91.192.100.61 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 91.192.100.61 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: cyber security, ioc, kfsensor, malicious, Nextray, phishing, rdp, ssh, unit42, venomrat

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: haley_ssh

  • Country: Switzerland
  • Network: AS51395 datasource ag
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: triggerd.ddns.net updatechrome.duckdns.org winloggers.duckdns.org cityotherway.pw info1.duckdns.org mrmoney.redirectme.net alsalemexchange.trade

Malware Detected on Host

Count: 9 3f2387629a5794a1157e7c0646ca68a97df912112690140b6b90855709144560 ba78cc23a6da28241cc28394cf0e5d625926f852340ade764671c1ca559c3d01 f91fb97a34c31e7445c8c48a0b9d0d3d3cc41f55e138d6bac0e9eaad2ce8d1ec 9ba656c88ffc9e925c296c5992aefade12c598c01758a3fccc1b1228905beda6 5211a94d0207145dbc3055aa4f96c5db68ea5a77830cfe21db01a40d8554c721 79bae06c3afe7cd78a5aabb7cc96ab7ae212726a14b2814018c59957bb3cb812 d99d63bb2cbe1374df3ebbd9aa2ddaa9a603e39eae6065728fac074ccc445ec5 18aad018679ec7219c21d54ce2f688f6e1fb20388b2b522da9baa2d12fc8ee09 bed9f645e02ddc3f7aad2b2452c5d0dd33374797b5507be8192f3951d58592b1

Open Ports Detected

3128 4443 500 53 9999

Map

Whois Information

  • inetnum: 91.192.100.1 - 91.192.100.63
  • netname: PRIVACYFIRST_91-192-100
  • country: CH
  • admin-c: TPP15-RIPE
  • tech-c: TPP15-RIPE
  • org: ORG-SPSW5-RIPE
  • mnt-by: PRIVACYFIRST-MNT
  • status: ASSIGNED PA
  • created: 2019-12-12T08:51:11Z
  • last-modified: 2022-10-25T15:53:24Z
  • organisation: ORG-SPSW5-RIPE
  • org-name: The PRIVACYFIRST Project
  • org-type: OTHER
  • address: Suite 9, Ansuya Estate, Revolution Avenue, Mahe, Seychelles
  • abuse-c: ACRO34258-RIPE
  • mnt-by: PRIVACYFIRST-MNT
  • mnt-ref: PRIVACYFIRST-MNT
  • mnt-ref: EDV-INTERNET-MNT
  • mnt-ref: MNT-DA327
  • mnt-ref: AF15-MNT
  • created: 2022-03-26T11:29:22Z
  • last-modified: 2023-02-16T19:08:16Z
  • role: The PRIVACYFIRST Project
  • address: Suite 9, Ansuya Estate
  • address: Revolution Avenue
  • address: Mahe, Seychelles
  • abuse-mailbox: [email protected]
  • nic-hdl: TPP15-RIPE
  • mnt-by: PRIVACYFIRST-MNT
  • mnt-by: AF15-MNT
  • created: 2020-07-14T12:54:48Z
  • last-modified: 2022-06-20T10:32:12Z
  • route: 91.192.100.0/22
  • origin: AS51395
  • mnt-by: MNT-DA327
  • created: 2013-12-05T10:23:19Z
  • last-modified: 2016-11-16T10:39:22Z

Links to attack logs

bruteforce-ip-list-2021-02-02 bruteforce-ip-list-2021-01-31 bruteforce-ip-list-2021-02-01