141.98.80.151 Threat Intelligence and Host Information

Share on:
Aug 03, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 141.98.80.151 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: anna paula, associated, currc3adculo, from email, headers, malspam email, msi file, nmap, port-scan, tuesday, utf8, zip archive

  • View other sources: Spamhaus VirusTotal

  • Country: Panama
  • Network: AS43350 nforce entertainment b.v.
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Australia
  • Passive DNS Results: innovaservers.net

Malware Detected on Host

Count: 67 9c7853cccdd95551d36ca381fc91f19ad07f602ac29b5eca8d4bdaad5ff4effc 8f675fedd6c0a9ad1e7b83df60618dc1821ea357ce539f126e34486fb992191a 0d890f00316a697eaca701527e3302d31e6bbf12d9d170ea5cc5002be45ce9f0 d37f36fc599359ea426cabaf66baaea3f397a9e0c09048b34393a69dd6d42058 7b0a44f62e70c80bd45ad525c8e5fc9b5de3e74c89dad24f2d40b9bfd2dc49e4 55a1f5f1c154ece84dc52590feb7e28cb75a7d982e916f6a0d4e9f8c23794db0 394e61ad905f762a09b9278c4e7fb554cf63f89c1600688832fca146e7f22d90 aa8c9df354c71b0c9e4a7d8853237740581cc193631a37833472417b37a1b792 99bde25ae3cdcdd2f887ef418eeb2a08a73da49e07b469b4f5ecb0044137a8f5 b7979c7ac1de2fe839aaa56132a32cbc71af9255821fb1111be4dd1299527ad0

Open Ports Detected

3389 5357 5985

Map

Whois Information

  • inetnum: 141.98.80.0 - 141.98.80.255
  • netname: CLOUD-CDN-NET
  • country: EU
  • abuse-c: GNO15-RIPE
  • admin-c: GNO15-RIPE
  • tech-c: GNO15-RIPE
  • status: ASSIGNED PA
  • mnt-by: mnt-pa-flyservers-1
  • mnt-by: GLOBAL-HOST
  • created: 2019-02-06T19:21:15Z
  • last-modified: 2019-03-21T16:25:44Z
  • role: GLOBAL-HOST NETWORK OPERATIONS
  • address: Calle 76 Este San Francisco y Via Porras
  • abuse-mailbox: [email protected]
  • admin-c: SD12186-RIPE
  • tech-c: SD12186-RIPE
  • nic-hdl: GNO15-RIPE
  • mnt-by: GLOBAL-HOST
  • created: 2019-01-28T18:37:18Z
  • last-modified: 2019-01-28T18:40:51Z
  • route: 141.98.80.0/24
  • descr: [email protected]
  • origin: AS43350
  • mnt-by: GLOBAL-HOST
  • created: 2019-02-06T19:34:33Z
  • last-modified: 2019-02-06T19:34:33Z

Links to attack logs

nmap-scanning-list-2022-10-03 nmap-scanning-list-2022-10-17