Last active
June 7, 2023 15:16
-
-
Save kimber99/aeceac58812753dd933bbb6bfe994c81 to your computer and use it in GitHub Desktop.
MoveIT 138.197.152.201 IP Similarity Cluster
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ip | score | features | actor | classification | first_seen | last_seen | asn | city | country | country_code | organization | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 102.88.34.8 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-01-24 | 2023-05-22 | AS29465 | Enugu | Nigeria | NG | MTN NIGERIA Communication limited | |
| 125.165.38.231 | 1.00 | os|ports|web_paths | unknown | unknown | 2020-08-29 | 2023-01-18 | AS7713 | Medan | Indonesia | ID | PT Telekomunikasi Indonesia | |
| 134.209.222.44 | 1.00 | os|ports|web_paths | unknown | malicious | 2019-03-21 | 2023-03-01 | AS14061 | North Bergen | United States | US | DigitalOcean, LLC | |
| 152.67.250.201 | 1.00 | os|ports|web_paths | unknown | malicious | 2021-07-25 | 2023-01-26 | AS31898 | San Jose | United States | US | Oracle Corporation | |
| 160.177.176.73 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-02-04 | 2023-02-04 | AS36903 | Casablanca | Morocco | MA | Office National des Postes et Telecommunications ONPT (Maroc Telecom) / IAM | |
| 164.160.95.4 | 1.00 | os|ports|web_paths | unknown | malicious | 2021-04-06 | 2023-05-22 | AS328038 | Johannesburg | South Africa | ZA | Hitec Sure cc | |
| 194.62.29.20 | 1.00 | os|ports|web_paths | unknown | malicious | 2021-01-14 | 2023-01-17 | AS30823 | Frankfurt am Main | Germany | DE | combahton GmbH | |
| 195.3.220.121 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-02-09 | 2023-02-09 | AS201814 | Mokotów | Poland | PL | MEVSPACE sp. z o.o. | |
| 197.253.240.14 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-02-26 | 2023-02-26 | AS36925 | Souq Larb’a al Gharb | Morocco | MA | MEDITELECOM | |
| 20.228.208.179 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-04-11 | 2023-05-05 | AS8075 | Washington | United States | US | Microsoft Corporation | |
| 20.242.200.192 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-03-18 | 2023-03-28 | AS8075 | Washington | United States | US | Microsoft Corporation | |
| 37.120.246.149 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-01-21 | 2023-01-26 | AS9009 | Bucharest | Romania | RO | M247 Europe SRL | |
| 39.34.138.180 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-02-15 | 2023-02-15 | AS132165 | Bahawalpur | Pakistan | PK | Connect Communications | |
| 41.215.172.129 | 1.00 | os|ports|web_paths | unknown | malicious | 2021-09-19 | 2023-03-21 | AS37030 | Kumasi | Ghana | GH | Airtel Ghana Limited | |
| 41.92.15.116 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-01-06 | 2023-01-06 | AS36925 | Casablanca | Morocco | MA | MEDITELECOM | |
| 45.126.124.145 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-02-19 | 2023-02-20 | AS64022 | Hong Kong | Hong Kong | HK | Kamatera, Inc. | |
| 52.146.10.41 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-04-03 | 2023-04-03 | AS8075 | Washington | United States | US | Microsoft Corporation | |
| 67.205.170.152 | 1.00 | os|ports|web_paths | unknown | malicious | 2020-06-05 | 2023-03-08 | AS14061 | North Bergen | United States | US | DigitalOcean, LLC | |
| 91.209.70.144 | 1.00 | os|ports|web_paths | unknown | malicious | 2023-06-04 | 2023-06-04 | AS43317 | Saint Petersburg | Russia | RU | SIA VEESP |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ip | classification | first_seen | last_seen | actor | spoofable | asn | category | country | country_code | source_country | source_country_code | destination_countries | destination_country_codes | city | organization | rdns | tor | os | tags | ja3 | scans | paths | useragents | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 170.64.134.89 | malicious | 2023-02-07 | 2023-06-07 | unknown | false | AS14061 | hosting | Australia | AU | Sydney | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8080|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /human2.aspx|/human.aspx|/test_srv|/aaa9|/aab8|/|/Eetie0ph.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 170.64.134.120 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | Australia | AU | Sydney | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /|/aab8|/human2.aspx|/Eetie0ph.aspx|/aaa9|/human.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 146.190.166.168 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | United States | US | Santa Clara | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /human2.aspx|/aab8|/human.aspx|/|/aaa9|/test_srv|/Eetie0ph.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 138.68.143.68 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | United Kingdom | GB | London | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8080|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /aab8|/human.aspx|/aaa9|/human2.aspx|/Eetie0ph.aspx|/ | Mozilla/5.0 zgrab/0.x | ||||||
