164.132.51.91 Threat Intelligence and Host Information

Share on:
Apr 24, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 42/100

Host and Network Information

  • Mitre ATT&CK IDs: T1564.007 - VBA Stomping, T1566 - Phishing
  • Tags: 204=1LSgyUQhdKu6Wr6-2vko7LtMIrid0Y03hyMZtRGB9TvQqeDBxblEawrlZFlo, Bruteforce, Crypto Mining Pool Hostnames, JAR-16-20296A.csv ~ 2016 Russian Election Hack, MAL_Payload_F5_BIG_IP_Exploitations_Jul20_1, Nextray, SSH, TOR, VPN, cookie, cyber security, http://pay.google.com/gp/w/u/0/home, https://pulsedive.com/indicator/?iid=3893893, ioc, kit found, malicious, pas tool, phishing, php web, probing, scanning, webscan, webscanner bruteforce web app attack
  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: maxmind_proxy_fraud

  • Country: France
  • Network: AS16276 ovh sas
  • Noticed: 50 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: 164.132.51.91 healthtouwindtip.kvrddns.com 91.ip-164-132-51.eu

Malware Detected on Host

Count: 2 33b2920f9a4e6dc8cd3ff7425289789b3ac3d61d36f8bba2a91a97c35ee1e65e 63dbcd4f99bb690231adf9be35c9cf2a7c5ffe8b96239328942cff0321bc4c88

Map

Whois Information

  • inetnum: 164.132.0.0 - 164.132.255.255
  • org: ORG-OS3-RIPE
  • status: LEGACY
  • netname: FR-OVH
  • country: FR
  • admin-c: OTC2-RIPE
  • tech-c: OTC2-RIPE
  • mnt-by: RIPE-NCC-LEGACY-MNT
  • mnt-by: OVH-MNT
  • created: 2001-10-04T09:57:12Z
  • last-modified: 2016-04-14T10:14:17Z
  • organisation: ORG-OS3-RIPE
  • org-name: OVH SAS
  • country: FR
  • org-type: LIR
  • address: 2 rue Kellermann
  • address: 59100
  • address: Roubaix
  • address: FRANCE
  • phone: +33972101007
  • admin-c: OTC2-RIPE
  • admin-c: OK217-RIPE
  • admin-c: GM84-RIPE
  • abuse-c: AR15333-RIPE
  • mnt-ref: OVH-MNT
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: OVH-MNT
  • created: 2004-04-17T11:23:17Z
  • last-modified: 2020-12-16T10:24:51Z
  • role: OVH Technical Contact
  • address: OVH SAS
  • address: 2 rue Kellermann
  • address: 59100 Roubaix
  • address: France
  • admin-c: OK217-RIPE
  • tech-c: GM84-RIPE
  • tech-c: SL10162-RIPE
  • nic-hdl: OTC2-RIPE
  • abuse-mailbox: [email protected]
  • mnt-by: OVH-MNT
  • created: 2004-01-28T17:42:29Z
  • last-modified: 2014-09-05T10:47:15Z
  • route: 164.132.0.0/16
  • descr: OVH
  • origin: AS16276
  • mnt-by: OVH-MNT
  • created: 2015-12-09T09:54:51Z
  • last-modified: 2015-12-09T09:58:12Z

Links to attack logs

bruteforce-ip-list-2020-05-16 ** bruteforce-ip-list-2020-08-28