192.71.166.25 Threat Intelligence and Host Information

Oct 09, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 192.71.166.25 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 70/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: sblam, stopforumspam_180d, stopforumspam_365d, stopforumspam_90d, stopforumspam

  • Country: Greece
  • Network: AS8280 synapsecom s.a. provider of telecommunications and internet services
  • Noticed: 29 times
  • Protocols Attacked: spam
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: ozoon2.linkpc.net haberci1.giize.com njrathack.ddns.net nbycm3siji1za.hopto.org simaiiii1.ddns.net buybuy.ddns.net maksongg.ddns.net

Malware Detected on Host

Count: 42 01662f4d1bc1be534e33da1436d89e32f283c6f24a896152082062ca79b57067 0f5925debabd0401a4496fc41f5817fddcc69b72ff30d4da8f7d053e16f9b922 51d1cdba3cbb6f2560d9ebbc08cf2634ec69151dd5a736f062e2cee24f394d61 3b3fc918aa733c1877d72c016702f0fa0b481e9d0a97b336e701aadea61c79ff b37d8113a0d2f3e23c5ee21956557018aafb63d12c396701288f84a03842743b b7f4550c4b1a60a4571c8b8b29a9573a340ecf0df26f16c13b4cf116ac37553d 833f8e724c6947e74e0079d847284bb7dc3e432482cb05bfdee09bc2a5642765 81c1af0a7debf9f33869fcf6a446ce7015b75525c6b06831e66294be8911d287 23ca8ed84ca5a728e6b433a215aca2a6ce34b6fee755b608da8e69f5f84489e2 6c3022ba478e3d4ea817ab0b7e85ecd6e52b1ffe5f42f0e1c0bd4885b2493fb9

Open Ports Detected

22 25

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767

Map

Links to attack logs

****** forum-spam-ip-list-2020-05-22 ****** ******

Share on: