92.63.197.55 Threat Intelligence and Host Information
General
This page contains threat intelligence information for the IPv4 address 92.63.197.55 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.
Likely Malicious Host 🟠 65/100
Host and Network Information
-
Mitre ATT&CK IDs: T1046 - Network Service Scanning, T1110 - Brute Force, T1423 - Network Service Scanning, T1595.001 - Scanning IP Blocks, T1595.002 - Vulnerability Scanning, T1596.005 - Scan Databases, TA0043 - Reconnaissance
-
Tags: brute force, cowrie, dionaea, email, honeytrap, hxxp, ip monitor, LAMP, mailoney, malicious, nmap, port-scan, portscan, RDP, saudicareup, scanner, sentrypeer, sftp, sip, ssh, SSH, UK Based
-
View other sources: Spamhaus VirusTotal
-
Contained within other IP sets: normshield_all_attack, normshield_high_attack
- Country: Russia
- Network:
- Noticed: 50 times
- Protocols Attacked: SSH
- Countries Attacked: Australia, Italy, Netherlands, Poland, Sweden
Malware Detected on Host
Count: 12 6df502a2f42c644da4a89bb0d0e5570adcb7453978232385cd7afd0c0b0c1cd5 2f7f644c959ab9f946b14fac6d90aed0dff80a1d20dc4c497e29af926efdcaf0 1f700292ee3ebe37363abaf3d517f5e3d96426350ccf28a5e89c39b1e5dbb501 a235c93f71c154746e39b788bba9f63c710598e7bccdf982c0494292ed89c14f 57654d14eae36ef875014022d41a89ae67866e637a9a52f0dee6452f7aca6aa9 37175f3e5d944a1bca170fd5319031b7053afed802dbc649eb67814281c14f56 e4fadaaf343a322af7147d1de19698178b8ebb611cf88d77d0870fda72d4683e 1c2c3291338f992ac2cf37532b2fade7f90542ad6806f25ae737d1d254bf280e 36a5aed0db2868ef9d71c2496954f27b809f026a2e16e15fee9f1a76d59b4a44 7209e76a272263e045386e309f861d919e74521eda2dba22e56941656480cf72
Open Ports Detected
Map
Links to attack logs
nmap-scanning-list-2021-10-09 nmap-scanning-list-2021-11-27 nmap-scanning-list-2021-12-26 nmap-scanning-list-2022-01-08 nmap-scanning-list-2022-01-10 nmap-scanning-list-2022-01-15 nmap-scanning-list-2021-11-01 nmap-scanning-list-2021-11-29 nmap-scanning-list-2022-01-09 nmap-scanning-list-2022-01-17 nmap-scanning-list-2022-01-24 ****** nmap-scanning-list-2021-12-18 nmap-scanning-list-2022-01-13 nmap-scanning-list-2022-01-26 nmap-scanning-list-2021-12-11 nmap-scanning-list-2021-12-20 nmap-scanning-list-2022-01-06 nmap-scanning-list-2022-01-20 nmap-scanning-list-2022-01-22 nmap-scanning-list-2021-12-28 nmap-scanning-list-2021-12-29 nmap-scanning-list-2021-12-27 nmap-scanning-list-2022-01-01 nmap-scanning-list-2022-01-12 nmap-scanning-list-2022-01-16 nmap-scanning-list-2021-10-26 nmap-scanning-list-2021-12-19 nmap-scanning-list-2022-01-23 nmap-scanning-list-2021-12-21 nmap-scanning-list-2021-12-24 nmap-scanning-list-2021-11-26 nmap-scanning-list-2022-01-02 nmap-scanning-list-2022-01-19 nmap-scanning-hosts-2020-09-28 nmap-scanning-list-2021-01-28 nmap-scanning-list-2022-01-14 nmap-scanning-list-2021-12-23 nmap-scanning-list-2022-01-05 nmap-scanning-list-2022-01-18 nmap-scanning-list-2022-01-25 nmap-scanning-list-2021-11-28 nmap-scanning-list-2021-12-31 ****** nmap-scanning-list-2021-10-31 nmap-scanning-list-2021-12-02 nmap-scanning-list-2021-12-25 nmap-scanning-list-2022-01-11 nmap-scanning-list-2022-01-21 ****** nmap-scanning-list-2021-10-29 nmap-scanning-list-2021-12-22 nmap-scanning-list-2021-12-30 nmap-scanning-list-2022-01-03 nmap-scanning-list-2022-01-07
Share on: