89.208.107.167 Threat Intelligence and Host Information

Share on:
May 06, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 37/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
  • Tags: DDoS, HEAD Floods, Killnet, T1498, T1499, cc.py

  • View other sources: Spamhaus VirusTotal

  • Country: Russian Federation
  • Network: AS12695 llc digital network
  • Noticed: 1 times
  • Protcols Attacked: SSH

Open Ports Detected

1000 10000 10001 102 1022 1025 1026 1050 10554 106 1063 110 11000 111 1111 11112 1119 11210 11211 11371 1153 119 1200 12000 1250 1290 13 1337 1344 1355 13579 1388 1400 14147 14265 1433 15 1521 154 1554 1588 1604 17 1723 1741 175 179 180 18081 1820 18245 1883 19000 1911 1925 1926 195 1990 2000 2003 2008 2010 2012 2020 20256 2051 2052 2053 20547 2055 2058 2061 2062 2063 2065 2067 2068 2069 2079 2081 2082 2087 2100 21025 211 2111 2126 2150 2181 22 2200 2201 221 2220 2222 2225 2345 2352 2379 2382 2404 2455 25 25001 25105 2525 2550 2553 2554 25565 2560 2562 2563 2566 2567 2568 2570 26 2602 263 264 2650 2701 27015 2709 2761 2762 28015 2806 2985 3000 3001 3002 3048 3054 3055 3061 3066 3069 3070 3071 3072 3074 3075 3079 3081 3082 3084 3085 3089 3094 3095 3100 3101 3103 3104 3106 3112 3114 3116 3118 3119 3120 3129 3200 3269 3270 3301 3306 33060 3310 3311 3337 3352 3389 3400 3403 3405 3407 3408 3410 3412 3443 3498 35000 3541 3542 3551 3552 3557 3561 3567 3690 37 37777 3792 3793 389 3922 3951 3953 4000 4022 4042 4063 4064 4100 4118 41800 4242 4243 427 4282 43 4321 4369 44158 443 4430 444 4444 4445 445 447 44818 450 4500 4506 4523 4550 4646 465 4700 4786 4840 4899 49 491 4911 49152 4949 50000 5003 5007 5010 502 5025 503 5070 5080 51235 515 5190 5201 5222 5269 53 5400 5431 5432 5443 5446 5454 548 5494 5500 55000 554 5542 5568 5569 5590 5591 5593 5595 5600 5605 5608 5672 5673 5822 587 5900 5907 5908 5910 593 5938 5984 6001 6002 6007 6009 6010 6080 6161 61613 61616 62078 6262 6352 636 6363 6379 6512 6560 6565 6600 6602 6603 6633 6653 666 6666 6667 6668 6748 6789 6887 6955 70 7000 7004 7070 7090 7170 7171 7445 7474 7535 7547 7634 772 7776 7777 789 79 7979 80 800 8006 8009 8011 8012 8015 8017 8018 8019 8022 8024 8027 8028 8035 8039 8040 8042 8043 8044 8046 8051 8053 8055 8060 8064 8066 8069 8071 8081 8082 8083 8084 8085 8087 8088 8090 8092 8093 8094 8095 8096 8099 8100 8104 8105 8108 8110 8140 8180 8182 8184 82 8200 8236 8237 8239 8241 8249 8252 8282 8291 8333 8383 8402 8404 8407 8408 8409 8410 8414 8415 8418 8421 8423 8424 8425 8426 8427 8428 8430 8433 8442 8446 8448 8554 8575 8621 8623 8649 8666 87 8728 8766 8767 8779 8784 8787 8788 8789 8790 88 8800 8803 8809 8813 8814 8818 8819 8820 8821 8822 8824 8828 8829 8831 8834 8837 8839 8840 8841 8842 8844 8845 8846 8847 8852 8855 8858 8859 8862 8863 8865 8868 8871 8873 8876 8877 8878 8879 888 8880 8888 8899 8935 8988 8990 9007 9010 9013 9014 9017 9018 902 9020 9023 9026 9034 9037 9039 9041 9042 9043 9044 9045 9048 9050 9051 9070 9090 9091 9092 9095 9096 9098 9099 9102 9104 9106 9111 9136 9160 9189 9191 9199 92 9200 9201 9203 9206 9208 9211 9213 9218 9220 9221 9251 9303 9306 9307 9309 9310 9418 9433 9444 95 9500 9527 9530 9550 9600 9606 9663 9690 97 9743 98 9861 9898 990 992 993 995 9955 9988 999 9990 9992 9994 9998

Map

Whois Information

  • inetnum: 89.208.104.0 - 89.208.107.255
  • netname: NL-AEZA-NETWORK
  • descr: AEZA GROUP Ltd
  • geofeed: https://aeza.net/static/ipv4_f.csv
  • geoloc: 52.3559446 4.9531184
  • mnt-domains: aeza-mnt
  • mnt-routes: aeza-mnt
  • country: NL
  • org: ORG-AGL38-RIPE
  • admin-c: AN32681-RIPE
  • tech-c: AN32681-RIPE
  • status: ASSIGNED PA
  • mnt-by: DN-MNT
  • created: 2009-03-16T11:16:53Z
  • last-modified: 2023-02-27T08:06:12Z
  • organisation: ORG-AGL38-RIPE
  • org-name: AEZA GROUP LLC
  • org-type: OTHER
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • abuse-c: AA38875-RIPE
  • mnt-ref: aeza-mnt
  • mnt-ref: DN-MNT
  • mnt-ref: VF1-MNT
  • mnt-ref: DATAMAX-M
  • mnt-by: aeza-mnt
  • created: 2021-11-23T13:59:30Z
  • last-modified: 2023-01-06T12:18:43Z
  • role: Aeza Network
  • address: 350001, Krasnodar, st. im. Mayakovskogo, b. 160, office 2.4
  • nic-hdl: AN32681-RIPE
  • mnt-by: aeza-mnt
  • created: 2021-10-13T17:49:21Z
  • last-modified: 2022-08-02T11:43:36Z
  • route: 89.208.104.0/22
  • origin: AS210644
  • mnt-by: aeza-mnt
  • mnt-by: AEZA-NETWORK-MNT
  • created: 2022-08-11T09:07:50Z
  • last-modified: 2022-08-11T09:07:50Z

Links to attack logs

roxy-ip-list-2023-05-03 roxy-ip-list-2023-05-05