94.242.55.10 Threat Intelligence and Host Information

Share on:
May 07, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 50/100

Host and Network Information

  • Tags: DDOS, KillNet, ampqrp5kpmgl, fdlcbd, ijemhtsxu7tgh, jhknjsqpgiexgh, mf9ybdkgofrbdg3, nug5fsnp4fl, oygou5kagkxgiyl, srcb, vpfce14igq2fpjz, z5n82mlvgwogte

  • View other sources: Spamhaus VirusTotal

  • Country: Russian Federation
  • Network: AS43317 fishnet communications llc
  • Noticed: 25 times
  • Protcols Attacked: SSH
  • Passive DNS Results: twitch.antisec.dev antisec.dev

Malware Detected on Host

Count: 9 15c31393b412f85018292daee77f27c44b062192ff6076b46f99b07ada543818 3bb9a8c4ef75f871b7c79b417ea125686104610c7722b725aade9f6f9c178592 3bb9a8c4ef75f871b7c79b417ea125686104610c7722b725aade9f6f9c178592 980f1bff773f47792d4cf66f13a89ae5c8f6948798a6a93a4ed2e595bbc3edb7 0d4ccbeb169e77aac2b2b8a341e0f0335add6657ed59c51cf35208d55776b5f3 761fd70b6e5b97bc63e7c87c583ab603661c453623678fb4aa6a3bc3e5597a57 adf438988e9ece54c3d8ccb046e7cdba0fd6e9b5c13eccf17eb6449df595619b 5ec886404c9336e5cf942386aa5656e9448e60b84036c1bf41234f55e54bbbfb 5ec886404c9336e5cf942386aa5656e9448e60b84036c1bf41234f55e54bbbfb

Open Ports Detected

1080 11 119 2000 4000 443 6000 6667

CVEs Detected

CVE-2006-20001 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10097 CVE-2019-10098 CVE-2019-17567 CVE-2019-9517 CVE-2020-11984 CVE-2020-11993 CVE-2020-13938 CVE-2020-1927 CVE-2020-1934 CVE-2020-35452 CVE-2020-9490 CVE-2021-26690 CVE-2021-26691 CVE-2021-33193 CVE-2021-34798 CVE-2021-36160 CVE-2021-39275 CVE-2021-40438 CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690 CVE-2023-27522

Map

Whois Information

  • inetnum: 94.242.50.108 - 94.242.56.255
  • netname: Veesp
  • descr: Veesp datacenter clients
  • country: RU
  • admin-c: FCOV1-RIPE
  • tech-c: FCOV1-RIPE
  • status: ASSIGNED PA
  • mnt-by: VEESP-MNT
  • created: 2021-03-10T10:44:11Z
  • last-modified: 2023-02-13T08:39:25Z
  • role: Veesp SIA - Contact Role
  • address: Tirgonu 17
  • address: Liepaja
  • address: Latvia
  • abuse-mailbox: [email protected]
  • org: ORG-VS198-RIPE
  • nic-hdl: FCOV1-RIPE
  • mnt-by: VEESP-MNT
  • created: 2017-06-30T12:49:06Z
  • last-modified: 2023-04-19T18:10:40Z
  • route: 94.242.48.0/20
  • descr: Veesp datacenter
  • origin: AS43317
  • mnt-by: VEESP-MNT
  • created: 2019-07-05T08:00:40Z
  • last-modified: 2023-04-11T09:36:27Z

Links to attack logs

roxy-ip-list-2023-05-03 roxy-ip-list-2023-05-05