91.206.30.100 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 91.206.30.100 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: Bruteforce, Brute-Force, cyber security, ioc, malicious, Nextray, phishing, SSH

  • View other sources: Spamhaus VirusTotal

  • Country: Ukraine
  • Network: AS42331 freehost
  • Noticed: 1 times
  • Protcols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
  • Passive DNS Results: copilot.hard1.tech billing.quantity-discount-app.hard1.tech adminer.billing.quantity-discount-app.hard1.tech traefik.billing.quantity-discount-app.hard1.tech v2.jv-partner.hard1.tech test.quantity-discount-app.hard1.tech bestwayfoods.hard1.tech quantity-discount-app.hard1.tech zeroselect.hard1.tech makarenko-school.hard1.tech emax.stock.hard1.tech www.emax.stock.hard1.tech interfirst-realty.hard1.tech makarenko.hard1.tech app.chat.hard1.tech traefik.chat.hard1.tech centrifugo.chat.hard1.tech adminer.chat.hard1.tech customerization.hard1.tech chat.hard1.tech adminer.dt.hard1.tech dt.hard1.tech traefik.dt.hard1.tech dancers-space.hard1.tech api.dancers-space.hard1.tech packon.hard1.tech api.emaxru.hard1.tech emaxru.hard1.tech www.smartlamp.hard1.tech jv-partner.hard1.tech video-confirence.hard1.tech www.osd.hard1.tech gcg-medical.hard1.tech gcg-exotics.hard1.tech hbarebates.hard1.tech www.hbarebates.hard1.tech www.unframe.london.hard1.tech www.graphql.hard1.tech www.new.erbology.hard1.tech www.redmine.hard1.tech www.encompassconnect.hard1.tech encompassconnect.hard1.tech www.api.emax.stock.hard1.tech api.emax.stock.hard1.tech seavest.hard1.tech test-stripe.hard1.tech gcg-yachting.hard1.tech gcg-logistic-carrier.hard1.tech gcg-jets.hard1.tech gcg-freight.hard1.tech gcg-financial.hard1.tech gcg-expiditing.hard1.tech gcg-entertainment.hard1.tech gcg-construction.hard1.tech gcg-carriers.hard1.tech gcg-cargo24.hard1.tech gcg-capital.hard1.tech wp.unframe.london.hard1.tech gc-sites.hard1.tech woomen-world2.hard1.tech www.woomen-world2.hard1.tech api.agile-shop.hard1.tech www.api.agile-shop.hard1.tech agile-shop.hard1.tech www.agile-shop.hard1.tech www.gc-global.hard1.tech gc-global.hard1.tech www.emax.hard1.tech www.hardevs.hard1.tech woomen-world.hard1.tech www.woomen-world.hard1.tech graphql.hard1.tech unframe.london.hard1.tech adminer.unframe.london.hard1.tech new.erbology.hard1.tech mt.new.erbology.hard1.tech smartlamp-test.hard1.tech physiodermie.hard1.tech test-mp.hard1.tech dashboards.hard1.tech dashboard.hard1.tech pma.prod.erbology.hard1.tech prod.erbology.hard1.tech nft.hard1.tech yuvo.hard1.tech instagram.hard1.tech klemenova.hard1.tech time-minimalist.hard1.tech employertube.hard1.tech adminer.supercuts.hard1.tech traefik.supercuts.hard1.tech supercuts.hard1.tech nrg-max-ru.hard1.tech test-app.hard1.tech admin.aivas.hard1.tech admin.app1.hard1.tech phpmyadmin.ssltest.hard1.tech ssltest.hard1.tech traefik.ssltest.hard1.tech monitor.erbology.hard1.tech bs.erbology.hard1.tech usa.erbology.hard1.tech erbology.hard1.tech pma.erbology.hard1.tech softcloud2.hard1.tech kyivstar.hard1.tech vidsich.hard1.tech xn–vdsch-n2ec.hard1.tech phpmyadmin.hard1.tech marriage.hard1.tech truetone.hard1.tech app1.hard1.tech nectarmedicalvapes.hard1.tech tuxcare.hard1.tech www.zooapteka.hard1.tech emporio.hard1.tech duz.hard1.tech yuliadreier.hard1.tech krockds.hard1.tech smartlamp-prod.hard1.tech f2r.hard1.tech test-emporio.hard1.tech sapakit.click.hard1.tech timeformachine.hard1.tech zooapteka.hard1.tech comperli.hard1.tech www.voyagesmiaterra.hard1.tech redmine.hard1.tech onmarket.hard1.tech www.hard1.tech gold.bull.hard1.tech lacremedev.hard1.tech liora23.hard1.tech uaateam.hard1.tech securelocks2.hard1.tech mir-zhenshin.hard1.tech alviline.hard1.tech www.alviline.hard1.tech www.inst-feed.hard1.tech inst-feed.hard1.tech voyagesmiaterra.hard1.tech nectarmedicalvapes2.hard1.tech hard1.tech fana.hard1.tech morphy-vision.hard1.tech gold-bull.hard1.tech otpaad.hard1.tech smartlamp.hard1.tech wp-inverted-audio2.hard1.tech softmonster2.hard1.tech inverted-audio.hard1.tech www.reiting.space truetone.nibiruholdings.net starklips.hard1.tech ezb.hard1.tech wp-inverted-audio.hard1.tech kupsoft.hard1.tech pallety.hard1.tech backup-softmonstr.hard1.tech shinograd.hard1.tech test1.hard1.tech smartlamp2.hard1.tech softcloud.hard1.tech elkor.hard1.tech upp.hard1.tech astorika2.hard1.tech lacremebeaute.hard1.tech reiting.space skif3.hard1.tech hardevs.hard1.tech etalon-agency.hard1.tech astorika.hard1.tech emax.hard1.tech patentcapital.hard1.tech 911fridge.hard1.tech softmonstr.hard1.tech skysoft.hard1.tech osd2.hard1.tech tilda-api.hard1.tech skif.hard1.tech cscart.hard1.tech rezina13.hard1.tech 911f.hard1.tech fridge911.hard1.tech copy-nrg-max.hard1.tech sagedata.hard1.tech support.hard1.tech securelocks.hard1.tech cmw.hard1.tech slotenmaken.hard1.tech osd.hard1.tech shopify-app.hard1.tech

Open Ports Detected

21 22 25 443 465 53 80 8000 9000 9443 993

CVEs Detected

CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408

Map

Whois Information

  • inetnum: 91.206.30.0 - 91.206.31.255
  • netname: FREEHOST-UA-NET
  • country: UA
  • org: ORG-FU2-RIPE
  • admin-c: FNOC-RIPE
  • tech-c: FNOC-RIPE
  • status: ASSIGNED PI
  • mnt-by: RIPE-NCC-END-MNT
  • mnt-by: FREEHOST-MNT
  • mnt-routes: FREEHOST-MNT
  • mnt-domains: FREEHOST-MNT
  • created: 2008-06-10T15:17:00Z
  • last-modified: 2016-04-14T09:04:10Z
  • organisation: ORG-FU2-RIPE
  • org-name: PE Freehost
  • country: UA
  • org-type: LIR
  • address: p/b: 50
  • address: 01032
  • address: Kiev
  • address: UKRAINE
  • phone: +380442212725
  • fax-no: +380442346174
  • admin-c: ESS912-RIPE
  • abuse-c: FU346-RIPE
  • mnt-ref: RIPE-NCC-HM-MNT
  • mnt-ref: FREEHOST-MNT
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: FREEHOST-MNT
  • created: 2009-11-25T13:35:02Z
  • last-modified: 2020-12-16T13:17:21Z
  • role: Freehost NOC
  • address: 01032, Ukraine, Kiev
  • address: bul. Tarasa Shevchenko 36b, office 15
  • phone: +380 44 3640571
  • fax-no: +380 44 2346174
  • admin-c: ESS912-RIPE
  • tech-c: ESS912-RIPE
  • nic-hdl: FNOC-RIPE
  • mnt-by: FREEHOST-MNT
  • created: 2009-12-29T11:46:31Z
  • last-modified: 2016-09-02T14:09:34Z
  • route: 91.206.30.0/23
  • descr: Freehost.UA
  • origin: AS42331
  • mnt-by: FREEHOST-MNT
  • created: 2011-07-19T13:38:05Z
  • last-modified: 2011-07-19T13:38:05Z

Links to attack logs

bruteforce-ip-list-2023-01-25