95.104.54.227 Threat Intelligence and Host Information

Share on:
Oct 21, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 95.104.54.227 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 50/100

Host and Network Information

  • Mitre ATT&CK IDs: T1498 - Network Denial of Service

  • Tags: attack ddos, botnet, Cyclops, ddos, Gamardeon, HermeticWiper, IsaacWiper, list ips, PartyTicket, russia, russian, ukraine, WhisperGate

  • View other sources: Spamhaus VirusTotal

  • Contained within other IP sets: blocklist_net_ua, proxylists_1d, proxylists_30d, proxylists_7d, proxz_1d, proxz_30d, proxz_7d, sblam, stopforumspam_365d

  • Country: Georgia
  • Network: AS16010 magticom ltd.
  • Noticed: 1 times
  • Protcols Attacked: Anonymous Proxy
  • Countries Attacked: Russian Federation
  • Passive DNS Results: babfas.kr semowcr715.com thebabfas.kr testipse21.com besoooo13.com testipse18.com testipseler44.com testipse47.com besoooo11.com testipseler9.com testipse15.com besoooo15.com besoooo12.com besoooo3.com testipseler12.com testipseler41.com testipse50.com besoooo14.com testipseler47.com babfus.kr

Malware Detected on Host

Count: 4 83e616dfc0e7c8e39a62926836bfa7a311c3072f476af8fb32fa28f6186bbe9c f4bb07fcc5b61e72c473bd3b095141f5b000987d19131803efb7f04ca3d34e49 c730be62bd46616ee817707b2a8a84642da77b13598ee809bdf096452ed55481 e4721b4f6be4e09599e4326244a640ad0ca57164e85929033e14da1d13d1e26e

Map

Whois Information

  • inetnum: 95.104.32.0 - 95.104.95.255
  • netname: MAGTICOM
  • mnt-domains: MAGTICOM-MNT
  • descr: MAGTCION
  • country: GE
  • admin-c: MAG281-RIPE
  • tech-c: MAG281-RIPE
  • status: ASSIGNED PA
  • mnt-by: MAGTICOM-MNT
  • created: 2009-04-01T12:50:35Z
  • last-modified: 2018-04-10T12:46:38Z
  • role: Magticom NOC
  • address: 7 A.Politkovskaya str.
  • org: ORG-ML2-RIPE
  • nic-hdl: MAG281-RIPE
  • mnt-by: MAGTICOM-MNT
  • created: 2017-06-14T06:09:14Z
  • last-modified: 2017-06-14T06:26:21Z
  • route: 95.104.0.0/18
  • origin: AS16010
  • mnt-by: MAGTICOM-MNT
  • created: 2017-06-13T06:27:49Z
  • last-modified: 2017-06-13T06:27:49Z

Links to attack logs

forum-spam-ip-list-2020-12-08 anonymous-proxy-ip-list-2023-07-16 anonymous-proxy-ip-list-2023-06-22