Connection to 193.142.125.101

Juanjo · March 2, 2021

Hi,

I will need to know if this connection from my Fingbox (that my firewall is blocking)is part of the normal operation or not? Should I whitelist it?

Best regards,

Juan

-----------------------------------------------------------------------

Timestamp    2021-03-02T10:43:12.084056+0100
Alert    ETPRO TROJAN NanoCore RAT Keepalive 1
Alert sid    2810288
Protocol    TCP
Source IP    192.168.**.55
Destination IP    193.142.125.101
Source port    39314
Destination port    38313

-------------------------------------------------------------------------

Marc · March 3, 2021

Looking up the up address, it seems to be registered in Ireland... Fing is located in Ireland but can’t be sure if this is theirs. @Robin or @Ciaran , could one of you verify this address as legitimate?

General Information

IP Address:

193.142.125.101

Hostname:

193.142.125.101

ISP:

Tata Communications (america)

IP Geolocation Information

Continent:

Europe (EU)

Country:

Ireland (IE)

Robin_Ex_Fing · March 3, 2021

Thanks @Marc
We do have AWS servers in Ireland. I am seeking developers advice for this and I will get back to you @Juanjo once I have an update.

Juanjo · March 3, 2021

Hi,

Thank you for your feedback.

I'll be waiting to get any updates.

Robin_Ex_Fing · March 5, 2021

Hi @Juanjo
I got in touch with developers and the IP address might be used by AWS server in Ireland. You can whitelist the IP. Thanks

Juanjo · March 16, 2021

Thanks!

Connection to 193.142.125.101

Answers

General Information

IP Geolocation Information

Categories