89.223.92.30 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 89.223.92.30 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: proxylists_1d, proxylists_30d, proxylists_7d, proxylists

  • Country: United States
  • Network: AS202422 g-core labs s.a.
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 8 a360a226d024734fda36310060370e52e7d332b70b34cb636259163539841717 4fc547758f88eb02a4080c6d720e2ba0e5e530a3830638d945fb74d26fafa9cc c311bcb155ff2915d1a75795dc71a2796356f08ca03b71e12e20a79f34a3b08e ce9b15eb5b582479a2fdcb3ba6ccc1a2ef1ec4e7014888869551dce68ddce6f1 1d23db63065921c5f8720ebc81e2ca24f1b59d6cac191faba54afcbeee424544 ab22b8f404da6c1bacf2d5fbcb6d72816c6480e501f02b71a7a075c53b50e34f bb10363d30d24246fcbdc135e25fad447dc34e1325c76e509692ab43d1bda9dc 7a0f9a23f1e5c77266ec975f6f28c8c5322d8224ec595d87b580ea97e4456bda

Map

Whois Information

  • inetnum: 89.223.92.0 - 89.223.92.255
  • descr: G-Core Labs Customer assignment
  • netname: GCL-CUSTOMER-US
  • country: US
  • admin-c: LA5122-RIPE
  • tech-c: LA5122-RIPE
  • status: ASSIGNED PA
  • mnt-by: GCL1-MNT
  • created: 2022-04-12T16:30:51Z
  • last-modified: 2022-04-12T16:30:51Z
  • geoloc: 33.758890 -84.390130
  • person: LIR Admin
  • address: G-Core Labs S.A.
  • address: 2 Rue Edmond Reuter
  • address: 5326 Contern
  • phone: +35220880507
  • nic-hdl: LA5122-RIPE
  • mnt-by: GCL1-MNT
  • created: 2012-12-05T15:05:34Z
  • last-modified: 2023-07-17T19:38:48Z
  • route: 89.223.92.0/24
  • descr: GCL-89-223-92-0-24
  • origin: AS199524
  • mnt-by: GCL1-MNT
  • created: 2021-12-16T15:13:46Z
  • last-modified: 2021-12-16T15:13:46Z
  • route: 89.223.92.0/24
  • descr: GCL-89-223-92-0-24
  • origin: AS202422
  • mnt-by: GCL1-MNT
  • created: 2022-04-12T16:29:20Z
  • last-modified: 2022-04-12T16:29:20Z

Links to attack logs

anonymous-proxy-ip-list-2023-09-24