206.189.12.171 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 206.189.12.171 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 11/100

Host and Network Information

• View other sources: Spamhaus VirusTotal

• Country: Netherlands
• Network:
• Noticed: 1 times
• Protocols Attacked: SSH
• Passive DNS Results: e2e-dbaas-mongodb-noha8-86b12703.mongo.ondigitalocean.com aditaphp8161c09fe4f3605.cloud.bunnyroute.com aditawp81161c09dcab0ac8.cloud.bunnyroute.com aditawp8161c098d529b87.cloud.bunnyroute.com

Open Ports Detected

12105 12106 12108 12111 12113 12116 12117 12118 12121 12123 12124 12128 12134 12138 12143 12144 12155 12156 12157 12162 12163 12166 12167 12170 12172 12173 12174 12179 12183 12186 12187 12203 12211 12218 12221 12222 12223 12225 12226 12230 12238 12242 12243 12244 12246 12248 12249 12251 12252 12256 12257 12261 12263 12264 12266 12267 12269 12277 12283 12288 12289 12290 12292 12294 12298 12300 12302 12312 12313 12320 12325 12328 12329 12331 12333 12340 12341 12342 12343 12344 12345 12350 12359 12362 12363 12364 12368 12370 12371 12376 12379 12388 12390 12391 12394 12395 12398 12402 12403 12404 12406 12409 12410 12411 12417 12418 12422 12426 12427 12430 12440 12441 12442 12443 12445 12449 12453 12454 12456 12459 12461 12462 12464 12466 12473 12475 12477 12482 12487 12489 13128 13333 13380 80

CVEs Detected

CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

Map

Whois Information

• NetRange: 206.189.0.0 - 206.189.255.255
• CIDR: 206.189.0.0/16
• NetName: DIGITALOCEAN-206-189-0-0
• NetHandle: NET-206-189-0-0-1
• Parent: NET206 (NET-206-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS14061
• Organization: DigitalOcean, LLC (DO-13)
• RegDate: 1995-11-15
• Updated: 2020-04-03
• Comment: Routing and Peering Policy can be found at https://www.as14061.net
• Comment:
• Ref: https://rdap.arin.net/registry/ip/206.189.0.0
• OrgName: DigitalOcean, LLC
• OrgId: DO-13
• Address: 105 Edgeview Drive, Suite 425
• City: Broomfield
• StateProv: CO
• PostalCode: 80021
• Country: US
• RegDate: 2012-05-14
• Updated: 2025-04-11
• Ref: https://rdap.arin.net/registry/entity/DO-13
• OrgNOCHandle: NOC32014-ARIN
• OrgNOCName: Network Operations Center
• OrgNOCPhone: +1-646-827-4366
• OrgNOCEmail: noc@digitalocean.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgTechHandle: NOC32014-ARIN
• OrgTechName: Network Operations Center
• OrgTechPhone: +1-646-827-4366
• OrgTechEmail: noc@digitalocean.com
• OrgTechRef: https://rdap.arin.net/registry/entity/NOC32014-ARIN
• OrgAbuseHandle: DIGIT19-ARIN
• OrgAbuseName: DigitalOcean Abuse
• OrgAbusePhone: +1-646-827-4366
• OrgAbuseEmail: abuse@digitalocean.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/DIGIT19-ARIN

Links to attack logs

nmap-scanning-list-2021-04-17 ****** ****** ******