Threats are hosts that have attempted to exploit, brute force, or execute a denial of service attack. These are often compromised hosts.
Known botnet and C&C servers, these have responded with a valid botnet C2 response.
|Hosted By||Hostwinds LLC.|
|Threat Type||threats botnets|
|Blocked Since||2021-01-05 04:15:20|
|Last Threat||2021-01-19 14:15:19|
|Intel: HTTP Server||Cowboy|
|Intel: Powered By|
|Intel: SSH Server||SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2|
|SENSE list (high risk)||No|
|One day public list||No|
|Seven day public list||Yes|
|2021-01-21 00:06:45||Internal||Threat score opinion changed from 100 to 79.|
|2021-01-18 00:11:01||Internal||Threat score opinion changed from 45 to 66.|
|2021-01-17 00:09:58||Internal||Threat score opinion changed from 66 to 45.|
|2021-01-16 00:10:46||Internal||Threat score opinion changed from 45 to 66.|
|2021-01-15 00:09:50||Internal||Threat score opinion changed from 66 to 45.|
|2021-01-14 00:09:02||Internal||Threat score opinion changed from 62 to 66.|
|2021-01-12 00:08:48||Internal||Threat score opinion changed from 96 to 100.|
|2021-01-09 00:10:40||Internal||Threat score opinion changed from 45 to 62.|
|2021-01-09 00:00:32||Internal||Threat score opinion changed from 92 to 96.|
|2021-01-08 00:09:18||Internal||Threat score opinion changed from 53 to 45.|
|2021-01-07 00:09:39||Internal||Threat score opinion changed from 49 to 53.|
|2021-01-07 00:01:32||Internal||Threat score opinion changed from 83 to 92.|
|2021-01-06 00:11:26||Internal||Threat score opinion changed from 0 to 49.|
|2021-01-06 00:00:45||Internal||Threat score opinion changed from 70 to 83.|
|2021-01-05 23:25:25||Threats||Threat confirmation received.|
|2021-01-05 04:15:23||Probe||Discovered listed HTTP server: Cowboy|
|2021-01-05 04:15:23||Internal||Threat score opinion changed from 0 to 70.|
|2021-01-05 04:15:23||Probe||Discovered listed SSH daemon: SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2|
|2021-01-05 04:15:20||Botnets||Botnet confirmation received.|
You may enter an IP address to check if it is blocked on NovaSense. If you have an IP address which is incorrectly blocked you may then request an exception.
Snapt users: you may whitelist IP addresses on your ADC to immediately ignore matches in NovaSense.