221.120.193.252 Threat Intelligence and Host Information

Share on:
Jun 28, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 221.120.193.252 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 17/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force

  • Tags: Bruteforce, cowrie, ssh

  • View other sources: Spamhaus VirusTotal

  • Country: Pakistan
  • Network: AS17557 pakistan telecommunication company limited
  • Noticed: 1 times
  • Protcols Attacked: ssh

Malware Detected on Host

Count: 2 754c52b51b0f1bfd75404efd2169a971315b3e236a79be8dfb7145a7a250b508 5a8ab07d811a8a0783d4bdcde84d954514ca4be2b3695dff9b4a78f779549ad1

Open Ports Detected

161 80

Map

Whois Information

  • inetnum: 221.120.192.0 - 221.120.207.255
  • netname: PTCL
  • descr: ITI
  • country: PK
  • admin-c: MA527-AP
  • tech-c: MA527-AP
  • abuse-c: AP1078-AP
  • status: ALLOCATED NON-PORTABLE
  • mnt-by: MAINT-PK-PTCLBB
  • mnt-irt: IRT-PTCLBB-PK
  • last-modified: 2021-01-20T22:25:23Z
  • irt: IRT-PTCLBB-PK
  • address: General Manager,
  • address: Pakistan Telecommunication Company Limited.
  • address: H-9/1, CDDT Building, Training Block
  • address: Islamabad, Pakistan
  • e-mail: [email protected]
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: MA527-AP
  • tech-c: MA527-AP
  • mnt-by: MAINT-PK-PTCLBB
  • last-modified: 2023-02-07T11:55:28Z
  • role: ABUSE PTCLBBPK
  • address: General Manager,
  • address: Pakistan Telecommunication Company Limited.
  • address: H-9/1, CDDT Building, Training Block
  • address: Islamabad, Pakistan
  • country: ZZ
  • phone: +000000000
  • e-mail: [email protected]
  • e-mail: [email protected]
  • admin-c: MA527-AP
  • tech-c: MA527-AP
  • nic-hdl: AP1078-AP
  • abuse-mailbox: [email protected]
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2023-02-07T11:56:27Z
  • person: Munir Ahmed
  • address: SM TAC H-9/1, Islamabad
  • address: Islamabad, Pakistan
  • country: PK
  • phone: +92-51-4865412
  • e-mail: [email protected]
  • e-mail: [email protected]
  • nic-hdl: MA527-AP
  • mnt-by: MAINT-PTCLBB-PK
  • last-modified: 2020-08-26T13:56:32Z
  • route: 221.120.193.0/24
  • origin: AS17557
  • descr: Pakistan Telecommuication company limited
  • mnt-by: MAINT-PK-PTCLBB
  • last-modified: 2020-04-22T04:26:46Z
  • route: 221.120.193.0/24
  • origin: AS9557
  • descr: Pakistan Telecommuication company limited
  • mnt-by: MAINT-PK-PTCLBB
  • last-modified: 2020-04-22T04:03:22Z

Links to attack logs

vultrparis-ssh-bruteforce-ip-list-2023-06-28