1.234.83.74 Threat Intelligence and Host Information

Sep 17, 2023 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 1.234.83.74 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

  • Country: South Korea
  • Network:
  • Noticed: 1 times
  • Protcols Attacked: ssh
  • Passive DNS Results: sam-nong.com poomcoop.kr

Malware Detected on Host

Count: 10 b93dc7d679de338cd1b72dab8940da26c4466de32bbfa619cd38ccceffaab900 7254a122bf6e2aab1254c07feea6e3c06d59c0f83e1856bbf8136ec188d94948 94dfb64640664d97dfc662ba73469104a4087b9c09e377ef74f723b5bdde7b99 0c4e76b2d2cf86c46cc952ba338392bbc2ecc95bb6a93b69dedeec5a20085afe 47f36dd2a059c5c30c4725ef9eb56d168f14765bcd5f2f7caed31547db945455 f3f447adf7f157466b45e74e8046eb455ca64d71ae5b745eb3d75e8c5c97917c d67a99cb5aa20c3d747c608f31fbd695ebef2f1e3d344c7a0e5fbfcb809225e9 ddaced718979559a2816f7011bc26a16ebb6caa21619427502c6b0f2a065206c 4c9f81d59449d49291c5be29c25feaee5e0432c7b3c25e120102e52ea8d417f3 005a18974f3a17515c92c496ef761b453d300522a3e967becbbe952f0b1e8df7

Open Ports Detected

135 1801 3389 5985 80

Map

Whois Information

  • inetnum: 1.234.0.0 - 1.255.255.255
  • netname: broadNnet
  • descr: SK Broadband Co Ltd
  • admin-c: IM670-AP
  • tech-c: IM670-AP
  • country: KR
  • status: ALLOCATED PORTABLE
  • mnt-by: MNT-KRNIC-AP
  • mnt-irt: IRT-KRNIC-KR
  • last-modified: 2017-02-03T00:38:09Z
  • irt: IRT-KRNIC-KR
  • address: Jeollanam-do Naju-si Jinheung-gil
  • e-mail: irt@nic.or.kr
  • abuse-mailbox: irt@nic.or.kr
  • admin-c: IM574-AP
  • tech-c: IM574-AP
  • mnt-by: MNT-KRNIC-AP
  • last-modified: 2021-06-15T06:21:49Z
  • person: IP Manager
  • address: Seoul Jung-gu Toegye-ro 24
  • country: KR
  • phone: +82-80-828-2106
  • e-mail: ip-adm@skbroadband.com
  • nic-hdl: IM670-AP
  • mnt-by: MNT-KRNIC-AP
  • last-modified: 2021-10-05T05:20:03Z
  • inetnum: 1.234.0.0 - 1.255.255.255
  • netname: broadNnet-KR
  • descr: SK Broadband Co Ltd
  • country: KR
  • admin-c: IM12-KR
  • tech-c: IM12-KR
  • status: ALLOCATED PORTABLE
  • mnt-by: MNT-KRNIC-AP
  • mnt-irt: IRT-KRNIC-KR
  • changed: hostmaster@nic.or.kr
  • person: IP Manager
  • address: Seoul Jung-gu Toegye-ro 24
  • address: SK Namsan Green Bldg.
  • country: KR
  • phone: +82-80-828-2106
  • e-mail: ip-adm@skbroadband.com
  • nic-hdl: IM12-KR
  • mnt-by: MNT-KRNIC-AP
  • changed: hostmaster@nic.or.kr

Links to attack logs

dofrank-ssh-bruteforce-ip-list-2022-12-09 dolondon-ssh-bruteforce-ip-list-2022-12-06

Share on: