151.106.27.42 Threat Intelligence and Host Information

Mar 17, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 151.106.27.42 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

Tags: cyber security, ioc, malicious, Nextray, phishing
View other sources: Spamhaus VirusTotal

Country: France
Network: AS29066 host europe gmbh
Noticed: 29 times
Protocols Attacked: SSH
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: subully.com www.onlinesamsung.com onlinesamsung.com www.el-handsia.com el-handsia.com www.m-taha.name m-taha.name www.deltaserv.net www.amrelnakib.com deltaserv.net www.caaegypt.com caaegypt.com www.egypthearts.com egypthearts.com deltacommerce.deltaserv.net www.deltacommerce.deltaserv.net whm.kyansys.com www.kyansys.com www.green-iap.com www.gymdemo.deltaserv.net www.diversowear.com www.5s-plast.com 5s-plast.com www.crm.m-taha.name crm.m-taha.name www.martinowears.com www.carthage.ahmed-hassan.name carthage.ahmed-hassan.name www.elmenshawy-group.com amrelnakib.com www.ahmed-hassan.name www.mostafasalah.com www.4itx.com www.hq-elevators.com www.almansours.com martinowears.com 4sadat.com www.4sadat.com www.ahmedabozaid.com ahmedabozaid.com downloads.deltaserv.net www.downloads.deltaserv.net www.transabia24.com transabia24.com estedamaeg.com www.foodelity-eg.com foodelity-eg.com crm.mkcl.com.eg www.meifilter.com meifilter.com www.vipcs-eg.com vipcs-eg.com www.sa.sadatcityclub.com sa.sadatcityclub.com ledger-cpa.com www.ledger-cpa.com fourfruit.com www.fourfruit.com www.elraslan.com elraslan.com www.khalektamlek.com khalektamlek.com my.deltaserv.net www.my.deltaserv.net www.elacrete.com elacrete.com www.sadatcityclub.com sadatcityclub.com www.dir.4sadat.com dir.4sadat.com manaskchem.com www.manaskchem.com kyansys.com www.princetoninternationalschool.net green-iap.com diversowear.com gymdemo.deltaserv.net designsquare-co.com www.hq-elevators.4itx.com hq-elevators.com hq-elevators.4itx.com elmenshawy-group.com mostafasalah.com www.ahmed-hassan.4itx.com ahmed-hassan.4itx.com ahmed-hassan.name www.almansours.4itx.com almansours.com almansours.4itx.com 4itx.com intercityclub.net gama.deltaserv.net www.151-106-27-42.cprapid.com 151-106-27-42.cprapid.com

Map

Whois Information

NetRange: 151.0.0.0 - 151.255.255.255
CIDR: 151.0.0.0/8
NetName: RIPE-ERX-151
NetHandle: NET-151-0-0-0-0
Parent: ()
NetType: Early Registrations, Maintained by RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 1993-05-01
Updated: 2009-05-18
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Ref: https://rdap.arin.net/registry/ip/151.0.0.0
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
inetnum: 151.106.0.0 - 151.106.31.255
netname: DE-HEG-MASS
descr: velia.net Internetdienste GmbH
descr: Mass Sub Alloc
country: FR
org: ORG-VIG2-RIPE
admin-c: FGK-RIPE
tech-c: FGK10-RIPE
status: LEGACY
mnt-by: GODADDY-MNT
mnt-lower: MNT-HEG-MASS
mnt-lower: FGK-MNT
mnt-domains: MNT-HEG-MASS
mnt-domains: FGK-MNT
mnt-routes: MNT-HEG-MASS
mnt-routes: FGK-MNT
created: 2017-11-03T11:39:33Z
last-modified: 2019-06-04T09:15:31Z
organisation: ORG-VIG2-RIPE
org-name: velia.net Internetdienste GmbH
org-type: OTHER
address: Hansestr. 111
address: 51149
address: Cologne
address: GERMANY
phone: +4961811898119
admin-c: AREK-RIPE
admin-c: FGK-RIPE
admin-c: FEH-RIPE
tech-c: FGK10-RIPE
abuse-c: FGK10-RIPE
mnt-ref: FGK-MNT
mnt-by: FGK-MNT
created: 2005-01-05T11:11:09Z
last-modified: 2019-11-08T09:20:19Z
role: Hostmaster velia.net
address: Hostmaster of the day
address: velia.net Internetdienste GmbH
address: Hessen-Homburg-Platz 1
address: D-63452 Hanau
address: Germany
admin-c: FGK-RIPE
admin-c: FEH-RIPE
nic-hdl: FGK10-RIPE
mnt-by: FGK-MNT
created: 2001-12-12T17:50:59Z
last-modified: 2024-02-14T11:49:17Z
abuse-mailbox: abuse@velia.net
person: Franz Georg Koehler
address: velia.net Internetdienste GmbH
address: Hessen-Homburg-Platz 1
address: D-63452 Hanau
address: Germany
phone: +49 6181 1898119
nic-hdl: FGK-RIPE
mnt-by: FGK-MNT
created: 1970-01-01T00:00:00Z
last-modified: 2024-02-15T10:05:03Z
route: 151.106.0.0/19
descr: velia.net
origin: AS29066
mnt-by: FGK-MNT
created: 2017-11-03T11:55:17Z
last-modified: 2017-11-03T11:55:17Z

Links to attack logs

****** ****** bruteforce-ip-list-2020-06-09 ****** ******

Share on: