198.57.247.231 Threat Intelligence and Host Information

Mar 04, 2026 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 198.57.247.231 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Tags: cyber security, ioc, malicious, Nextray, phishing

  • JARM: 29d29d15d29d29d00042d42d0000009435214b849738c4ebab4534b5d158dd

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: hphosts_emd, hphosts_psh

  • Country: United States
  • Network:
  • Noticed: 29 times
  • Protocols Attacked: SSH
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Malware Detected on Host

Count: 12 f2385b355b36a28d14b438f894fd0a1a957f3ba6602d01a145c7624e8c74995f e37e4d66c5cf1d375a03d1906b02b77d6c45c36ce50d8b6cc79d7288f9b6841b c1a1b8eb58c1979d094a6e277b0cb6021a9b627dd4d975ed33194f924b3363fc 9e9c9e72c1dba90c5945cd67f12b2c8b30074bff56c753e0d6d216e7612361c1 b686115e493d49622d93fc16abe05edf13ad3cf8fbd0b1fcdb6f78bcbd4dac47 439c704829647ed4c57df974259d917e98844f3a47ed9e24efe63a5949a9a99c 81e47d8297e000f2b47efca9dc0de2fbe4582d77441a92200684747d96eafa6d 993993e1f7f5ea3b3b7f4c99c875f485c760c2c27d17d767234bf2a8e417ccec 3a5dbe9edefe7b069dcd6166b573db8e25adb4e094a7116678154baddf6efd35 147c283d3258a082eb47669e5df993205eba8a3b60104fa0d94669f61140c6ab

Open Ports Detected

110 143 2077 2082 2083 2086 2087 2095 2096 21 22 2222 26 3306 443 465 53 587 80 993 995

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465 CVE-2025-32728

Map

Whois Information

Links to attack logs

****** ****** ******

Share on: