IP Address: 64.137.204.95Previously Malicious

Weekly Summary

Browse or download a weekly review of our cyber threat intelligence data and gain more insight to help protect your network

Top Threats

Cyber Threat Intelligence

Discover Malicious IPs and Domains with Guardicore Cyber Threat Feed

IP Address:
64.137.204.95​
Previously Malicious

This IP address attempted an attack on a machine protected by Guardicore Centra

Threat Information

Role

Attacker

Services Targeted

HTTP

Tags

HTTP Malicious File IDS - Potential Corporate Privacy Violation Inbound HTTP Request

Connect Back Servers

aruba.it

13.93.93.231 52.173.93.211 104.46.40.157 52.176.54.76 13.81.60.184 5.249.154.23 52.176.61.42 137.135.92.186 13.73.166.169 40.68.31.228 52.176.49.221 13.81.11.198

Basic Information

IP Address

64.137.204.95

Domain

-

ISP

KW Datacenter

Country

Canada

WHOIS

Created Date

-

Updated Date

-

Organization

-

First seen in Guardicore Centra

2017-01-16

Last seen in Guardicore Centra

2017-01-23

What is Guardicore Centra
Guardicore Centra is a data center and cloud security solution that protects the organization's core assets, using flexible, quickly deployed and easy to understand micro-segmentation controls. Centra generates in-context security incidents, with details on attacker tools and techniques, that help IR teams prioritize incident investigation and reduce dwell time. Learn More

Attack Flow

IDS detected Potential Corporate Privacy Violation : Unsupported/Fake Internet Explorer Version MSIE 5.

IDS - Potential Corporate Privacy Violation

An inbound HTTP request was made to http://52.173.93.211/pma/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/myadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/php/phpmyadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/phpmyadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/php-my-admin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/db/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/phpadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/phpMyAdmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/mysqladmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/_phpmyadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/admin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/cpanelphpmyadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/cpphpmyadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/forum/phpmyadmin/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/mysql/scripts/setup.php

Inbound HTTP Request

An inbound HTTP request was made to http://52.173.93.211/dbadmin/scripts/setup.php

Inbound HTTP Request

/tmp/sess_2848c5f401f7bfb631cbd144c23c33b914c33a11 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_b861759e30c65ebddc06aeef10a038ed1654da1c was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_7e16701d82274e97e4e32079fa67a1f80022614f was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_58b6c63ca94ab8239e58789209eb5a4c44e590bb was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_68564360f0349419182a8b490cd8e7e48a4d5120 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_793ede8a4d2d268f52be97d2f72fd53b16b5b3c8 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_7a793d5b8dc740a6102cb63d5a84ee4b56756306 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_dad3935124f14fe85bf906229ab5dce11e575c85 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_2168a40ca7f49bd08323913ceb1bc5ebcaf34550 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_847c5a628d1a70b63b7e32b7f0cdf9d122a35d0a was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_bb8706c2bbd6b69e35836f546d6c651d5ee75c5e was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_4b32e65b0cd6e0f5705580a472c7e66140133fe4 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_388d2576cc70982865519cc2e7a007715983d236 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_d9284ac072b8ac9260960c166e3690eac312fd40 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_983ef04fac9843372ab0fb333af1e1a75974cc23 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_63352a2e31421cd96ca9f5a9555102826d41ec86 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_3828308834efd1e427cc49f9444f0a179f4eb013 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_6183b6ef766ae18d2dc74219036ed642ca559334 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_7b7fad43dd3d5db9ced8cab5d2dd381c5951bc2b was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_66506e094605d7efa10d03912d30e3e9eeae6fa0 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_655e7b1d7f77920b615ad54bd3b978d6f4d2da55 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_a5b4806b05c1997dbb264b1dce00131b7ea36e67 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_9d0491af3a91af246bc5ea0262c7839dbe01c798 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_3cb491a8b87c0e83d414ec871264454e6b7a33f6 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_9669412190f3b510982f87ab464688fc1b7288b0 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_288bd42f55eee2290a71d02188e289309f1d6227 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_5d933d29fb8ea7373519caf61f8c39a043b3be9b was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_aeb369ca936e9274e10fceabba66f5594c4bf480 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_d4d80eb019d7916017f6c7a7546f0cf9a24c7531 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_fff4d6282135285d5990469cb938ce9797521d1f was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_e95bd40707703a0eaccbf3cc30f24b96c70a8aa7 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_54361d7d47e4c91634710f2e03309ea27698a779 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_ab45146ab14c6b0fa65b4f583924916192c81055 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

/tmp/sess_dcada3abb7ab48513d96f589631b925962e93d98 was identified as malicious by YARA according to rules: Url, Crypto Signatures and Crypto Index

Malicious File

Oops! - Do you see your IP here? Contact us at labs@guardicore.com to remove it from the Threat Intelligence data.

IP Address: 64.137.204.95​Previously Malicious