194.5.97.253 Threat Intelligence and Host Information

Share on:

May 13, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 194.5.97.253 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

Tags: 0xBFKX, C&C, Log4j Scanning Hosts, Nextray, agentesla, agenttesla, alien, amadey, arkei stealer, arkeistealer, asyncrat, avemaria, avemariarat, aws, bashlite, betabot, bitrat, blacknet rat, bokbot, bruteforce, cloudeye, cobaltstrike, cowrie, cryptbot, cryptolaemus1, crystal, cyber security, dcrat, diamondfox, djvu, fail2ban, fareit, ficker stealer, gafgyt, gozi, gozi isfb, guloader, icedid, iceid, ioc, isfb, katana, keypass, la, lafusioncenter, loki, lokibot, louisiana, magecart, malicious, mirai, nancrat, nanocore, negasteal, neurevt, orcusrat, oski stealer, phishing, quasarrat, raccoonstealer, racealer, redline stealer, redlinestealer, remcos, remcosrat, scanners, servhelper, siplog, ssh, stealer, stop ransomware, teambot, tesla, trickbot, ursnif, virusdeck
View other sources: Spamhaus VirusTotal
Country: Isle of Man
Network: AS208476 danilenko artyom
Noticed: 29 times
Protcols Attacked: ssh
Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America
Passive DNS Results: tristanatt.ddns.net

Malware Detected on Host

Count: 18 986f374faa55c5ca6833e6e05c654183aecb9829f0c8b797346baede09c4a572 29e766686ce65f56a755083d459e1239f769cdea913f2e223140572dc2cbbee5 737bc18112d6b6bf2ac89545f1c7ba2b78db5231767f41c862967d306d109f72 0d0b1f45fa08369022297cfaad7482347bf75dd6c299d1d997ec02c992130051 b912dea2b82d2fcb3df46a1dc51e8ba0c081e433ad15db2ee6153ea4966c8396 2dd6a493c1cf18cba91a42bdb1ea0ac4c008365950e6071e53f3454869437218 b37ea2664fdcc4aa40e9c6bb52f3331feb1cee716f84994c861d8ecabb557eeb 3e5160d8adf9f7094440a2d374bd701e5ec72ff7bdbd2172c73267fdcd95147c a8c2ff91bf3c1e2788e75b378238e0246278877ebf225dc1f98167d6c9f87574 29c3861feead5d99c7d2e4c1a50dd6b29f8ca4d8add002ca8028d2f876abbbeb

Map

Whois Information

inetnum: 194.5.97.192 - 194.5.97.255
netname: FREEMESH
descr: Londonderry, Northern Ireland
country: GB
geoloc: 54.9958 -7.3074
org: ORG-FC153-RIPE
admin-c: FNN20-RIPE
tech-c: FNN20-RIPE
status: SUB-ALLOCATED PA
mnt-by: FREEMESH-MNT
created: 2023-04-25T20:09:24Z
last-modified: 2023-04-25T20:46:01Z
organisation: ORG-FC153-RIPE
org-name: Freemesh - non-commercial Networks
org-type: OTHER
address: Suite 9, Ansuya Estate, Revolution Avenue, Mahe, Seychelles
admin-c: FNN20-RIPE
tech-c: FNN20-RIPE
abuse-c: FNN20-RIPE
mnt-ref: FREEMESH-MNT
mnt-by: FREEMESH-MNT
created: 2022-04-28T11:31:48Z
last-modified: 2023-04-24T18:30:14Z
role: Freemesh - non-commercial Networks
address: Suite 9, Ansuya Estate, Revolution Avenue, Mahe, Seychelles
nic-hdl: FNN20-RIPE
abuse-mailbox: [email protected]
mnt-by: FREEMESH-MNT
created: 2023-04-16T16:06:25Z
last-modified: 2023-04-16T16:06:25Z
route: 194.5.97.0/24
origin: AS149020
mnt-by: WEBHORIZON-MNT
created: 2022-12-21T20:12:35Z
last-modified: 2022-12-21T20:12:35Z

Links to attack logs

awsjap-ssh-bruteforce-ip-list-2021-02-03 awsjap-ssh-bruteforce-ip-list-2021-02-05