197.231.221.211 Threat Intelligence and Host Information

Jan 13, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 197.231.221.211 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: badrequest, bruteforce, cyber security, ioc, malicious, Nextray, phishing, probing, TOR, VPN, webscan, webscanner

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: cruzit_web_attacks

  • Country: Liberia
  • Network:
  • Noticed: 45 times
  • Protocols Attacked: spam
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: interglobal.hopto.org 197.231.221.211 seed.bc.crypto-daio.co.uk sonjamont.hldns.ru tracamlage.kvrddns.com scorantgagmad.kvrddns.com crisizinun.kvrddns.com acsarsankla.kvrddns.com surrethounea.kvrddns.com sexpenidu.kvrddns.com hardrekehus.kvrddns.com anunoutter.kvrddns.com seed.nu.crypto-daio.co.uk lacofffrasos.kvrddns.com intelcomunications.ddns.net uspatdume.dyn-ip.org servicepoint.duckdns.org techpack.duckdns.org technologie.duckdns.org abcdefwhy.duckdns.org cincinnatij2311.dynvpn.de voronezhx0311.dyn-vpn.de krozjheff.ddns.net torakqnap.myqnapcloud.com antvirus.ddns.com.br exad.noip.me shadowpop.ddns.net exit1.ipredator.se hartman-anonymous.ddns.net

Malware Detected on Host

Count: 43 477c13d4ca09fdb7fea6487641c6a904d4dee1adecd74ac42e0b00a3842503f9 c3b474d62e753bcac41daedc5c30a3e0a389b6bcc9a765ad2935cd1167f4336b 11d5d4e8c8b88bfc48cd385ff55ee0f5c59f032db4bb73227b3b8f3ee1415025 b6b370c931ed6056218568ab8ddccc1688abb755ed30d2a9a7adde5924456988 68525ea61dd3d33edd764c5584632dcac4d914cdbc798af99170d625999bf21a 398b54ba4e9ff6a5623638fd691b6a8c592daa0fed7a120850df21a7d32517ef ef896e57ec9c3b8ac338d41b77b2eb6cb34bea51291127ba0bb9c579c4195ffa 22eccaf0437a2e793d02ec892fb77d2d8ca7da77084177883474f3a020efc058 4e54b4bb7d831264f419008ecc79cdc8ff1fcbeb732397b2879359f8d09a56c7 bcff9488d3f2f90730319b88784b31bcccd76e9ec1af9c0a05f66631ea88481e

Map

Whois Information

  • inetnum: 197.231.221.0 - 197.231.221.255
  • netname: CYBERDYNE-VPN01
  • descr: Cyberdynes VPN users, block 01.
  • country: LR
  • admin-c: NW2-AFRINIC
  • tech-c: NW2-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: CyberdyneSA-MNT
  • parent: 197.231.220.0 - 197.231.223.255
  • person: Nyahn Watson
  • address: Broad Street 80
  • address: Monrovia
  • address: Liberia
  • phone: tel:+231-4-713-432
  • nic-hdl: NW2-AFRINIC
  • mnt-by: GENERATED-WVURFBJ8EPYM0NQF6GHLKDUQS7QK9DL3-MNT
  • route: 197.231.220.0/22
  • origin: AS37560
  • descr: Cyberdyne
  • mnt-by: CyberdyneSA-MNT
  • route: 197.231.220.0/22
  • origin: AS39287
  • descr: Cyberdyne
  • mnt-by: CyberdyneSA-MNT

Links to attack logs

****** forum-spam-ip-list-2015-06-09 forum-spam-ip-list-2015-06-04 ****** ******

Share on: