5.5.8.2 Threat Intelligence and Host Information
ipinfopage
General
This page contains threat intelligence information for the IPv4 address 5.5.8.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
🟠 Elevated — 51/100
Geographic Location
Host and Network Information
- View other sources: Spamhaus VirusTotal Shodan AbuseIPDB
- Country: Germany
- Noticed: 3 times
- Protocols Attacked: SSH
- Countries Attacked: United States of America
- Tor Node: No
Tags
- aaaa
- abuse
- accept
- address
- agent
- albania
- albanian
- alerts
- all scoreblue
- already
- analysis
- analysis date
- anity
- apple
- apt suspects
- armenia
- as32934
- ascii text
- asyncrat
- av detections
- back
- beginstring
- belarus
- bits
- blank
- body
- body length
- b server
- burn
- calendar
- campus
- cascade
- certificate
- class
- click
- clock
- close
- cloud
- code
- colors
- company isp
- config
- contact
- contentlength
- copy
- core
- corporation
- cp
- create c
- creation date
- crime
- critical
- critical cmd
- crlf line
- ctlrdev293e
- ctlrven8086
- cyber
- czech
- date
- dcom
- defender
- delete c
- delta
- denver police
- deny
- desktop
- dev0022
- digicert inc
- document file
- domain
- dom-modification
- done
- download
- dragdrop
- dump
- dword
- emails
- encrypt
- entries
- error
- etpro trojan
- et tor
- exe upload
- exit
- expiration date
- expiresthu
- explorer
- express
- external-resources
- fail
- false
- filehash
- file score
- final url
- find
- flash
- form
- format
- friendly
- front
- fullscreen
- func01
- fyou
- general
- generator
- generic http
- government
- green
- headers
- hiddentear
- hide
- historical ssl
- history first
- hit
- hitmen
- http
- hybrid
- icelandic
- icmp
- ids detections
- iframes
- impacting azure
- indonesia
- info
- insert
- install
- internet se
- ip address
- italian
- jeremy
- jsc regional
- kb body
- known tor
- korean
- label saudi
- leave
- legacy
- less whois
- loader
- local
- local government
- look
- malicious
- malware
- malware beacon
- markus
- media
- medium
- memcommit
- men
- meta
- mexico
- minsk
- misc attack
- model
- mongolian
- moved
- ms shell
- name servers
- never
- next
- next pe
- node traffic
- nsa
- null
- number
- open
- outbound
- panama
- paraguay
- passive dns
- path
- pattern match
- phase
- pipes
- polish
- problem
- proofpoint
- pulse pulses
- query
- read c
- reboot
- record value
- redrum
- refer
- referrer
- refresh
- registrar
- registry techc
- related nids
- relayrouter
- replacement
- restart
- restrict
- ripe
- ripe ncc
- ripe network
- riyadh
- riyadh address
- saudi
- saudi arabia
- saudi telecom
- scan endpoints
- scene unit
- screen
- screenshot
- scroll
- search
- secure
- self
- server tsa
- service
- sha1
- sha256
- shadow
- shell dlg
- shift
- show
- showing
- shown
- shutdown
- sinf
- size
- slovak
- slovakia
- small
- sneaky server
- sophos
- span
- specified
- stack
- starfield
- status
- status code
- strings
- submission
- subsys1af40022
- swedish
- switch dns
- system
- target
- telecom company
- terminal
- text/html
- third-party-cookies
- this
- threat
- toolbar
- tools
- trace
- trackers
- triangulation
- trojan
- turkish
- turn
- ukraine
- unauthorized
- unicode
- unique
- united
- unknown
- url https
- urls
- uruguay
- v2 document
- ven1af4
- verify
- voice
- vy binh
- waiting
- wannacry
- win32
- window
- windows nt
- write
- write c
- xcitium verdict
- xtra
- yara detections
- yuming
- zero
MITRE ATT&CK TTPs
- T1031 - Modify Existing Service
- T1038 - DLL Search Order Hijacking
- T1045 - Software Packing
- T1059.007 - JavaScript
- T1059 - Command and Scripting Interpreter
- T1068 - Exploitation for Privilege Escalation
- T1071.001 - Web Protocols
- T1071.004 - DNS
- T1071 - Application Layer Protocol
- T1082 - System Information Discovery
- T1094 - Custom Command and Control Protocol
- T1105 - Ingress Tool Transfer
- T1140 - Deobfuscate/Decode Files or Information
- T1470 - Obtain Device Cloud Backups
- T1553.002 - Code Signing
- T1553 - Subvert Trust Controls
- T1588 - Obtain Capabilities
Attack Log References
Whois Information
inetnum: 5.4.0.0 - 5.7.255.255
netname: DE-MEDIAWAYS-20120425
country: DE
org: ORG-TDG4-RIPE
admin-c: MWH6-RIPE
tech-c: MWH6-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: MDA-Z
mnt-lower: MDA-Z
mnt-routes: MDA-Z
created: 2012-04-25T06:13:17Z
last-modified: 2018-07-30T09:52:34Z
organisation: ORG-TDG4-RIPE
org-name: Telefonica Germany GmbH & Co.OHG
country: DE
org-type: LIR
address: Georg-Brauchle-Ring 50
address: 80992
address: München
address: GERMANY
phone: +498924420
admin-c: RCM25-RIPE
admin-c: DK9212-RIPE
abuse-c: MWH6-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: MDA-Z
mnt-by: RIPE-NCC-HM-MNT
mnt-by: MDA-Z
created: 2004-04-17T12:45:50Z
last-modified: 2024-04-30T04:43:21Z
role: mediaWays Hostmaster
address: Telefonica Germany GmbH & Co. OHG
address: Georg-Brauchle-Ring 50
address: 80992 Muenchen
address: DE
phone: +498924420
fax-no: +49892442198224
abuse-mailbox: abuse.de@telefonica.com
admin-c: DK9212-RIPE
admin-c: RCM25-RIPE
tech-c: TG819-RIPE
tech-c: ASZ-RIPE
nic-hdl: MWH6-RIPE
mnt-by: MDA-Z
created: 2001-11-06T10:42:25Z
last-modified: 2022-03-31T09:18:07Z
route: 5.4.0.0/14
descr: Telefonica Germany GmbH & Co. OHG
origin: AS6805
mnt-by: MDA-Z
created: 2018-08-08T09:03:25Z
last-modified: 2018-08-08T09:13:47Z