217.67.30.112 Threat Intelligence and Host Information

ipinfopage

General

This page contains threat intelligence information for the IPv4 address 217.67.30.112 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

🟡 Low Risk — 32/100

Geographic Location

Host and Network Information

  • View other sources: Spamhaus VirusTotal Shodan AbuseIPDB
  • Country: Slovakia
  • Network: AS5578 swan a.s.
  • Noticed: 1 time
  • Countries Attacked: United States of America
  • Open Ports: 25
  • Tor Node: No
  • Associated Malware Samples: 4

Tags

  • 8.8.4.4
  • JAR-16-20296A.csv ~ 2016 Russian Election Hack
  • QUANTUM Insert
  • RM3 - banking malware
  • TrumpHotels.com
  • address virtual
  • ascii text
  • ascio
  • basic
  • chi2
  • community
  • contained
  • country
  • csc corporate
  • data rticon
  • domain robot
  • domains
  • enom
  • executable
  • gabia
  • gandi sas
  • imphash
  • intel
  • ionos se
  • ip detections
  • kb size
  • md5 chi2
  • name virtual
  • nameshield
  • onlinenic
  • psiusa
  • releasemutex
  • russian
  • sha256
  • sha256 file
  • size entropy
  • size raw
  • struct
  • submission
  • trid win32
  • tucows domains
  • type type
  • vhash

MITRE ATT&CK TTPs

  • T1140 - Deobfuscate/Decode Files or Information

Passive DNS

  • antispam.hosting-zdarma.cz

Whois Information

inetnum: 217.67.30.0 - 217.67.31.255 netname: SK-WEBGLOBE-YEGON-BA org: ORG-WYS1-RIPE descr: Webglobe - Yegon, s.r.o. descr: Stara Prievozska 2, 821 09 Bratislava, Slovakia descr: for abuse reports please use abuse@wy.sk country: SK admin-c: GSNH1-RIPE admin-c: SWAN1-RIPE tech-c: ICR6-RIPE tech-c: GSNH1-RIPE status: ASSIGNED PA mnt-by: SWAN-MNT created: 2017-05-05T08:47:13Z last-modified: 2022-02-23T16:37:21Z organisation: ORG-WYS1-RIPE org-name: Webglobe - Yegon, s.r.o. org-type: OTHER address: Stara Prievozska 2 address: Bratislava address: 821 09 address: Slovak Republic phone: +421258101062 admin-c: GSNH1-RIPE abuse-c: YAH9-RIPE mnt-ref: GTSSK-MNT mnt-by: GTSSK-MNT created: 2018-04-17T13:28:48Z last-modified: 2018-04-17T13:28:48Z role: BENESTRA RIPE ADMINISTRATOR address: BENESTRA, s.r.o. address: Aupark Tower address: Einsteinova 24 address: Bratislava address: 851 01 address: Slovak Republic phone: +421 2 32487 111 fax-no: +421 2 32487 222 abuse-mailbox: abuse@benestra.sk admin-c: GS18607-RIPE tech-c: MP22686-RIPE nic-hdl: GSNH1-RIPE mnt-by: GTSSK-MNT created: 2002-03-14T12:37:21Z last-modified: 2020-06-23T14:30:28Z role: Webglobe contact role org: ORG-Is1-RIPE mnt-by: IGNUM-MNT address: Webglobe, s.r.o. address: Vinohradska 190 address: 130 61 address: Prague 3 address: Czech Republic abuse-mailbox: abuse@webglobe.com phone: +420 296332211 fax-no: +420 296332222 admin-c: LUNA1-RIPE tech-c: LUNA1-RIPE nic-hdl: ICR6-RIPE created: 2006-08-01T11:58:57Z last-modified: 2022-04-19T07:44:06Z role: SWAN, a.s. RIPE Role Object address: SWAN, a.s. address: Borska 6, 84104 Bratislava, Slovakia phone: +421 2 35000100 admin-c: RS10434-RIPE admin-c: MP22686-RIPE admin-c: PF7301-RIPE admin-c: RP16397-RIPE tech-c: PG4851-RIPE tech-c: RS10434-RIPE tech-c: MP22686-RIPE tech-c: PF7301-RIPE nic-hdl: SWAN1-RIPE abuse-mailbox: ripe-abuse@swan.sk mnt-by: SWAN-MNT created: 2002-04-11T14:18:55Z last-modified: 2021-08-26T08:25:39Z route: 217.67.16.0/20 descr: Dial Telecom origin: AS29208 mnt-by: GTSSK-MNT created: 2003-07-08T14:31:37Z last-modified: 2011-12-21T15:11:16Z route: 217.67.16.0/20 descr: GTS Slovakia NET origin: AS5578 mnt-by: GTSSK-MNT created: 2011-01-13T11:34:16Z last-modified: 2011-01-13T11:34:16Z