1.0.0.12 Threat Intelligence and Host Information

General

This page contains threat intelligence information for the IPv4 address 1.0.0.12 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 30/100

Host and Network Information

• View other sources: Spamhaus VirusTotal
• Contained within other IP sets: blocklist_de, blocklist_de_ssh, blocklist_net_ua, botscout_30d, ciarmy, esentire_crazyerror_su, esentire_emptyarray_ru, esentire_inleet_ru, hphosts_ats, hphosts_emd, hphosts_fsa, hphosts_psh, nixspam, proxylists_1d, proxylists_30d, proxylists_7d, proxyspy_30d, proxyspy_7d, stopforumspam, stopforumspam_180d, stopforumspam_365d, stopforumspam_90d

• Country: Australia
• Network: AS13335 cloudflare
• Noticed: 1 times
• Protcols Attacked: Anonymous Proxy
• Passive DNS Results: 7ka.net chinaradish.net gltutu.com esdexpert.com pay.mcmfa.cn hyzlnwt.com lc-gifts.com www.7ka.net www.cdjzzx.com sonatahosting.com hongshengjt.com www.lsqcgs.com www.zgzb88.com www.hzzrsw.com naduan.com www.dalianservice.com lunfansuo.com naimai.com www.daitougao.com stream.hls.4l2.cn cdnres.4l2.cn daitougao.com i2p.215213344.xyz 18278cc.com 18278aa.com v2.fhvhk.com harem1.globalacca.top tea3.globalacca.top tea2.globalacca.top cf.n2.jcdpn.cn english1.page.winfred.one english2.page.winfred.one www.57637.cc www.chinadhf.com webproxy.fung.style.redir.imlede.com v2-sg-001-cdn-001.bujidao.cf m.rkyte.top cloudflare.baiducdn2.com gtm-sg-yv714vlum09.gtm-i1d6.com www.google.com www.paypalobjects.com fonts.googleapis.com www.gstatic.com

Malware Detected on Host

Count: 8 3efcb5e3a506cd073d2df5f6e4b9f89055f527458ff87c65c4e7317f337ed5da aeb3d5ec1d144a7b2d51bdb603c052fd52700defb1b039491c4df3f32ece517a 88aa63ade156f765718bc6aa37f1de48842619fde4b4e6e3890875fa4adaeee4 b733bf1fd8d2089aca94a7fa7d853d0315dc0991ff1f67203dd7b90974edcd95 7b578367de5664307126fb7ef0436c6404c3e5035ae10dc532b5994ea315790d 7880e661d2c0dfb98753dddbd7cccaa5c9fd678fd860b4cee4b00ced1fcbad40 f31de807ac95f83c7ea205120b4daf229d5f6a1b854b4c2f9532a0e8c4e28f16 aeb69dbef311f89f2c73ab83db5602f7394d090a9385af5181908fc308c038f6

Open Ports Detected

2082 2083 2086 2087 2096 443 80 8080 8443 8880

Map

Whois Information

• inetnum: 1.0.0.0 - 1.0.0.255
• netname: APNIC-LABS
• descr: APNIC and Cloudflare DNS Resolver project
• descr: Routed globally by AS13335/Cloudflare
• descr: Research prefix for APNIC Labs
• country: AU
• org: ORG-ARAD1-AP
• admin-c: AIC3-AP
• tech-c: AIC3-AP
• abuse-c: AA1412-AP
• status: ASSIGNED PORTABLE
• mnt-by: APNIC-HM
• mnt-routes: MAINT-APNICRANDNET
• mnt-irt: IRT-APNICRANDNET-AU
• last-modified: 2023-04-26T22:57:30Z
• mnt-lower: MAINT-APNICRANDNET
• irt: IRT-APNICRANDNET-AU
• address: PO Box 3646
• address: South Brisbane, QLD 4101
• address: Australia
• e-mail: helpdesk@apnic.net
• abuse-mailbox: helpdesk@apnic.net
• admin-c: AR302-AP
• tech-c: AR302-AP
• mnt-by: MAINT-AU-APNIC-GM85-AP
• last-modified: 2021-03-09T01:10:21Z
• organisation: ORG-ARAD1-AP
• org-name: APNIC Research and Development
• org-type: LIR
• country: AU
• address: 6 Cordelia St
• phone: +61-7-38583100
• fax-no: +61-7-38583199
• e-mail: helpdesk@apnic.net
• mnt-ref: APNIC-HM
• mnt-by: APNIC-HM
• last-modified: 2023-09-05T02:15:19Z
• role: ABUSE APNICRANDNETAU
• address: PO Box 3646
• address: South Brisbane, QLD 4101
• address: Australia
• country: ZZ
• phone: +000000000
• e-mail: helpdesk@apnic.net
• admin-c: AR302-AP
• tech-c: AR302-AP
• nic-hdl: AA1412-AP
• abuse-mailbox: helpdesk@apnic.net
• mnt-by: APNIC-ABUSE
• last-modified: 2021-03-09T01:10:22Z
• role: APNICRANDNET Infrastructure Contact
• address: 6 Cordelia St
• country: AU
• phone: +61 7 3858 3100
• e-mail: research@apnic.net
• admin-c: GM85-AP
• admin-c: GH173-AP
• admin-c: JD1186-AP
• tech-c: GM85-AP
• tech-c: GH173-AP
• tech-c: JD1186-AP
• nic-hdl: AIC3-AP
• mnt-by: MAINT-APNICRANDNET
• last-modified: 2023-04-26T22:50:54Z
• route: 1.0.0.0/24
• origin: AS13335
• descr: APNIC Research and Development
• mnt-by: MAINT-APNICRANDNET
• last-modified: 2023-04-26T02:42:44Z

Links to attack logs

vultrmadrid-ssh-bruteforce-ip-list-2022-10-07 vultrmadrid-ssh-bruteforce-ip-list-2023-02-27 bruteforce-ip-list-2020-03-01 vultrparis-ssh-bruteforce-ip-list-2023-05-21 telnet-bruteforce-ip-list-2020-12-18 bruteforce-files-list-2021-04-13 dolondon-telnet-bruteforce-ip-list-2021-10-27 vultrwarsaw-ssh-bruteforce-ip-list-2023-02-15 anonymous-proxy-ip-list-2023-07-03 dofrank-ssh-bruteforce-ip-list-2023-04-26 bruteforce-ip-list-2020-02-29 bruteforce-ip-list-2020-02-01