2056 CVE-2012-2339 CVE-2012-2340 CVE-2012-2341 CVE-2012-2907 CVE-2012-3526 CVE-2012-4001 CVE-2012-4360 CVE-2013-0941 CVE-2013-0942 CVE-2013-2765 CVE-2013-4365 CVE-2019-17567 CVE-2020-11984 CVE-2020-11993 CVE-2020-13671 CVE-2020-13672 CVE-2020-13674 CVE-2020-13675 CVE-2020-13676 CVE-2020-13677 CVE-2020-13938 CVE-2020-13950 CVE-2020-1927 CVE-2020-1934 CVE-2020-28948 CVE-2020-28949 CVE-2020-35452 CVE-2020-36193 CVE-2020-9490 CVE-2021-26690 CVE-2021-26691 CVE-2021-30641 CVE-2021-32785 CVE-2021-32786 CVE-2021-32791 CVE-2021-32792 CVE-2021-33193 CVE-2021-33829 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 CVE-2021-41164 CVE-2021-41165 CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-24728 CVE-2022-24729 CVE-2022-24775 CVE-2022-25273 CVE-2022-25275 CVE-2022-25277 CVE-2022-25278 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2022-39261 CVE-2023-25690 CVE-2023-27522 CVE-2023-31122 CVE-2023-45802 CVE-2023-5256

Map

Whois Information

  • inetnum: 150.0.0.0 - 150.255.255.255
  • netname: ERX-NETBLOCK
  • descr: Early registration addresses
  • country: AU
  • admin-c: IANA1-AP
  • tech-c: IANA1-AP
  • mnt-by: APNIC-HM
  • mnt-lower: APNIC-HM
  • status: ALLOCATED PORTABLE
  • last-modified: 2015-08-28T00:31:15Z
  • mnt-irt: IRT-APNIC-AP
  • irt: IRT-APNIC-AP
  • address: Brisbane, Australia
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: HM20-AP
  • tech-c: NO4-AP
  • mnt-by: APNIC-HM
  • last-modified: 2023-08-18T00:42:38Z
  • role: Internet Assigned Numbers Authority
  • address: see http://www.iana.org.
  • admin-c: IANA1-AP
  • tech-c: IANA1-AP
  • nic-hdl: IANA1-AP
  • mnt-by: MAINT-APNIC-AP
  • last-modified: 2018-06-22T22:34:30Z

Links to attack logs

bruteforce-ip-list-2021-03-25 ** ** **