206.119.64.127 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: Nextray, UK Based, awsbah, bruteforce, cyber security, ioc, ip monitor, malicious, phishing, redis
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua

  • Country: United States of America
  • Network: AS8796 kurun cloud inc
  • Noticed: 9 times
  • Protcols Attacked: redis
  • Countries Attacked: Bahrain, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: kjdao.org kjdao.cc zmxxp.com 471809.com 405446.com 048193.com 038959.com 155498.com 848249.com 057929.com 427409.com 453769.com 442434.com 740374.com 721149.com 596494.com 444k9.com 536872.com 2109e.com 227184.com 494412.com 258162.com 657yh.com 544939.com 841772.com 275749.com

Open Ports Detected

21 443 80

Map

Whois Information

  • NetRange: 206.119.0.0 - 206.119.255.255
  • CIDR: 206.119.0.0/16
  • NetName: COGENT-206-119-16
  • NetHandle: NET-206-119-0-0-1
  • Parent: NET206 (NET-206-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS174
  • Organization: The Internet Access Company (TIAC)
  • RegDate: 1995-08-23
  • Updated: 2011-05-27
  • Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
  • Ref: https://rdap.arin.net/registry/ip/206.119.0.0
  • OrgName: The Internet Access Company
  • OrgId: TIAC
  • Address: 2450 N Street NW
  • City: Washington
  • StateProv: DC
  • PostalCode: 20037
  • Country: US
  • RegDate: 1995-08-23
  • Updated: 2015-06-04
  • Ref: https://rdap.arin.net/registry/entity/TIAC
  • OrgAbuseHandle: COGEN-ARIN
  • OrgAbuseName: Cogent Abuse
  • OrgAbusePhone: +1-877-875-4311
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
  • OrgTechHandle: IPALL-ARIN
  • OrgTechName: IP Allocation
  • OrgTechPhone: +1-877-875-4311
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
  • OrgNOCHandle: ZC108-ARIN
  • OrgNOCName: Cogent Communications
  • OrgNOCPhone: +1-877-875-4311
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN

Links to attack logs

awsbah-redis-bruteforce-ip-list-2022-01-24