IPMediumSignal 56/100

`193.3.53.7`

Location

United States

Los Angeles, California

ASN

AS211607

Objects GmbH

First Seen

May 14, 2021

Last Seen

Jun 19, 2026

May 14

First Seen

1866d ago

Jun 19

Last Seen

4d ago

Reports

source reports

56%

Confidence

medium

Found in 28 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

IPv4 Address

Network layer indicator observed in threat reports.

MISP Category

Network Activity

Confidence

56%

Signal Score

56 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

95 techniques

Network Information

Country

United States

RegionLos Angeles, California

ASNAS211607

OrganizationObjects GmbH

IP Category

⟲

Proxy

Proxy server

Feed Intelligence Summary

28 reports56% confidence

Source reports

56%

Confidence score

Category tags

abuseaccess controlaccount compromiseaccount securityackack scanactive reconnaissanceactive scanactive scanningadbhoney honeypotadminadministrative accessanomalous network connectionsapplication layer protocolaptasiaattackattack surface discoveryattack vectorsattacker ipattacker-ipaustraliaauthentication attackauthentication attacksauthentication attemptsauto-generated securityautomated activityautomated attack blockingautomated attacksautomated-attackbad reputationbad web botbeningbening scannerblacklist candidateblacklist ipblacklisted ip addressblock listblock.txtbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptbrute force attemptsbrute-forcebrute_forcec2c2 communicationcanadachina mobilecloud infrastructurecloud infrastructure attackcloud providercloud servicescloud_infrastructurecode executioncolumnscommand & controlcommand and controlcommand executioncommand injectioncommand injection attemptcommunication protocolcommunication securitycompany limitedcompromised hostcompromised systemcompromised systemsconnect scanconpot honeypotcontainer securitycowrie honeypotcowrie interactionscowrie ssh attackcowrie ssh attackscredential accesscredential attackcredential attackscredential brute-forcingcredential guessingcredential harvestingcredential stuffingcredential-accesscurlcvedaily_sourcesdata encryptiondata exfiltrationdata exfiltration attemptdata store exposuredatabase attackdatabase attacksdatabase login attemptdatabase securitydcerpcdcom exploitationddosddos attackddos attack indicatorsddos attacksddos probeddospotdecoy systemdenial of servicedenial-of-service attemptdigital oceandigitalocean environmentdigitalocean ipdigitalocean platformdionaea activitydionaea attacksdionaea honeypotdionaea interactionsdionaea malware samplesdionaea payloadsdirectory traversal attemptdiscovery phasedistributed attacksdnsdns attackdockerelasticpot honeypotelasticsearchelasticsearch monitoringencryptionenumerationeuropeexecutable fileexfiltrationexploitexploit attemptexploit attemptsexploit kit activityexploit probingexploit targetingexploitationexploitation activityexploitation attemptexploitation attemptsexploitation of vulnerabilityexploited hostexternal threatexternal-scanningexternal_threatextortionfailed login attemptsfattfatt analysisfatt detectionsfatt signaturesfilefinfin scanfinlandfirewall detectionfirewall probingfirewall_blockfranceftpftp attackftp attacksftp brute forceftp brute-forceftp scanfull connect scangalahgermanygluttongopothackinghellpothk abusehandlerhoneynet connecthoneytrap activityhoneytrap eventshoneytrap exploit attemptshoneytrap honeypothoneytrap interactionshong konghttp attackhttp brute forcehttp probinghttp request anomalieshttp scanhttp scannerhttp scanninghttpshurricane usicmpics securityidentity & access exploitationimapinbound scanindicatorindicators of compromiseindustrial control systemsinformation gatheringinfrastructure acquisitionreconnaissanceinfrastructure scanninginitial accessinitial access vectorinitial_access_attemptinjection activityinjection attacksinternet of thingsinternet-facinginternet-wide observationinternet-wide scaninternet_scannersintrusion detectioniociocsiot botnetiot securityiot targetediot/ics attackipphoney honeypotipv4ipv4 addressesipv4 scanningipv4 threatsipv4_addressjapankibanalateral movementlog4potlogin attemptmailoney activitymailoney attacksmailoney eventsmailoney honeypotmailoney interactionsmalicious activitymalicious communication blockingmalicious file transfermalicious infrastructuremalicious ipmalicious ip activitymalicious ipsmalicious network activitymalicious scanmalicious softwaremalicious trafficmalwaremalware activitymalware analysismalware beaconingmalware behaviourmalware capturemalware deliverymalware detectionmalware distributionmalware downloadmalware propagationmanualmedpotmelbourne regionmicrosoft technologiesmiraimirai botnetmssqlnetworknetwork activitynetwork attacksnetwork discoverynetwork enumerationnetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork intrusion detectionnetwork mappingnetwork probenetwork probingnetwork protocolnetwork reconnaissancenetwork scannetwork scanningnetwork scanning activitynetwork securitynetwork service discoverynetwork traffic analysisnetwork-based attack attemptsnetwork-reconnaissancenetwork_enumerationnetwork_reconnaissancenetwork_scanningnetworkscanningnmap scannorth americanull scanoceaniaopen port detectionopen portsoperating systemoperating system securityopportunistic attackeroriginos detectionos fingerprintingp0fp0f fingerprintingp0f network fingerprintingp0f os fingerprintingp0f passive fingerprintingp0f signaturespassword attackpassword attackspassword sprayingpgp signphishingphishing attackphishing trapping of deathpolandportscanpossible botnet activitypossible exploit attemptspossible malware distributionpossible reconnaissancepotential attack vectorpotential intrusion attemptpotential threat actorpotential vulnerability assessmentpotential vulnerability probingpotential vulnerability scanprivilege escalationprobable vulnerability assessmentprobing activityprocess injectionprotocol exploitationproxyproxy accessproxy protocolpublic cloud targetingransomwareransomware activityrdprdp attacksrdp scanrdp scanningrdp_brute_forcereconnaissancereconnaissance activityredis honeypotremote accessremote code executionremote servicesresearchedresource hijackingrpcrtbhscanscannerscanner ipscanner ipsscannersscanning activityscripting attackssecurity eventsecurity operationssecurity policysecurity_eventsecurity_trails-benignsensor-taggedsentrypeer activitysentrypeer botnetsentrypeer eventssentrypeer interactionsserver exploitationservice detectionservice discoveryservice enumerationservice probingservice scanservice version detectionshell accessshell access attemptsip attackssippsmb brute forcesmtpsmtp attackssmtp brute forcesmtp probingsmtp scansmtp scanningsnaresocial engineeringsoftware exploitationspamsql injectionsql injection attemptsql injection attemptssshssh attackssh attacksssh monitoringssh scanssh_brute_forcestealthstealth scansuricata alertsuricata alertssuspected malicious activitysweep scansynsyn port scansyn scansystem accesssystem discoverysystem disruptiont1005t1016t1016.001t1018t1020t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1027t1029t1040t1041t1046t1047t1048t1053t1055t1056t1059t1059.001t1059.003t1059.004t1059.007t1065t1068t1069.001t1071t1071.001t1076t1077t1078t1078.001t1078.002t1078.004t1083t1087t1088t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1187t1189t1190t1195t1203t1204t1204.002t1205t1210t1486t1490t1496t1497t1499.001t1499.002t1499.003t1505t1505.002t1550t1550.002t1550.003t1555t1562t1563t1565t1566t1566.001t1566.002t1566.003t1572t1573t1583t1587.001t1588t1588.002t1588.006t1589t1589.002t1590t1590.001t1590.003t1590.005t1592t1595t1595.001t1595.002t1595.003tannertanner activitytanner eventstanner exploitstanner interactionstargeting databasetcptcp port scanningtcp protocoltcp scantcp-scanningtelecommunicationstelnet attackstelnet scantelnet scanningtelnet threatthreat actorthreat actor activitythreat detectionthreat feedthreat intelligencethreat intelligence feedthreat preventionthreat_intelligencetimeouttop10.txttopips.txttor nodetorontotpottsecudp port scanudp port scanningudp scanudp-scanningunattributed activityunauthorized accessunauthorized access attemptunauthorized activityunauthorized login attemptunauthorized_access_attemptunited kingdomunited statesunited states of americaunknown actorunknown threat actorusus abuseus noneverified-benignversion detectionvnc protocolvoidtrapvoipvoip attackvulnerability scanvultrvultr cloud infrastructurevultr infrastructure targetedweb app attackweb application attackweb application attacksweb attackweb exploitweb exploitationweb exploitsweb login attemptweb shellweb shell attemptweb shell detectionweb shell uploadweb spamweb trafficwgetwinwindowswordpotxmasxmas scan

Activity Timeline

1 total obs

Jun 19Jun 19

Threat Activity Heatmap

· Peak: 2026-06-19

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreMedium Risk

SIGNAL

Signal Score

56%

Confidence

Reports

First seenMay 14, 2021

Last seenJun 19, 2026

GeolocationUS

CountryUnited States

LocationLos Angeles, California

ASNAS211607

OrgObjects GmbH

Coords34.0522, -118.2440

Proxy

VirusTotal

Not checked

WHOIS

description: IPv4 hosts detected port scanning Vultr Melbourne (Australia) honeypot
raw: NetRange: 193.0.0.0 - 193.255.255.255 CIDR: 193.0.0.0/8 NetName: RIPE-CBLK NetHandle: NET-193-0-0-0-1 Parent: () NetType: Allocated to RIPE NCC OriginAS: Organization: RIPE Network Coordination Centre (RIPE) RegDate: 1992-08-12 Updated: 2025-02-10 Comment: These addresses have been further assigned to users in the RIPE NCC region. Please note that the organization and point of contact details listed below are those of the RIPE NCC not the current address holder. ** You can find user contact information for the current address holder in the RIPE database at http://www.ripe.net/whois. Ref: https://rdap.arin.net/registry/ip/193.0.0.0 ResourceLink: https://apps.db.ripe.net/db-web-ui/query ResourceLink: whois.ripe.net OrgName: RIPE Network Coordination Centre OrgId: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL RegDate: Updated: 2013-07-29 Ref: https://rdap.arin.net/registry/entity/RIPE ReferralServer: whois.ripe.net ResourceLink: https://apps.db.ripe.net/db-web-ui/query OrgTechHandle: RNO29-ARIN OrgTechName: RIPE NCC Operations OrgTechPhone: +31 20 535 4444 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN OrgAbuseHandle: ABUSE3850-ARIN OrgAbuseName: Abuse Contact OrgAbusePhone: +31205354444 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
references: http://cinsscore.com/list/ci-badguys.txt, https://list.rtbh.com.tr/output.txt

`193.3.53.7`

MITRE ATT&CK TTPs

Network Information

IP Category

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey