206.84.164.209 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 206.84.164.209 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

• Tags: bruteforce, cyber security, digital ocean, ioc, malicious, Nextray, phishing, telnet

• View other sources: Spamhaus VirusTotal

• Country: Pakistan
• Network:
• Noticed: 30 times
• Protocols Attacked: telnet
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 1 d710dd97a873330675d57eec48eb4e17bc158791322a4208b9320fa923245eef

Open Ports Detected

10050 10051 13047 15443 18553 19930 24245 2628 30022 30122 30222 30322 30422 30522 30822 30922 31022 31122 3256 51443 554 55553 63210 63256 63257 6697 7071 7777 8001 8880 9001 9095 9898

Map

Whois Information

• NetRange: 206.84.0.0 - 206.85.255.255
• CIDR: 206.84.0.0/15
• NetName: COGENT-206-84-15
• NetHandle: NET-206-84-0-0-1
• Parent: NET206 (NET-206-0-0-0-0)
• NetType: Direct Allocation
• OriginAS: AS174
• Organization: AGIS (AGIS)
• RegDate: 1995-08-10
• Updated: 2011-05-27
• Comment: This block is non-portable
• Ref: https://rdap.arin.net/registry/ip/206.84.0.0
• OrgName: AGIS
• OrgId: AGIS
• Address: 2450 N Street NW
• City: Washington
• StateProv: DC
• PostalCode: 20037
• Country: US
• RegDate: 1994-08-26
• Updated: 2023-10-11
• Comment: Geofeed https://geofeed.cogentco.com/geofeed.csv
• Ref: https://rdap.arin.net/registry/entity/AGIS
• OrgNOCHandle: ZC108-ARIN
• OrgNOCName: Cogent Communications
• OrgNOCPhone: +1-877-875-4311
• OrgNOCEmail: noc@cogentco.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN
• OrgAbuseHandle: COGEN-ARIN
• OrgAbuseName: Cogent Abuse
• OrgAbusePhone: +1-877-875-4311
• OrgAbuseEmail: abuse@cogentco.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
• OrgTechHandle: IPALL-ARIN
• OrgTechName: IP Allocation
• OrgTechPhone: +1-877-875-4311
• OrgTechEmail: ipalloc@cogentco.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
• RTechHandle: IPALL-ARIN
• RTechName: IP Allocation
• RTechPhone: +1-877-875-4311
• RTechEmail: ipalloc@cogentco.com
• RTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
• NetRange: 206.84.128.0 - 206.84.191.255
• CIDR: 206.84.128.0/18
• NetName: NAYATEL-CGNT-NET-1
• NetHandle: NET-206-84-128-0-1
• Parent: COGENT-206-84-15 (NET-206-84-0-0-1)
• NetType: Reassigned
• OriginAS: AS23674
• Customer: Micronet Broadband (C07719000)
• RegDate: 2020-12-28
• Updated: 2020-12-28
• Ref: https://rdap.arin.net/registry/ip/206.84.128.0
• CustName: Micronet Broadband
• Address: Fazle Haq Road 73E
• City: Islamabad
• StateProv: ISLAMABAD CAPITAL TERRITORY
• PostalCode: 44000
• Country: PK
• RegDate: 2020-12-28
• Updated: 2020-12-28
• Ref: https://rdap.arin.net/registry/entity/C07719000
• OrgNOCHandle: ZC108-ARIN
• OrgNOCName: Cogent Communications
• OrgNOCPhone: +1-877-875-4311
• OrgNOCEmail: noc@cogentco.com
• OrgNOCRef: https://rdap.arin.net/registry/entity/ZC108-ARIN
• OrgAbuseHandle: COGEN-ARIN
• OrgAbuseName: Cogent Abuse
• OrgAbusePhone: +1-877-875-4311
• OrgAbuseEmail: abuse@cogentco.com
• OrgAbuseRef: https://rdap.arin.net/registry/entity/COGEN-ARIN
• OrgTechHandle: IPALL-ARIN
• OrgTechName: IP Allocation
• OrgTechPhone: +1-877-875-4311
• OrgTechEmail: ipalloc@cogentco.com
• OrgTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
• RTechHandle: IPALL-ARIN
• RTechName: IP Allocation
• RTechPhone: +1-877-875-4311
• RTechEmail: ipalloc@cogentco.com
• RTechRef: https://rdap.arin.net/registry/entity/IPALL-ARIN
• network:ID:NET4-CE54800012
• network:Network-Name:NET4-CE54800012
• network:IP-Network:206.84.128.0/18
• network:Org-Name:Micronet Broadband (Pvt) Ltd / Nayatel
• network:Street-Address:Fazle Haq Road 73E, GD Arcade, Fazle Haq Road, Blue Area
• network:City:Islamabad
• network:Postal-Code:44000
• network:Tech-Contact:ZC108-ARIN
• network:Updated:2025-03-07 19:21:27

Links to attack logs

****** dofrank-telnet-bruteforce-ip-list-2023-03-20 ****** ******