82.99.232.18 Threat Intelligence and Host Information

Share on:
May 06, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Likely Malicious Host 🟠 65/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force, T1498 - Network Denial of Service
  • Tags: Cyclops, DDOS, Gamardeon, HermeticWiper, IsaacWiper, KillNet, Nextray, PartyTicket, WhisperGate, attack ddos, botnet, cyber security, ddos, ioc, la, lafusioncenter, list ips, louisiana, malicious, phishing, russia, russian, ukraine, vnc
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: nixspam, socks_proxy_1d, socks_proxy_30d, socks_proxy_7d, sslproxies_1d, sslproxies_30d, sslproxies_7d, stopforumspam, stopforumspam_180d, stopforumspam_365d, stopforumspam_90d

  • Country: Iran, Islamic Republic of
  • Network: AS16322 pars online pjs
  • Noticed: 50 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Russian Federation, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 8 f3fcb7db3b82d7e6e901e7a270135862e9a7c6f7ce33d980aeb7002db7aabcda b200968d13f27008adf4ab5f6a6035e9e00a2deedbcab34249135856474d22c6 a8ec12a12486df617d26547e2a0c36f89dcf21b36875c9519ea1d59c5ddc8a21 a3b7dd0947995ae5f675fa1f1226e33b1dcd110850cdf493f10f529860412704 cabea99fe725f2d39534d11574390a09a5d1ad1f60b0d320de5807d497d4ecbf 1f7fd769ff11216941a63e10af1bdcd352463f0196bb5c47ff0cab798995f030 f4bb07fcc5b61e72c473bd3b095141f5b000987d19131803efb7f04ca3d34e49 a014890912915ebeb283b0aae8fcb1c8929b18f15a4153da81d89af7037acfe9

Open Ports Detected

2000 21 22 23 37777 80 8291 8728

Map

Whois Information

  • inetnum: 82.99.231.96 - 82.99.232.255
  • netname: PcomTelecom
  • descr: Pouya Shabakeh Asr
  • country: IR
  • admin-c: BF1967-RIPE
  • tech-c: BF1967-RIPE
  • status: ASSIGNED PA
  • mnt-by: PARSONLINE-MNT
  • mnt-lower: PARSONLINE-MNT
  • mnt-domains: PARSONLINE-MNT
  • created: 2010-12-27T06:02:56Z
  • last-modified: 2010-12-27T06:02:56Z
  • person: Abdollah Fateh
  • address: 224 Khoramshahr ave., No. 6C
  • address: Tehran 15337
  • address: Iran
  • phone: +98 21 8220 8333
  • fax-no: +98 21 8874 9505
  • nic-hdl: BF1967-RIPE
  • mnt-by: PARSONLINE-MNT
  • created: 2010-10-16T11:13:14Z
  • last-modified: 2017-10-30T22:11:19Z
  • route: 82.99.232.0/24
  • descr: ParsOnline Co.
  • descr: ParsOnline Co. Route
  • origin: AS16322
  • mnt-by: PARSONLINE-MNT
  • created: 2006-01-13T11:07:27Z
  • last-modified: 2010-02-06T10:39:15Z

Links to attack logs

roxy-ip-list-2023-05-03 roxy-ip-list-2023-05-05