213.152.162.69 Threat Intelligence and Host Information

Share on:
Aug 09, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 213.152.162.69 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: Nextray, TOR, VPN, cyber security, ioc, malicious, phishing

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua, greensnow, stopforumspam_365d

  • Country: Netherlands
  • Network: AS49453 global layer
  • Noticed: 1 times
  • Protcols Attacked: spam
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: elzy.ddns.net pindot.direct.quickconnect.to thrillart.diskstation.me servicepoint.duckdns.org ark-plus.direct.quickconnect.to dico.is-saved.org oscaralice.synology.me oscaralice.direct.quickconnect.to mary.airdns.org marcelkwanten.direct.quickconnect.to timairvpn.ddns.net mandrilla.duckdns.org marcelkwanten.synology.me maelus.mine.nu fireduck.synology.me scdfsyno.direct.quickconnect.to thrillart.direct.quickconnect.to cbngroup.duckdns.org snkno.duckdns.org iotbab.ddns.net racinn.duckdns.org roxy.dynalias.net roxy.is-by.us nvdiedico.knowsitall.info dico.is-a-hard-worker.com neverdiemosole.is-a-doctor.com dico.is-a-liberal.com neverdiemosole.thruhere.net regiskm67.buyshouses.net imagine.here-for-more.info dico.homelinux.net bien.airdns.org tresor2020.ddns.net david.myvnc.com mosole.is-a-chef.org tataye.geekgalaxy.com duep.airdns.org chenco.ddns.net

Malware Detected on Host

Count: 8 b802ede42421d878d91166e2e176336b0da8308d29d5af1c827c2841b9b4b65c ea2bc71069a97078257e2a167e9aa5f66ea56747d0ab5484a9bd68e4449d2898 67bae6d8f64c3cab63dd0b0ae8eb4f0caa00653e88245ab1ba3d863a3a4da799 4854dd5ef0c326284c8f99e6c026c511a5d14391ff49c9596ee0af3668ef760a 2ceddc34080dd1656052314708de52131d964efc99b422430ab2cc142a0659f1 5db23307e00d9d18d5e83a82be4babee987e97f6afdda8aa08c54ce9d2ebe453 0321ff5c047a24d6199ebd71748a2ad17acbb76ad54cae85ae9f649915a0a3e0 337eb355d0160e96ec962791bb1df0a4b4ede4331621619a864664af0cbf201f

Open Ports Detected

88 89

Map

Whois Information

  • inetnum: 213.152.162.64 - 213.152.162.117
  • netname: NL-AIR
  • descr: AirVPN.org
  • country: NL
  • descr: ******************
  • descr: Alblasserdam datacenter
  • descr: AirVPN IP Space
  • descr: NL, Europe
  • descr: ******************
  • admin-c: PB18435-RIPE
  • tech-c: PB18435-RIPE
  • status: ASSIGNED PA
  • mnt-by: GLOBALLAYER
  • created: 2015-06-20T21:24:14Z
  • last-modified: 2015-06-20T21:24:14Z
  • person: Paolo Brini
  • address: c/o Studio Papa Via Vecchi, 53
  • address: I-06100 PERUGIA
  • address: Italy
  • phone: +393383199237
  • nic-hdl: PB18435-RIPE
  • mnt-by: GLOBALLAYER
  • created: 2015-03-20T20:42:54Z
  • last-modified: 2017-10-30T22:45:43Z
  • route: 213.152.162.0/24
  • descr: Global Layer network
  • origin: AS49453
  • mnt-by: GLOBALLAYER
  • created: 2016-08-11T11:27:53Z
  • last-modified: 2016-08-11T11:27:53Z

Links to attack logs

forum-spam-ip-list-2021-02-04 forum-spam-ip-list-2021-02-14 forum-spam-ip-list-2021-02-15 bruteforce-ip-list-2022-11-04 forum-spam-ip-list-2021-02-18 forum-spam-ip-list-2021-02-13 forum-spam-ip-list-2021-02-05 forum-spam-ip-list-2021-02-17 forum-spam-ip-list-2021-02-06