173.249.20.233 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 173.249.20.233 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 14/100

Host and Network Information

• JARM: 3fd3fd0003fd3fd21c3fd3fd3fd3fdcb923bdf24d76ffa93e37532e1a9239b

• View other sources: Spamhaus VirusTotal

• Country: Germany
• Network: AS51167 contabo gmbh
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: creatyvot.com hilinesanitary.com www.hilinesanitary.com www.crm.youfind4.com crm.youfind4.com erp.creatyvot.in www.beur.ch beur.ch justqrit.com www.justqrit.com proderps.com www.wilmaskitchen.ch wilmaskitchen.ch locofresh.makentry.com www.locofresh.makentry.com locoqatar.com pro.resto-solutions.com resto-solutions.com smijomodels.com www.smijomodels.com batooota.makentry.com www.medx.com.kw medx.com.kw www.fraves.makentry.com fraves.makentry.com www.youfind4.com youfind4.com www.jooobz.com jooobz.com www.evangeliststerryks.org evangeliststerryks.org pearlygates.in quiztion.youfind4.com hosting.youfind4.com louchy.com www.louchy.com vps3.youfind4.com video.thewildpack.com l6587e77.justinstalledpanel.com

Malware Detected on Host

Count: 74 21ef47d05a7cb14695ae46a714cb3fd9c18b75f57c753fb8f69ae24758a006ac 051581bb2087bda01d135c25687aeab2b6d39a3393b051657926fbc0a5d7e18f 582c1aa52636afaea40f89a305a778d322ca29b98768e542a5fbdda2561dd279 643d63e794d607dc74e14b57e5700c2ded688b583c3cfc2850ae8920023a1401 ea567e4708992627042795d4227230eeeb2dc17a4000e832af0e7ad48fb45a72 6c6dd7ebf92032d78d464e5048ee2348455df33284c25763b07a23586b7abb0a 97968a79bb2184d213ab353a0e3196dafee4d3c8cb9386e98f83b121dec4e2ea c0cffe072d18df3d9e3fd5ac3fc5865e31b61c6bf0b51ce3db19b4609771b6cc 92856bfca6333362bcaec794263861d967be75a5794abceedf1e066194938499 ebb29b6a2d852d96e7d7ba8e05dd18579935bc5557ea5391e9b283ce09af62d5

Open Ports Detected

21 22 443 80 8888

CVEs Detected

CVE-2021-3618 CVE-2023-44487

Map

Whois Information

• NetRange: 173.249.0.0 - 173.249.63.255
• CIDR: 173.249.0.0/18
• NetName: RIPE
• NetHandle: NET-173-249-0-0-1
• Parent: NET173 (NET-173-0-0-0-0)
• NetType: Early Registrations, Transferred to RIPE NCC
• OriginAS:
• Organization: RIPE Network Coordination Centre (RIPE)
• RegDate: 2017-09-14
• Updated: 2017-09-14
• Ref: https://rdap.arin.net/registry/ip/173.249.0.0
• OrgName: RIPE Network Coordination Centre
• OrgId: RIPE
• Address: P.O. Box 10096
• City: Amsterdam
• StateProv:
• PostalCode: 1001EB
• Country: NL
• RegDate:
• Updated: 2013-07-29
• Ref: https://rdap.arin.net/registry/entity/RIPE
• OrgAbuseHandle: ABUSE3850-ARIN
• OrgAbuseName: Abuse Contact
• OrgAbusePhone: +31205354444
• OrgAbuseEmail: abuse@ripe.net
• OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
• OrgTechHandle: RNO29-ARIN
• OrgTechName: RIPE NCC Operations
• OrgTechPhone: +31 20 535 4444
• OrgTechEmail: hostmaster@ripe.net
• OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
• inetnum: 173.249.0.0 - 173.249.31.255
• netname: CONTABO
• descr: Contabo GmbH
• country: DE
• org: ORG-GG22-RIPE
• admin-c: MH7476-RIPE
• tech-c: MH7476-RIPE
• status: ASSIGNED PA
• mnt-by: MNT-CONTABO
• created: 2018-08-22T07:27:49Z
• last-modified: 2018-08-22T07:27:49Z
• organisation: ORG-GG22-RIPE
• org-name: Contabo GmbH
• country: DE
• org-type: LIR
• address: Aschauer Strasse 32a
• address: 81549
• address: Munchen
• address: GERMANY
• phone: +498921268372
• fax-no: +498921665862
• abuse-c: MH12453-RIPE
• mnt-ref: RIPE-NCC-HM-MNT
• mnt-ref: MNT-CONTABO
• mnt-ref: MNT-OCIRIS
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: MNT-CONTABO
• created: 2009-12-09T13:41:08Z
• last-modified: 2021-09-14T10:49:04Z
• person: Johannes Selg
• address: Contabo GmbH
• address: Aschauer Str. 32a
• address: 81549 Muenchen
• phone: +49 89 21268372
• fax-no: +49 89 21665862
• nic-hdl: MH7476-RIPE
• mnt-by: MNT-CONTABO
• mnt-by: MNT-GIGA-HOSTING
• created: 2010-01-04T10:41:37Z
• last-modified: 2024-04-15T11:05:18Z
• route: 173.249.20.0/23
• descr: CONTABO
• origin: AS51167
• mnt-by: MNT-CONTABO
• created: 2018-02-01T09:49:35Z
• last-modified: 2018-02-01T09:49:35Z

Links to attack logs

anonymous-proxy-ip-list-2024-03-06 anonymous-proxy-ip-list-2024-03-04 anonymous-proxy-ip-list-2024-03-03 anonymous-proxy-ip-list-2024-02-27 anonymous-proxy-ip-list-2024-02-26 anonymous-proxy-ip-list-2024-02-29 anonymous-proxy-ip-list-2024-03-02 anonymous-proxy-ip-list-2024-02-28 anonymous-proxy-ip-list-2024-03-05 anonymous-proxy-ip-list-2024-02-24