199.19.72.24 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 199.19.72.24 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

• Tags: Bruteforce, Brute-Force, cyber security, ioc, malicious, Nextray, phishing, SSH

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: blocklist_net_ua

• Country: United States
• Network:
• Noticed: 50 times
• Protocols Attacked: ssh
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10001 10004 10005 10006 10007 10009 10016 10018 10019 10024 10025 10032 10036 10038 10040 10044 10049 10050 10051 10071 10075 10086 10093 10100 10106 10134 10243 10250 10251 10256 10348 10443 10477 10480 10554 10911 10933 10934 11000 11002 11084 11101 11112 11210 11211 11288 11300 11371 11434 12019 12056 12084 12101 12105 12108 12109 12111 12112 12118 12120 12127 12140 12146 12150 12154 12156 12164 12169 12171 12173 12176 12179 12181 12185 12186 12188 12190 12195 12202 12204 12205 12207 12213 12214 12219 12221 12226 12228 12229 12230 12232 12240 12242 12243 12251 12261 12263 12265 12267 12269 12271 12273 12277 12292 12293 12294 12297 12306 12312 12314 12324 12325 12327 12334 12337 12338 12341 12345 12346 12354 12361 12366 12369 12372 12373 12374 12377 12378 12379 12380 12382 12390 12391 12392 12397 12399 12400 12407 12408 12411 12412 12425 12428 12429 12434 12435 12440 12442 12443 12445 12449 12453 12454 12458 12459 12460 12473 12474 12475 12477 12485 12490 12501 12504 12505 12506 12508 12510 12516 12522 12527 12528 12532 12534 12542 12545 12547 12549 12552 12553 12559 12574 12576 12577 12578 12579 12581 12585 12601 13047 13082 13380 13579 14006 14084 14104 14147 14182 14265 14330 14344 14404 14825 14896 14897 14900 14903 14905 443 5000 5005 5006 5007 5010 5022 5025 5053 5089 5090 5093 5122 5130 5150 5172 5201 5209 5222 5227 5229 5231 5239 5243 5245 5247 5251 5256 5257 5262 5263 5267 5268 5269 5270 5271 5272 5274 5277 5279 5351 5357 5432 5435 5495 5544 5555 5560 5568 5569 5596 5597 5599 5600 5601 5609 5613 5620 5640 5650 5671 5672 5678 5698 5721 5800 5801 5822 5853 5858 5900 5901 5902 5909 5917 5918 5920 5938 5984 5986 5991 5996 5997 5999 6000 6001 6002 6004 6008 6010 6022 6060 6061 6070 6080 6081 6100 6262 6379 6405 6440 6443 6500 6503 6505 6511 6512 6513 6543 6550 6561 6581 6590 6601 6603 6633 6653 6662 6666 6667 6668 6688 6697 6700 6955 6998 7001 7005 7012 7070 7071 7083 7084 7085 7087 7100 7171 7218 7349 7401 7415 7434 7441 7444 7465 7474 7510 7537 7547 7548 7603 7634 7654 7657 7773 7774 7775 7777 7779 7780 7900 7989 8000 8001 8005 8008 8009 8010 8012 8019 8022 8024 8032 8038 8039 8041 8053 8056 8058 8059 8060 8064 8067 8069 8073 8080 8081 8082 8083 8085 8086 8087 8089 8090 8093 8094 8099 8106 8108 8110 8115 8121 8123 8124 8126 8129 8135 8136 8137 8139 8140 8144 8145 8147 8148 8149 8154 8160 8161 8162 8163 8168 8170 8171 8174 8181 8182 8186 8187 8188 8196 8200 8222 8248 8249 8251 8252 8291 8300 8315 8316 8333 8334 8343 8384 8401 8402 8412 8414 8415 8420 8421 8428 8433 8435 8436 8441 8443 8445 8446 8449 8450 8452 8454 8457 8463 8467 8473 8481 8485 8488 8494 8500 8501 8505 8506 8510 8519 8524 8531 8533 8544 8545 8548 8550 8554 8556 8558 8561 8563 8567 8568 8569 8570 8573 8575 8576 8581 8587 8589 8591 8592 8595 8596 8602 8621 8622 8623 8630 8637 8649 8666 8688 8700 8704 8723 8728 8733 8782 8784 8787 8790 8800 8809 8814 8816 8820 8832 8833 8834 8835 8838 8843 8844 8846 8847 8849 8850 8856 8858 8859 8860 8863 8864 8865 8866 8867 8868 8871 8872 8877 8880 8882 8887 8888 8889 8899 8900 8907 8943 9000 9001 9002 9007 9008 9009 9010 9013 9016 9017 9021 9022 9026 9032 9036 9037 9042 9043 9051 9055 9058 9061 9063 9064 9066 9068 9069 9071 9072 9076 9079 9080 9082 9083 9084 9090 9091 9092 9093 9095 9096 9097 9098 9099 9100 9101 9103 9104 9106 9109 9111 9113 9122 9124 9128 9129 9130 9131 9132 9136 9137 9138 9140 9150 9151 9154 9156 9158 9159 9160 9170 9178 9180 9184 9185 9187 9189 9190 9191 9192 9195 9196 9204 9210 9211 9212 9214 9219 9242 9243 9249 9251 9252 9257 9289 9292 9295 9299 9305 9306 9307 9308 9310 9333 9350 9351 9389 9393 9418 9443 9446 9458 9480 9515 9529 9530 9532 9550 9595 9600 9606 9633 9658 9674 9700 9710 9761 9797 9800 9810 9861 9869 9876 9898 9901 9909 9918 9919 9922 9923 9928 9929 9943 9944 9950 9981 9988 9992 9999

