213.152.162.149 Threat Intelligence and Host Information

Share on:
Aug 09, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 213.152.162.149 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: Malicious IP, Nextray, TOR, VPN, aravinda, blacklist, botnet, cyber security, date, files, ioc, ips url, malicious, mirai, phishing, scan, shenal, smb, tcp, varspoolcron, x x86, x x8664, x x86g, x41me m3wtf

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua, stopforumspam_365d

  • Country: Netherlands
  • Network: AS49453 global layer
  • Noticed: 1 times
  • Protcols Attacked: spam
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: servicepoint.duckdns.org elzy.ddns.net nasbru.direct.quickconnect.to frumpie.synology.me nassmies.direct.quickconnect.to evelynne.direct.quickconnect.to mary.airdns.org toornavigator.sytes.net timmy06.ddns.net odi111.ddns.net bloodykot.synology.me mikehubber.direct.quickconnect.to timairvpn.ddns.net maelus.mine.nu papa-schlumpf.direct.quickconnect.to arran.synology.me remcos.dyndns.biz faxoenas.myqnapcloud.com racinn.duckdns.org edl.synology.me dico.is-a-liberal.com imagine.here-for-more.info roxy.dynalias.net nvdiedico.knowsitall.info dico.is-a-hard-worker.com roxy.is-by.us neverdiev2.viewdns.net dico.homelinux.net ordou.synology.me asaletnik.synology.me lenoir.shaqnet.nu mosole.is-a-chef.org mrkukulang.mooo.com myratonline.hopto.org tatanka.airdns.org bartsmit2017.no-ip.biz myth-n-vdr.ddns.us onkelbutzi.mooo.com googlemail-chrome.servemp3.com

Malware Detected on Host

Count: 21 6ab90617245cf453bb79105bf0ff4ba2db764f8f645fb91ffa5d627bab2ad6d3 82a2de94f8d46dddf0d085509d9e50efe07f4c1fc28c1277c93fcd2506c216d8 bec52099a1e30835ab64896ff9786e7719be92f5c3f80645da2d66a11d0cdc4a 07f55d0d4f46d1a41d7c692f4506530917ee0a5dacebc819eefdb191107df2b3 9a979a63720d47c988c9dd5a8417606b1a6603e715906a84104810c3ed040cc7 125856b542413310ed56a890639f6efa2c86e21c451d6856b8e12e5fb75626c5 a80eddcfe0edb9fc4df7da86fe3c59acd2a98a314dc122c0c65fdf914a5e143d 4fab10640637549f4f9ec66ef86ddca8602f29901489f85ad4beeec22f1e9561 6f34fa2a4c946baa519909f93e48701d5ac73cd16f8da02708073e9f47fcb538 e968b714382ec15ef1f7a8898fb77c60ac76b5c27b302bc72152d4e03bdc3c67

Open Ports Detected

88 89

Map

Whois Information

  • inetnum: 213.152.162.118 - 213.152.162.255
  • netname: GLOBALLAYER
  • descr: Global Layer B.V.
  • country: NL
  • descr: ******************
  • descr: For abuse, please e-mail only: [email protected]
  • descr: Abuse messages will be handled within 24 hours time
  • descr: ******************
  • admin-c: GL6540-RIPE
  • tech-c: GL6540-RIPE
  • status: ASSIGNED PA
  • mnt-by: GLOBALLAYER
  • created: 2015-06-20T21:23:29Z
  • last-modified: 2018-09-15T13:39:14Z
  • person: Global Layer
  • address: Postbus 190
  • address: 2950AD Alblasserdam
  • address: Netherlands
  • phone: +31 78 20 20 228
  • nic-hdl: GL6540-RIPE
  • mnt-by: GLOBALLAYER
  • created: 2011-08-04T20:36:25Z
  • last-modified: 2017-10-30T22:14:45Z
  • route: 213.152.162.0/24
  • descr: Global Layer network
  • origin: AS49453
  • mnt-by: GLOBALLAYER
  • created: 2016-08-11T11:27:53Z
  • last-modified: 2016-08-11T11:27:53Z

Links to attack logs

forum-spam-ip-list-2021-05-06 forum-spam-ip-list-2021-05-10