151.80.64.2 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 151.80.64.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 59/100

Host and Network Information

• Mitre ATT&CK IDs: T1027 - Obfuscated Files or Information, T1041 - Exfiltration Over C2 Channel, T1055 - Process Injection, T1059.007 - JavaScript, T1059 - Command and Scripting Interpreter, T1071.001 - Web Protocols, T1071.004 - DNS, T1071 - Application Layer Protocol, T1105 - Ingress Tool Transfer, T1114 - Email Collection, T1176 - Browser Extensions, T1210 - Exploitation of Remote Services, T1496 - Resource Hijacking, T1497 - Virtualization/Sandbox Evasion, TA0004 - Privilege Escalation

• Tags: address, adload, agent, alexa, alexa top, all search, artemis, attacker, azorult, bank, blacklist, blacknet rat, body length, center, cisco umbrella, class, cleaner, click, conduit, count blacklist, crack, critical, cyber threat, date, detection list, downldr, download, dropper, efr1, error, et tor, exploit, facebook, falcon sandbox, file, filetour, final url, font format, fusioncore, gamehack, general, generator, generic, genkryptik, germany http, heur, hotmail, hsbc, http, http response, hybrid, iframe, indicator, installcore, installpack, internet storm, ip address, ip summary, kb body, known tor, local, malicious, malicious site, malicious url, maltiverse, malware, malware site, million, msil, name verdict, nircmd, opencandy, orkut, otx scoreblue, passive dns, patcher, pattern match, paypal, phishing, phishing site, phishtank, presenoker, pulse pulses, ramnit, related nids, relayrouter, reports no, riskware, runescape, safe site, sample, samples, scan endpoints, self, service, serving ip, sha256, simda, site, softcnapp, speci, static engine, status code, stealer, steam, stream, strings, summary, suppobox, swrort, tag count, team, tiggre, tofsee, trojanspy, truetype, united, unknown, unruy, unsafe, url http, urls, url summary, vawtrak, wacatac, web open, webtoolbar, win64, windows nt, xrat, xtrat