Map

Whois Information

• NetRange: 199.19.72.0 - 199.19.75.255
• CIDR: 199.19.72.0/22
• NetName: KAMAT
• NetHandle: NET-199-19-72-0-1
• Parent: NET199 (NET-199-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS396949, AS36007
• Organization: Kamatera, Inc. (KAMAT)
• RegDate: 2019-01-22
• Updated: 2021-08-30
• Ref: https://rdap.arin.net/registry/ip/199.19.72.0
• OrgName: Kamatera, Inc.
• OrgId: KAMAT
• Address: 315 Madison Ave.
• City: New York City
• StateProv: NY
• PostalCode: 10017
• Country: US
• RegDate: 2015-06-08
• Updated: 2018-08-13
• Ref: https://rdap.arin.net/registry/entity/KAMAT
• OrgAbuseHandle: CWM4-ARIN
• OrgAbuseName: Cloud Web Manage
• OrgAbusePhone: +1-212-738-9657
• OrgAbuseEmail: abuse@cloudwm.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/CWM4-ARIN
• OrgNOCHandle: CWM4-ARIN
• OrgNOCName: Cloud Web Manage
• OrgNOCPhone: +1-212-738-9657
• OrgNOCEmail: abuse@cloudwm.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CWM4-ARIN
• OrgTechHandle: CWM4-ARIN
• OrgTechName: Cloud Web Manage
• OrgTechPhone: +1-212-738-9657
• OrgTechEmail: abuse@cloudwm.com
• OrgTechRef: https://rdap.arin.net/registry/entity/CWM4-ARIN
• NetRange: 199.19.72.0 - 199.19.72.255
• CIDR: 199.19.72.0/24
• NetName: KAMATERA-US-NY2
• NetHandle: NET-199-19-72-0-2
• Parent: KAMAT (NET-199-19-72-0-1)
• NetType: Reassigned
• OriginAS: AS36007
• Customer: Cloud Web Manage (C07616328)
• RegDate: 2020-08-12
• Updated: 2023-03-12
• Comment: Kamatera is a global cloud services platform providing enterprise-grade cloud infrastructure products to organizations of all types and sizes.
• Ref: https://rdap.arin.net/registry/ip/199.19.72.0
• CustName: Cloud Web Manage
• Address: 315 Madison Ave
• City: New York City
• StateProv: NY
• PostalCode: 10017
• Country: US
• RegDate: 2020-08-12
• Updated: 2023-03-12
• Ref: https://rdap.arin.net/registry/entity/C07616328
• OrgAbuseHandle: CWM4-ARIN
• OrgAbuseName: Cloud Web Manage
• OrgAbusePhone: +1-212-738-9657
• OrgAbuseEmail: abuse@cloudwm.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/CWM4-ARIN
• OrgNOCHandle: CWM4-ARIN
• OrgNOCName: Cloud Web Manage
• OrgNOCPhone: +1-212-738-9657
• OrgNOCEmail: abuse@cloudwm.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/CWM4-ARIN
• OrgTechHandle: CWM4-ARIN
• OrgTechName: Cloud Web Manage
• OrgTechPhone: +1-212-738-9657
• OrgTechEmail: abuse@cloudwm.com
• OrgTechRef: https://rdap.arin.net/registry/entity/CWM4-ARIN

Links to attack logs

****** ****** vultrwarsaw-ssh-bruteforce-ip-list-2022-12-28 dofrank-ssh-bruteforce-ip-list-2022-12-28 dosing-ssh-bruteforce-ip-list-2022-12-21 ****** ******