163.172.213.212 Threat Intelligence and Host Information

Share on:
Jul 24, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 163.172.213.212 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Known tor exit node

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua, botscout_1d, botscout_30d, botscout_7d, dm_tor, et_tor, gpf_comics, haley_ssh, sblam, stopforumspam, stopforumspam_180d, stopforumspam_1d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d, tor_exits, tor_exits_1d, tor_exits_30d, tor_exits_7d

  • Known TOR node
  • Country: Netherlands
  • Network:
  • Noticed: 1 times
  • Protcols Attacked: ssh
  • Passive DNS Results: b6.wetransfer.vip

Malware Detected on Host

Count: 12 b06f2de5d02df2babf3b7020d9ca543dd06782cc285c7e890bc73ce8578f0778 af32fea3f5eca754b76cfe535c626c86bb97c7a71f571ec6a074d1670caaba06 ec43e150012d049bbdf9a552c9a466482c628db8b981064584998a97d2662914 31e336d15f3414e6bae7056b612b3529b0af5c6656f93f9c3d51312a3ce8935c a4a63515b6bd2562e94430e10629c0c9e69309b2281dc857628cd537909c0352 e746ba510b706bc06b084ce84d6cd7e417137efde85bf12e421fdf21fd677943 5ec5871b702ab135831503398816c6d1572c3371c48531dc3ffee82c4562dc4e 4b9c21d9da89c399832f18b4c9a2b4a32788937070b5494404a6e5b3d601a74b 5dca574173ec29eab508ab797c6af88456d9960cc56f42d7b86a06eae0cee317 860d97d305fcbfd03fd39a6784c3257fed4e463260a9a5455cfd72a1d166f074

Open Ports Detected

8080

Map

Whois Information

  • inetnum: 163.172.208.0 - 163.172.223.255
  • netname: SCALEWAY-AMS
  • descr: Scaleway - Amsterdam, Netherlands
  • status: LEGACY
  • country: NL
  • admin-c: MM42047-RIPE
  • tech-c: MM42047-RIPE
  • mnt-by: ONLINE-NET-MNT
  • created: 2016-05-13T10:36:53Z
  • last-modified: 2022-05-04T17:24:57Z
  • org: ORG-ONLI1-RIPE
  • organisation: ORG-ONLI1-RIPE
  • mnt-ref: MNT-TISCALIFR-B2B
  • org-name: Scaleway
  • org-type: OTHER
  • address: 8 rue de la ville l’eveque 75008 PARIS
  • abuse-c: AR32851-RIPE
  • mnt-ref: ONLINE-NET-MNT
  • mnt-by: ONLINE-NET-MNT
  • created: 2015-07-10T15:20:41Z
  • last-modified: 2022-05-03T15:39:01Z
  • person: Mickael Marchand
  • address: 8 rue de la ville l’eveque 75008 PARIS
  • phone: +33173502000
  • nic-hdl: MM42047-RIPE
  • mnt-by: MMA-MNT
  • created: 2015-07-10T15:02:32Z
  • last-modified: 2016-02-23T12:43:25Z
  • route: 163.172.208.0/20
  • descr: SCALEWAY
  • descr: Amsterdam, Netherlands
  • origin: AS12876
  • mnt-by: MNT-TISCALIFR
  • mnt-by: ONLINE-NET-MNT
  • created: 2019-10-03T15:09:54Z
  • last-modified: 2022-05-03T10:05:58Z

Links to attack logs

bruteforce-ip-list-2021-04-02 bruteforce-ip-list-2021-06-04 aws-ssh-bruteforce-ip-list-2021-06-09