• JARM: 29d29d00029d29d00042d43d00041d598ac0c1012db967bb1ad0ff2491b3ae

• View other sources: Spamhaus VirusTotal

• Country: France
• Network: AS16276 ovh sas
• Noticed: 2 times
• Protocols Attacked: SSH
• Countries Attacked: Germany, Ireland, Singapore, United States of America
• Passive DNS Results: masajmekani.com www.masajmekani.com ilanusa.com doggg.org travholid.com gsddog.com bigdigital.com.tr www.bigdigital.com.tr scamuhendislik.com huzurkebabpeer.be www.dolcegelato.be dolcegelato.be hasadtransport.com poweroftheocean.com madenplatformu.com gameofyu.com bianconail.com tedxshmeisani.com otizmfarkindalikyarimaratonu.com vorteksenerji.com denizlikuyumculuk.com swanmaritime.com hawkmaritime.com bornmaritime.com gara-gruppe.site inspire-project.net mfvvakfiyayinlari.com icyteeth.com yedieminotopark.com parapesinde.com plussupplierusa.com coppertanpleasanthill.com valeriogayrimenkul.com rowanarwencafe.com canesenerji.com latibuleapp.com xn–roborocktrkiye-osb.com ahmetarslanhair.com arbitagency.com saintofbeauty.com readymade-website.com parayolunda.com layalipizza.com opiniabeauty.com softwicker.com imajaydinlatma.com ashaneaskida.com ticarianaliz.com cozumizolasyon.com sgpcompany.com mitigatorshop.com lideryetistirme.com belaysigorta.com internationalhayathaber.com teknodry.com maierdek.com asramuhendislik.com solo7.cafe www.razanphotos.com razanphotos.com cgmhair.com hizmetin.com www.tgz.bilkentyes.com tgz.bilkentyes.com eckpack.site lavalierproduction.com edasertturk.com hpdemo.site curtart.com kingtakip.com afgcelikkapi.com toyzler.com kombiservis.pro pur-gmbh.net tillapide.com sunray-jo.com dr-leo.com ashaneantakya.com anatolian.be theweddingcyprus.com bozuldu.com cnrinsaat.com bymanu.online virtimmen.com aesgtr.com firstchoicegas.com kadriyemacit.com nevpsikoloji.com servicerheinland.com psikologdilan.com roimedya.com dkfiltre.com knyindustries.com balenbaskent.be stonezemin.com www.pictures.gokgor.com pictures.gokgor.com gunmakhirdavat.com aysimahaliyikama.com duppo.com.tr www.duppo.com.tr aurahaliyikama.com www.aurahaliyikama.com www.cenart.tv cenart.tv okeylades.com pursaklar4noluasm.net pizzawynau.ch ww-wings.com agdbayrampasa.com gaziantepkristalhaliyikama.com customervista.com logicloomai.com layyalipizza.com weee-tr.com tiogem.com greentechgardens.com termissatasvilla.com uyumhavuz.com mekanito.com study-station.site instafollowers.news hariboaltinayicik.com esilamedya.com pergetinyhouse.com pinarstreasures.com demokratikcumhuriyetkonferansi.com denizzeybek.com pegiacopyright.com tinyhousev.com www.everestgroup.com.tr everestgroup.com.tr sagaeurope.com faridhsynzd.com www.bestquizforme.com dokuzyedibir.com www.tanpera.com tanpera.com www.fabrazihydraulic.com fabrazihydraulic.com isseverhafriyat.com www.tadiconfire.com tadiconfire.com www.birwebsitemolsun.com.tr birwebsitemolsun.com.tr www.kuzeygroupproperty.com mackinzie-law.com bedomori.com tulayzorbeauty.ch www.tulayzorbeauty.ch codezy.de www.codezy.de mehmetcelik.org artiplus.com.tr www.artiplus.com.tr rokcart.net gctdan.com moonlifeguzellik.com littlecoala.com www.gazifarkindalikkosusu.com gazifarkindalikkosusu.com havanna-transporte.ch www.havanna-transporte.ch bursa-cati.com healdone.crmmedyademo.com www.healdone.crmmedyademo.com tatlifil.com bchesap.com mail.admuch.com.tr digitof.com.tr www.digitof.com.tr mail.digitof.com.tr mail.crmmedyademo.com www.sale.healdone.com sale.healdone.com www.starmallexpress.com starmallexpress.com theskyguard.com ghanalojistik.com server.theskyguard.com www.server.theskyguard.com mro.theskyguard.com www.mro.theskyguard.com www.heara.esilafilm.com heara.esilafilm.com deneme.pushyoui.com www.deneme.pushyoui.com mahmoudandhiba.com www.personalfinance365.com durucam.com.tr www.durucam.com.tr kuzeygroupproperty.com baremyapidekorasyon.com tekirdaghedefakademi.com www.tekirdaghedefakademi.com egeperperde.com mywokandme.net derecekocum.com maisonkebab.fr www.maisonkebab.fr www.frituurmuzzyheusden.be frituurmuzzyheusden.be eugardens.org haroldkleinmasterbarber.com ibizarestaurantnewhaven.com paint-provence.com 384etmangal.com www.eataban.com elakebapmeerhout.be www.elakebapmeerhout.be www.limitsiz.org marmomermer.com www.marmomermer.com beautygala.be www.beautygala.be orestomplastik.com.tr www.orestomplastik.com.tr www.orestomplastik.com www.istanbulbalen.be istanbulbalen.be www.bakarmimarlik.com bakarmimarlik.com ersagciltbakim.com.tr www.ersagciltbakim.com.tr laravel.blanch.dev www.laravel.blanch.dev adnandeniz.com www.adnandeniz.com www.mbboutique.de ozdemirrulman.com www.ozdemirrulman.com www.qqjordan.com qqjordan.com builder-guys.co.uk www.builder-guys.co.uk www.kuzguntv.com.tr kuzguntv.com.tr akksdesign.com www.akksdesign.com ymsarchitecture.co.uk www.ymsarchitecture.co.uk barbaroshaliyikama.com www.barbaroshaliyikama.com www.free-gpt.net free-gpt.net app.birezerve.com hanimeflex.com www.hanimeflex.com lebanondetectors.com greatteknoloji.com elifbridal.com www.firstclasspizza.ch firstclasspizza.ch