196.217.240.243 Threat Intelligence and Host Information

May 29, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 196.217.240.243 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1595 - Active Scanning

  • Tags: auto-generated security, cyber security, DDoS, ioc, malicious, Nextray, phishing, RTBH, scan, sip, sipvicious, ssh, tsec

  • View other sources: Spamhaus VirusTotal

  • Country: Morocco
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: mssql
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

1000 10001 10005 10017 10019 10024 10032 10038 10081 10086 102 10200 10250 104 10935 10936 1099 11000 11002 11112 11211 1153 11701 1177 1180 1200 12000 12109 12128 12152 12156 12162 12172 12177 12181 122 12214 12218 12221 12224 12227 12240 12277 12290 12295 12315 12318 12332 12351 12358 12364 12365 12368 12385 12387 12391 12415 12419 12422 12431 12463 12477 12489 1250 12510 12524 12528 12544 12560 12573 13 13001 1337 135 1355 14147 14265 1433 1446 1453 14895 16001 16005 16009 16026 16031 16040 16049 16403 1660 16831 17000 17082 175 17775 17779 179 1800 18001 18006 18009 1801 18013 18028 18033 18044 18048 18070 18081 18095 18100 18105 19000 1926 195 1953 1962 1989 2000 2002 2006 2008 2016 20256 20547 2056 2067 2083 2087 20880 2091 21 21025 2103 2121 21230 21251 21271 21274 21299 21318 21323 21379 2154 2181 221 22107 2224 23 23084 2323 2376 2404 24084 2453 2455 25003 2550 25565 2560 2562 26 2628 27015 2762 3001 30027 30112 30121 3021 3048 3049 3055 3057 3078 3079 3090 311 3122 3145 3149 3173 3191 3193 3260 32764 3299 3306 3310 3389 35000 3521 35240 35241 36501 37 3794 385 38520 40005 4064 4117 4150 4157 4190 4200 42235 4242 427 4282 43 4321 4369 442 4430 44332 4434 4438 4440 4443 447 44818 45002 4510 452 4531 47000 4786 48018 48020 4808 488 48888 4899 49200 4949 49767 50000 50011 5009 50105 50106 502 5025 50998 51201 51235 513 515 5180 5222 5224 5245 5248 5255 5259 5260 5263 5269 5271 54022 541 54138 5431 5432 548 55000 554 55553 5556 5591 5602 5605 5640 5672 5701 5804 58532 5906 5907 5919 593 5988 5994 6000 6001 6008 60129 61616 61619 62078 62443 6308 632 63210 63256 636 64295 6622 6650 6653 6667 6668 6697 7001 7057 7071 7218 7283 7302 7348 7415 7434 7443 7444 7500 7601 7634 7676 771 789 79 7980 8011 8033 8039 8041 8053 8079 8084 8097 8099 8105 811 8122 8139 8140 8150 8151 8152 8163 8175 8181 8184 8195 8200 8291 8333 8424 843 8443 8454 8464 8472 8473 8481 8500 8502 8513 8524 8528 8544 8545 8551 8573 8575 8580 8585 8587 8601 8663 8701 873 8765 8827 8834 8839 8853 8858 8869 8875 8880 8889 8943 9000 9001 9014 9035 9050 9062 9064 9069 9081 9087 9091 91 9100 9120 9139 9147 9149 9157 9159 9174 9181 9183 9189 9215 9220 9242 9310 9333 9398 9418 9507 9510 9530 9606 9761 9810 9885 9898 9899 990 9901 992 993 9950 9998 9999

Map

Whois Information

  • inetnum: 196.217.240.0 - 196.217.243.255
  • netname: IP_Static_MarocTelecom
  • descr: IP_Static_MarocTelecom
  • country: MA
  • admin-c: SMT1-AFRINIC
  • tech-c: DMT1-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: ONPT-MNT
  • parent: 196.217.0.0 - 196.217.255.255
  • person: DEMPFS Maroc Telecom
  • nic-hdl: DMT1-AFRINIC
  • address: Si�ge de Maroc telecom Avenue Annakhil Hay Riad Rabat
  • address: Rabat 10100
  • address: Morocco
  • phone: tel:+212-37284319
  • phone: tel:+212-37284312
  • mnt-by: GENERATED-59UQAQ1UAZKQWKK5GWNQRJ9VGMHDFDGD-MNT
  • person: SEPFS Maroc Telecom
  • nic-hdl: SMT1-AFRINIC
  • address: Service Exploitation des PFS
  • address: MAROC TELECOM
  • address: Avenue Hay Annakhil Riad
  • address: rabat
  • address: Morocco
  • phone: tel:+212-37284319
  • phone: tel:+212-37284314
  • mnt-by: GENERATED-QKJHRQGRJU8KJEZGF62S2JCUXLD0D81A-MNT
  • route: 196.217.0.0/16
  • descr: route object
  • origin: AS36903
  • mnt-by: ONPT-MNT
  • route: 196.217.0.0/16
  • descr: route object
  • origin: AS6713
  • mnt-by: ONPT-MNT

Links to attack logs

dolondon-mssql-bruteforce-ip-list-2021-11-09 ****** dofrank-mssql-bruteforce-ip-list-2021-10-01 nmap-scanning-list-2023-05-18 ****** dosing-mssql-bruteforce-ip-list-2022-05-03 dofrank-mssql-bruteforce-ip-list-2021-03-26 ******

Share on: