196.44.176.55 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 196.44.176.55 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 65/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• JARM: 2ad2ad16d2ad2ad0002ad2ad2ad2ad487dfc3734968073f786f66dcf4de1b2

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: cruzit_web_attacks, gpf_comics, hphosts_emd, hphosts_psh

• Country: Zimbabwe
• Network:
• Noticed: 30 times
• Protocols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: www.m2rimages.co.zw www.padandaro.co.zw www.hwangecolliery.co.zw m2rimages.co.zw basics.co.zw www.basics.co.zw www.farmandcity.co.zw wilvale.com www.fts-net.com www.necwei.co.zw wsinvestments.org fts-net.com www.kristemambo.co.zw innovation.co.zw denverbeverages.co.zw www.toppersuniforms.co.zw labelflex.co.zw www.mapcommunications.co.zw www.schweppes.co.zw mapcommunications.co.zw www.johnmaxwell.co.zw www.thebatterycentre.co.zw www.ubfconsult.com ca-lr.org topclassifieds.co.zw routesthruafrica.com necwei.co.zw gladercomfreight.com nichotan.com schweppes.co.zw microcom.co.zw bestbuyz.co.zw heritagehealth.co.zw hpetrust.co.zw bkpainters.co.zw dawngale.com totalexcel.co.zw visualpoint.co.zw wozanilodges.co.zw protrack.co.zw www.shadeogrey.co.za ministro.co.zw epgglobal.co.zw medirite.co.zw stracom.co.zw essar.co.zw gotravel.co.zw advanced.co.zw cargoplus.co.zw aidslaw.co.zw shockmedia.co.zw chase.co.zw crasterint.com elitecarrental.co.zw mh.co.zw planas.co.zw padandaro.co.zw gaamarketing.co.zw dstntrust.co.zw kaphree.co.zw chisipitedrilling.co.zw deepsearch.co.zw nimrandchapman.co.zw matuska.co.zw evanscoolants.co.zw zimrec.co.zw kristemambo.co.zw sahtc.com a2ngefsgp.org earthtrade.co.zw icsaz.co.zw ubfconsult.com www.rcu.ac.zw shadeogrey.co.za jatagubell.com toppersuniforms.co.zw www.icsaz.co.zw farmandcity.co.zw inarcdesign.co.zw kuyanaeventdesign.com musikbay.co.zw www.chase.co.zw mib.co.zw pfs.co.zw northernelectrical.co.zw stpaulsmarl-cpca.co.zw adderleyafrica.com rcu.ac.zw zimautosales.co.zw chocolicious.co.zw www.manitou.co.zw tudorhouseconsultants.co.zw heritagelife.co.zw shadeogrey.com ruzvidzo.com rustygate.org hawkflightconstruction.com zimgoldrush.co.zw consumerizim.com hwangecolliery.co.zw yoafrica.net rkrandmfmtrust.org hrib.co.zw www.esa.co.zw www.hrib.co.zw www.risctec.co.zw esa.co.zw risctec.co.zw ilangaren.com zimbabwefinance.co.zw www.inteduconnect.org dp.co.zw transmedia.co.zw www.cfxfreight.co.zw www.shelter.co.zw www.wiltshireexplosives.com rocknriveradventures.com openlcentre.com www.careinsurezim.com www.digital.co.zw traverzetravel.co.zw ingoodcompany.co.zw www.eac.co.zw designup.co.zw uluntu.org vbs.co.zw ophid.co.zw www.bestbuyz.co.zw han.co.zw www.musikbay.co.zw themailbox.co.zw nadf.co.zw www.nadf.co.zw hmi.co.zw medsure.co.zw rearcam.co.zw mattress.co.zw turningpointinv.co.zw sfa-int.co.zw www.mh.co.zw thecenturion.co.zw denhe.info bignyati.net www.hairworld.co.zw www.normajeaneslakeviewresort.com hopemiller.co.zw fdh.co.zw consumerizim.org zimsec.co.zw www.worxgroupafrica.com worxgroupafrica.com pmiz.org.zw omni.co.zw baywoodrealestatezimbabwe.co.zw www.elearning.rcu.ac.zw inteduconnect.org sstt.co.zw tariroafrica.org compprinters.org chipleton.com chilli-spot.com africasteel.co.zw www.rustygate.org newera.co.zw prices.co.zw justdoors.co.zw www.turningpointinv.co.zw www.sahtc.com caxebro.co.zw www.labour.co.zw casystems.co.zw www.openhouse.co.zw eiffelflatsprimaryzim.com openhouse.co.zw www.platinumlifestyle.biz koalaeducationservices.com www.dbnattorneys.co.zw statprintzim.com securitiescode.com johnmaxwell.co.zw www.saf4africa.com accpharma.co.zw www.forestry.co.zw rydings.co.zw forestry.co.zw kengerepublic.com www.fmloil.co.zw fmloil.co.zw www.allpurposejoiners.co.zw yamurai.org.zw www.justdoors.co.zw creativecentre.co.zw zimbali.co.zw zacras.co.zw shelter.co.zw dariro.co.zw valcol.co.zw tagalife.org nicozdiamond.co.zw alturas.co.zw www.tdi.co.zw www.deicov.com www.koalaeducationservices.com www.bkpainters.co.zw bermudtransportgroup.com zimbabwemotorshow.co.zw www.zimbabwemotorshow.co.zw visionhivaids.com www.bigsky.co.zw www.hawkflightconstruction.com arrupe.ac.zw pcd.co.zw www.tagalife.org www.boldpower.co.zw www.medsure.co.zw www.stephenmargolisresort.com www.elitecarrental.co.zw www.accpharma.co.zw japafrica.com www.grantthornton.co.zw www.amgglobal.co.zw www.civedu.org www.jazimbabwe.org.zw normajeaneslakeviewresort.com globalaa.net www.creativecentre.co.zw www.zimsec.co.zw 263chat.com pavelong.co.zw bigsky.co.zw zimrights.co.zw www.zimrec.co.zw ganthorpe.co.zw redefinition.co.zw cfxfreight.co.zw innerliving.co.zw www.aynumprojects.co.zw hlbruzco.co.zw www.visionhivaids.com www.arundel.ac.zw titanzim.com www.thepatriot.co.zw headsandhooves.com www.vyas.co.zw www.innovative.co.zw platinumlifestyle.biz motortorque.co.zw centralbaptistharare.co.zw www.pmiz.org.zw www.alturas.co.zw www.valcol.co.zw hairworld.co.zw www.palmlodge.co.zw www.zimrights.co.zw manitou.co.zw www.brainworkscapital.com platinumgroupe.com careinsurezim.com www.platinumgroupe.com www.openlcentre.com www.motortorque.co.zw aquaculturezim.org deicov.com www.aquaculturezim.org www.sommerfield.co.zw www.transmedia.co.zw www.ialtsa.org kunzwana.co.zw www.kunzwana.co.zw exodusandcompany.com jesuitszimbabwe.co.zw nednedziwe.com www.heritagelife.co.zw www.harvesthouseint.org.zw sommerfield.co.zw www.nicozdiamond.co.zw www.shockmedia.co.zw www.uniglobe.co.zw www.exodusandcompany.com www.yoafrica.com www.traverzetravel.co.zw greatservice.co.zw zimictclassifieds.co.zw zimcatholic.com www.zw.celpay.com store.co.zw smile.co.zw fazakafrica.com www.paintandpainter.co.zw grantthornton.co.zw celeste.co.zw vyas.co.zw wdscu.com www.lowflow.co.zw dagga.yoafrica.com mashambanzou.co.zw eagleswings.co.zw labour.co.zw paintandpainter.co.zw dozeranddumper.com moonlight.co.zw zimtis.co.zw zulusafaris.co.zw sodapoplive.com compupro.co.zw omigzim.co.zw twimbos.com damiazim.com www.zimautosales.co.zw www.wdscu.com www.omigzim.co.zw icapatrust.org yoafrica.com zitmis.co.zw marjen.co.zw www.adderleyafrica.com www.sodapoplive.com mine-elect.co.zw www.mine-elect.co.zw

