202.61.249.76 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 47/100

Host and Network Information

  • Tags: Bruteforce, Nextray, RDP, SSH, Telnet, abuse, attack, bruteforce, cyber security, fraud, ioc, ipqs, ipqualityscore, login, malicious, phishing, scanner, web attack
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh

  • Country: Germany
  • Network: AS197540 netcup gmbh
  • Noticed: 50 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: messages.captionai.app web.captionai.app tickets.captionai.app pocketbase.captionai.app api.captionai.app cloud.captionai.app images.captionai.app status.captionai.app www.captionai.app k8s.captionai.app rabbit.captionai.app cache.captionai.app keycloak.captionai.app apex.captionai.app drone.captionai.app yacht.captionai.app registry.captionai.app beta.captionai.app portainer.captionai.app wiki.captionai.app captionai.app rancher.lgehrke.de docker.lgehrke.de k8s.lgehrke.de portainer.lgehrke.de registry.lgehrke.de yumiyay-twitch.lgehrke.de www.lgehrke.de lgehrke.de apex.lgehrke.de gitlab.lgehrke.de

Open Ports Detected

22 3000 3001 3090 3306 3307 4000 5000 5050 5432 631 6443 80 81 9001

CVEs Detected

CVE-2020-1967 CVE-2020-1971 CVE-2021-23840 CVE-2021-23841 CVE-2021-3449 CVE-2021-3711 CVE-2021-3712 CVE-2021-4160 CVE-2022-0778 CVE-2022-1292 CVE-2022-2068 CVE-2022-2097 CVE-2022-4304 CVE-2022-4450 CVE-2023-0215 CVE-2023-0286 CVE-2023-0464 CVE-2023-0465 CVE-2023-0466

Map

Whois Information

  • inetnum: 202.61.192.0 - 202.61.255.255
  • netname: STUB-202-61-192SLASH18
  • descr: Transferred to the RIPE region on 2020-07-28T09:18:38Z.
  • country: ZZ
  • admin-c: STUB-AP
  • tech-c: STUB-AP
  • abuse-c: AS2444-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-STUB
  • mnt-irt: IRT-STUB-AP
  • last-modified: 2023-04-16T02:36:16Z
  • irt: IRT-STUB-AP
  • address: N/A
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: STUB-AP
  • tech-c: STUB-AP
  • mnt-by: APNIC-HM
  • last-modified: 2019-09-23T05:22:43Z
  • role: ABUSE STUBAP
  • address: N/A
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • admin-c: STUB-AP
  • tech-c: STUB-AP
  • nic-hdl: AS2444-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2020-07-03T00:30:58Z
  • person: STUB PERSON
  • address: N/A
  • country: ZZ
  • phone: +00 0000 0000
  • e-mail: [email protected]
  • nic-hdl: STUB-AP
  • mnt-by: APNIC-HM
  • last-modified: 2019-09-23T04:53:33Z

Links to attack logs

bruteforce-ip-list-2021-03-28