150.95.26.228 Threat Intelligence and Host Information

Share on:

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 50/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Bruteforce, Nextray, SSH, alienvault ip, bernal, botnet c2, carapicuiba, cowrie, cyber security, dstip, fail2ban, feodo tracker, generic, ho chi, host at, host de, host in, host tw, ioc, ip blocklist, la, lafusioncenter, louisiana, malicious, malicious host, phishing, ssh, tsec
  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: haley_ssh

  • Country: Singapore
  • Network: AS135161 gmo-z com netdesign holdings co. ltd.
  • Noticed: 45 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

22 80

CVEs Detected

CVE-2006-20001 CVE-2020-13666 CVE-2020-13667 CVE-2020-13668 CVE-2020-13669 CVE-2020-13670 CVE-2020-13671 CVE-2020-13672 CVE-2020-13674 CVE-2020-13675 CVE-2020-13676 CVE-2020-13677 CVE-2020-13688 CVE-2020-28948 CVE-2020-28949 CVE-2020-36193 CVE-2021-41164 CVE-2021-41165 CVE-2021-41183 CVE-2021-41184 CVE-2022-24728 CVE-2022-24729 CVE-2022-24775 CVE-2022-25270 CVE-2022-25271 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29248 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556 CVE-2022-31042 CVE-2022-31043 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2022-39261 CVE-2023-25690 CVE-2023-27522

Map

Whois Information

  • inetnum: 150.95.26.0 - 150.95.26.255
  • netname: ZCOM-THAI
  • descr:
  • country: TH
  • admin-c: GIIA3-AP
  • tech-c: GIIA3-AP
  • abuse-c: AG1198-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: MAINT-GMOINTERNETINC-JP
  • mnt-irt: IRT-GMOINTERNETINC-JP
  • last-modified: 2023-02-09T02:27:13Z
  • irt: IRT-GMOINTERNETINC-JP
  • address: Cerulean Tower 4-14F, 26-1 Sakuragaokacho, Shibuya-ku Tokyo 150-8512
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: GIIA3-AP
  • tech-c: GIIA3-AP
  • mnt-by: MAINT-GMOINTERNETINC-JP
  • last-modified: 2022-08-26T03:28:27Z
  • role: ABUSE GMOINTERNETINCJP
  • address: Cerulean Tower 4-14F, 26-1 Sakuragaokacho, Shibuya-ku Tokyo 150-8512
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: GIIA3-AP
  • tech-c: GIIA3-AP
  • nic-hdl: AG1198-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-02-09T01:25:22Z
  • role: GMO Internet Inc administrator
  • address: Cerulean Tower 4-14F, 26-1 Sakuragaokacho, Shibuya-ku Tokyo 150-8512
  • country: JP
  • phone: +81354562555
  • e-mail: [email protected]
  • admin-c: GIIA3-AP
  • tech-c: GIIA3-AP
  • nic-hdl: GIIA3-AP
  • mnt-by: MAINT-GMOINTERNETINC-JP
  • last-modified: 2022-08-22T00:30:29Z

Links to attack logs

bruteforce-ip-list-2021-01-27 bruteforce-ip-list-2021-06-09 bruteforce-ip-list-2021-01-16