91.218.214.1 Threat Intelligence and Host Information

Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 91.218.214.1 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 19/100

Host and Network Information

  • View other sources: Spamhaus VirusTotal
  • Contained within other IP sets: hphosts_emd, hphosts_fsa

  • Country: Ukraine
  • Network: AS42352 tov dream line holding
  • Noticed: 1 times
  • Protcols Attacked: SSH

Malware Detected on Host

Count: 12 e6ba210b361ba00a112c66ad915e4f574a448422cf24e0fc7d0855c5e2fa587d 807dbb13ad76f5f18593284b0b933cb8b67bae24e6bf279ab112aabee73c9ba0 054eca8fc07710ddb5bc468e0fd717fc686516b52d2a99858c4dc22fc11920ff 4820a6dd4ae4093cf436e64fd48952a0fa9c88ecf663fc38e2cc66f4bee56cbc e7ce69b946a6cbf6ecf2f869ebe519bf8da763f82fbb6b5ff5cd41e04adc5010 62ee681f70ccdc3a313ff8ce6808e4df107ca73ca4ab6b0772ad26520ce1b7e7 586ba6ef81bd57e086a895e4792537997c5ac9c6951f77b34d9dce2b69e6fa26 e812b73d37c3925175eb5971efd42bc24f034473121277c41494979b3dcca7f2 e802de2987f5f09bbafd7558f5e3dda9059965de018f8e21f340db5379160cf6 41120dc5e7fd51e3ffcb58f10f22df6f6495b8d58b2b221995eaaf002b4fca26

Open Ports Detected

110 143 21 22 2222 25 3306 443 465 4949 53 80 993 995

CVEs Detected

CVE-2022-37451 CVE-2022-37452

Map

Whois Information

  • inetnum: 91.218.212.0 - 91.218.215.255
  • netname: DLH2-NET
  • country: UA
  • org: ORG-DLH1-RIPE
  • admin-c: BABY-RIPE
  • tech-c: MIMA-RIPE
  • status: ASSIGNED PI
  • mnt-by: RIPE-NCC-END-MNT
  • mnt-by: DREAM-MNT
  • mnt-routes: DREAM-MNT
  • mnt-domains: DREAM-MNT
  • created: 2010-08-16T09:37:18Z
  • last-modified: 2016-04-14T11:12:04Z
  • sponsoring-org: ORG-DL9-RIPE
  • organisation: ORG-DLH1-RIPE
  • org-name: TOV ‘Dream Line Holding’
  • country: UA
  • org-type: OTHER
  • address: Predslavinska str., 28
  • address: Ukraine, Kiev
  • abuse-c: AR19176-RIPE
  • mnt-ref: DREAM-MNT
  • mnt-by: DREAM-MNT
  • created: 2007-07-25T15:36:58Z
  • last-modified: 2022-12-01T16:22:37Z
  • person: Evgeniy Zbarazhskiy
  • address: UA,Kiev
  • phone: +380442370000
  • nic-hdl: BABY-RIPE
  • mnt-by: BABY-MNT
  • created: 2005-06-03T12:12:11Z
  • last-modified: 2007-07-25T14:57:27Z
  • person: Gregory Prokopenko
  • address: UA,Kiev
  • phone: +380443324607
  • nic-hdl: MIMA-RIPE
  • mnt-by: MIMA-MNT
  • created: 2007-07-25T15:20:19Z
  • last-modified: 2007-07-31T06:44:44Z
  • route: 91.218.214.0/24
  • descr: TOV Dream Line Holding
  • origin: AS42352
  • mnt-by: DREAM-MNT
  • created: 2010-08-16T10:36:36Z
  • last-modified: 2010-08-16T10:36:36Z
Share on: