185.106.94.34 Threat Intelligence and Host Information

Share on:
Apr 20, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Brute-Force, Bruteforce, SSH, brute force, bruteforce, scan, scanners, ssh, vultr, zmap

  • View other sources: Spamhaus VirusTotal

  • Country: Russian Federation
  • Network: AS210644
  • Noticed: 13 times
  • Protcols Attacked: ssh
  • Countries Attacked: Australia, Spain
  • Passive DNS Results: cdn1.kms777.ml aptrue.com

Open Ports Detected

1000 1012 102 1024 1025 1027 1028 104 10443 10554 106 1080 1099 110 11000 111 1111 1119 11210 113 11300 1153 119 1200 12000 121 1234 1250 13 1355 1366 137 1388 14147 14265 143 1433 1471 1494 15 1500 1521 154 1554 1599 16010 1604 1660 16993 1723 175 179 180 18245 1833 1883 19000 1911 1925 1935 1947 195 1951 1962 1981 20 2000 20000 2001 2003 2008 2020 2021 2022 2048 2049 2054 2056 2059 2061 2063 2065 2067 2068 2070 2077 2080 2081 2082 2087 2100 21025 2111 2121 21379 2154 2181 22 2200 2202 221 222 2221 2222 2223 2232 2233 225 2250 2320 2345 2351 2379 2404 2455 25001 25105 2525 2550 25565 2557 2559 2560 2562 2572 26 2601 2626 2701 27015 27017 2709 2762 28015 28017 3000 3001 3005 3050 3052 3053 3056 3061 3066 3067 3071 3077 3079 3080 3082 3083 3085 3086 3088 3089 3090 3092 3097 3102 3104 3105 3107 3108 3110 3111 3114 3115 3117 3118 3119 3120 3129 3260 3268 3269 3270 32764 3299 3301 3306 3307 3310 3388 3389 340 3402 3404 3405 3406 3407 3409 3410 3412 3443 3479 3503 3522 3523 3524 3548 3549 3551 3552 3554 3555 3557 3558 3559 3560 3561 3563 3567 3568 3569 3570 37 3749 37777 3791 3792 3794 38 389 3910 3922 3951 3952 3953 4001 4002 4022 4040 4063 4064 4118 41800 4190 4242 427 4282 4321 4369 44158 443 444 4444 4445 445 447 448 44818 4482 449 4500 4505 4506 4523 4524 4567 4643 465 4734 4747 4782 4786 4848 4899 49 491 4911 49153 4949 50000 5001 5002 5005 5007 5009 502 503 51 51106 51235 5190 5269 53 5357 5400 541 5431 5432 5443 5446 5454 548 5500 55000 554 55553 55554 5567 5569 5590 5593 5597 5598 5601 5602 5605 5606 5607 5608 5672 5673 5800 5822 5853 5858 587 5906 5908 5910 593 5984 5985 6000 6001 6003 6005 6007 6009 6010 6080 6102 6161 61613 61616 62078 631 636 6379 6443 646 6464 6510 6511 6543 6561 6565 6580 6588 6590 6601 6603 6605 6622 6650 6653 666 6666 6667 6668 6697 6748 6789 6955 70 7004 7005 7070 7081 7170 7171 7401 7433 7443 7445 7465 7535 772 777 7777 7779 789 79 7989 7998 80 8000 8002 8003 8005 8006 8007 8009 801 8016 8017 8018 8019 8020 8021 8022 8023 8027 8028 8033 8035 8037 8040 8042 8045 8047 805 8050 8051 8054 8055 8056 806 8064 8080 8081 8082 8084 8085 8086 8087 8092 8095 8096 8099 8100 8101 8103 8104 8105 8106 8107 8108 8109 8126 8139 8143 8159 8180 8184 8190 8200 8237 8238 8249 8252 8282 8291 8333 84 8401 8402 8403 8411 8414 8416 8422 8424 8425 8426 8428 8431 8442 8444 8445 8447 8513 8545 8553 8575 8585 8586 86 8622 8649 8663 8666 8686 8688 8700 8728 873 8765 8766 8787 8788 8791 88 8801 8802 8804 8806 8807 8808 8812 8813 8816 8818 8819 8820 8823 8825 8827 8830 8832 8834 8835 8838 8839 8840 8841 8842 8844 8845 8846 8849 8855 8856 8860 8861 8862 8865 8866 8868 8869 8873 8874 8879 888 8880 8885 8887 8989 8993 9000 9002 9003 9007 9008 9011 9012 9016 9018 902 9020 9021 9023 9025 9026 9029 9030 9034 9036 9038 9039 9041 9042 9045 9046 9049 9050 9051 9082 9084 9089 9090 9092 9094 9098 9099 9100 9103 9105 9107 9109 9110 9136 9151 9191 9201 9202 9209 9210 9211 9212 9216 9217 9218 9219 9220 9221 9222 9300 9301 9304 9305 9309 9310 9311 9418 943 9433 9444 9445 95 9530 96 9600 9606 9663 9690 97 9743 9761 9765 9876 9898 9899 99 990 992 993 9966 9981 9991 9992 9994 9998

Map

Whois Information

  • inetnum: 185.106.94.0 - 185.106.94.255
  • netname: Aeza-Network
  • country: AT
  • org: ORG-AGL38-RIPE
  • geofeed: https://aeza.net/static/ipv4_f.csv
  • geoloc: 48.2697765 16.4100816
  • admin-c: AN32749-RIPE
  • tech-c: AN32749-RIPE
  • mnt-routes: aeza-mnt
  • mnt-domains: aeza-mnt
  • status: ASSIGNED PA
  • mnt-by: aeza-mnt
  • created: 2022-04-21T11:59:08Z
  • last-modified: 2023-02-24T15:16:03Z
  • organisation: ORG-AGL38-RIPE
  • org-name: AEZA GROUP LLC
  • org-type: OTHER
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • abuse-c: AA38875-RIPE
  • mnt-ref: aeza-mnt
  • mnt-ref: DN-MNT
  • mnt-ref: VF1-MNT
  • mnt-ref: DATAMAX-M
  • mnt-by: aeza-mnt
  • created: 2021-11-23T13:59:30Z
  • last-modified: 2023-01-06T12:18:43Z
  • role: Aeza Network
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • nic-hdl: AN32749-RIPE
  • mnt-by: aeza-group-mnt
  • created: 2021-11-24T09:55:02Z
  • last-modified: 2021-11-24T09:55:02Z
  • route: 185.106.94.0/24
  • origin: AS210644
  • mnt-by: aeza-mnt
  • mnt-by: AEZA-NETWORK-MNT
  • created: 2022-04-26T10:55:08Z
  • last-modified: 2022-04-26T10:55:08Z

Links to attack logs

vultrmadrid-ssh-bruteforce-ip-list-2023-04-13