| 104.248.229.49 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | United States | US | North Bergen | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8080|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /Eetie0ph.aspx|/aaa9|/human.aspx|/aab8|/|/human2.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 167.172.89.248 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | Singapore | SG | Singapore | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8080|cba7f34191ef2379c1325641f6c6c4f4:8081|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /|/human.aspx|/human2.aspx|/aaa9|/Eetie0ph.aspx|/aab8 | Mozilla/5.0 zgrab/0.x | ||||||
| 146.190.57.24 | malicious | 2023-02-08 | 2023-04-25 | unknown | false | AS14061 | hosting | United States | US | Santa Clara | DigitalOcean, LLC | false | Linux 2.2-3.x | SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8000|cba7f34191ef2379c1325641f6c6c4f4:8080|cba7f34191ef2379c1325641f6c6c4f4:8081|cba7f34191ef2379c1325641f6c6c4f4:8443|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1080/TCP|1234/TCP|2222/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9050/TCP|9999/TCP | /|/aab8|/aaa9 | Mozilla/5.0 zgrab/0.x | ||||||
| 64.227.146.243 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | India | IN | Doddaballapura | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /aaa9|/|/test_srv|/Eetie0ph.aspx|/human.aspx|/human2.aspx|/aab8 | Mozilla/5.0 zgrab/0.x | ||||||
| 170.64.166.144 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | Australia | AU | Sydney | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8080|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /aaa9|/aab8|/|/human2.aspx|/human.aspx|/Eetie0ph.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 64.227.41.39 | malicious | 2022-05-12 | 2023-06-07 | unknown | false | AS14061 | hosting | United Kingdom | GB | London | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /Eetie0ph.aspx|/aab8|/aaa9|/human2.aspx|/human.aspx|/ | Mozilla/5.0 zgrab/0.x | ||||||
| 178.62.216.118 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | Netherlands | NL | Amsterdam | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8000|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /human.aspx|/aab8|/|/human2.aspx|/aaa9|/Eetie0ph.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 159.203.44.105 | malicious | 2023-01-09 | 2023-06-07 | unknown | false | AS14061 | hosting | Canada | CA | Toronto | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8080|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /aab8|/aaa9|/test_srv|/|/human.aspx|/Eetie0ph.aspx|/human2.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 138.197.24.249 | malicious | 2023-02-08 | 2023-06-07 | unknown | false | AS14061 | hosting | United States | US | Clifton | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:8443|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /Eetie0ph.aspx|/aaa9|/|/human.aspx|/aab8|/human2.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 138.68.153.47 | malicious | 2023-02-05 | 2023-06-07 | unknown | false | AS14061 | hosting | United Kingdom | GB | London | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /human.aspx|/Eetie0ph.aspx|/|/aab8|/aaa9|/human2.aspx | Mozilla/5.0 zgrab/0.x | ||||||
| 206.189.57.162 | malicious | 2021-09-13 | 2023-06-07 | unknown | false | AS14061 | hosting | Germany | DE | Frankfurt am Main | DigitalOcean, LLC | false | Linux 2.2.x-3.x (Embedded) | MOVEit Transfer Scanner|Sharepoint Scanner|SSH Bruteforcer|SSH Worm|TLS/SSL Crawler|Web Crawler|ZMap Client | cba7f34191ef2379c1325641f6c6c4f4:80|cba7f34191ef2379c1325641f6c6c4f4:443|cba7f34191ef2379c1325641f6c6c4f4:1234|cba7f34191ef2379c1325641f6c6c4f4:3333|cba7f34191ef2379c1325641f6c6c4f4:4433|cba7f34191ef2379c1325641f6c6c4f4:4444|cba7f34191ef2379c1325641f6c6c4f4:5555|cba7f34191ef2379c1325641f6c6c4f4:6666|cba7f34191ef2379c1325641f6c6c4f4:7777|cba7f34191ef2379c1325641f6c6c4f4:9999 | 22/TCP|80/TCP|81/TCP|443/TCP|1234/TCP|3333/TCP|4433/TCP|4444/TCP|5555/TCP|6666/TCP|7777/TCP|8000/TCP|8080/TCP|8081/TCP|8443/TCP|8888/TCP|9999/TCP | /human2.aspx|/|/test_srv|/aaa9|/aab8|/Eetie0ph.aspx|/human.aspx | Mozilla/5.0 zgrab/0.x |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment