Active Threat • CRITICAL
185.196.11.126
Country of Origin🇨🇭 CH
First Detection1/20/2026
Last Activity3/10/2026
ISPGlobal-Data System IT Corporation
🎯
131
Total Attacks
🔌
44
Ports
📡
8
Attack Types
🦠
0
Malware
Geolocation
- Country
- 🇨🇭 CH
- City
- Unknown
- ASN
- AS42624
- ISP
- Global-Data System IT Corporation
Attack Types
tcp_trap
ssh_telnet_honeypot
adb_honeypot
malware_capture
web_honeypot
printer_honeypot
ics_scada_honeypot
tcp_trap
Attacked Ports
23804434451025119412411293143314431521152617232484312434784000444448995004+24
Associated Malware
No associated malware
ThreatFox Intelabuse.ch
⚠️KNOWN C2 SERVER
Malware Families
win.remcos
Threat Types
botnet_cc
Confidence: 100%
Shodan InternetDB ExposureShodan
InternetDB data, not real-time
Ports
223000
Hostnames
vps2
CPEs
cpe:/o:debian:debian_linuxcpe:/a:openbsd:openssh:8.4p1cpe:/o:linux:linux_kernel
Risk Assessment
80
/100
LowMediumHighCritical