alirizagok.com www.demo.spacee.me demo.spacee.me server.spacee.me www.server.spacee.me www.gulaysengunmodaevi.com mail.gulaysengunmodaevi.com gulaysengunmodaevi.com tagustechnology.com www.tuberkuloz.info www.inndream.de inndream.de hamitarslan.com.tr www.hamitarslan.com.tr www.drmustafanisanci.com drmustafanisanci.com www.anilnakliye.com anilnakliye.com www.mustafanisanci.com mustafanisanci.com www.fuehealthglobal.com www.haliltuncay.com haliltuncay.com www.bahrikesici.com bahrikesici.com www.webhizmetleri.shop webhizmetleri.shop b2c.crmmedyademo.com www.b2c.crmmedyademo.com stopandstare.us www.kuguhalikoltukyikama.com kuguhalikoltukyikama.com www.loodgieters-ls.nl loodgieters-ls.nl www.esatozel.com esatozel.com bridgestech.com www.bridgestech.com www.toyzzle.com.tr toyzzle.com.tr stopandstare.org olivia.blanch.dev www.olivia.blanch.dev www.yoziy.com yoziy.com learnalang.net evrekamedya.com wallpaper.teoapp.dev www.wallpaper.teoapp.dev www.teoapp.dev teoapp.dev www.evrekamedya.crmmedyademo.com evrekamedya.crmmedyademo.com demo13.apple-jo.com www.demo13.apple-jo.com www.demo12.apple-jo.com demo12.apple-jo.com www.palmermedya.com fuehealthglobal.com demo11.apple-jo.com www.demo11.apple-jo.com www.demo10.apple-jo.com demo10.apple-jo.com www.triviaquizquestion.com havanna-restaurant.ch www.havanna-restaurant.ch www.rotaarackiralama.com www.ankarakolej.com ankarakolej.com www.devsoftwork.sade.network devsoftwork.sade.network www.devsoftwork.com tetikcininoglu.com triviaquizquestion.com www.discord.culmaster.com.tr discord.culmaster.com.tr www.kmk-grup.com motorcu10lar.com.tr www.motorcu10lar.com.tr www.ajyad-tr.com www.ismetkoksal.com ismetkoksal.com umzugscheckpreis.ch www.umzugscheckpreis.ch www.coiffure-shop.com coiffure-shop.com ipek-han.com.tr www.ipek-han.com.tr limmatsportcars.ch www.limmatsportcars.ch www.pasiflora.com.tr pasiflora.com.tr www.admuch.com.tr admuch.com.tr istanbulhair.de www.istanbulhair.de ersincerit.com www.ersincerit.com turopedia.com pl.flyersadsca.com www.pl.flyersadsca.com beta.toyzzle.com.tr www.beta.toyzzle.com.tr www.buyw.gg buyw.gg atlantikotomat.com www.antalyacam.com antalyacam.com www.sisecambalkon.com.tr sisecambalkon.com.tr www.squirrelquest.pro squirrelquest.pro ebagjo.com betterdonemedia.com www.thinglists.com thinglists.com drshiffa.com www.drshiffa.com mail.albaydawi.com www.gastroden.com www.vaynus.com vaynus.com webmail.gamermap.club izmirguzelmasaj.com zonepizza.ch www.zonepizza.ch www.canlikriptohaber.com.tr canlikriptohaber.com.tr www.bilgipusulasi.com bilgipusulasi.com selimerhukuk.com www.reklamprocceleri.com reklamprocceleri.com www.procce.com.tr jannastorecafe.com www.jannastorecafe.com awardconsulting.uk www.awardconsulting.uk www.modifiedstarch.com.tr modifiedstarch.com.tr istanbulhair.ch www.istanbulhair.ch www.daghanmimarlik.com.tr daghanmimarlik.com.tr www.dogusaritmasistemleri.com dogusaritmasistemleri.com monowish.com www.tr.bridgetravelturkey.com tr.bridgetravelturkey.com demo.jetsosyal.com www.demo.jetsosyal.com www.jidar.turkeyclothingmanufacturer.com jidar.turkeyclothingmanufacturer.com drshiffa.online www.oyun.party oyun.party www.muhendisinmedyasi.com www.arthanyapi.com.tr arthanyapi.com.tr excellencejo.com www.sariizolasyon.com.tr sariizolasyon.com.tr www.jobcall.co.uk jobcall.co.uk orestomplastik.com muhendisinmedyasi.com guneyhavadis.com.tr www.guneyhavadis.com.tr www.ehver.com ehver.com icyteeth.de www.demo9.apple-jo.com demo9.apple-jo.com akdenizfiberglas.com www.akdenizfiberglas.com www.baskantarim.com www.mediaport24.com mediaport24.com www.modifiyenisasta.com modifiyenisasta.com elittenteantalya.com www.alshrouf-kitchens.com alshrouf-kitchens.com demo8.apple-jo.com www.demo8.apple-jo.com demo7.apple-jo.com www.demo7.apple-jo.com gastroden.com www.huzurkebabkinrooi.be huzurkebabkinrooi.be www.eethuisesrakoersel.be eethuisesrakoersel.be orientlanklaar.be www.orientlanklaar.be cokasnacks.be www.cokasnacks.be www.lapergolalommel.be lapergolalommel.be royaltantra.site paket.jetsosyal.com www.paket.jetsosyal.com unishee.online www.unishee.online www.konyaanadoluturizm.com konyaanadoluturizm.com ipsworld.uk www.ipsworld.uk patilericin.com www.patilericin.com mbboutique.de miavaporia.it www.miavaporia.it guenosamigos.com duppo.de www.tureser.com www.girisimfikirleri.com.tr girisimfikirleri.com.tr www.innsbruckviptaxi.com innsbruckviptaxi.com www.webitool.com azore.blanch.dev www.azore.blanch.dev www.carzonedizayn.com www.iprospectlab-tr.com www.meditour2006.com www.yenianayasaicin.org www.asodcd.org www.helixhearing.crmmedyademo.com helixhearing.crmmedyademo.com turkiyemdizayn.com cpcontacts.demo4.apple-jo.com aslankoltukyikama.net www.amelas.com.tr amelas.com.tr app.findshome.com balensepizzakebap.be www.balensepizzakebap.be carzonedizayn.com makeupbyhasan.com www.makeupbyhasan.com devsoftwork.net www.nanroseperiperi2.co.uk nanroseperiperi2.co.uk www.ozhakikitatil.crmmedyademo.com ozhakikitatil.crmmedyademo.com www.ozhakikitatil.com ozhakikitatil.com

