142.93.200.84 Threat Intelligence and Host Information

Share on:
Mar 17, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 142.93.200.84 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 70/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

  • Tags: cowrie, cyber security, ioc, malicious, Nextray, phishing, ssh

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: b3b0, haley_ssh

  • Country: United States
  • Network: AS14061 digitalocean llc
  • Noticed: 31 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: boardcross.link 7rmfayyx.fredate.link vrhnr.boardcross.link wvpf.boardcross.link u9vqsl.boardcross.link 8bjksrix.boardcross.link saceozbz.boardcross.link 0rvsz.ensureslow.link cer.determineform.link tma1.determineform.link mk2ccj.cdplayergross.link mwk.determineform.link hg3suz.cdplayergross.link mad1tg.educationmeeting.link omryixd.ensureslow.link zyuimc.cdplayergross.link sctw6vsx.determineform.link wro.determineform.link kxco1ij.glossyforce.link w7nlic.cdplayergross.link cfjwy.ensureslow.link xnhmf.educationmeeting.link lkav.glossyforce.link r721e.determineform.link xff2cxn.determineform.link phi2o.determineform.link 1lx3c7et.determineform.link swltf.educationmeeting.link m9bde.educationmeeting.link lwwygqw.educationmeeting.link ucnb3vbh.cdplayergross.link uksx.glossyforce.link 0m2rz.determineform.link e1y.educationmeeting.link pvdmg1nx.educationmeeting.link cc2zmzxo.ensureslow.link 2m7upkc.educationmeeting.link c58k.ensureslow.link mu47.ensureslow.link xteasl.cdplayergross.link l1vn.cdplayergross.link wnv.educationmeeting.link bja7.glossyforce.link quuxd2n.educationmeeting.link bec.educationmeeting.link zykd.educationmeeting.link qfvbkgr.glossyforce.link qtqouj.cdplayergross.link ahckq5.ensureslow.link se6qqp.glossyforce.link 4t2.determineform.link zirh.educationmeeting.link w4h.cdplayergross.link qbq.cdplayergross.link rcf6m.ensureslow.link baizosv.determineform.link zqrwkd0.glossyforce.link ogoeqstr.educationmeeting.link dvog.cdplayergross.link jpwij.determineform.link qvji3jj.educationmeeting.link pn5.determineform.link dlk.cdplayergross.link 1z6wr.determineform.link 21iv.cdplayergross.link ry5deye.educationmeeting.link cxh.cdplayergross.link rastz.educationmeeting.link rndm.ensureslow.link 4aby.cdplayergross.link gzj.glossyforce.link kuozf.determineform.link 4xnd.glossyforce.link qadvnp.cdplayergross.link cmi4d0.educationmeeting.link tq5.educationmeeting.link kfsslz.determineform.link 0dnwqzqy.cdplayergross.link fiomzny.cdplayergross.link d295d.educationmeeting.link ozrg.educationmeeting.link grr8vzue.ensureslow.link bjd6bb7y.ensureslow.link 4bwqny.glossyforce.link fhwjadh.educationmeeting.link 1vpmndx.educationmeeting.link p8hv8xjn.educationmeeting.link iupmy8nr.determineform.link on5vrvwo.ensureslow.link 5xxte.educationmeeting.link cndgsk.educationmeeting.link whpwhsv1.ensureslow.link vyieh.ensureslow.link oga.determineform.link 8s5u.ensureslow.link 3vx3wab.glossyforce.link jk6m.ensureslow.link zti.determineform.link mt39lob.educationmeeting.link gvdk8nt.determineform.link rhoice.ensureslow.link znd.determineform.link ybknj9i9.cdplayergross.link vetkn.educationmeeting.link jtbg8.determineform.link 999r.ensureslow.link x4eg26.glossyforce.link ilbllal.ensureslow.link iqz.ensureslow.link vl8.educationmeeting.link 1cr5i.ensureslow.link zg1x.educationmeeting.link dswvsut.educationmeeting.link wscigvl.cdplayergross.link vtdk.cdplayergross.link l4efi.cdplayergross.link nkt.educationmeeting.link 8smq.educationmeeting.link cgz.determineform.link twh.determineform.link wvy7ezu.ensureslow.link urcesemw.educationmeeting.link 14h.ensureslow.link 9x5f.determineform.link 6mald.glossyforce.link lvcc.cdplayergross.link jss.cdplayergross.link qfh.educationmeeting.link ye1c.cdplayergross.link hbk.cdplayergross.link oxvpa.cdplayergross.link 0b9kt.ensureslow.link dkri.ensureslow.link 6qtid.determineform.link hqv.educationmeeting.link mg6.educationmeeting.link s25tldd.cdplayergross.link vnt.ensureslow.link lmkj5.ensureslow.link hziud.glossyforce.link 1kqt.ensureslow.link plf2ob.educationmeeting.link 2dmxm0.ensureslow.link onjaer.determineform.link 8sa.determineform.link ygf.educationmeeting.link i00sd.determineform.link ob8i.determineform.link ers5xy.ensureslow.link wzv.educationmeeting.link 0iyx.ensureslow.link swoc0sew.glossyforce.link 0gsa.glossyforce.link 4lwtlpd.ensureslow.link auj.ensureslow.link kylo.glossyforce.link cggi.determineform.link p7bwtzui.determineform.link uc09va.ensureslow.link 7hdpx.glossyforce.link ssfc.ensureslow.link ebez0ll8.ensureslow.link rhd9.cdplayergross.link kcx.educationmeeting.link ff67g.cdplayergross.link tmhfqu5.determineform.link 6cvsyy.cdplayergross.link znc.determineform.link 5mxyc.determineform.link 11ra9.determineform.link xg8v8.educationmeeting.link kfpv.glossyforce.link gict4ezh.ensureslow.link nqyc.educationmeeting.link pdvp.determineform.link moraz8i.determineform.link p9zi.glossyforce.link r4xhn.glossyforce.link kp36yqo4.educationmeeting.link 48o.educationmeeting.link cvmewnhz.determineform.link 1jxjxea.educationmeeting.link eehs1zt.educationmeeting.link

