199.249.230.150 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 199.249.230.150 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 70/100

Host and Network Information

• Tags: cve202229266, cyber security, description, description ip, indicator, indicator type, ioc, malicious, Nextray, phishing, TOR, VPN

• Known tor exit node

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: blocklist_net_ua, botscout_1d, dm_tor, et_tor, sblam, stopforumspam_180d, stopforumspam_1d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d, stopforumspam, tor_exits

• Known TOR node
• Country: United States
• Network:
• Noticed: 50 times
• Protocols Attacked: spam
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: block2.mmms.eu

Malware Detected on Host

Count: 44 aec3e58c3b23f17cf52f97608a7960bb3288c8bcbbe09e28197e163c5834f50c 1e52b18fe1c64e2550fba51bf4a182d061bfa15ed1945c1876dc1cbeea4030e4 c435ff86cdc86c0385e301a6784237e382efd803b035091cbcec20ca42b1fcee d9cc058c2f45d84cec73344a2a4840e07b92248f1d1e1c049ef9d4d653350cfb b11e614cdd02aecb8d6ae65bf67bfac8cbefd68830065217e2cb48922743bb12 f2564b16f722ba6eadfffe019815501c97c5ce2edc54d3675a89b4c2866c0a40 fa79af753be9d94ad291207efa6d103b3daa08bd34512ce14a994946d1046b23 1d811e975e723720cbfc93ae6d0aa2837539846a7fbbc78204b0cf454b43f52c 155cc390568a88b0bc789e1d7cf2dda7fc2f0943b31055c9a4f87d95261f4ee0 444829de4197e8442c9bbb56761f8ce1c406009db9c4fa2598c2862acc1e4d12

Map

Whois Information

• NetRange: 199.249.230.0 - 199.249.230.255
• CIDR: 199.249.230.0/24
• NetName: TUCDC
• NetHandle: NET-199-249-230-0-1
• Parent: NET199 (NET-199-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: TRANS UNION OF CANADA, INC. (TUCDC)
• RegDate: 2024-06-07
• Updated: 2024-06-07
• Ref: https://rdap.arin.net/registry/ip/199.249.230.0
• OrgName: TRANS UNION OF CANADA, INC.
• OrgId: TUCDC
• Address: 3115 Harvester Rd., Suite 201
• City: Burlington
• StateProv: ON
• PostalCode: L7N 3N8
• Country: CA
• RegDate: 1995-09-20
• Updated: 2024-06-19
• Ref: https://rdap.arin.net/registry/entity/TUCDC
• OrgAbuseHandle: GRANT238-ARIN
• OrgAbuseName: Grantham, Scott
• OrgAbusePhone: +1-905-340-1355
• OrgAbuseEmail: scott.grantham@transunion.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/GRANT238-ARIN
• OrgTechHandle: GRANT238-ARIN
• OrgTechName: Grantham, Scott
• OrgTechPhone: +1-905-340-1355
• OrgTechEmail: scott.grantham@transunion.com
• OrgTechRef: https://rdap.arin.net/registry/entity/GRANT238-ARIN
• OrgTechHandle: TRASM3-ARIN
• OrgTechName: trasmundi, lino
• OrgTechPhone: +1-905-520-4870
• OrgTechEmail: ltrasmu@transunion.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TRASM3-ARIN

Links to attack logs

forum-spam-ip-list-2023-03-12 ****** ****** ******