91.194.84.106 Threat Intelligence and Host Information

Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 91.194.84.106 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 32/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • JARM: 28d28d28d00028d00042d42d0000005a3e96c1dfa4bdb24b8b3c04cae18cc3

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: cruzit_web_attacks

  • Country: Germany
  • Network: AS24961 myloc managed it ag
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: www.top-light.de orange-one.shop kimiss.de www.top-light.shop orange-one.de top-light.info top-light.eu top-light.de top-light.shop f481.fuchsia.fastwebserver.de

Malware Detected on Host

Count: 34 62f0a9dc0b8f6f380443962a21f0b71978790c410bd7b0e299f1ebd8832225f6 bf372dca6cd0fdc710cef6561d26a1e48ae7291d9ede20a8a85cc9f5bdd7507a dc020688d31998508d9fb6e0904762d3335db1ee2acac8296a9773b0dfd066b8 1e7a641d0e43148184e1a86cd55f5e98e86fc18051b5615a09ffc52059fb37d3 a243b447d81eeec773d67f979cee1caf56ab2bfdfe0927d3c794c4d490651ab6 9005436ea8f7c0dede260d1b249540c94a02431afe4d26956b4199705577ea62 a6f3a2b80eba5fec7b2abccb62ca274d7b4178438b4760aba1696720cda81419 79da125e30253ddcfed484223682af6430227fb6de9a3d9fc13d92ff9517d6a6 55663890da2ae879fef79536927c64ed94d4d93e88ee04de46aca1acf4565935 0387ef5c18ea2cb4274908e9455186d6be0f38c88b8312552d6c20eb15798c08

Open Ports Detected

143 25 443 465 53 587 80

CVEs Detected

CVE-2021-3618

Map

Whois Information

  • inetnum: 91.194.84.0 - 91.194.84.255
  • netname: DE-MYLOC-DUS
  • country: DE
  • org: ORG-MMIA3-RIPE
  • admin-c: MOPS-RIPE
  • tech-c: MOPS-RIPE
  • status: ASSIGNED PI
  • mnt-by: MYLOC-MNT
  • mnt-by: RIPE-NCC-END-MNT
  • created: 2020-11-04T10:31:13Z
  • last-modified: 2020-11-04T10:31:13Z
  • organisation: ORG-MMIA3-RIPE
  • org-name: myLoc managed IT AG
  • country: DE
  • org-type: LIR
  • address: Am Gatherhof 44
  • address: 40472
  • address: Düsseldorf
  • address: GERMANY
  • phone: +4921161708110
  • fax-no: +4921161708111
  • admin-c: MOPS-RIPE
  • tech-c: MOPS-RIPE
  • abuse-c: MOPS-RIPE
  • mnt-ref: MYLOC-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: MYLOC-MNT
  • created: 2019-10-28T10:48:29Z
  • last-modified: 2021-02-09T10:11:49Z
  • role: myLoc NOC
  • address: myLoc managed IT AG
  • address: Network Operations & Services
  • address: Am Gatherhof 44
  • address: 40472 Duesseldorf DE
  • admin-c: PHAN
  • tech-c: PHAN
  • tech-c: DDO
  • tech-c: JOH
  • tech-c: NIL
  • tech-c: STH
  • tech-c: KT3550-RIPE
  • nic-hdl: MOPS-RIPE
  • abuse-mailbox: abuse@myloc.de
  • mnt-by: MYLOC-MNT
  • created: 2013-02-11T16:38:10Z
  • last-modified: 2022-07-08T14:48:44Z
  • route: 91.194.84.0/24
  • descr: DE-MYLOC-91-194-84-0—slash-24
  • origin: AS24961
  • mnt-by: MYLOC-MNT
  • created: 2017-12-14T10:12:13Z
  • last-modified: 2017-12-14T10:12:13Z
Share on: