89.163.252.30 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 89.163.252.30 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

  • Tags: cyber security, ioc, kfsensor, malicious, Nextray, phishing, probing, rdp, scanning, ssh, TOR, VPN, webscan, webscanner bruteforce web app attack

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh, sblam, tor_exits_1d, tor_exits_30d, tor_exits_7d, tor_exits

  • Country: Germany
  • Network: AS24961 myloc managed it ag
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 10 2fd353ffcace535b5c0cdd3b70784bcbf1d4e35879a3109ed8825c2f970d22d3 4bc72b123a5bb966712be3df3d72801ba6265dddd724c854325b4e7321d302dd ec43e150012d049bbdf9a552c9a466482c628db8b981064584998a97d2662914 7548589cca05a011b563d58e795233faf2310975659bbc8b4d1db7ae6d805280 a4a63515b6bd2562e94430e10629c0c9e69309b2281dc857628cd537909c0352 25837be752586ccedb7da8ab32d563a7baa799d91ca69067f0b8acc14dfc0923 b73eaa192ab95cab8e279d904a301d61ec84be69781b369bd73e538437680bc3 16d3d7d61ee9f9ddb064e2a301eec84a2ec1bff7d1826bdec9dcda80cad8c8c9 7ddef1c1c6c94febf3565291d7f4604f550144fd90a33b8c7445626ac29256d3 010321a94d616733d0564ec1584682a1b359315565db281c008be1f31624be0e

Map

Whois Information

  • inetnum: 89.163.128.0 - 89.163.255.255
  • netname: DE-MYLOC-DUS-20060217
  • country: DE
  • org: ORG-MMIA3-RIPE
  • admin-c: MOPS-RIPE
  • tech-c: MOPS-RIPE
  • status: ALLOCATED PA
  • mnt-by: MYLOC-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • created: 2020-11-04T10:31:12Z
  • last-modified: 2020-11-04T10:31:12Z
  • organisation: ORG-MMIA3-RIPE
  • org-name: myLoc managed IT AG
  • country: DE
  • org-type: LIR
  • address: Am Gatherhof 44
  • address: 40472
  • address: Düsseldorf
  • address: GERMANY
  • phone: +4921161708110
  • fax-no: +4921161708111
  • admin-c: MOPS-RIPE
  • tech-c: MOPS-RIPE
  • abuse-c: MOPS-RIPE
  • mnt-ref: MYLOC-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: MYLOC-MNT
  • created: 2019-10-28T10:48:29Z
  • last-modified: 2021-02-09T10:11:49Z
  • role: myLoc NOC
  • address: myLoc managed IT AG
  • address: Network Operations & Services
  • address: Am Gatherhof 44
  • address: 40472 Duesseldorf DE
  • admin-c: PHAN
  • tech-c: PHAN
  • tech-c: DDO
  • tech-c: JOH
  • tech-c: NIL
  • tech-c: STH
  • tech-c: KT3550-RIPE
  • nic-hdl: MOPS-RIPE
  • abuse-mailbox: [email protected]
  • mnt-by: MYLOC-MNT
  • created: 2013-02-11T16:38:10Z
  • last-modified: 2022-07-08T14:48:44Z
  • route: 89.163.128.0/17
  • descr: myLoc managed IT AG
  • origin: AS24961
  • mnt-by: MYLOC-MNT
  • created: 2017-02-02T17:04:51Z
  • last-modified: 2017-02-02T17:06:25Z

Links to attack logs

bruteforce-ip-list-2021-06-16 bruteforce-ip-list-2021-06-07