Threat
64.62.197.197
Substantial evidence indicates that this IP should be regarded as a threat. Advised action: Conduct a thorough investigation of the activities linked to this IP and consider implementing restrictions on its traffic.
How is the evaluation?
|
First detected
March 9, 2023
Last detected
November 4, 2024
Detected threat types
Type
Malware
The IoC is related to malicious software distribution. It can be a host or a URL serving the malware.
Type
Attack
Malicious activity detected from the host.
References
https://lists.blocklist.de/lists/mail.txthttps://github.com/ShadowWhisperer/IPs/archive/refs/heads/master.ziphttps://lists.blocklist.de/lists/apache.txthttps://lists.blocklist.de/lists/ssh.txthttps://api.cybercure.ai/feed/get_ips?type=csvhttps://view.sentinel.turris.cz/greylist-data/greylist-latest.csvhttps://github.com/stamparm/ipsum/archive/refs/heads/master.ziphttps://lists.blocklist.de/lists/bruteforcelogin.txthttps://github.com/CriticalPathSecurity/Zeek-Intelligence-Feeds/archive/refs/heads/master.zip
Malicious activity
Medium
Detected 5 times
Last detected October 30, 2024
Malicious activity
Signature: Brute-force attempt
Target protocol: telnet
Medium
Detected 12 times
Last detected October 26, 2024
Malicious activity
Signature: Malicious traffic
Target protocol: redis
Medium
Detected 8 times
Last detected October 14, 2024
Malicious activity
Signature: Malicious traffic
Target protocol: pptpd
Medium
Detected 1 times
Last detected August 10, 2024
Attempted Information Leak
Signature: public access udp
Medium
Detected 1 times
Last detected August 10, 2024
Attempted Information Leak
Signature: request udp
IP Netblock
Threat score: 4%
Inetnum
64.62.128.0 - 64.62.255.255
Parent
NET-64-0-0-0-0
Source
ARIN
Netname
HURRICANE-4
Organization
ID
HURC
Name
Hurricane Electric LLC
Address
760 Mission Court, Fremont, CA, 94539, United States
Admin Contact
No contact information
How is the evaluation?
|
First detected
March 9, 2023
Last detected
November 4, 2024
Geolocation
Country
United States of America
City
Pleasanton
Region
California
Proxy detection
Public VPN
Not detected
Tor exit node
No
Reverse DNS (PTR)
Direct resolving
scan-50a.shadowserver.org.
PTR match
Yes
API Access
Our API provides the same data as the Lookup service, seamlessly integrating into your security platform.
Data Feed access
Download the complete dataset behind this lookup, available as daily updates or real-time streaming.