167.71.53.124 Threat Intelligence and Host Information

Jan 02, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 167.71.53.124 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 60/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

  • Tags: Bruteforce, cowrie, cyber security, ioc, last update, malicious, Nextray, phishing, Scanner, scanning, smtp, ssh, tcp, unique count, Webattack, windows server

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: b3b0

  • Country: Germany
  • Network:
  • Noticed: 50 times
  • Protocols Attacked: ssh
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10001 10134 102 1023 1024 104 10909 10911 110 11000 111 11210 11211 113 11300 11434 1200 122 1224 1234 131 1311 1337 135 139 1400 1414 1433 1443 1500 1515 1521 1604 1800 1801 1820 1911 1925 1926 1935 2000 2001 2002 2003 2008 2111 2121 2126 22 221 2222 225 2320 2323 2332 2404 25 2525 26 2602 2626 3001 30303 3107 311 3111 3114 3115 3117 3128 3301 3307 3310 3333 3523 3541 3542 3910 3922 4000 4022 4040 4042 4242 427 4321 443 4433 4434 4506 4840 4911 5000 5001 5005 5007 5009 5010 502 5025 503 515 5201 5222 5321 5400 541 5432 5435 5601 5604 5800 5801 5900 5938 6000 6002 6010 6036 6102 631 636 6512 6633 7000 7001 7218 7401 7415 7434 7634 79 80 8000 8001 8002 8004 8008 8009 8010 8014 8019 8023 8036 806 8080 8106 8107 8112 8123 8126 8139 8140 8200 8237 8333 8334 8403 8426 8427 8428 8513 8623 88 8800 8810 8819 8826 8834 8838 888 9000 9002 9004 9007 9009 9013 9017 902 9022 9034 9040 9042 9100 9101 9102 9104 9106 9205 9207 9208 9215 9222 9306 9308 9310 9333 9418 9530 9600 9633 9800 9999

Map

Whois Information

Links to attack logs

aws-ssh-bruteforce-ip-list-2021-02-02 ****** ****** bruteforce-ip-list-2021-08-10 bruteforce-ip-list-2021-08-27 aws-ssh-bruteforce-ip-list-2021-01-11 bruteforce-ip-list-2021-08-14 bruteforce-ip-list-2021-08-21 bruteforce-ip-list-2020-12-12 bruteforce-ip-list-2021-08-16 bruteforce-ip-list-2020-11-09 bruteforce-ip-list-2021-08-18 ****** ****** bruteforce-ip-list-2022-03-26

Share on: