37.9.13.178 Threat Intelligence and Host Information

May 24, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 37.9.13.178 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 39/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force

  • Tags: admin, blacklist, botnet, Malicious IP, mirai, nmap, port-scan, RDP, scan, tcp, win, windows

  • View other sources: Spamhaus VirusTotal

  • Country: Russia
  • Network:
  • Noticed: 43 times
  • Protocols Attacked: SSH
  • Countries Attacked: Australia
  • Passive DNS Results: obmensezonkoles.photonhost.net opt.bigmachine.pro krasnoyarsk.podkova22.ru novosibirsk.podkova22.ru biysk.podkova22.ru omsk.podkova22.ru kemerovo.podkova22.ru tomsk.podkova22.ru bigm.pro www.bigm.pro r22.photonhost.net job.podkova22.ru podkova22.ru jac.bigmachine.pro www.sezonkoles.ru sezonkoles.ru sezonkoles.photonhost.net bigmachine.pro

Open Ports Detected

10050 11000 11027 11075 11101 11112 11180 11210 11211 11288 11371 11434 11480 11481 11601 11680 11920 12000 12082 12103 12111 12113 12126 12128 12129 12130 12131 12132 12134 12135 12139 12141 12144 12148 12153 12157 12163 12164 12166 12167 12169 12177 12187 12190 12194 12200 12201 12202 12203 12214 12217 12218 12222 12225 12227 12228 12229 12230 12232 12233 12237 12240 12246 12249 12251 12253 12263 12264 12274 12277 12278 12279 12283 12285 12286 12292 12295 12297 12298 12307 12309 12310 12311 12314 12321 12334 12337 12338 12342 12343 12353 12363 12377 12378 12379 12380 12381 12394 12396 12398 12400 12406 12410 12415 12425 12427 12428 12431 12440 12443 12449 12454 12455 12461 12462 12463 12465 12471 12474 12475 12479 12480 12482 12486 12487 12488 12491 12492 12493 12497 12505 12506 12508 12509 12516 12517 12519 12521 12523 12524 12530 12533 12534 12535 12538 12543 12544 12545 12555 12556 12557 12558 12560 12565 12568 12569 12570 12573 12577 12578 12583 12584 12585 13001 13084 13128 14082 14104 14147 14182 14265 14344 14403 14407 14523 14825 14880 14896 14909 161 80 81 8100 9999

CVEs Detected

CVE-2021-3618 CVE-2023-44487

Map

Links to attack logs

nmap-scanning-list-2022-06-27 nmap-scanning-list-2022-06-29 nmap-scanning-list-2022-07-03 nmap-scanning-list-2022-06-30 ****** nmap-scanning-list-2022-07-08 nmap-scanning-list-2022-07-10 nmap-scanning-list-2022-07-02 nmap-scanning-list-2022-06-28 nmap-scanning-list-2022-07-09 nmap-scanning-list-2022-07-07 ****** nmap-scanning-list-2022-07-01 nmap-scanning-list-2022-07-11 ******

Share on: