193.56.29.117 Threat Intelligence and Host Information

Share on:
Aug 03, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 193.56.29.117 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

  • Tags: Brute-Force, Bruteforce, SSH, Scanner, Webattack, anna paula, associated, currc3adculo, from email, headers, malspam email, msi file, probing, scanning, smtp, ssh, tcp, tuesday, utf8, webscan, webscanner bruteforce web app attack, zip archive

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: turris_greylist

  • Country: Poland
  • Network: AS210228 web hosted group ltd
  • Noticed: 1 times
  • Protcols Attacked: ip
  • Countries Attacked: Germany, United States of America
  • Passive DNS Results: obidient.duckdns.org roller.duckdns.org pulicenemy.duckdns.org

Malware Detected on Host

Count: 5 a98868f0c3748d841f36b146b3f08636808225e97092620c41ad39b479ffb209 740dd7485890bdb1eb9d3fce140035356e0c6e85f614d818adcc129b285e14b5 ffcec58ae1e4cd68786809e4f262a6c67dc2734e01dd24a29b27acf07a666b85 4cf25082099f2103447528d1af5cbd87da5cbc8d8ebad19ecd6a63feaced986f cfde37cb1668893518fbb96b2be69d77701625fbdecfa0b3ac9577ab60fe6131

Open Ports Detected

3389

Map

Whois Information

  • inetnum: 193.56.29.0 - 193.56.29.255
  • netname: WHG-NETWORKS
  • org: ORG-WHGL2-RIPE
  • country: GB
  • admin-c: JB18334-RIPE
  • tech-c: JB18334-RIPE
  • status: ASSIGNED PA
  • mnt-by: uk-whg-1-mnt
  • created: 2018-09-13T20:17:17Z
  • last-modified: 2018-09-14T20:30:50Z
  • abuse-c: AR48229-RIPE
  • organisation: ORG-WHGL2-RIPE
  • org-name: Web Hosted Group Ltd
  • country: GB
  • org-type: LIR
  • address: 89 Bickersteth Road
  • address: SW17 9SH
  • address: London
  • address: UNITED KINGDOM
  • phone: +44 1133204602
  • tech-c: JB18334-RIPE
  • abuse-c: AR48229-RIPE
  • mnt-ref: uk-whg-1-mnt
  • mnt-by: RIPE-NCC-HM-MNT
  • mnt-by: uk-whg-1-mnt
  • created: 2018-09-13T06:40:52Z
  • last-modified: 2020-12-16T12:20:39Z
  • person: Web Hosted Group Ltd RIPE Contact
  • address: 89 Bickersteth Road
  • address: London
  • address: UNITED KINGDOM
  • phone: +44 1133204602
  • nic-hdl: JB18334-RIPE
  • mnt-by: uk-whg-1-mnt
  • created: 2018-09-13T06:40:51Z
  • last-modified: 2020-09-29T14:35:23Z
  • route: 193.56.29.0/24
  • mnt-routes: uk-whg-1-mnt
  • origin: AS210228
  • mnt-by: uk-whg-1-mnt
  • created: 2018-09-13T20:40:24Z
  • last-modified: 2018-09-18T06:33:30Z

Links to attack logs

brazil-attackers-ip-list-2022-06-02