202.169.224.202 Threat Intelligence and Host Information

Jun 19, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 202.169.224.202 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 33/100

Host and Network Information

  • Mitre ATT&CK IDs: T1595 - Active Scanning

  • Tags: scan, sip, sipvicious, ssh

  • View other sources: Spamhaus VirusTotal

  • Country: Indonesia
  • Network: AS23671 pt. sarana insanmuda selaras
  • Noticed: 1 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia
  • Passive DNS Results: www.pendidikan-diy.go.id 202.169.224.202 pendidikan-diy.go.id go.id

Malware Detected on Host

Count: 10 72bc5ba55593a3e21fcd3e5e1009157cd2ae6837ee46a7396d599ce8669c72f5 21d5a5b27c2cebe13083afd6cd520b43809ef92dfcdf3adde7b8bdc1e4f20228 21d3240b30cc7c94bbdb34d244306bb8da1f8b7bd11026cba85ad692d32817aa 52a88621873b14752d60b3a03e670bca3648af71a67195256525d0584a48872a 93d3623341736cadfc5c8b05152d650b2a33e2aa3672971512e41faa3e90552d e96a7f2de2a736644199aba2a7e5078251c3118f5154c34f8dd90408bda3e1aa 2ce77152bfeae7ca80508f31c75e4191725cfbfdc4cfe1e5d530d11e644eeef2 ccdd4a08e1ea36a6ea2332506658f9020d245d2d74230d232d36470e3801f178 3a2b47f37895b9aa948d9b6eb8343d0dd735f69f2a7b1c201e7af713b98cbb13 d9c0bc4adabfc3eb6f70a635cd65b14f2a4ddc9fd8912df99f686cf22c111922

Open Ports Detected

137 22 445 80 8080 8087 8088 81 9000 9443

CVEs Detected

CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

Map

Whois Information

  • inetnum: 202.169.224.0 - 202.169.239.255
  • netname: JMN-ID
  • descr: Jogja Medianet
  • descr: Cable TV and Broadband Internet Operator
  • descr: Jl. Bhinneka Tunggal Ika K-2 Sekip Bulaksumur
  • descr: Jogjakarta
  • country: ID
  • admin-c: JH243-AP
  • tech-c: JH243-AP
  • mnt-by: MNT-APJII-ID
  • mnt-irt: IRT-IDNIC-ID
  • mnt-lower: MAINT-ID-JMN
  • mnt-routes: MAINT-ID-JMN
  • status: ALLOCATED PORTABLE
  • last-modified: 2015-12-01T22:28:31Z
  • irt: IRT-IDNIC-ID
  • address: INDONESIA NETWORK INFORMATION CENTER
  • address: Cyber Building 11th Floor
  • address: Jl. Kuningan Barat No.8
  • address: Jakarta Selatan 12710
  • e-mail: abuse@idnic.net
  • abuse-mailbox: abuse@idnic.net
  • admin-c: IA55-AP
  • tech-c: IH123-AP
  • mnt-by: MNT-APJII-ID
  • last-modified: 2018-05-31T22:29:03Z
  • role: JMN HOSTMASTER
  • address: PT. Saranainsan Mudaselaras
  • address: Jogja Medianet
  • address: Cable TV and Broadband Internet Operator
  • address: Jl. Bhinneka Tunggal Ika K-2 Sekip Bulaksumur
  • address: Jogjakarta
  • country: ID
  • phone: +62-274-544000
  • fax-no: +62-274-545000
  • e-mail: hostmaster@jmn.net.id
  • admin-c: AD18-AP
  • tech-c: EM88-AP
  • nic-hdl: JH243-AP
  • notify: hostmaster@jmn.net.id
  • mnt-by: MAINT-ID-JMN
  • last-modified: 2011-12-06T00:12:14Z
  • route: 202.169.224.0/24
  • descr: LIFEMEDIA
  • descr: Broadband Internet Operator
  • descr: Jl. Bhinneka Tunggal Ika K-2 Sekip Bulaksumur
  • descr: Jogjakarta
  • origin: AS23671
  • country: ID
  • mnt-by: MAINT-ID-JMN
  • last-modified: 2019-11-20T09:04:39Z
  • inetnum: 202.169.224.192 - 202.169.224.255
  • netname: SchoolNet-JMN
  • country: ID
  • descr: IP SchoolNet Block
  • descr: Jogja Medianet Customers
  • descr: Cable TV and Broadband Internet Operator
  • descr: Jl. Bhinneka Tunggal Ika K-2 Sekip Bulaksumur
  • descr: Jogjakarta
  • admin-c: JH243-AP
  • tech-c: JH243-AP
  • status: ASSIGNED NON-PORTABLE
  • mnt-by: MAINT-ID-JMN
  • last-modified: 2009-06-17T02:15:18Z
  • role: JMN HOSTMASTER
  • address: PT. Saranainsan Mudaselaras
  • address: Life Media
  • address: Internet Service Provider
  • address: Jl. Parangtritis 97, RT 57 RW 15, Brontokusuman, Mergangsan
  • address: DI Yogyakarta 55153
  • country: ID
  • phone: +62-274-6055655
  • fax-no: +62-274-6055655
  • e-mail: hostmaster@jmn.net.id
  • admin-c: AD18-AP
  • tech-c: EM88-AP
  • tech-c: DA458-AP
  • nic-hdl: JH243-AP
  • notify: hostmaster@jmn.net.id
  • mnt-by: MAINT-ID-JMN
  • last-modified: 2024-04-18T01:17:46Z
  • route: 202.169.224.0/24
  • descr: Jogja Medianet
  • descr: Cable TV and Broadband Internet Operator
  • descr: Jl. Bhinneka Tunggal Ika K-2 Sekip Bulaksumur
  • descr: Jogjakarta
  • origin: AS23671
  • country: ID
  • mnt-by: MAINT-ID-JMN
  • last-modified: 2012-09-21T15:38:01Z

Links to attack logs

vultrmadrid-ssh-bruteforce-ip-list-2024-05-31

Share on: