91.216.248.20 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 91.216.248.20 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 41/100

Host and Network Information

• Tags: cyber security, ioc, malicious, Nextray, phishing

• JARM: 2ad2ad0002ad2ad00042d42d0000002059a3b916699461c5923779b77cf06b

• View other sources: Spamhaus VirusTotal

• Contained within other IP sets: coinbl_hosts, hphosts_psh

• Country: Germany
• Network: AS47447 23media gmbh
• Noticed: 1 times
• Protcols Attacked: SSH
• Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
• Passive DNS Results: manfred.hellrigl.net dall-edith.com klarnetqinfo.com www.guuse.lima-city.de vietnam-dvd.de playlist.team musicparty.live admin.pagels-garten.de www.meineseite200.4lima.ch vasilcenco.com medimentum-health.com uoblfon.com www.hod.lima-city.de carlottaspadano.com presale.works cashflowplaner.com kriyayoga-festival.com www.unitedinfaith.net zaps.work niklashoffmann.net poctim.com www.dimension2.de erfolgsstories.net www.havoc.lima-city.de full-site.com shoutfm.net helbal.net film-locations.berlin helbal.com mein-bwgkar.com prohire-media.com onxynott.com www.diplomacy.lima-city.de thunderroad.club riedl-consulting.com wilde-nordsee.de superpatchpflaster.net superpatchheilung.net solaranlage.bayern hungry-plants.com s4dm.org piff-gaming.net superpatchrevolution.com ff-music.com node3.2icecube.de folge.stream openbeta.stream betakanal.stream openbeta.online lucabellanti.com annies-life.com how-to-live-longer.com erdwelt.net stn-gaming.com prodbyadi.com digitalneuropsychology.net www.avengers.lima-city.de www.studium.alex-klauser.de twn.transworld.org www.twn.transworld.org euro.euro-eu.net 2023.albertus-dienste.de eu.euro-eu.net www.eu.euro-eu.net www.trans-world-news.com trans-world-news.com www.transworld.org lebewiedubist.online digitalneuropsychology.com www.mynamedns.de mynamedns.de kneubuhl.net www.itec.lima-city.de gamerssphere.de dast.tutorialecke.org www.info.marcus-wetzel.de tchibo-bremen.virtual-spaces.de www.bankingnetinline.4lima.de derletztewilde.baro-media.at beinker-architektur.com www.posbancolombias.de.cool al-hidaya.at bitwarden-srv07.fam-cz.de matomo.bsch-c.de www.cpd.de.cool schweiz.c4fmaustria.at www.termino.lima-city.de seo.ranknexa.com dartspeak.de knuffel-stoffe.ch haltungs-wechsel.de selfiehero.de skirde.top hkdv.org wishbob.net sprechende-medizin.info personalizepixel.com www.hessen.lima-city.de pdc1.schlado.de pawsitiwe.de myalpha-webapp.4lima.ch die-besessene.pyrokar.lima-city.de strahlenfrei-wohnen.de lebenselixier.org unitedinfaith.net web-profis.com studezy.com steve-bullfrog.com simgearshop.com inwickto.info www.gewinnaida.com lernspiele.shop kitabedarf.shop lernspiele.online kitabedarf.online talent-select.com michael-weyer.com ibei-rz.com vorschulbuch.shop vorschulbuch.online playerco.net silverlyxp.earth www.zaun-tor-express.com lernbuch.shop vorschule.shop lernbuch.online cnqt.app contactobhdleonrd.de.cool xn–y-dha.app soprod.app affiliatesuche.com trakehnerhof-eifel.com therapeutgesucht.com yourbestpals.com valorantconnect.net aarau24.online stuttgart-spotlight.com valoconnect.com kousslousseren6598.4lima.de fcprizee.com amberschoop.com lastenausgleichsgesetz24.de bestmarket-here.net gewinnaida.com ki-vest.com www.steller-gesellschaft.de www.hage-metallbau.de www.oldsite-abbadons-spaniels.de certaward.com bestmarket-here.com doktor-caro.com bestcore-wow.net pizza-catering.berlin xuiss.com rmd-transfer.com findagain.de 1zjkzlgllen2jxpa5rzcjkjov8ans2nco.view.nikolockenvitz.de empireedge.org eckel.city winampere.lima-city.de erkenne-narzissmus.de infosupportbanrural.de.cool nzxter.de.cool bischoff.bayern cfg8cu5i6.com er4votgu7m4u3q8v9tn03voqht43n0c.com alugha.it technik.forum sonden.forum vsaktuell.com cloudcodecreations.com baeoniefitness.com www.systemrw.com myumami.net unknown04.com codesign24.com codesign42.com my-umami.com primaten-regime.com www.inseldoerfer.de www.villa-weitsicht.de synopsis.coach aquila-studios.com computerclub-plauen.org aficionadoventures.com aicardtrick.com lukhensen.net oneweekskill.com steinofen.pizza adrivan.org filzbuch.com a-coral.com twice-network.com human-scum.com eportstv.com wladimir-putin.com sallyontour.com www.vhsactestareapit01.4lima.de dogheat.app innovatifly.com inferior.work chilledtrips.net rdk1.net vereinskonzept.com vereins-konzept.com artec.click tomotribe.com fat-cyclists.com www.wondercms-1.detlef-pingel-webentwicklung.de www.cloud.ew-v.at www.staging.lightdrawing.de www.virenclash.lorenzjobst.de www.shop.it-aufklaerung.de www.t3v9-1.detlef-pingel-webentwicklung.de www.www.marine-sc-wittenberg.de www.offline.3fragezeichen.de simeon.xn–tckwe www.visionarypydigital.2ix.at 1min.productions 1min.media sofia-baronner.com hagiangexperience.com tubelive.de www.tubelive.de www.algebra.4lima.de emmas-ecke.shop dettagli-aruba-lapaga.clan.rip www.gtc.12hp.ch cretehikingretreat.com pride-peace-love.com ketacords.com online-wishlist.com foxcomposites.com safari.uyen-nhu.de oficialwords.2ix.ch gratzl.work virewaggis.events caditoleno.com zaitrus.com mindsetingenieur.com empireedgeconsultancy.com budget-buddy.net guitarcake.art asiawokkreiensen.com twcg.4lima.ch masterwatchparts.com pixelperlen.com provinciargcountry.de.cool leisefarben.de sassnitz-marina.de fitwebart.de wavebyte-systems.com jungblatt.com servichotmaisrrve.4lima.de apartment-pool.com house-pool.com santemi-noah.com ranknexa.com www.bijou-holidays.de.cool dountime.xyz cozmo.news www.online-highscore.milten.lima-city.de nove.world vortec.dev dschinninet.com tkaspar.com architekt.wiegandt.pro www.www.derzwerg.4lima.at ravens.land www.www.zellak.de.cool aukes.dev shard-music.com luxebraid.com vn-systems.com sasukase.lima-city.org konsolenschmiede24.de www.outdoors.lima-city.de www.naenco-ag.com sv09.info shuire.4lima.at noautorizadasesion.de.cool umgebung.vasistas-magazine.com www.iteex.de fototour-de-ruhr.de wi.2icecube.de managerklausur.de wetzenow.de artec-invest.de gujlhkv.2icecube.de deve.2icecube.de www.wetzenow.de team-klausur.de teamklausur.de marketur.at vn-pay.org vn-pay.net www.vn-pay.net etima.lt www.noautorizadasesion.de.cool cybernetics.consulting xn–spachtelbrse-djb.de www.lk-ansbach.eu twitter.eurohandys.de discord.eurohandys.de instagram.eurohandys.de www.waffles-crepes.at www.werbebild.shop sai-reisen.de unique-agncy.com empireestateschulte.com www.lutz5ter.webspace.rocks manager.development-ralph.com baro-media.at sophiabeli.de tuningsociety.xardas.lima-city.de www.online-media.de.cool jugendarbeitfischenthal.ch www.baljen.4lima.de huthmatik.com www.tamara-duerr.2ix.at panel.gullshock.com mu.notar-liessem.de shop.wp-creativ.de kindertagespflege-lengerich.de xn–meinedne-c6a.de www.baikal.stoffkalender.com duhere.net duhere-projects.net goeke.app auth.moinalex.de www.store.ncdeluxe.de buildingbiology.ae optik-team.de kinesiologische-praxis.de wandelkonzert.de befragung-wahltag.org befragung-wahltag.info duhere-projects.biz www.linux.lima-city.de duhere-projects.com disruptivereader.com halal-date-doctors.com bankofamericaenlineas.lima.zone liesenhoff.eu duhere.de cyb3rbust3r.com www.dnd.lima-city.de www.dji-panorama.4lima.de dreieckskadsenverarschungsding3000.de cosmicfall.de alfaresmarkt.de dkb830.2ix.ch www.iannuccelli.de grincat.de www.biogeta.de alternawol.com www.cuxsurfer.4lima.de www.elta-courier-grecee.de.cool luftoelgekuehlterboxer.com www.bundesliga.lima-city.de stegemann.twin-it.at top-sas.ch knutulf.milten.lima-city.de www.popcornrp-scripts.com player.hitradio-deutschland.de clonebook24.com sport-aktuell.com www.easymoney.lima-city.de schatzsucher-netzwerk.de www.rudis.de.cool ridders-postfach.de bfox.und.elifox.ch robers-consulting.de poechinger.com www.gwaesser.org development-ralph.com onealife.de hochzeitsreise-von.helena-und-cedric.de tickets.mayma.ch hundehaltung.bellfrei.de academy.zebz-media.de xn–geniet-fta.de helpersbenevolent.org dik.dental static.dhcv2.de api.dhcv2.de scontent.dhcv2.de san.dhcv2.de app.dhcv2.de cdn.dhcv2.de www.mafiamobil.thomas-menne.de www.schnakker.4lima.de vs.socialstorm.pro axelrindle.de www.woo-commerce.4lima.de techmekk.at www.energy-global.startercamp.de www.artgallery.lima-city.de happyforest.academy www.quadrant.2seconds-media.de www.royal.dev-id.de hostmasipinternal.albertus-dienste.de www1.dlrg-jugend-rn.de ofiaendo.martenstop.com statiniai.lt www.m.diebrille-fulda.de hollaender.net shop.die-sozialen.eu www.owner.lima-city.de www.testdomain.lima-city.de www.fencing.lima-city.de www.twelve.lima-city.de www.experience.lima-city.de www.ai-photographer.de brevewa.de kompadre.ch www.du.de.cool rakete68.shop frank-schneider.com www.shop.12hp.de android-port.de walter-hirte.de iboapp.lima-city.org alphee.pyrokar.lima-city.de www.www.bienvenue-bnpparibas-fr-mailing.lima-city.de snapmeadd.4lima.de www.telekom.4lima.de wikipedia.fa5dac.eu maturaball.hs-film.com www.industrie-talent.de transformmusic.de www.hollaender.net d.xn–iv-gka.at epr-compact.com nfc.cool beilngries-box.de selbstdesign.com selbst-design.com www.zero.lima-city.de www.schulen.lima-city.de choralschola.at ak.ich-friseure.de blitzberlin.de tgcg.4lima.de martinezo.de lina-escort.de www.philia-cuisine.de ferienwohnung-harz-schmidt.de autoconfig.tjark.pro anneborchardt.com www.privatpraxis-jenspoggenberg.de privatpraxis-jenspoggenberg.de marcmeier.net dartstreams2.de.cool gastro-guide-hamburg.de www.nana.lima-city.de www.royal2000.lima-city.de m.ahmed.wien drive.fabianwolter.de anja-eller.com foto-berger.at plansee-wip.virtual-spaces.de nofi.at www.lisameixner.eu enterpriseenrollment.conavitra.com oremx.lookpool.de tkyjqgmsnhkkfl.tjark.pro budnik.thies-web.de weeklydealz.consulting zoch.artkurat.de wickedraves.de www.geometrie.4lima.de fa5dac.eu nh-bauplanung.de www.ask01.4lima.de cloudflaremedia.tjark.pro mista.men 10.1.0.test.comparison-24.com 123colorise.com www.mrthtb.lima-city.at tcig.12hp.de www.pt-cli.de.cool spiliopoulou.de heeeey.de fa5dac.org www.www.facebookuser.lima-city.de www.www.mabanque-bnpparibas-fr.12hp.de floatingtransmissions.de router.adelschmidt.de hsnr.in sitruspuristin.de blueskidz.ch backstube-wunderlich.de demo.elifox.ch jugendfestival.ch crocco.media prezl.app www.adm.devsc.de croccomedia.com isprigozhindead.com

Malware Detected on Host

Count: 21 53a25b4b715855f13b61b58ac20deeef139c7d28b0005dce530ec650ed1c09e0 7ebb8fcd2dc224a7877acbdff54e3de67679683c2efad6c48354acc0cb80e71e eba0146fde79a8c4f45b49e32477894235e0ffcf55329f6a1a275b9fda7b0eb1 d86c9bba3dc842d52259325e492c2fea9a9709eda74efe5281122c55b8d88bb4 f632701d3fb836c9a86efff8ca268d2c90cdd375630810dbb3543223f92044c0 5c821c92d5a0594487bce5d51260fffb893f016ad0fce62a36e144c990de0a2e 1a97f29caceca8172097969189954ccfbb1e8e0cb0f3a304a480a9e206158a90 4b017da929e1ba7682bb4ab2db3dd738b87b361f5609a840c8ccceb594a807e2 6bf493452bab46c3395a4e41f1e5f587738eb6cb009315e27780d219070b3890 5029f959a9610a081db09774a2e8fb6e3552e057e71454b9e3f1481a63885862

Open Ports Detected

123 22 3306 443 80

CVEs Detected

CVE-2022-31628 CVE-2022-31629 CVE-2022-37454

Map

Whois Information

• inetnum: 91.216.248.0 - 91.216.248.255
• netname: DE-LIMACITY-CLOUD
• country: DE
• abuse-c: ACRO293-RIPE
• org: ORG-TG211-RIPE
• admin-c: PHIL42-RIPE
• tech-c: PHIL42-RIPE
• status: ASSIGNED PI
• mnt-by: RIPE-NCC-END-MNT
• mnt-by: TRAFFICPLEX-MNT
• mnt-routes: TRAFFICPLEX-MNT
• mnt-domains: TRAFFICPLEX-MNT
• created: 2010-07-13T13:31:44Z
• last-modified: 2021-04-28T11:57:39Z
• organisation: ORG-TG211-RIPE
• org-name: TrafficPlex GmbH
• org-type: LIR
• address: Konsul-Smidt-Str. 90
• address: 28217
• address: Bremen
• address: GERMANY
• country: DE
• phone: +4942140899450
• admin-c: RA10375-RIPE
• tech-c: RA10375-RIPE
• abuse-c: AR62322-RIPE
• mnt-ref: TRAFFICPLEX-MNT
• mnt-by: RIPE-NCC-HM-MNT
• mnt-by: TRAFFICPLEX-MNT
• created: 2021-01-22T09:08:09Z
• last-modified: 2021-01-22T09:08:12Z
• person: Phillipp Roell
• address: TrafficPlex GmbH
• address: Konsul-Smidt-Str. 90
• address: 28217 Bremen
• address: Germany
• phone: +4942140899450
• nic-hdl: PHIL42-RIPE
• mnt-by: TRAFFICPLEX-MNT
• created: 2015-06-16T18:56:18Z
• last-modified: 2021-04-22T09:32:21Z
• route: 91.216.248.0/24
• descr: Roell
• origin: AS47447
• mnt-by: MNT-23MEDIA
• created: 2011-01-21T11:53:15Z
• last-modified: 2011-01-21T11:53:15Z