89.208.105.195 Threat Intelligence and Host Information

Share on:
May 06, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
  • Tags: DDOS, DDoS, HEAD Floods, KillNet, Killnet, T1498, T1499, cc.py

  • View other sources: Spamhaus VirusTotal

  • Country: Russian Federation
  • Network: AS12695 llc digital network
  • Noticed: 21 times
  • Protcols Attacked: SSH

Open Ports Detected

10001 1012 102 10243 1025 1027 104 10554 106 1063 110 111 1110 11210 11211 113 11300 11371 1153 1167 119 1200 12000 121 1234 1290 13 131 1344 14147 14265 143 1494 15 1599 16010 16992 17 1723 175 179 1801 18081 1820 18245 1883 19000 1911 1926 195 1962 1981 2000 20000 2001 2006 2008 2010 2018 2020 2021 2022 20256 2030 2051 2054 20547 2067 2069 2077 2080 2081 2095 2100 21025 211 2111 2121 2122 2126 21379 2154 2181 22 221 2211 222 2220 2222 2225 225 2250 2259 2345 2351 2352 2376 2379 2382 24 2404 2443 2455 25001 2506 2548 2549 2551 2552 2554 2556 25565 2560 2562 2566 2570 2572 26 2650 2701 27015 2761 28015 3001 3005 3048 3050 3052 3053 3054 3055 3056 3057 3059 3060 3066 3070 3071 3073 3076 3078 3084 3087 3088 3092 3093 3094 3097 3098 3100 3101 3102 3103 3104 3105 3107 3109 3110 3114 3115 3118 3119 3200 3211 3221 3260 3269 3270 32764 3299 3301 3306 33060 3307 3310 3311 3333 3352 3388 340 3402 3404 3405 3408 3443 3479 35000 3548 3549 3551 3557 3558 3560 3562 3563 3568 37 37215 37777 3794 389 3910 3951 3952 4000 4001 4040 4043 4063 4064 41800 4190 4242 4282 4321 4369 44158 443 444 4444 445 447 448 4482 450 4500 4505 4506 4523 4524 4550 4646 465 4700 4786 4808 4899 49 4911 4949 50000 5002 5003 5007 5009 5010 502 5025 503 5050 5080 5090 51 5122 51235 515 5201 522 5222 5280 52869 53 5400 5443 5446 548 5500 55000 554 55554 5560 5567 5569 5590 5593 5594 5597 5609 5822 5853 5900 5901 5909 593 5938 6000 6001 6002 6004 6006 6007 6080 61613 61616 6262 6264 636 6443 646 6464 6512 6543 6560 6565 6590 6601 6633 6653 666 6662 6666 6667 6668 6697 6748 6789 6998 70 7001 7002 7004 7010 7090 7170 7443 7493 7500 7510 7535 7547 7634 7654 7700 7779 7788 789 8003 8009 8012 8016 8019 8022 8027 8028 8029 8030 8031 8033 8036 8038 8039 8040 8041 8043 8044 8045 8046 8048 805 8050 8056 8071 8072 8085 8088 8091 8092 8093 8095 8097 8100 8103 8104 8106 8107 8109 8110 8111 8180 8182 8184 8200 8222 8236 8238 8241 8249 8291 8401 8409 8410 8413 8416 8417 8420 8421 8424 8425 8426 8430 8431 8442 8445 8446 8447 8448 85 8545 8575 8585 8590 86 8623 8649 8666 8686 8688 8728 873 8765 8789 880 8800 8803 8804 8806 8808 8811 8812 8813 8815 8817 8818 8821 8822 8824 8827 8830 8831 8832 8833 8837 8840 8846 8847 8848 8849 8852 8853 8855 8858 8859 8861 8864 8867 8868 8870 8872 8878 8881 8885 8887 8890 8899 8935 8991 8993 8999 9000 9003 9005 9007 9009 9010 9012 9015 9016 9017 9018 9019 902 9020 9021 9022 9023 9027 9030 9032 9033 9034 9037 9040 9041 9042 9044 9048 9050 9051 9091 9092 9098 91 9100 9102 9107 9109 9110 9160 9189 9191 9199 9201 9202 9208 9209 9211 9212 9213 9215 9216 9218 9221 9300 9301 9302 9306 9307 9308 9310 9311 9418 943 9433 9527 9530 9550 96 9600 9633 9761 9765 9898 992 993 995 9950 999 9991 9993 9994 9998 9999

Map

Whois Information

  • inetnum: 89.208.104.0 - 89.208.107.255
  • netname: NL-AEZA-NETWORK
  • descr: AEZA GROUP Ltd
  • geofeed: https://aeza.net/static/ipv4_f.csv
  • geoloc: 52.3559446 4.9531184
  • mnt-domains: aeza-mnt
  • mnt-routes: aeza-mnt
  • country: NL
  • org: ORG-AGL38-RIPE
  • admin-c: AN32681-RIPE
  • tech-c: AN32681-RIPE
  • status: ASSIGNED PA
  • mnt-by: DN-MNT
  • created: 2009-03-16T11:16:53Z
  • last-modified: 2023-02-27T08:06:12Z
  • organisation: ORG-AGL38-RIPE
  • org-name: AEZA GROUP LLC
  • org-type: OTHER
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • abuse-c: AA38875-RIPE
  • mnt-ref: aeza-mnt
  • mnt-ref: DN-MNT
  • mnt-ref: VF1-MNT
  • mnt-ref: DATAMAX-M
  • mnt-by: aeza-mnt
  • created: 2021-11-23T13:59:30Z
  • last-modified: 2023-01-06T12:18:43Z
  • role: Aeza Network
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • nic-hdl: AN32681-RIPE
  • mnt-by: aeza-mnt
  • created: 2021-10-13T17:49:21Z
  • last-modified: 2022-08-02T11:43:36Z
  • route: 89.208.104.0/22
  • origin: AS210644
  • mnt-by: aeza-mnt
  • mnt-by: AEZA-NETWORK-MNT
  • created: 2022-08-11T09:07:50Z
  • last-modified: 2022-08-11T09:07:50Z

Links to attack logs

roxy-ip-list-2023-05-03 roxy-ip-list-2023-05-05