Malware Detected on Host

Count: 281 903c53686285a0cfd89d89ed600b209551168458b95899ff553caf7a7f09c1ac 33492595e001450ac6df1d6c110cc13c63c8a73cc691ae1e40d8cc1ea81a2edb ae904dbae0cfb0dd2a1153f9e8c3191d0bf7d1407f2cd31cb0b2d4a12b785a9c 4c4628e80eb4b514716e0564eb26cfa600c269b2baca542c4499641f895f5eda 0dcced795edac76325d0aeb3c08da5917d010309c3f6bbd39fcb24faf1cc90c9 871a40fb7438bb0c4952e720f9926a208c7a962254de34b04ec6b4637b4a2578 28ff572486d4a7c913af335b8b833ee0568471a60feded00f03e12eeaf572b9a e02fa28cbe2f6efe4d7c66a728ba9786d84c9bfbd29599a706099b26a1c4c427 c46d7578fe5104790684e50d4c573907aa09f455171768a46ead0468a6feec8a 043adac4448cb83d9006529313bfe5cd623b16cf2ad1f33d85642c4df287a4e1

Open Ports Detected

110 143 21 3306 443 80 8080 8081 993 995

CVEs Detected

CVE-2007-3205 CVE-2013-2220 CVE-2017-8923 CVE-2022-31628 CVE-2022-31629 CVE-2022-37454 CVE-2022-4900 CVE-2024-25117 CVE-2024-3566

Map

Whois Information

• inetnum: 196.44.176.0 - 196.44.176.255
• netname: YoAfrica_Servers_Network_Block
• descr: Assignment to YO!AFRICA Servers for Email, Web Hosting, Cloud Computing, DNS, File servers at the Headquarters Data Centre
• country: ZW
• admin-c: CM97-AFRINIC
• tech-c: CM97-AFRINIC
• status: ASSIGNED PA
• mnt-by: YOAFRICA-MNT
• parent: 196.44.176.0 - 196.44.191.255
• person: Charles Mashamba
• address: 1193 Sunningdale3, 263
• address: Harare
• address: Zimbabwe
• phone: tel:+263-77-881-8958
• nic-hdl: CM97-AFRINIC
• mnt-by: GENERATED-UZWM7CWHK3WSB8WAD1TWWCT5MDFOQVM8-MNT
• route: 196.44.176.0/24
• descr: YoAHRE-MAIN-Route
• origin: AS31856
• mnt-by: YOAFRICA-MNT

Links to attack logs

****** ****** ******