193.31.24.154 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 193.31.24.154 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing, RDP, tsec

  • Known tor exit node

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua, botscout_30d, botscout_7d, dm_tor, et_tor, sblam, stopforumspam_180d, stopforumspam_1d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d, stopforumspam, tor_exits_1d, tor_exits_30d, tor_exits_7d, tor_exits

  • Known TOR node
  • Country: Germany
  • Network: AS197540 netcup gmbh
  • Noticed: 1 times
  • Protcols Attacked: redis
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 44 9139e02b9c64b12cd8d10f5c53f99cf54c1a65f948c0553a3021c0d64acd174b 48d8c94e63fafdafa32f65de363c46a508ef6a50d2aa8d31ac32e93204b7925c 0fc629dbb0203818acbb0adafbcaff02d8f0307eaf62714cd2bd5850d47753fb 11063678c4fab5c40137c7bec81278244d0d8de74b9a8fea59881cde1c72a2d0 8c791e7260ff84b04f38a9f69b67168d296a9e3d3ba5a789d55fc22796ef7e17 b11e614cdd02aecb8d6ae65bf67bfac8cbefd68830065217e2cb48922743bb12 9d168de574690c2cf672128e09980554aef340991ada6edaf67e7e617d17caf9 a8309c81f7f953d403f29c744b4893c3674d54fd31d4fe5b9df9a5cfa80e1e39 cfd0c3453436903f471c2d8dd2abb3a20ca1ca823eb425463b1ad24eae81acdc dd2d8400956e40b6fa78d1038a2a9a4e5d06049b1b4d31a8a2d3bdc9b0b3feb8

Map

Whois Information

  • inetnum: 193.31.24.0 - 193.31.25.255
  • netname: DE-NETCUP-SERVER
  • country: DE
  • org: ORG-nG51-RIPE
  • admin-c: OW699-RIPE
  • tech-c: OW699-RIPE
  • status: ASSIGNED PA
  • mnt-by: NETCUP-MNT
  • mnt-lower: NETCUP-MNT
  • mnt-routes: NETCUP-MNT
  • created: 2020-04-02T13:38:00Z
  • last-modified: 2020-04-02T13:38:00Z
  • organisation: ORG-nG51-RIPE
  • org-name: netcup GmbH
  • country: DE
  • org-type: LIR
  • address: Daimlerstrasse 25
  • address: 76185
  • address: Karlsruhe
  • address: GERMANY
  • phone: +4972175407550
  • fax-no: +4972175407559
  • admin-c: OW395-RIPE
  • abuse-c: NA4042-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: NETCUP-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: NETCUP-MNT
  • created: 2010-11-03T10:05:19Z
  • last-modified: 2020-12-16T12:52:13Z
  • person: Oliver Werner
  • address: Daimlerstr. 25
  • address: 76185
  • address: Karlsruhe
  • address: GERMANY
  • phone: +4972175407550
  • nic-hdl: OW699-RIPE
  • mnt-by: NETCUP-MNT
  • created: 2019-01-22T15:42:52Z
  • last-modified: 2019-01-22T15:42:53Z
  • route: 193.31.24.0/22
  • origin: AS197540
  • mnt-by: NETCUP-MNT
  • created: 2018-07-24T13:54:21Z
  • last-modified: 2018-07-24T13:54:21Z

Links to attack logs

nmap-scanning-list-2022-02-17 vultrparis-redis-bruteforce-ip-list-2021-12-19