188.244.144.90 Threat Intelligence and Host Information

Share on:
Apr 20, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: Bruteforce, Nextray, SSH, brute force, bruteforce, cowrie, cyber security, fail2ban, ioc, malicious, phishing, ssh, tsec
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh

  • Country: Russian Federation
  • Network: AS15774 limited liability company ttk-svyaz
  • Noticed: 23 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: www.nfygu.ru moodle.nfygu.ru nfygu.ru nti.s-vfu.ru

Open Ports Detected

110 137 3128 443 445 5222 5269 53 7070 7443 80 8081 9090 9091 993 995

CVEs Detected

CVE-2006-20001 CVE-2008-1446 CVE-2009-1535 CVE-2009-2521 CVE-2009-4444 CVE-2009-4445 CVE-2020-25097 CVE-2021-28116 CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620 CVE-2021-46784 CVE-2022-36760 CVE-2022-37436 CVE-2022-41317 CVE-2022-41318 CVE-2023-25690 CVE-2023-27522

Map

Whois Information

  • inetnum: 188.244.144.0 - 188.244.159.255
  • netname: BAYKAL_TTK-RTL-POOL6
  • descr: TTK-Baikal/BRAS in Neryungri
  • descr: Neryungri, Russia
  • country: RU
  • admin-c: KTTK-RIPE
  • tech-c: BTTC-RIPE
  • status: ASSIGNED PA
  • mnt-by: MNT-TTK
  • created: 2011-03-21T10:16:10Z
  • last-modified: 2019-03-12T07:34:47Z
  • role: GIS KTTK Sibir
  • address: JSC Company TransTeleCom
  • address: Branch SIBIR-TTK
  • address: Russia
  • address: 664025 Irkutsk
  • address: 38 Gagarina blvd
  • abuse-mailbox: [email protected]
  • admin-c: MVP125-RIPE
  • admin-c: TAI447-RIPE
  • tech-c: MVP125-RIPE
  • tech-c: TAI447-RIPE
  • nic-hdl: BTTC-RIPE
  • mnt-by: BTTC-MNT
  • created: 2011-03-23T07:33:25Z
  • last-modified: 2019-03-05T03:50:51Z
  • role: TTC NOC
  • address: Company TransTeleCom Network Operation Center
  • address: 29/134, Vereyskaya str.
  • address: 121357 Moscow Russian Federation
  • phone: +7 495 7846677
  • phone: +7 495 7846670
  • fax-no: +7 495 7846671
  • admin-c: YL390-RIPE
  • tech-c: YL390-RIPE
  • tech-c: DP11502-RIPE
  • tech-c: AYS33-RIPE
  • tech-c: AERM-RIPE
  • tech-c: MN12708-RIPE
  • nic-hdl: KTTK-RIPE
  • mnt-by: TRANSTELECOM-MNT
  • created: 2003-09-26T09:09:36Z
  • last-modified: 2022-09-20T09:02:47Z
  • abuse-mailbox: [email protected]
  • route: 188.244.128.0/17
  • descr: TTK-Retail route object
  • origin: AS15774
  • mnt-by: TRANSTELECOM-MNT
  • created: 2015-08-17T13:31:24Z
  • last-modified: 2015-08-17T13:31:24Z
  • route: 188.244.128.0/17
  • descr: TTK-Retail route object
  • origin: AS20485
  • mnt-by: TRANSTELECOM-MNT
  • created: 2016-03-30T12:07:31Z
  • last-modified: 2016-03-30T12:07:31Z

Links to attack logs

bruteforce-ip-list-2020-10-19