Open Ports Detected

2077 2083 2086 2087 21 443 465 80 993

CVEs Detected

CVE-2007-3205 CVE-2013-2220 CVE-2017-8923 CVE-2022-31628 CVE-2022-31629 CVE-2022-37454

Map

Whois Information

• inetnum: 151.80.64.0 - 151.80.64.63
• netname: OVH_79468829
• descr: OVH Static IP
• country: FR
• org: ORG-HG45-RIPE
• admin-c: OTC2-RIPE
• tech-c: OTC2-RIPE
• status: LEGACY
• mnt-by: OVH-MNT
• created: 2015-03-31T14:45:21Z
• last-modified: 2015-03-31T14:45:21Z
• organisation: ORG-HG45-RIPE
• org-name: Guzel Hosting GNET Internet Telekomunikasyon A.S.
• org-type: OTHER
• address: Icerenkoy Mh. Bahcelerarasi Sk. Mete Plaza Kat 22 Atasehir
• address: 34752 Istanbul
• address: TR
• phone: +90.8508850558
• abuse-c: ACRO52378-RIPE
• mnt-ref: OVH-MNT
• mnt-by: OVH-MNT
• created: 2015-03-24T11:02:03Z
• last-modified: 2023-04-06T14:18:13Z
• role: OVH Technical Contact
• address: OVH SAS
• address: 2 rue Kellermann
• address: 59100 Roubaix
• address: France
• admin-c: OK217-RIPE
• tech-c: GM84-RIPE
• tech-c: SL10162-RIPE
• nic-hdl: OTC2-RIPE
• abuse-mailbox: abuse@ovh.net
• mnt-by: OVH-MNT
• created: 2004-01-28T17:42:29Z
• last-modified: 2014-09-05T10:47:15Z
• route: 151.80.0.0/16
• descr: OVH
• origin: AS16276
• mnt-by: OVH-MNT
• created: 2015-01-22T17:55:49Z
• last-modified: 2015-01-22T17:55:49Z

Links to attack logs

****** ****** ******