192.252.215.5 Threat Intelligence and Host Information

Share on:

Aug 30, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 192.252.215.5 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 57/100

Host and Network Information

Mitre ATT&CK IDs: T1498 - Network Denial of Service, T1499 - Endpoint Denial of Service, T1499.002 - Service Exhaustion Flood
Tags: Cyclops, DDOS, DDoS, Gamardeon, HEAD Floods, HermeticWiper, IsaacWiper, KillNet, Killnet, PartyTicket, T1498, T1499, WhisperGate, attack ddos, botnet, cc.py, ddos, list ips, russia, russian, ukraine
View other sources: Spamhaus VirusTotal
Contained within other IP sets: blocklist_net_ua, botscout_30d, botscout_7d, sblam, socks_proxy_30d, socks_proxy_7d, stopforumspam, stopforumspam_180d, stopforumspam_30d, stopforumspam_365d, stopforumspam_7d, stopforumspam_90d
Country: Canada
Network: AS46562 performive llc
Noticed: 1 times
Protcols Attacked: Anonymous Proxy
Countries Attacked: Russian Federation
Passive DNS Results: img.smokymtndreams.com static.dusupply.com player.livespotting.tv google.r.worldssl.net cdn.clients.adonisindex.com ozlotteries.r.worldssl.net neotag.r.worldssl.net cdn.junior.clapp.eu edigital.r.worldssl.net ads.cdn.scarabresearch.com sanoma.cdn.scarabresearch.com cdn.mybestbrands.de szallas-images.r.worldssl.net cdn.epress.am cdn.ctnsnet.com cdn.clients.flatbellyforever.com bbcdn.r.worldssl.net cdn1.simple2advertise.com cdn.wambacdn.net cdn.e-lustre.com.br thehunter.r.worldssl.net static.thehunter.com static.seicane.com boleto-cobranca.brcobranca.net.br 907163783.r.cdn77.net i3.softpicks.pt cdn.coding-talk.com img3.softpicks.it icoon1.softpicks.com.nl cdn.softpicks.pt cdn.handwerker.jobs en.portalprogramas.com cdn77b.softpicks-download.net cdn.medicalteam.ch img2cdn.adtwirl.com img.nainternet.net cdn.amadershomoy.net static.scania.com img2.softpicks.fr icoon3.softpicks.com.nl icn2.softpicks.com.es cdn.softpicks.pl icons3.softpicks.br.com icn3.softpicks.com.es icn1.softpicks.com.es img3.softpicks.fr img2.softpicks.it iko3.softpicks.com.de cdn.softpicks.se.com cdn.softpicks.com.br icons1.softpicks.br.com vod.guitarhype.com podcastcdn-9.ivoox.com podcastcdn-7.ivoox.com 8a5l1898pnid6n1ca9.r.worldssl.net img.softpicks.com.de bild.softpicks.com.de img.stockfresh.com shd44u9z6saeu3bnphk8.r.worldssl.net j8vt3u33wb0y6j20f3.r.worldssl.net cdn.www.cdn77.com podcastscdn.ivoox.com 3gvt3u33wb0y6j20f3.r.worldssl.net yrj8usi8t5zbg6zcefy4.r.worldssl.net y9g4e9lk9uymlrxw1j.r.worldssl.net y9343p8et3arveig7e.r.worldssl.net 3gjrqy5maoppon7saf.r.worldssl.net 3g5l1898pnid6n1ca9.r.worldssl.net 3g343p8et3arveig7e.r.worldssl.net y9bg2osddqpizacv6x.r.worldssl.net img.softpicks.us cdn.softpicks.us yrj87shehkbxt4jdvn1f.r.worldssl.net y95l1898pnid6n1ca9.r.worldssl.net u4y9xyi08witaut3yaew.r.worldssl.net u4y97shehkbxt4jdvn1f.r.worldssl.net 8aqlntqcmne0wbf0ic.r.worldssl.net sh8ausi8t5zbg6zcefy4.r.worldssl.net cdn.viewiq500.com sh8av9alcvxfkj7iz0m0.r.worldssl.net yrj8p7qye6fzoz3aqjhp.r.worldssl.net sh8a4u9z6saeu3bnphk8.r.worldssl.net u4y9p7qye6fzoz3aqjhp.r.worldssl.net monitordt.r.worldssl.net cdn.europosters.eu media.medias.rs cdn.pttrns.com img.softpicks.de.com img.softpicks.it cdn.softpicks.it img3.softpicks.jp img.softpicks.jp cdn.softpicks.jp img.softpicks.com img.softpicks.br.com cdn.softpicks.br.com img.softpicks.com.es cdn.softpicks.com.es 361313851.r.cdn77.net cdn77.softpicks-download.net adcdn.adtwirl.com cdn.aoteanz.com 8azxhywug65kdhmo46.r.worldssl.net j8zxhywug65kdhmo46.r.worldssl.net cdn.mykreuzfahrt.de 8aq82aa05yj89v4re5.r.worldssl.net api.theviralnetwork.com cdn.msc-seereisen.de 8akh78yoh5o9m2lc0i.r.worldssl.net img.softpicks.fr i.softpicks.com.nl cdn.softpicks.fr j8kh78yoh5o9m2lc0i.r.worldssl.net cdn.tactika.fr mycdn.msc-seereisen.de cdn77.cedexis.com cdn5.portalprogramasnet.com cdn.gtpla.net dolartoday.r.worldssl.net moneycdn.com wild.iza.io img.softpicks.com.nl

Malware Detected on Host

Count: 2 5ee96cce83902ae9cb52fafac4479412f4d12bfc9b699cb81763f140e7b979a8 78082dadf6c50b27b2cda0e2402ca7b70671f7c1f3a759e223a5dea15f2a18d4

Map

Whois Information

NetRange: 192.252.208.0 - 192.252.223.255
CIDR: 192.252.208.0/20
NetName: TOTAL-SERVER-SOLUTIONS
NetHandle: NET-192-252-208-0-1
Parent: NET192 (NET-192-0-0-0-0)
NetType: Direct Allocation
OriginAS: AS46562
Organization: Performive LLC (TSSL-2)
RegDate: 2013-07-03
Updated: 2015-03-19
Ref: https://rdap.arin.net/registry/ip/192.252.208.0
OrgName: Performive LLC
OrgId: TSSL-2
Address: 1130 Powers Ferry Pl
City: Marietta
StateProv: GA
PostalCode: 30067
Country: US
RegDate: 2007-02-13
Updated: 2020-08-27
Ref: https://rdap.arin.net/registry/entity/TSSL-2
OrgTechHandle: TSSNO-ARIN
OrgTechName: TSS NOC
OrgTechPhone: +1-877-391-9909
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/TSSNO-ARIN
OrgNOCHandle: TSSNO-ARIN
OrgNOCName: TSS NOC
OrgNOCPhone: +1-877-391-9909
OrgNOCEmail: [email protected]
OrgNOCRef: https://rdap.arin.net/registry/entity/TSSNO-ARIN
OrgAbuseHandle: ABUSE7667-ARIN
OrgAbuseName: Abuse
OrgAbusePhone: +1-877-391-9909
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE7667-ARIN

Links to attack logs