IP Address: 178.128.10.66Previously Malicious
Browse or download a weekly review of our cyber threat intelligence data and gain more insight to help protect your network
IP Address:
178.128.10.66
Previously Malicious
This IP address attempted an attack on a machine protected by Guardicore Centra
Role |
Attacker, Scanner |
Services Targeted |
HTTP |
Tags |
IDS - Web Application Attack Inbound HTTP Request HTTP Download and Execute Download File Download and Allow Execution Outgoing Connection |
Associated Attack Servers |
52.168.135.83 52.232.27.167 40.117.238.114 52.170.211.178 52.168.89.181 52.186.125.0 137.135.80.180 40.68.244.223 191.237.42.69 52.166.57.83 68.183.160.222 40.71.229.210 13.82.50.225 13.92.238.45 13.81.2.109 40.87.71.177 191.237.45.174 |
IP Address |
178.128.10.66 |
|
Domain |
- |
|
ISP |
Digital Ocean |
|
Country |
Netherlands |
|
WHOIS |
Created Date |
- |
Updated Date |
- |
|
Organization |
- |
First seen in Guardicore Centra |
2019-04-07 |
Last seen in Guardicore Centra |
2019-04-12 |
What is Guardicore CentraGuardicore Centra is a data center and cloud security solution that protects the organization's core assets, using flexible, quickly deployed and easy to understand micro-segmentation controls. Centra generates in-context security incidents, with details on attacker tools and techniques, that help IR teams prioritize incident investigation and reduce dwell time. Learn More
Process /usr/bin/wget generated outgoing network traffic to: 68.183.160.222:80 |
Outgoing Connection |
The file /usr/local/apache2/cgi-bin/ws/v1/cluster/hoho.x86 was downloaded and executed |
Download and Execute |
IDS detected Web Application Attack : 401TRG Generic Webshell Request - POST with wget in body |
IDS - Web Application Attack |
Connection was closed due to user inactivity |
|
IP Address: 178.128.10.66Previously Malicious