189.85.112.20 Threat Intelligence and Host Information

Share on:
Apr 20, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
  • Tags: DDOS, DDoS, HEAD Floods, KillNet, Killnet, T1498, T1499, cc.py

  • View other sources: Spamhaus VirusTotal

  • Country: Brazil
  • Network: AS270540 webnet telecom
  • Noticed: 22 times
  • Protcols Attacked: spam

Open Ports Detected

123 443 80 8000

Map

Whois Information

  • inetnum: 189.85.112.0/22
  • aut-num: AS270540
  • abuse-c: NCCLT43
  • owner: WEBNET Telecom
  • ownerid: 14.687.411/0001-01
  • responsible: CLARO & COLOMBARI LTDA - ME
  • owner-c: CCLME228
  • tech-c: NCCLT43
  • inetrev: 189.85.112.0/22
  • nserver: nsa1.primeisp.com.br
  • nsstat: 20230422 AA
  • nslastaa: 20230422
  • nserver: nsa2.primeisp.com.br
  • nsstat: 20230422 AA
  • nslastaa: 20230422
  • dsinetrev: 189.85.112.0/24
  • dsrecord: 60907 ECDSA-SHA-256 78CBB8CF5E5E311417F828E6C31AB4721F759D0FDFAEAAB68ACA0BD3F1E7C517
  • dsstatus: 20230422 OK
  • dslastok: 20230422
  • dsinetrev: 189.85.113.0/24
  • dsrecord: 730 ECDSA-SHA-256 3916E463090DFC3A2BC84E6CF75E2976300C3EA88B668A95AFC53681B15940E9
  • dsstatus: 20230422 OK
  • dslastok: 20230422
  • dsinetrev: 189.85.114.0/24
  • dsrecord: 56598 ECDSA-SHA-256 BFBAA8A93068D395DFAE3F0365817FD40C3886FB82A2B25737E98CE22B48A3E3
  • dsstatus: 20230422 OK
  • dslastok: 20230422
  • dsinetrev: 189.85.115.0/24
  • dsrecord: 12561 ECDSA-SHA-256 32AA26C565C8C0F34E184EC8C8D527F27021FB0B0A5D9586DF3957F53895ECA9
  • dsstatus: 20230422 OK
  • dslastok: 20230422
  • created: 20200319
  • changed: 20200618
  • nic-hdl-br: CCLME228
  • person: CLARO & COLOMBARI LTDA ME
  • created: 20200204
  • changed: 20230407
  • nic-hdl-br: NCCLT43
  • person: NOC CLARO & COLOMBARI LTDA
  • created: 20200204
  • changed: 20200204

Links to attack logs

forum-spam-ip-list-2022-07-16