Kommentare zu folgendem Beitrag: Lesetipps: Hacker Jobs, Angriffswellen auf die Fritz!Box und ein „toter Gaul“
Thema: Angriffswellen auf Fritz!Box
Angreifender Server
IP = 185.232.52.55
Address = 185.232.52.55
Network = 185.232.52.55 / 32
Netmask = 255.255.255.255
HOST: web01 Loss% Snt Last Avg Best Wrst StDev
1.|-- 45.79.12.201 0.0% 2 0.6 0.7 0.6 0.7 0.0
2.|-- 45.79.12.0 0.0% 2 0.5 0.6 0.5 0.6 0.0
3.|-- hu0-7-0-7.ccr41.dfw03.atlas.cogentco.com 0.0% 2 1.6 1.6 1.5 1.6 0.1
4.|-- be2764.ccr32.dfw01.atlas.cogentco.com 0.0% 2 2.1 1.9 1.8 2.1 0.2
5.|-- be2433.ccr22.mci01.atlas.cogentco.com 0.0% 2 11.7 11.8 11.7 11.8 0.1
6.|-- be2832.ccr42.ord01.atlas.cogentco.com 0.0% 2 23.5 23.4 23.2 23.5 0.2
7.|-- be2718.ccr22.cle04.atlas.cogentco.com 0.0% 2 29.9 30.0 29.9 30.1 0.2
8.|-- be2994.ccr32.yyz02.atlas.cogentco.com 0.0% 2 36.9 36.9 36.9 37.0 0.1
9.|-- be3260.ccr22.ymq01.atlas.cogentco.com 0.0% 2 44.8 44.9 44.8 45.1 0.2
10.|-- be3043.ccr22.lpl01.atlas.cogentco.com 0.0% 2 114.1 114.1 114.1 114.1 0.0
11.|-- be2183.ccr42.ams03.atlas.cogentco.com 0.0% 2 123.1 123.0 122.9 123.1 0.1
12.|-- be3458.ccr21.ams04.atlas.cogentco.com 0.0% 2 119.5 119.5 119.5 119.5 0.0
13.|-- 149.11.39.186 0.0% 2 121.5 121.5 121.5 121.5 0.0
14.|-- 178.21.17.2 0.0% 2 123.5 123.5 123.5 123.5 0.0
15.|-- 185.8.179.39 0.0% 2 123.0 123.2 123.0 123.4 0.2
16.|-- 185.53.163.41 0.0% 2 121.7 121.9 121.7 122.1 0.3
17.|-- ??? 100.0 2 0.0 0.0 0.0 0.0 0.0
18.|-- gamblermooz.prohoster.unfo 0.0% 2 123.7 123.8 123.7 123.9 0.1
ISP | Internet IT Company Inc |
---|---|
Usage Type | Data Center/Web Hosting/Transit |
Hostname | gamblermooz.prohoster.unfo |
Domain Name | prohoster.info |
Country | |
City | Amsterdam, Noord-Holland |
Sämtliche DNS-Resolver machen keine Auflösung zur Domain des Host, da nunmal eine *.unfo Domain
-
Absichtlicher Syntax-Error !!
-
ProHoster.info = russischer Hosting-Provider, der aber auch IPs vermietet !!!
-
Provider arbeitet mit dem russ. Provider-Board „hostdb.ru“
-
Die IP soll einen Zugriff von den Seychellen aus suggerieren
% Information related to ‚185.232.52.0 - 185.232.55.255‘
inetnum: 185.232.52.0 - 185.232.55.255
netname: SC-INTERNET-INC6-20171115
country: NL
org: ORG-IICI17-RIPE
admin-c: IM5378-RIPE
tech-c: IM5378-RIPE
status: ALLOCATED PA
mnt-by: sc-internet-it-1-mnt
mnt-by: RIPE-NCC-HM-MNT
created: 2020-05-04T15:31:04Z
last-modified: 2020-06-09T12:45:18Z
source: RIPE
organisation: ORG-IICI17-RIPE
org-name: INTERNET IT COMPANY INC
country: SC
org-type: LIR
address: Global Gateway 8, Rue De La Perle, Providence
address: 0000
address: Mahe
address: SEYCHELLES
Die Büchse steht aber definitiv in Holland (siehe oben) / The IP you mentioned is a Tor IP.
Starting Nmap 7.70 ( https://nmap.org ) at 2021-03-01 20:15 UTC
Nmap scan report for gamblermooz.prohoster.unfo (185.232.52.55)
Host is up (0.077s latency).
PORT STATE SERVICE:
21/tcp filtered ftp
22/tcp open ssh
23/tcp filtered telnet
80/tcp filtered http
110/tcp filtered pop3
143/tcp filtered imap
443/tcp filtered https
3389/tcp filtered ms-wbt-server
Nmap done: 1 IP address (1 host up) scanned in 1.26 seconds