200.115.171.249 Threat Intelligence and Host Information

ipinfopage

General

This page contains threat intelligence information for the IPv4 address 200.115.171.249 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

🟠 Elevated — 57/100

Geographic Location

Host and Network Information

Tags

  • accept
  • analysis
  • android
  • ansi
  • apt
  • ck id
  • click
  • close
  • code
  • crew
  • date
  • delphi
  • done
  • download
  • dropped file
  • e ansi
  • entropy
  • error
  • f ansi
  • form
  • format
  • general
  • graphics
  • hosts
  • hybrid
  • indy library
  • malicious
  • malware
  • memoryfile scan
  • obsolete
  • online
  • patch
  • path
  • push
  • raw size
  • sample
  • sandbox
  • stack
  • strings
  • submit
  • suspicious
  • trojan
  • unicode
  • unknown
  • vxstream
  • win32
  • win64
  • write

MITRE ATT&CK TTPs

  • T1012 - Query Registry
  • T1021 - Remote Services
  • T1027 - Obfuscated Files or Information
  • T1036 - Masquerading
  • T1055 - Process Injection
  • T1056 - Input Capture
  • T1057 - Process Discovery
  • T1071 - Application Layer Protocol
  • T1082 - System Information Discovery
  • T1106 - Native API
  • T1112 - Modify Registry
  • T1571 - Non-Standard Port
  • T1573 - Encrypted Channel

Associated CVEs

  • CVE-2006-20001

Passive DNS

  • bangbros.gdn

Attack Log References

Whois Information

inetnum: 200.115.171.0/24 status: reallocated aut-num: N/A owner: Cyber Cast International, S.A. ownerid: PA-CCIS-LACNIC responsible: Cyber Cast Intl address: Addison House Plaza Suite 20, 507, 264-0852 address: 6-3783 - Panama - PA country: PA phone: +507 264-0852 owner-c: CCS2 tech-c: CCS2 abuse-c: CCS2 inetrev: 200.115.171.0/24 nserver: NS1.CYBERCASTCO.COM nsstat: 20250407 AA nslastaa: 20250407 nserver: NS2.CYBERCASTCO.COM nsstat: 20250407 AA nslastaa: 20250407 created: 20081119 changed: 20081119 inetnum-up: 200.115.160.0/20 nic-hdl: CCS2 person: Cyber Cast International, S.A. e-mail: abuse@ccipanama.com address: Addison House Plaza Suite 20, 507, 264-0852 address: 6-3783 - panama - pa country: PA phone: +507 2640852 created: 20050405 changed: 20220331