20.100.196.242 Threat Intelligence and Host Information

Share on:
Aug 13, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 20.100.196.242 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

  • Tags: Brute-Force, Bruteforce, SSH

  • View other sources: Spamhaus VirusTotal

  • Country: Norway
  • Network: AS8075 microsoft corporation
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Passive DNS Results: flexrestorehaserver638255550061670435.postgres.database.azure.com xrrhjbim.xyz wujtpptw.xyz gyhiqiay.xyz mmihimjy.xyz aloewhxr.xyz ldpyarnl.xyz yhinbrpi.xyz yjfpyysd.xyz fiuxsfsx.xyz yphzxdcl.xyz akqkifbz.xyz mqwezoxw.xyz apkdomrm.xyz juudadgj.xyz pudqyvww.xyz ljqjjrop.xyz efmfgphh.xyz ilufkwfv.xyz dnylgeqe.xyz zweruays.xyz vwgncahw.xyz lctryjqf.xyz njsdrorn.xyz ikxjnedz.xyz loxrgisv.xyz yjbownoa.xyz bvxasotu.xyz kklebylk.xyz jrbkduwf.xyz gipxmoaw.xyz hfdhenkc.xyz kqyncihx.xyz ubgttint.xyz mpltiksh.xyz ggfbmcwa.xyz gfqlkfbs.xyz ulxmemyo.xyz jfqcwbcl.xyz uwtpvddo.xyz okcriygc.xyz esrjgmcy.xyz oaupenru.xyz fyohdisg.xyz gibwixac.xyz rkretajq.xyz koarzqmb.xyz vmesjcod.xyz wpgthmvm.xyz xuwjspiz.xyz alzbvdul.xyz ziqwsmoi.xyz hvuwqjpo.xyz tbrhvwaq.xyz dnwmvuyr.xyz ceiifzqf.xyz wtjudxub.xyz isokohfc.xyz bjtzizqo.xyz hvlvzddy.xyz sszovfil.xyz ddanstkw.xyz drenvfoc.xyz iudivjmr.xyz ijhixpex.xyz mfglpvcq.xyz yxtcbvfc.xyz rgyjdnmy.xyz kxqyzrrr.xyz rhhkakor.xyz ukywwsxd.xyz ixbuwhph.xyz fvkgiqlk.xyz hyimpnlg.xyz msfxgwwp.xyz ktsvekuq.xyz kwnjnruy.xyz lyyuyfbn.xyz fmgymdwl.xyz lbucmojd.xyz eljbogdl.xyz fhuybbdl.xyz ionqcffa.xyz kntxzhzr.xyz ajgyamns.xyz annlcvbg.xyz aurwrczy.xyz djmasbmj.xyz drjjkosw.xyz dsqcugjm.xyz cllfkupv.xyz vcewfxuu.xyz vclhpzat.xyz melpavzg.xyz mzlhnxls.xyz ikzpihdo.xyz qpqrwppm.xyz ijmqknsl.xyz zwdtsgci.xyz gpuylzpb.xyz ophewsgb.xyz ufsqqtws.xyz naxyewny.xyz roiwzprg.xyz fmuqmiqn.xyz flexharestoreserver638128739311820222.postgres.database.azure.com flexharestoreserver638128667312445731.postgres.database.azure.com

Open Ports Detected

110 143 25 465 587 7010 8000 8010 8020 8080 993 995

Map

Whois Information

  • NetRange: 20.33.0.0 - 20.128.255.255
  • CIDR: 20.128.0.0/16, 20.64.0.0/10, 20.36.0.0/14, 20.34.0.0/15, 20.33.0.0/16, 20.48.0.0/12, 20.40.0.0/13
  • NetName: MSFT
  • NetHandle: NET-20-33-0-0-1
  • Parent: NET20 (NET-20-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS:
  • Organization: Microsoft Corporation (MSFT)
  • RegDate: 2017-10-18
  • Updated: 2021-12-14
  • Ref: https://rdap.arin.net/registry/ip/20.33.0.0
  • OrgName: Microsoft Corporation
  • OrgId: MSFT
  • Address: One Microsoft Way
  • City: Redmond
  • StateProv: WA
  • PostalCode: 98052
  • Country: US
  • RegDate: 1998-07-10
  • Updated: 2023-06-13
  • Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
  • Comment: * https://cert.microsoft.com.
  • Comment:
  • Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
  • Comment: * [email protected].
  • Comment:
  • Comment: To report security vulnerabilities in Microsoft products and services, please contact:
  • Comment: * [email protected].
  • Comment:
  • Comment: For legal and law enforcement-related requests, please contact:
  • Comment: * [email protected]
  • Comment:
  • Comment: For routing, peering or DNS issues, please
  • Comment: contact:
  • Comment: * [email protected]
  • Ref: https://rdap.arin.net/registry/entity/MSFT
  • OrgRoutingHandle: CHATU3-ARIN
  • OrgRoutingName: Chaturmohta, Somesh
  • OrgRoutingPhone: +1-425-516-2387
  • OrgRoutingEmail: [email protected]
  • OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
  • OrgTechHandle: MRPD-ARIN
  • OrgTechName: Microsoft Routing, Peering, and DNS
  • OrgTechPhone: +1-425-882-8080
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
  • OrgTechHandle: SINGH683-ARIN
  • OrgTechName: Singh, Prachi
  • OrgTechPhone: +1-425-707-5601
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
  • OrgAbuseHandle: MAC74-ARIN
  • OrgAbuseName: Microsoft Abuse Contact
  • OrgAbusePhone: +1-425-882-8080
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
  • OrgTechHandle: BEDAR6-ARIN
  • OrgTechName: Bedard, Dawn
  • OrgTechPhone: +1-425-538-6637
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
  • OrgTechHandle: IPHOS5-ARIN
  • OrgTechName: IPHostmaster, IPHostmaster
  • OrgTechPhone: +1-425-538-6637
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN

Links to attack logs

bruteforce-ip-list-2023-08-13