89.38.99.8 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 89.38.99.8 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: bitcoin_nodes_1d, bitcoin_nodes_30d, bitcoin_nodes_7d, bitcoin_nodes

• Country: Netherlands
• Network: AS49981 worldstream b.v.
• Noticed: 1 times
• Protocols Attacked: Anonymous Proxy
• Passive DNS Results: letstap.me figuristi.com www.share.shamsah.net share.shamsah.net www.test.figuristi.com test.figuristi.com www.lstp.me lstp.me www.lstpme.letstap.me lstpme.letstap.me lstp.me.letstap.me www.lstp.me.letstap.me test.letstap.me www.test.letstap.me www.stingraydiverkw.com stingraydiverkw.com www.zeyarat-kw.org zeyarat-kw.org www.zeyarat-kw.net zeyarat-kw.net www.shamsah.shamsah.net shamsah.shamsah.net kajukenbo.shamsah.org www.kajukenbo.shamsah.org incitrade.com www.incitrade.com mohsen-alzhraa.com www.mohsen-alzhraa.com www.antashariky.com antashariky.com www.zeyarat.net zeyarat.net www.wfyatkwt.com wfyatkwt.com www.mullavic.com www.shamsah.org www.shamsah.net www.picojoy.com www.kme.so server.shamsah.net www.server.shamsah.net cryptomatic.xyz www.cryptomatic.xyz www.sp.shamsah.net sp.shamsah.net speedtest.shamsah.net www.speedtest.shamsah.net www.magento.shamsah.org magento.shamsah.org www.na3i-alzahraa.org www.na3i-alzahraa.com www.na3i-alzahraa.net magento.shamsah.net www.magento.shamsah.net www.zeyarat.org www.zeyarat-kw.com www.dnd-mc.com na3i-alzahraa.net na3i-alzahraa.org na3i-alzahraa.com cpcontacts.shamsah.org cpcalendars.shamsah.org shamsah.org cpcalendars.kme.so cpcontacts.kme.so kme.so www.family.shamsah.org family.shamsah.org cpcontacts.picojoy.com cpcalendars.picojoy.com picojoy.com www.webmail.mullavic.com www.amar.picojoy.com amar.picojoy.com akkas-studio.com www.owncloud.shamsah.net owncloud.shamsah.net cpcontacts.zeyarat-kw.com cpcalendars.zeyarat-kw.com zeyarat-kw.com cpcontacts.shamsah.net cpcalendars.shamsah.net shamsah.net ns1.shamsah.net cpcontacts.zeyarat.org zeyarat.org cpcalendars.zeyarat.org cpcalendars.dnd-mc.com dnd-mc.com cpcontacts.dnd-mc.com cpcontacts.modellozona.com cpcalendars.modellozona.com modellozona.com cpcontacts.mullavic.com cpcalendars.mullavic.com mullavic.com

Open Ports Detected

11000 11112 11210 11211 11228 11288 11300 11371 11434 12000 12345 12767 161 80 8000

CVEs Detected

CVE-2018-16845 CVE-2019-20372 CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 CVE-2021-23017 CVE-2021-3618 CVE-2023-44487

Map

Links to attack logs

anonymous-proxy-ip-list-2024-06-25 anonymous-proxy-ip-list-2024-06-26 anonymous-proxy-ip-list-2024-06-27