199.195.253.95 Threat Intelligence and Host Information

Sep 27, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 199.195.253.95 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 45/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force, T1595 - Active Scanning

  • Tags: 5060, Apache, block list, brute force, brute-force, bruteforce, Bruteforce, Brute-Force, china mobile, columns, company limited, cowrie, dionaea, fatt, hk abusehandler, honeytrap, hong kong, hurricane us, info, kfsensor, LAMP, Mail, mailoney, malicious, Mod Security, network, notice, nxdomain, p0f, pgp sign, rdp, scan, sensor-tagged, sentrypeer, sftp, sip, sipvicious, ssh, SSH, suricata, tanner, tcp, timeout, tpot, unknown, us abuse, us none, Web, wordpress

  • View other sources: Spamhaus VirusTotal

  • Country: United States
  • Network:
  • Noticed: 38 times
  • Protocols Attacked: SSH
  • Countries Attacked: Australia, Indonesia

Malware Detected on Host

Count:

Open Ports Detected

10000 10001 10003 10004 10006 10008 10010 10011 10012 10013 10014 10016 10017 10018 10019 10020 10026 10027 10030 10035 10036 10037 10038 10043 10052 10066 10068 10081 10086 10090 10180 10200 10209 10225 10243 10249 10250 10283 10302 10324 10348 10380 10390 10398 10443 10480 10554 10810 10892 10909 10911 11000 11001 11065 11082 11101 11110 11111 11112 11180 11182 11210 11211 11288 11300 11371 11434 11443 11480 11602 11680 12000 12082 12105 12107 12113 12117 12120 12121 12122 12123 12124 12126 12127 12128 12134 12135 12136 12137 12138 12139 12142 12143 12145 12147 12148 12150 12167 12179 12180 12184 12187 12190 12192 12193 12203 12207 12208 12210 12211 12213 12215 12216 12219 12221 12224 12234 12236 12237 12238 12239 12241 12242 12243 12244 12248 12255 12257 12261 12262 12264 12267 12271 12273 12274 12277 12278 12279 12281 12284 12287 12289 12291 12299 12303 12305 12307 12314 12325 12326 12328 12329 12330 12331 12332 12333 12339 12344 12345 12350 12351 12352 12353 12355 12360 12369 12373 12378 12381 12382 12385 12387 12389 12391 12399 12401 12407 12414 12418 12420 12424 12425 12428 12429 12432 12433 12434 12436 12438 12440 12444 12446 12449 12452 12457 12459 12461 12462 12464 12466 12467 12470 12476 12477 12487 12488 12491 12495 12496 12504 12507 12510 12513 12514 12519 12525 12529 12531 12536 12541 12542 12543 12544 12545 12546 12550 12551 12552 12557 12559 12563 12570 12572 12575 12577 12579 12581 12584 12585 12586 12587 12590 12601 12615 12902 22

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2019-16905 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51385 CVE-2023-51767 CVE-2025-26465 CVE-2025-32728

Whois Information

Links to attack logs

bruteforce-ip-list-2025-09-27

Share on: