190.12.120.250 Threat Intelligence and Host Information

Share on:
Apr 20, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Known Malicious Host 🔴 80/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110 - Brute Force, T1110.004 - Credential Stuffing
  • Tags: Brute-Force, Bruteforce, Nextray, SSH, Scanner, Webattack, bruteforce, cowrie, cyber security, digital ocean, ioc, malicious, phishing, scanners, scanning, smtp, ssh, tcp, vultr
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_de, blocklist_de_ssh, greensnow, haley_ssh

  • Country: Argentina
  • Network: AS11014 cps
  • Noticed: 50 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 1 6f93745bc37e274fda2d82935e0e95750277f511bd365e7ef968944f665f832d

Open Ports Detected

21 4118 443 4899 80 8080 8083 82 9000 9443

CVEs Detected

CVE-1999-0450 CVE-2000-0071 CVE-2000-0246 CVE-2000-0258 CVE-2000-0304 CVE-2000-0408 CVE-2000-0413 CVE-2000-0457 CVE-2000-0630 CVE-2000-0631 CVE-2000-0649 CVE-2000-0746 CVE-2000-0770 CVE-2000-0778 CVE-2000-0884 CVE-2000-0886 CVE-2000-0951 CVE-2000-0970 CVE-2000-1104 CVE-2001-0004 CVE-2001-0096 CVE-2001-0146 CVE-2001-0151 CVE-2001-0506 CVE-2001-0507 CVE-2001-0508 CVE-2001-0544 CVE-2001-0902 CVE-2001-1186 CVE-2001-1243 CVE-2002-0071 CVE-2002-0072 CVE-2002-0073 CVE-2002-0074 CVE-2002-0075 CVE-2002-0079 CVE-2002-0147 CVE-2002-0148 CVE-2002-0149 CVE-2002-0150 CVE-2002-0224 CVE-2002-0364 CVE-2002-0419 CVE-2002-0422 CVE-2002-0862 CVE-2002-0869 CVE-2002-1180 CVE-2002-1181 CVE-2002-1182 CVE-2002-1694 CVE-2002-1695 CVE-2002-1700 CVE-2002-1744 CVE-2002-1745 CVE-2002-1790 CVE-2002-1908 CVE-2003-0223 CVE-2003-0224 CVE-2003-0225 CVE-2003-0226 CVE-2003-0718 CVE-2003-1566 CVE-2003-1567 CVE-2005-2089 CVE-2005-2678 CVE-2006-0026 CVE-2007-2815 CVE-2008-0074 CVE-2008-1446 CVE-2009-1122 CVE-2009-2521 CVE-2009-4444 CVE-2009-4445 CVE-2011-5279

Map

Whois Information

  • inetnum: 190.12.120.248/29
  • status: reallocated
  • aut-num: N/A
  • owner: TRANSPORTES FURLONG S.A.
  • ownerid: AR-TFSA7-LACNIC
  • responsible: RICARDO BIECHER
  • address: RUTA PANAMERICANA, KM 35, km 35,5
  • address: B1667KNOV - GENERAL PACHECO -
  • country: AR
  • phone: +54 3327 440100
  • owner-c: RIB44
  • tech-c: RIB44
  • abuse-c: RIB44
  • created: 20190202
  • changed: 20190202
  • inetnum-up: 190.12.112.0/20
  • nic-hdl: RIB44
  • person: RICARDO BIECHER
  • e-mail: [email protected]
  • address: RUTA PANAMERICANA, KM, 35.5
  • address: B1667KNOV - GENERAL PACHECO - BA
  • country: AR
  • phone: +54 3327 440100 [0]
  • created: 20150515
  • changed: 20150515

Links to attack logs

vultrwarsaw-ssh-bruteforce-ip-list-2022-08-15 bruteforce-ip-list-2021-09-14 bruteforce-ip-list-2021-09-18 vultrparis-ssh-bruteforce-ip-list-2022-06-19 bruteforce-ip-list-2021-09-10 dofrank-ssh-bruteforce-ip-list-2022-06-18 dolondon-ssh-bruteforce-ip-list-2022-07-17 dosing-ssh-bruteforce-ip-list-2022-06-15 dolondon-ssh-bruteforce-ip-list-2022-06-16 bruteforce-ip-list-2021-09-04 dotoronto-ssh-bruteforce-ip-list-2022-08-24 vultrparis-ssh-bruteforce-ip-list-2022-09-09