IP Address: Malicious

Weekly Summary

Browse or download a weekly review of our cyber threat intelligence data and gain more insight to help protect your network

Top Threats

Cyber Threat Intelligence

Discover Malicious IPs and Domains with Guardicore Cyber Threat Feed

IP Address:​
Previously Malicious

This IP address attempted an attack on a machine protected by Guardicore Centra

Threat Information


Attacker, Connect-Back

Services Targeted



SMB Cookie Hijacking HTTP SMB Null Session Login NetBIOS IDS - Attempted Administrator Privilege Gain DNS Query Turn Off DEP IDS - A Network Trojan was detected MS08-067 Outgoing Connection Download File

Associated Attack Servers


Basic Information

IP Address




Verizon Fios Business


United States


Created Date


Updated Date



Verizon Trademark Services LLC

First seen in Guardicore Centra


Last seen in Guardicore Centra


What is Guardicore Centra
Guardicore Centra is a data center and cloud security solution that protects the organization's core assets, using flexible, quickly deployed and easy to understand micro-segmentation controls. Centra generates in-context security incidents, with details on attacker tools and techniques, that help IR teams prioritize incident investigation and reduce dwell time. Learn More

Attack Flow

IDS detected A Network Trojan was detected : Conficker.b Shellcode

IDS - A Network Trojan was detected

IDS detected Attempted Administrator Privilege Gain : Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (15) and Microsoft Windows NETAPI Stack Overflow Inbound - MS08-067 (25)

IDS - Attempted Administrator Privilege Gain

The machine was exploited using the ms08-067 vulnerability


x. was downloaded

Download File

Process netsvcs Service Group generated outgoing network traffic to: verizon.net:2609

Outgoing Connection

Process netsvcs Service Group attempted to access domains: wpad

DNS Query

Oops! - Do you see your IP here? Contact us at labs@guardicore.com to remove it from the Threat Intelligence data.

IP Address:​Previously Malicious