107.189.2.98 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 107.189.2.98 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 15/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Luxembourg
• Network: AS53667 frantech solutions
• Noticed: 1 times
• Protcols Attacked: SSH
• Passive DNS Results: tak.tak24.sbs lolmci.vipplus.lol mci2.trexvip.store www.swnetwork.co.uk swnetwork.co.uk homegardenimprovements.co.uk www.homegardenimprovements.co.uk voyage-et-mode-de-vie.fr www.voyage-et-mode-de-vie.fr www.vcmelyd.co.uk vcmelyd.co.uk royal-castle.com www.royal-castle.com www.mkstalin.net mkstalin.net aide-alternc.org www.aide-alternc.org pressstart2join.co.uk www.pressstart2join.co.uk habitat-confortable.fr www.habitat-confortable.fr gtizone.com www.gtizone.com support.themea.com www.support.themea.com www.docs.themea.com docs.themea.com ftp.timeoffersale.com smtp.timeoffersale.com pop.timeoffersale.com ftp.blogiver.com www.blogiver.com blogiver.com pop.blogiver.com smtp.blogiver.com blog.themea.com www.blog.themea.com spambrave.com www.spambrave.com australis.link wenliangzhang.com www.wenliangzhang.com pop.wenliangzhang.com ftp.wenliangzhang.com smtp.wenliangzhang.com www.japaneselanguageculturefood.com japaneselanguageculturefood.com www.osecu.org www.levisstation.hu smtp.levisstation.hu ftp.levisstation.hu pop.levisstation.hu levisstation.hu www.mtbsec.info osecu.org mtbsec.info www.onlinesec.net onlinesec.net ftp.winnerp.net pop.winnerp.net smtp.winnerp.net timeoffersale.com www.timeoffersale.com rezombit.com pop.rezombit.com ftp.rezombit.com www.rezombit.com smtp.rezombit.com truebluemagazine.com www.truebluemagazine.com pop.utononmagadhozcoaching.hu utononmagadhozcoaching.hu www.utononmagadhozcoaching.hu ftp.utononmagadhozcoaching.hu smtp.utononmagadhozcoaching.hu esecnet.org www.esecnet.org unnos.org www.unnos.org www.west-japan-travel.com west-japan-travel.com onsecu.org becuon.org smtp.becuon.org ftp.becuon.org pop.becuon.org www.becuon.org www.gigslist.org gigslist.org www.dctoat.com itsbreaking.com ifip-tm2010.org datamic.net aeolus-project.org buruxkak.org www.softlikemagic.com softlikemagic.com anti-malware-blog.com 10emails.com recipecentersoftware.com informsec.net www.informsec.net www.winnerp.net winnerp.net segurodata.com www.sitelistening.com ftp.petraesmilan.hu smtp.petraesmilan.hu pop.petraesmilan.hu sitelistening.com incognitophotoboothco.com www.project-deepthought.net project-deepthought.net sociomedia-europe.com www.sociomedia-europe.com long-shore.com unprobleme.com www.unprobleme.com www.petraesmilan.hu petraesmilan.hu www.the1news.fun the1news.fun themea.com www.themea.com chaivixen.com www.recipeslearn.com smtp.recipeslearn.com ftp.recipeslearn.com pop.recipeslearn.com recipeslearn.com uk-airport-carparking.co.uk smtp.uk-airport-carparking.co.uk ftp.uk-airport-carparking.co.uk pop.uk-airport-carparking.co.uk www.uk-airport-carparking.co.uk ftp.topchic.co.uk smtp.topchic.co.uk topchic.co.uk www.topchic.co.uk pop.topchic.co.uk askthepresident.eu www.askthepresident.eu daad.tj www.daad.tj www.weareaustria.at weareaustria.at www.csaom.org csaom.org testingmital.top www.workingholiday.co workingholiday.co corpbuilderworks.com tsumikistudio.com residualstore.com smtp.crankreport.org pop.crankreport.org www.crankreport.org crankreport.org ftp.crankreport.org www.uanghokijoss.xyz uanghokijoss.xyz pgpnow.org www.pgpnow.org www.equinetrailblazerapprentices.com equinetrailblazerapprentices.com www.hazard-designs.de hazard-designs.de www.magtantra.com pop.pkpim.net www.pkpim.net ftp.pkpim.net pkpim.net smtp.pkpim.net magtantra.com www.ocfe.hu ocfe.hu cryptobeach.in.th www.cryptobeach.in.th dctoat.com larkincenter.org www.mag-tan.com mag-tan.com www.eurogamers.eu www.goldenkodo.com goldenkodo.com www.colisdh.com colisdh.com bet4indo.net www.cointific.com rasbel.in www.rasbel.in glocaltravel.net www.glocaltravel.net pop.glocaltravel.net smtp.glocaltravel.net ftp.glocaltravel.net www.softdevlinks.com zurichhotelscentre.com smtp.isleofwightjazzfestival.co.uk pop.isleofwightjazzfestival.co.uk isleofwightjazzfestival.co.uk www.isleofwightjazzfestival.co.uk ftp.isleofwightjazzfestival.co.uk ftp.michaelhardt.org pop.michaelhardt.org www.michaelhardt.org michaelhardt.org smtp.michaelhardt.org www.readingart.ca readingart.ca shepherdlangham.co.uk pop.dawnspizzazz.com smtp.dawnspizzazz.com ftp.dawnspizzazz.com www.dawnspizzazz.com dawnspizzazz.com zsombito.com www.zsombito.com www.thestainedclub-shortfilm.com thestainedclub-shortfilm.com eurogamers.eu daybydayrecovery.com tlc-leadership.com ftp.tlc-leadership.com www.tlc-leadership.com smtp.tlc-leadership.com pop.tlc-leadership.com casinorank.pl freedrumlessons.org softdevlinks.com weavervilledrug.com farmaciaomedes.com cointific.com

Open Ports Detected

1024 111 1311 1337 135 1471 1599 1723 1741 175 1800 1801 1911 1935 2000 2082 2086 22 2345 2375 2404 2480 2761 2762 3000 3128 3260 3299 3389 3460 3541 3542 3689 3749 4040 4242 427 444 4567 4664 4782 4786 4848 5000 5005 5009 5269 53 5357 5435 5555 5560 5601 5800 5801 5900 5901 5985 6080 631 6443 7415 7443 7474 7547 7657 7777 7779 7989 80 8000 8008 8010 8060 8069 8080 8086 8090 8098 81 8112 8123 82 8200 83 8334 84 88 8800 8888 9000 9009 9080 9090 9191 9200 9295 9595 9800 9944 9981 9999

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-3618 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

• NetRange: 107.189.0.0 - 107.189.31.255
• CIDR: 107.189.0.0/19
• NetName: PONYNET-11
• NetHandle: NET-107-189-0-0-1
• Parent: NET107 (NET-107-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS53667
• Organization: FranTech Solutions (SYNDI-5)
• RegDate: 2014-04-17
• Updated: 2014-04-17
• Ref: https://rdap.arin.net/registry/ip/107.189.0.0
• OrgName: FranTech Solutions
• OrgId: SYNDI-5
• Address: 1621 Central Ave
• City: Cheyenne
• StateProv: WY
• PostalCode: 82001
• Country: US
• RegDate: 2010-07-21
• Updated: 2017-01-28
• Ref: https://rdap.arin.net/registry/entity/SYNDI-5
• OrgAbuseHandle: FDI19-ARIN
• OrgAbuseName: Dias, Francisco
• OrgAbusePhone: +1-778-977-8246
• OrgAbuseEmail: admin@frantech.ca
• OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
• OrgTechHandle: FDI19-ARIN
• OrgTechName: Dias, Francisco
• OrgTechPhone: +1-778-977-8246
• OrgTechEmail: admin@frantech.ca
• OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
• NetRange: 107.189.0.0 - 107.189.7.255
• CIDR: 107.189.0.0/21
• NetName: BUYVM-LUXEMBOURG-02
• NetHandle: NET-107-189-0-0-2
• Parent: PONYNET-11 (NET-107-189-0-0-1)
• NetType: Reallocated
• OriginAS: AS53667
• Organization: BuyVM (BUYVM)
• RegDate: 2019-10-22
• Updated: 2019-10-22
• Ref: https://rdap.arin.net/registry/ip/107.189.0.0
• OrgName: BuyVM
• OrgId: BUYVM
• Address: 3, op der Poukewiss
• City: Roost
• StateProv:
• PostalCode: 7795
• Country: LU
• RegDate: 2017-10-01
• Updated: 2017-10-01
• Ref: https://rdap.arin.net/registry/entity/BUYVM
• OrgAbuseHandle: FDI19-ARIN
• OrgAbuseName: Dias, Francisco
• OrgAbusePhone: +1-778-977-8246
• OrgAbuseEmail: admin@frantech.ca
• OrgAbuseRef: https://rdap.arin.net/registry/entity/FDI19-ARIN
• OrgTechHandle: FDI19-ARIN
• OrgTechName: Dias, Francisco
• OrgTechPhone: +1-778-977-8246
• OrgTechEmail: admin@frantech.ca
• OrgTechRef: https://rdap.arin.net/registry/entity/FDI19-ARIN