181.57.238.194 Threat Intelligence and Host Information

Share on:
Apr 19, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: Brute-Force, Bruteforce, Nextray, SSH, aws, cyber security, digital ocean, ioc, malicious, phishing, scanners, ssh, vultr

  • View other sources: Spamhaus VirusTotal

  • Country: Colombia
  • Network: AS14080 telmex colombia s.a.
  • Noticed: 9 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Singapore, Spain, Turkey, Ukraine, United Kingdom, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

22 5432

CVEs Detected

CVE-2009-3229 CVE-2009-3231 CVE-2010-0442 CVE-2010-0733 CVE-2010-1169 CVE-2010-1170 CVE-2010-1447 CVE-2010-1975 CVE-2010-3433 CVE-2010-4015 CVE-2010-4478 CVE-2010-4755 CVE-2010-5107 CVE-2011-4327 CVE-2011-5000 CVE-2012-0814 CVE-2012-0866 CVE-2012-0868 CVE-2012-2143 CVE-2012-2655 CVE-2012-3488 CVE-2012-3489 CVE-2013-0255 CVE-2013-1902 CVE-2013-1903 CVE-2013-4422 CVE-2014-0060 CVE-2014-0061 CVE-2014-0062 CVE-2014-0063 CVE-2014-0064 CVE-2014-0065 CVE-2014-0066 CVE-2014-0067 CVE-2014-1692 CVE-2014-2532 CVE-2014-2653 CVE-2014-8161 CVE-2015-0241 CVE-2015-0242 CVE-2015-0243 CVE-2015-0244 CVE-2015-3165 CVE-2015-3166 CVE-2015-3167 CVE-2015-5288 CVE-2015-5352 CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 CVE-2016-0768 CVE-2016-0773 CVE-2016-0777 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2016-1908 CVE-2016-20012 CVE-2016-5423 CVE-2016-5424 CVE-2016-7048 CVE-2017-14798 CVE-2017-15906 CVE-2017-7484 CVE-2018-1115 CVE-2018-15473 CVE-2018-20685 CVE-2019-10127 CVE-2019-10128 CVE-2019-10210 CVE-2019-10211 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-15778 CVE-2020-25694 CVE-2020-25695 CVE-2021-23214 CVE-2021-36368 CVE-2023-28531

Map

Whois Information

  • inetnum: 181.56.0.0/13
  • status: allocated
  • aut-num: AS14080
  • aut-num: AS10620
  • owner: Telmex Colombia S.A.
  • ownerid: CO-ACSA-LACNIC
  • responsible: Operaciones Core IP
  • address: CLARO FIJO COLOMBIA - Cra 68A No. 24B-10, 11111,
  • address: 11111 - Bogota - DC
  • country: CO
  • phone: +57 01 7480000
  • owner-c: ATI
  • tech-c: ATI
  • abuse-c: ATI
  • inetrev: 181.58.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230417 AA
  • nslastaa: 20230417
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230417 AA
  • nslastaa: 20230417
  • inetrev: 181.59.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230416 AA
  • nslastaa: 20230416
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230416 AA
  • nslastaa: 20230416
  • inetrev: 181.60.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230418 AA
  • nslastaa: 20230418
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230418 AA
  • nslastaa: 20230418
  • inetrev: 181.61.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • inetrev: 181.62.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • inetrev: 181.63.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230417 AA
  • nslastaa: 20230417
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230417 AA
  • nslastaa: 20230417
  • inetrev: 181.56.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • inetrev: 181.57.0.0/16
  • nserver: NS3.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • nserver: NS2.TELMEXLA.NET.CO
  • nsstat: 20230419 AA
  • nslastaa: 20230419
  • created: 20121016
  • changed: 20121016
  • nic-hdl: ATI
  • person: Network Security Team
  • e-mail: [email protected]
  • address: 111321 - Bogota - DC
  • country: CO
  • phone: +57 017480456 [81966]
  • created: 20020909
  • changed: 20230313

Links to attack logs

vultrmadrid-ssh-bruteforce-ip-list-2023-02-20 dolondon-ssh-bruteforce-ip-list-2023-03-28 dosing-ssh-bruteforce-ip-list-2023-02-28