193.70.80.220 Threat Intelligence and Host Information
Share on:
Apr 24, 2023
ipinfopage
General
This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.
Likely Malicious Host 🟠 53/100
Host and Network Information
- Mitre ATT&CK IDs: T1003.002 - Security Account Manager, T1003.005 - Cached Domain Credentials, T1011 - Exfiltration Over Other Network Medium, T1033 - System Owner/User Discovery, T1039 - Data from Network Shared Drive, T1106 - Native API, T1140 - Deobfuscate/Decode Files or Information, T1176 - Browser Extensions, T1566 - Phishing, T1583.002 - DNS Server
- Tags: 104.21.47.11, 123.57.80.40, 13.32.21.33, 142.250.185.132, 209.87.209.217, 3d, 47.254.155.107, Cybersucrity, DDOS, Nextray, advanced apt, alienvault, alienvault open, alienvault usm, alliance, alliances find, amer, america, anti hacker, anti spam, anti spammer, anywhere, arbor networks, arlington, atlas, attack, austin, authors editors, automatic, awsau, awsjap, become, black list, blacklist, block, block list, block spam, blocker, blog, blueliv, blueliv cyber, bulk email, busan, cangzhou, check point, china, china office, clock world, clown strike, congress, contact, cookie, cookies, copy, copyright, cpanel, css, css3, cve201711882, cyber, cyber security, cyber threat, d solutions, data, data security, ddos, ddos attack, dedicated, demo, designer, developer, developers, discover books, district, download, education all, eisenhower, elsevier, email, engine, english english, env session, evolution, explorer, facebook, fast, february, federation, final, find, fireeye cyber, firewall, forgot, format tidy, fortinet threat, friday, general, generic, geo ip, geolocation, germany, globe, globe locations, globes, google, gunzenhausen, hacker, hacker blocker, hackers, hello weaver, help, home, home hosting, home news, home site, hosting, html, html file, html5, imperva, imperva partner, imprint pro, info, information, initializing, internet mafia, ioc, iocs, ip, ip address, ip tracker, iran, israel 972, israel office, javascript, jefferson, jobs, join blueliv, journals author, jquery, jquery ui, json format, junk email, kaspersky cyber, krasnodar, legal, linux, live, livestatistics, location, login my, logo, lorem ipsum, mafia, main, major, malicious, malware, map, maps, march, maxminds geoip, member, mexico, milan, music, north korea, npi contact, ntp, optimization, oregon medicaid, otx endpoint, otx threat, otx trends, packages hacked, paris, partner partner, partners shop, petya, phishing, platform, please log, portal login, privacy, problem, protect, providers, radio address, realtime, rehovot, repings, report, republic, revolvermaps, sbl, sbl blocklist, scanners, server, service, show, siem, sign, singapore, sitetraffic, solutions r, soundcloud jobs, spam, spam filtering, spam gangs, spam services, spam statistics, spam virus, spamleters, spammers, spamware, state, statistics, stats, stealth spamware, stop spam, team, template load, terrorists, texas, threat exchange, threat map, threatbutt, threats, tidy, today, tokyo, tools, trace ip, traffic, trial, truman, twitter, tx office, uhr htmlworld, ukraine, union, union message, united, unsolicited bulk email, unsolicited commercial email, updates, us directory, usm anywhere, vancouver, viking grade, visitor, visitor maps, wannacry, web designer, web developer, webshop, website, website virtual dedicated, what is my ip, widget, widget help, widgets, wilson
-
View other sources: Spamhaus VirusTotal
- Country: France
- Network: AS16276 ovh sas
- Noticed: 4 times
- Protcols Attacked: ntp
- Countries Attacked: Armenia, Australia, Brazil, British Indian Ocean Territory, Burundi, Canada, China, Cyprus, Czechia, Denmark, Ecuador, Estonia, France, Germany, Hong Kong, Iceland, India, Indonesia, Israel, Japan, Latvia, Lithuania, Malawi, Malaysia, Norway, Poland, Romania, Taiwan, Thailand, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States Minor Outlying Islands, United States of America
- Passive DNS Results: new.sparkcraft.ru survival.sparkcraft.ru skins.sparkcraft.ru vanilla.sparkcraft.ru donate.sparkcraft.ru sparkcraft.ru panel.sparkcraft.ru
Open Ports Detected
Map
Whois Information
- inetnum: 193.70.0.0 - 193.70.127.255
- netname: FR-OVH-930901
- country: FR
- org: ORG-OS3-RIPE
- admin-c: OK217-RIPE
- tech-c: OTC2-RIPE
- status: ALLOCATED PA
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: OVH-MNT
- mnt-routes: OVH-MNT
- mnt-domains: OVH-MNT
- created: 2016-10-07T08:19:40Z
- last-modified: 2017-01-11T08:00:07Z
- organisation: ORG-OS3-RIPE
- org-name: OVH SAS
- country: FR
- org-type: LIR
- address: 2 rue Kellermann
- address: 59100
- address: Roubaix
- address: FRANCE
- phone: +33972101007
- admin-c: OTC2-RIPE
- admin-c: OK217-RIPE
- admin-c: GM84-RIPE
- abuse-c: AR15333-RIPE
- mnt-ref: OVH-MNT
- mnt-ref: RIPE-NCC-HM-MNT
- mnt-by: RIPE-NCC-HM-MNT
- mnt-by: OVH-MNT
- created: 2004-04-17T11:23:17Z
- last-modified: 2020-12-16T10:24:51Z
- role: OVH Technical Contact
- address: OVH SAS
- address: 2 rue Kellermann
- address: 59100 Roubaix
- address: France
- admin-c: OK217-RIPE
- tech-c: GM84-RIPE
- tech-c: SL10162-RIPE
- nic-hdl: OTC2-RIPE
- abuse-mailbox: [email protected]
- mnt-by: OVH-MNT
- created: 2004-01-28T17:42:29Z
- last-modified: 2014-09-05T10:47:15Z
- person: Octave Klaba
- address: OVH SAS
- address: 2 rue Kellermann
- address: 59100 Roubaix
- address: France
- phone: +33 9 74 53 13 23
- nic-hdl: OK217-RIPE
- mnt-by: OVH-MNT
- created: 1970-01-01T00:00:00Z
- last-modified: 2017-10-30T21:44:51Z
- route: 193.70.0.0/17
- descr: OVH
- origin: AS16276
- mnt-by: OVH-MNT
- created: 2016-10-07T08:51:27Z
- last-modified: 2016-10-07T08:51:27Z
Links to attack logs
awsjap-ntp-bruteforce-ip-list-2021-05-07 awsau-ntp-bruteforce-ip-list-2021-05-07