199.249.230.153 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 199.249.230.153 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

• Known tor exit node

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: blocklist_net_ua, botscout_1d, dm_tor, et_tor, sblam, stopforumspam_180d, stopforumspam_1d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d, stopforumspam, tor_exits

• Known TOR node
• Country: United States
• Network:
• Noticed: times
• Protocols Attacked: spam
• Passive DNS Results: tor64.quintex.com block2.mmms.eu

Malware Detected on Host

Count: 41 30cfa7c58175c33519c68953b339b14353326a73ce153dafb027e07a23aaaa74 c435ff86cdc86c0385e301a6784237e382efd803b035091cbcec20ca42b1fcee b11e614cdd02aecb8d6ae65bf67bfac8cbefd68830065217e2cb48922743bb12 ff556aa565a88dadad097d12f60e85780b872afce5fda943da2eca5236b68c5a 66837cb233b462c1286c112446e64c4e5108d605e976ff5e2b861f4f46f2c1ee 0e4b991e8bb2e7bbbb2f1dbe2783c857dc90da28d6cbd43bf39027ccafc93d0e 3e52576f858f03bfce01363a1791e22ba1e1576decf6bc10be5e42043f4728e3 2fd353ffcace535b5c0cdd3b70784bcbf1d4e35879a3109ed8825c2f970d22d3 53ffb4bbbb4828aa33dfa9adfd91c3e3717140ffe29ff0221e434f0db0f0232d d75fca41805fc5afc2376bdf462b5445e1c17fd88e4fef2de6a0b7627fa845db

Map

Whois Information

• NetRange: 199.249.230.0 - 199.249.230.255
• CIDR: 199.249.230.0/24
• NetName: TUCDC
• NetHandle: NET-199-249-230-0-1
• Parent: NET199 (NET-199-0-0-0-0)
• NetType: Direct Allocation
• OriginAS:
• Organization: TRANS UNION OF CANADA, INC. (TUCDC)
• RegDate: 2024-06-07
• Updated: 2024-06-07
• Ref: https://rdap.arin.net/registry/ip/199.249.230.0
• OrgName: TRANS UNION OF CANADA, INC.
• OrgId: TUCDC
• Address: 3115 Harvester Rd., Suite 201
• City: Burlington
• StateProv: ON
• PostalCode: L7N 3N8
• Country: CA
• RegDate: 1995-09-20
• Updated: 2024-06-19
• Ref: https://rdap.arin.net/registry/entity/TUCDC
• OrgAbuseHandle: GRANT238-ARIN
• OrgAbuseName: Grantham, Scott
• OrgAbusePhone: +1-905-340-1355
• OrgAbuseEmail: scott.grantham@transunion.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/GRANT238-ARIN
• OrgTechHandle: TRASM3-ARIN
• OrgTechName: trasmundi, lino
• OrgTechPhone: +1-905-340-1333
• OrgTechEmail: ltrasmu@transunion.com
• OrgTechRef: https://rdap.arin.net/registry/entity/TRASM3-ARIN
• OrgTechHandle: GRANT238-ARIN
• OrgTechName: Grantham, Scott
• OrgTechPhone: +1-905-340-1355
• OrgTechEmail: scott.grantham@transunion.com
• OrgTechRef: https://rdap.arin.net/registry/entity/GRANT238-ARIN

Links to attack logs

****** forum-spam-ip-list-2023-03-20 ****** ******