159.253.168.202 Threat Intelligence and Host Information

Share on:
Apr 30, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 34/100

Host and Network Information

  • Tags: botnet, port 23, tcp/23, telnet

  • View other sources: Spamhaus VirusTotal

  • Country: Russian Federation
  • Network: AS8749 jsc redcom-lnternet
  • Noticed: 2 times
  • Protcols Attacked: telnet
  • Countries Attacked: United States of America

Open Ports Detected

21 23 69

CVEs Detected

CVE-2008-7265 CVE-2009-0543 CVE-2009-3639 CVE-2010-3867 CVE-2010-4652 CVE-2011-1137 CVE-2011-4130 CVE-2012-6095 CVE-2019-12815 CVE-2019-18217 CVE-2019-19269 CVE-2019-19270 CVE-2019-19271 CVE-2019-19272 CVE-2020-9272 CVE-2021-46854

Map

Whois Information

  • NetRange: 159.253.0.0 - 159.253.255.255
  • CIDR: 159.253.0.0/16
  • NetName: RIPE-ERX-159-253-0-0
  • NetHandle: NET-159-253-0-0-1
  • Parent: NET159 (NET-159-0-0-0-0)
  • NetType: Early Registrations, Transferred to RIPE NCC
  • OriginAS:
  • Organization: RIPE Network Coordination Centre (RIPE)
  • RegDate: 2010-11-03
  • Updated: 2010-11-17
  • Comment: These addresses have been further assigned to users in
  • Comment: the RIPE NCC region. Contact information can be found in
  • Ref: https://rdap.arin.net/registry/ip/159.253.0.0
  • OrgName: RIPE Network Coordination Centre
  • OrgId: RIPE
  • Address: P.O. Box 10096
  • City: Amsterdam
  • StateProv:
  • PostalCode: 1001EB
  • Country: NL
  • RegDate:
  • Updated: 2013-07-29
  • Ref: https://rdap.arin.net/registry/entity/RIPE
  • OrgTechHandle: RNO29-ARIN
  • OrgTechName: RIPE NCC Operations
  • OrgTechPhone: +31 20 535 4444
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
  • OrgAbuseHandle: ABUSE3850-ARIN
  • OrgAbuseName: Abuse Contact
  • OrgAbusePhone: +31205354444
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN

Links to attack logs

dotoronto-telnet-bruteforce-ip-list-2023-04-30