79.137.197.188 Threat Intelligence and Host Information

Share on:
Apr 25, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110.004 - Credential Stuffing
  • Tags: Brute-Force, Bruteforce, Nextray, SSH, SSH Bruteforce, cyber security, ioc, malicious, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: Russian Federation
  • Network: AS12695 llc digital network
  • Noticed: 17 times
  • Protcols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

11000 11210 11211 119 13 143 16010 1883 19000 1962 2010 2018 2049 20547 21 21025 2121 2222 2223 2379 2525 2567 264 3005 3057 3081 3101 3113 3117 32764 37 4063 43 4321 44158 443 4444 448 449 4506 4734 4899 49153 5009 503 5122 5209 5222 5357 54138 55000 55554 5592 5599 6080 62078 6512 666 7547 7634 771 7778 79 80 8009 8038 8047 8103 8110 8126 8200 8248 8334 8423 8554 873 8988 9032 9042 9217 9704 995 9998

Map

Whois Information

  • inetnum: 79.137.196.0 - 79.137.199.255
  • netname: aeza-net-7
  • country: NL
  • geofeed: https://aeza.net/static/ipv4_f.csv
  • geoloc: 52.3559446 4.9531184
  • org: ORG-AGL38-RIPE
  • mnt-routes: aeza-mnt
  • mnt-domains: aeza-mnt
  • admin-c: AN32749-RIPE
  • tech-c: AN32749-RIPE
  • status: ASSIGNED PA
  • mnt-by: DN-MNT
  • created: 2022-09-01T13:10:46Z
  • last-modified: 2023-02-27T08:09:03Z
  • organisation: ORG-AGL38-RIPE
  • org-name: AEZA GROUP LLC
  • org-type: OTHER
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • abuse-c: AA38875-RIPE
  • mnt-ref: aeza-mnt
  • mnt-ref: DN-MNT
  • mnt-ref: VF1-MNT
  • mnt-ref: DATAMAX-M
  • mnt-by: aeza-mnt
  • created: 2021-11-23T13:59:30Z
  • last-modified: 2023-01-06T12:18:43Z
  • role: Aeza Network
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • nic-hdl: AN32749-RIPE
  • mnt-by: aeza-group-mnt
  • created: 2021-11-24T09:55:02Z
  • last-modified: 2021-11-24T09:55:02Z
  • route: 79.137.196.0/22
  • origin: AS210644
  • mnt-by: aeza-mnt
  • mnt-by: AEZA-NETWORK-MNT
  • created: 2022-09-01T23:02:07Z
  • last-modified: 2022-09-01T23:02:07Z

Links to attack logs

dotoronto-ssh-bruteforce-ip-list-2022-12-24