173.212.209.216 Threat Intelligence and Host Information

Apr 07, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 173.212.209.216 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 20/100

Host and Network Information

JARM: 29d3fd00029d29d00042d43d0000007d9a2df75fc17326c15d1e44e597e360
View other sources: Spamhaus VirusTotal
Contained within other IP sets: hphosts_psh

Country: Germany
Network: AS51167 contabo gmbh
Noticed: 1 times
Protocols Attacked: Anonymous Proxy
Passive DNS Results: beityaluminum.com bobphysics.com centerfps.com sectionlearn.com auclearn.com newton-learn.com ahlelelm.com americanboard-usa.com mostkqalk.com suitslearn.com tec-learn.com rocket-learn.com ahlalqanon.com alalsuncenter.com www.alalsuncenter.com mostqbalk.com shula.news www.shula.news intvetgroup.com www.intvetgroup.com erpesy.com www.dawaeebeauty.com dawaeebeauty.com www.bookhamsa.com bookhamsa.com qahra30.com www.hamsabook.com www.ilaw-group.com ilaw-group.com www.academycea.com.eg www.kafrelsheikh.com 10794accounting.academycea.com.eg www.academyicct.com www.academyicct.com.eg www.mrtamer.com www.smartdc.com.eg maredeg.com aliwahba.com en.mr-hero.com mr-hero.com edu.m-farrag.com m-farrag.com mrtalha.com en.mrtalha.com alarab2030.com edu.tsalah.com tsalah.com salamasaber.com edu.salamasaber.com edu.elmobdie.com elmobdie.com elkhlefa.com edu.elkhlefa.com ns1.3rbserv.com ns2.3rbserv.com eg.caesar-edu.com caesar-edu.com mrtamer.com en.mrtamer.com hamsabook.com 3rbserv.com fr.ragabb.com ragabb.com aac-news.com orvoeg.com cpcontacts.orvoeg.com cpcalendars.orvoeg.com cpcontacts.c.afroasiancenter.com cpcalendars.c.afroasiancenter.com c.afroasiancenter.com afroasiancenter.com exam.academycea.net cpcalendars.edu.kafrelsheikh.com cpcontacts.edu.kafrelsheikh.com edu.kafrelsheikh.com cpcontacts.kafrelsheikh.com cpcalendars.kafrelsheikh.com kafrelsheikh.com cpcalendars.cash.3rbserv.com cpcontacts.cash.3rbserv.com cash.3rbserv.com cpcalendars.academyicct.com.eg cpcontacts.academyicct.com.eg cpcalendars.sootelsaid.com cpcontacts.sootelsaid.com sootelsaid.com cpcalendars.app.academycea.com app.academycea.com cpcontacts.app.academycea.com cpcontacts.youmlite.com cpcalendars.youmlite.com youmlite.com cpcontacts.abosefen.com cpcalendars.abosefen.com cpcalendars.kermalakeg.com cpcontacts.kermalakeg.com abosefen.com whm.kermalakeg.com mared.3rbserv.com drtaherrahim.com cpcontacts.shamselnada.com shamselnada.com cpcalendars.shamselnada.com vmi230908.contaboserver.net cpcalendars.academycea.com cpcontacts.academycea.com cpcalendars.drhatemnoaman.com cpcontacts.drhatemnoaman.com cpcalendars.owner.kermalakeg.com cpcontacts.owner.kermalakeg.com owner.kermalakeg.com cpcalendars.pos.kermalak.com.eg cpcontacts.pos.kermalak.com.eg cpcalendars.academyicct.com cpcontacts.academyicct.com cpcalendars.ilaw-group.com.eg cpcontacts.ilaw-group.com.eg ilaw-group.com.eg cpcalendars.exam.academycea.com cpcontacts.exam.academycea.com cpcalendars.edu.academycea.com cpcontacts.edu.academycea.com cpcalendars.smartdc.com.eg cpcontacts.smartdc.com.eg pos.kermalak.com.eg drhatemnoaman.com smartdc.com.eg kermalakeg.com dawa.royalpharmaeg.com games.royalpharmaeg.com edu.academycea.com.eg poster.royalpharmaeg.com academycea.com ns2.royalpharma-int.com ns1.royalpharma-int.com whm.academycea.com ns2.academycea.com ns1.academycea.com expertsunion-tr.com exam.academyicct.com exams.academyicct.com academyicct.com uploads.academycea.com royalpharmaeg.com whm.royalpharmaeg.com mails.royalpharmaeg.com edu.academycea.com exam.academycea.com bedonwasit.com mails.royalpharma-int.com academycea.com.eg souqelhadaf.com royalpharma-int.com academyicct.com.eg catchmichelle.com www.catchmichelle.com all4romania.eu wordtrad.ro incomodph.ro

Open Ports Detected

110 111 143 2082 2083 2086 2087 21 22 3306 443 465 53 587 993

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

NetRange: 173.212.192.0 - 173.212.255.255
CIDR: 173.212.192.0/18
NetName: RIPE
NetHandle: NET-173-212-192-0-1
Parent: NET173 (NET-173-0-0-0-0)
NetType: Early Registrations, Transferred to RIPE NCC
OriginAS:
Organization: RIPE Network Coordination Centre (RIPE)
RegDate: 2016-06-20
Updated: 2016-06-20
Ref: https://rdap.arin.net/registry/ip/173.212.192.0
OrgName: RIPE Network Coordination Centre
OrgId: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
RegDate:
Updated: 2013-07-29
Ref: https://rdap.arin.net/registry/entity/RIPE
OrgAbuseHandle: ABUSE3850-ARIN
OrgAbuseName: Abuse Contact
OrgAbusePhone: +31205354444
OrgAbuseEmail: abuse@ripe.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
OrgTechHandle: RNO29-ARIN
OrgTechName: RIPE NCC Operations
OrgTechPhone: +31 20 535 4444
OrgTechEmail: hostmaster@ripe.net
OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
inetnum: 173.212.192.0 - 173.212.223.255
netname: CONTABO
descr: Contabo GmbH
country: DE
org: ORG-GG22-RIPE
admin-c: MH7476-RIPE
tech-c: MH7476-RIPE
status: ASSIGNED PA
mnt-by: MNT-CONTABO
created: 2018-08-20T08:38:51Z
last-modified: 2018-08-20T08:38:51Z
organisation: ORG-GG22-RIPE
org-name: Contabo GmbH
country: DE
org-type: LIR
address: Aschauer Strasse 32a
address: 81549
address: Munchen
address: GERMANY
phone: +498921268372
fax-no: +498921665862
abuse-c: MH12453-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: MNT-CONTABO
mnt-ref: MNT-OCIRIS
mnt-by: RIPE-NCC-HM-MNT
mnt-by: MNT-CONTABO
created: 2009-12-09T13:41:08Z
last-modified: 2021-09-14T10:49:04Z
person: Johannes Selg
address: Contabo GmbH
address: Aschauer Str. 32a
address: 81549 Muenchen
phone: +49 89 21268372
fax-no: +49 89 21665862
nic-hdl: MH7476-RIPE
mnt-by: MNT-CONTABO
mnt-by: MNT-GIGA-HOSTING
created: 2010-01-04T10:41:37Z
last-modified: 2024-04-15T11:05:18Z
route: 173.212.192.0/19
descr: CONTABO
origin: AS51167
mnt-by: MNT-CONTABO
created: 2019-01-16T08:20:57Z
last-modified: 2019-01-16T08:20:57Z

Links to attack logs

Share on: