192.169.201.6 Threat Intelligence and Host Information

Share on:

Apr 20, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 45/100

Host and Network Information

Mitre ATT&CK IDs: T1110 - Brute Force
Tags: Brute-Force, Bruteforce, Nextray, SSH, Telnet, attack, aws, brute-force, bruteforce, cowrie, cyber security, digital ocean, ioc, login, malicious, phishing, scanner, scanners, ssh, tcp, vultr
View other sources: Spamhaus VirusTotal
Country: United States of America
Network: AS26496 godaddy.com llc
Noticed: 34 times
Protcols Attacked: ssh
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Singapore, Turkey, Ukraine, United Kingdom, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: onlinelaundry.com newyorkmart.com

Malware Detected on Host

Count: 1 f0e4561e89a4ce22997abdefa18906df0ee764c292fce308cdd3c62f6cb9174f

Open Ports Detected

2077 21 22 3306 443 587 80

CVEs Detected

Map

Whois Information

NetRange: 192.169.128.0 - 192.169.255.255
CIDR: 192.169.128.0/17
NetName: GO-DADDY-COM-LLC
NetHandle: NET-192-169-128-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS26496
Organization: GoDaddy.com, LLC (GODAD)
RegDate: 2013-01-30
Updated: 2014-02-25
Comment: Please send abuse complaints to [email protected]
Ref: https://rdap.arin.net/registry/ip/192.169.128.0
OrgName: GoDaddy.com, LLC
OrgId: GODAD
Address: 2155 E GoDaddy Way
City: Tempe
StateProv: AZ
PostalCode: 85284
Country: US
RegDate: 2007-06-01
Updated: 2022-08-02
Comment: Please send abuse complaints to [email protected]
Ref: https://rdap.arin.net/registry/entity/GODAD
OrgNOCHandle: NOC124-ARIN
OrgNOCName: Network Operations Center
OrgNOCPhone: +1-480-505-8809
OrgNOCEmail: [email protected]
OrgNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
OrgTechHandle: NOC124-ARIN
OrgTechName: Network Operations Center
OrgTechPhone: +1-480-505-8809
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
OrgAbuseHandle: ABUSE51-ARIN
OrgAbuseName: Abuse Department
OrgAbusePhone: +1-480-624-2505
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
RAbuseHandle: ABUSE51-ARIN
RAbuseName: Abuse Department
RAbusePhone: +1-480-624-2505
RAbuseEmail: [email protected]
RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
RNOCHandle: NOC124-ARIN
RNOCName: Network Operations Center
RNOCPhone: +1-480-505-8809
RNOCEmail: [email protected]
RNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
RTechHandle: NOC124-ARIN
RTechName: Network Operations Center
RTechPhone: +1-480-505-8809
RTechEmail: [email protected]
RTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN

Links to attack logs