202.28.194.163 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force
  • Tags: 0xBFKX, Bruteforce, Nextray, RDP, SSH, Telnet, abuse, attack, aws, bruteforce, cowrie, cyber security, fail2ban, fraud, ioc, ipqs, ipqualityscore, la, lafusioncenter, login, louisiana, malicious, phishing, scanner, scanners, ssh, web attack
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh

  • Country: Thailand
  • Network: AS4621 uninet-th
  • Noticed: 50 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 1 d8f2dfd235afeeded4e4e9de77cf23ad7660ba3839c480c035ce4d832aa3dadc

Open Ports Detected

143 2000 21 8008 8010

Map

Whois Information

  • inetnum: 202.28.0.0 - 202.29.255.255
  • netname: UNINET-TH
  • descr: Office of Info.Tech. Admin. for Educational Development
  • descr: 328 Si Ayutthaya Road
  • country: TH
  • org: ORG-OOIA1-AP
  • admin-c: TS250-AP
  • tech-c: TS250-AP
  • abuse-c: AU136-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-TH-UNINET
  • mnt-routes: MAINT-TH-UNINET
  • mnt-irt: IRT-UNINET-TH
  • last-modified: 2022-09-23T04:07:33Z
  • notify: [email protected]
  • notify: [email protected]
  • notify: [email protected]
  • irt: IRT-UNINET-TH
  • address: 328 Sriayuthaya Rd.,
  • address: Payathai,Ratchathewi
  • address: Bangkok
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: TS250-AP
  • tech-c: TS250-AP
  • mnt-by: MAINT-TH-UNINET
  • last-modified: 2023-02-02T03:15:47Z
  • organisation: ORG-OOIA1-AP
  • org-name: Office of Info.Tech. Admin. for Educational Development
  • country: TH
  • address: 328 Si-Ayutthaya Road, Thung Phayathai Subdistrict
  • phone: +66-2232-4000
  • e-mail: [email protected]
  • mnt-ref: APNIC-HM
  • mnt-by: APNIC-HM
  • last-modified: 2020-11-04T12:55:09Z
  • role: ABUSE UNINETTH
  • address: 328 Sriayuthaya Rd.,
  • address: Payathai,Ratchathewi
  • address: Bangkok
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: TS250-AP
  • tech-c: TS250-AP
  • nic-hdl: AU136-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-02-02T03:16:34Z
  • person: Tawee Sribuddee
  • nic-hdl: TS250-AP
  • e-mail: [email protected]
  • address: 328 Si Ayutthaya Road
  • address: Ratchathewi
  • address: Bangkok
  • phone: +66-2-232-4000
  • fax-no: +66-2-232-4000 ext.5012
  • country: TH
  • mnt-by: MAINT-TH-UNINET
  • last-modified: 2017-10-25T09:21:32Z

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-03-10