Open Ports Detected

22 3001 5901 80 8080

CVEs Detected

CVE-2006-20001 CVE-2007-4723 CVE-2009-0796 CVE-2009-2299 CVE-2011-1176 CVE-2011-2688 CVE-2012-3526 CVE-2012-4001 CVE-2012-4360 CVE-2013-0941 CVE-2013-0942 CVE-2013-2765 CVE-2013-4365 CVE-2017-15710 CVE-2017-15715 CVE-2018-11763 CVE-2018-1283 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2018-1312 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2019-0196 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2019-10081 CVE-2019-10082 CVE-2019-10092 CVE-2019-10098 CVE-2019-17567 CVE-2019-20372 CVE-2019-9517 CVE-2020-11993 CVE-2020-13938 CVE-2020-1927 CVE-2020-1934 CVE-2020-35452 CVE-2020-9490 CVE-2021-23017 CVE-2021-26690 CVE-2021-26691 CVE-2021-32785 CVE-2021-32786 CVE-2021-32791 CVE-2021-32792 CVE-2021-33193 CVE-2021-34798 CVE-2021-3618 CVE-2021-39275 CVE-2021-40438 CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690 CVE-2023-31122 CVE-2023-44487 CVE-2023-45802

Map

Whois Information

  • NetRange: 142.93.0.0 - 142.93.255.255
  • CIDR: 142.93.0.0/16
  • NetName: DIGITALOCEAN-142-93-0-0
  • NetHandle: NET-142-93-0-0-1
  • Parent: NET142 (NET-142-0-0-0-0)
  • NetType: Direct Allocation
  • OriginAS: AS14061
  • Organization: DigitalOcean, LLC (DO-13)
  • RegDate: 2018-07-12
  • Updated: 2020-04-03
  • Comment: Routing and Peering Policy can be found at https://www.as14061.net
  • Comment:
  • Ref: https://rdap.arin.net/registry/ip/142.93.0.0
  • OrgName: DigitalOcean, LLC
  • OrgId: DO-13
  • Address: 101 Ave of the Americas
  • Address: FL2
  • City: New York
  • StateProv: NY
  • PostalCode: 10013
  • Country: US
  • RegDate: 2012-05-14
  • Updated: 2023-10-23
  • Ref: https://rdap.arin.net/registry/entity/DO-13
  • OrgAbuseHandle: ABUSE5232-ARIN
  • OrgAbuseName: Abuse, DigitalOcean
  • OrgAbusePhone: +1-347-875-6044
  • OrgAbuseEmail: [email protected]
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5232-ARIN
  • OrgTechHandle: NOC32014-ARIN
  • OrgTechName: Network Operations Center
  • OrgTechPhone: +1-347-875-6044
  • OrgTechEmail: [email protected]
  • OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
  • OrgNOCHandle: NOC32014-ARIN
  • OrgNOCName: Network Operations Center
  • OrgNOCPhone: +1-347-875-6044
  • OrgNOCEmail: [email protected]
  • OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN

Links to attack logs

** bruteforce-ip-list-2021-08-30 bruteforce-ip-list-2021-08-29 bruteforce-ip-list-2021-08-28 ** **