192.227.144.39 Threat Intelligence and Host Information

Mar 08, 2026 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 192.227.144.39 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

Mitre ATT&CK IDs: T1046 - Network Service Scanning, T1498 - Network Denial of Service, T1595 - Active Scanning
Tags: abuseipdb, atif feed, auto-generated security, banlist feed, binary defense, blacklist, botnet, conpot, cowrie, cyber security, DDoS, dionaea, heralding, honeytrap, ioc, LAMP, malicious, Malicious IP, mirai, Nextray, phishing, RTBH, scan, sftp, sip, sipvicious, smb, ssh, tcp
View other sources: Spamhaus VirusTotal
Contained within other IP sets: ciarmy

Country: United States
Network:
Noticed: 50 times
Protocols Attacked: mssql
Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: medichost.questerp.com auth.questerp.com appdev.questerp.com jobportal.questerp.com mailadmin.questerp.com apidev.questerp.com base.questerp.com office.questerp.com cbtadmin.questerp.com acada.questerp.com cbt.questerp.com www.questerp.com admin.questerp.com workforce.questerp.com

Malware Detected on Host

Count: 1 f22a5d0168054dbf951aa710346ee033809f5241946957ce66398aa0e8488593

Open Ports Detected

110 139 143 1433 21 22 25 27017 445 47001 53 587 5985 80 8443 9000

CVEs Detected

CVE-2014-8180 CVE-2020-0796 CVE-2025-11979 CVE-2025-12893 CVE-2025-13507 CVE-2025-13643 CVE-2025-14345 CVE-2025-14847 CVE-2026-1847 CVE-2026-1848 CVE-2026-1849 CVE-2026-1850 CVE-2026-25609 CVE-2026-25613

Map

Whois Information

NetRange: 192.227.128.0 - 192.227.255.255
CIDR: 192.227.128.0/17
NetName: CC-12
NetHandle: NET-192-227-128-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: HostPapa (HOSTP-7)
RegDate: 2013-01-29
Updated: 2024-02-02
Comment: Geofeed https://geofeeds.oniaas.io/geofeeds.csv
Ref: https://rdap.arin.net/registry/ip/192.227.128.0
OrgName: HostPapa
OrgId: HOSTP-7
Address: 325 Delaware Avenue
Address: Suite 300
City: Buffalo
StateProv: NY
PostalCode: 14202
Country: US
RegDate: 2016-06-06
Updated: 2025-10-05
Ref: https://rdap.arin.net/registry/entity/HOSTP-7
OrgAbuseHandle: NETAB23-ARIN
OrgAbuseName: NETABUSE
OrgAbusePhone: +1-905-315-3455
OrgAbuseEmail: net-abuse-global@hostpapa.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/NETAB23-ARIN
OrgTechHandle: NETTE9-ARIN
OrgTechName: NETTECH
OrgTechPhone: +1-905-315-3455
OrgTechEmail: net-tech-global@hostpapa.com
OrgTechRef: https://rdap.arin.net/registry/entity/NETTE9-ARIN
RAbuseHandle: NETAB27-ARIN
RAbuseName: NETABUSE-COLOCROSSING
RAbusePhone: +1-800-518-9716
RAbuseEmail: abuse@colocrossing.com
RAbuseRef: https://rdap.arin.net/registry/entity/NETAB27-ARIN
RTechHandle: NETTE11-ARIN
RTechName: NETTECH-COLOCROSSING
RTechPhone: +1-800-518-9716
RTechEmail: support@colocrossing.com
RTechRef: https://rdap.arin.net/registry/entity/NETTE11-ARIN

Links to attack logs

Share on: