103.224.212.5 Threat Intelligence and Host Information

May 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 103.224.212.5 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 40/100

Host and Network Information

  • Tags: all scoreblue, domain, expiration, filehashmd5, filehashsha1, filehashsha256, hostname, iocs, ipv4, next, no expiration, pcap, pdf report, scan endpoints, url http, url https

  • View other sources: Spamhaus VirusTotal

  • Country: Australia
  • Network:
  • Noticed: 5 times
  • Protocols Attacked: SSH
  • Passive DNS Results: 4862.ns1.abovedomains.com 588.ns1.abovedomains.com 286.ns1.abovedomains.com 2766.ns1.abovedomains.com 2133.ns1.abovedomains.com 3939.ns1.abovedomains.com 2422.ns1.abovedomains.com 3433.ns1.above.com 1378.ns1.abovedomains.com 150.ns1.abovedomains.com 170.ns1.abovedomains.com ns1.next.org ns1.acll.org ns1.abovedomains.com ns15.abovedomains.com 2917.ns1.abovedomains.com domain-may-be-for-sale-at.edoms.biz ns11.abovedomains.com 3592.ns1.above.com 3932.ns1.above.com www.xdinity.co 2422.ns1.above.com 301.ns1.above.com 1603.ns1.above.com 2245.ns1.above.com 103.224.212.5 2357.ns1.above.com 200.ns1.above.com 2252.ns1.above.com 294.ns1.above.com dns1.netfleet.com.au 2300.ns1.above.com 280.ns1.above.com 569.ns1.above.com 2133.ns1.above.com 1107.ns1.above.com 713.ns1.above.com 729.ns1.above.com 1379.ns1.above.com 1737.ns1.above.com 2022.ns1.above.com 1203.ns1.above.com 1573.ns1.above.com 759.ns1.above.com 1378.ns1.above.com 974.ns1.above.com pop3.222.ns1.222.ns1.above.com 1434.ns1.above.com 1040.ns1.above.com 723.ns1.above.com 421.ns1.above.com 266.ns1.above.com ftp.151.ns1.151.ns1.above.com ftp.222.ns1.222.ns1.above.com mail.207.ns1.207.ns1.above.com imap.188.ns1.188.ns1.above.com ftp.150.ns1.150.ns1.above.com pop3.280.ns1.280.ns1.above.com imap.151.ns1.151.ns1.above.com pop3.188.ns1.188.ns1.above.com imap4.188.ns1.188.ns1.above.com pop3.421.ns1.ns1.above.com ftp.421.ns1.above.com 271.ns1.above.com mail.421.ns1.ns1.above.com www.421.ns1.421.ns1.above.com mail.183.ns1.above.com mx.183.ns1.above.com imap4.183.ns1.above.com ftp.183.ns1.183.ns1.above.com mx.421.ns1.ns1.above.com mx.183.ns1.183.ns1.above.com www.ns1.ns1.above.com imap.ns1.ns1.above.com mx.151.ns1.ns1.above.com pop.399.ns1.ns1.above.com imap4.183.ns1.ns1.above.com ftp.183.ns1.ns1.above.com imap4.ns1.ns1.above.com imap.183.ns1.ns1.above.com 849.ns1.above.com 625.ns1.above.com 951.ns1.above.com 992.ns1.above.com smtp.512.ns1.above.com 581.ns1.above.com 588.ns1.above.com 202.ns1.above.com 614.ns1.above.com 600.ns1.above.com 399.ns1.above.com 922.ns1.above.com 692.ns1.above.com 689.ns1.above.com 207.ns1.above.com 370.ns1.above.com 512.ns1.above.com 313.ns1.above.com 400.ns1.above.com 272.ns1.above.com imap.pop.pop3.ns1.above.com 243.ns1.above.com waysofthewild-clickfraud.ns1.above.com 152.ns1.above.com white-wolf-vonatzingen.waysofthewild.ns1.above.com waysofthewild.ns1.above.com smtp.pop3.smtp.mx.smtp.ns1.above.com ns11.above.com white-wolf-vonatzingen.waysofthewild-clickfraud.ns1.above.com domain-for-sale.gi.net ns9.above.com 279.ns1.above.com EXP2.ABOVE.COM blacklists.ns1.above.com 269.ns1.above.com 268.ns1.above.com 267.ns1.above.com 265.ns1.above.com 263.ns1.above.com 255.ns1.above.com 229.ns1.above.com 165.ns1.above.com 171.ns1.above.com 248.ns1.above.com 259.ns1.above.com 160.ns1.above.com 260.ns1.above.com 242.ns1.above.com 258.ns1.above.com 257.ns1.above.com 253.ns1.above.com 252.ns1.above.com 251.ns1.above.com 247.ns1.above.com 240.ns1.above.com 232.ns1.above.com 224.ns1.above.com 196.ns1.above.com 167.ns1.above.com ns5.above.com mail.smtp.pop.ns1.above.com mail.imap4.ftp.smtp.ns1.above.com ftp.mx.ftp.smtp.ns1.above.com smtp.smtp.pop.ns1.above.com mail.www.ns1.above.com ftp.imap4.pop3.ns1.above.com 189.ns1.above.com pop.imap.mx.smtp.ns1.above.com mail.pop3.pop3.pop.ns1.above.com 230.ns1.above.com 218.ns1.above.com 217.ns1.above.com 186.ns1.above.com 185.ns1.above.com 175.ns1.above.com 145.ns1.above.com www.www.imap4.pop3.ns1.above.com www.pop3.pop.ns1.above.com www.mx.pop3.pop.ns1.above.com smtp.pop3.ns1.above.com imap4.pop.ns1.above.com imap4.ftp.pop3.pop.ns1.above.com 227.ns1.above.com 226.ns1.above.com 212.ns1.above.com 193.ns1.above.com 190.ns1.above.com 188.ns1.above.com 169.ns1.above.com 151.ns1.above.com 150.ns1.above.com 162.ns1.above.com www.mail.ftp.ftp.ns1.above.com www.ftp.pop3.pop.ns1.above.com ns3.ab.gi.net imap.pop3.pop3.pop.ns1.above.com 238.ns1.above.com 225.ns1.above.com 222.ns1.above.com 214.ns1.above.com 201.ns1.above.com 195.ns1.above.com 182.ns1.above.com 180.ns1.above.com 176.ns1.above.com 164.ns1.above.com 155.ns1.above.com pop.mail.ftp.ftp.ns1.above.com mail.smtp.ns1.above.com mail.mx.smtp.ns1.above.com mail.mail.ftp.ftp.ns1.above.com imap4.pop3.imap4.pop3.ns1.above.com imap4.ftp.ns1.above.com 241.ns1.above.com 183.ns1.above.com 170.ns1.above.com pop.smtp.mx.smtp.ns1.above.com ns1.boomerang.com.au inquire-about-this-name.dotcomreserve.com imap4.mx.pop3.pop.ns1.above.com imap.pop3.imap4.pop3.ns1.above.com ftp.smtp.mx.smtp.ns1.above.com 161.ns1.above.com exp1.above.com 239.ns1.above.com ftp.www.ns1.above.com pop.www.ns1.above.com imap.pop.ns1.above.com imap.ftp.ns1.above.com smtp.mx.smtp.ns1.above.com mx.pop3.pop.ns1.above.com imap.mail.ns1.above.com www.pop.ns1.above.com pop3.imap4.pop3.ns1.above.com mx.pop3.ns1.above.com mx.ftp.smtp.ns1.above.com mail.imap4.pop3.ns1.above.com imap.pop3.ns1.above.com mail.pop.ns1.above.com pop3.www.ns1.above.com ftp.pop.ns1.above.com smtp.pop.ns1.above.com pop3.pop3.pop.ns1.above.com mx.ftp.ns1.above.com mail.ftp.ftp.ns1.above.com imap4.www.ns1.above.com pop.pop3.ns1.above.com imap4.ftp.smtp.ns1.above.com ns1.lionns.com imap.ns1.above.com mx.ns1.above.com imap4.ns1.above.com 177.ns1.above.com ftp.smtp.ns1.above.com www.ns1.above.com ftp.ftp.ns1.above.com mx.smtp.ns1.above.com pop3.pop.ns1.above.com wayofthewild-clickfraud.ns1.above.com ns1.privatensservice.com ns1.mfk1.com ns1.evergreendns.com ns1.localhosty.com undefined.ns1.above.com smtp.ns1.above.com mail.ns1.above.com pop3.ns1.above.com pop.ns1.above.com ftp.ns1.above.com ns2.level2host.net ns1.secure-server1.net.remove.above.com ns1.mid-2.com pns1.trellian.com ns1.ravy.com ns1.secure-server1.net exp4.above.com exp3.above.com pns2.trellian.com NS15.ABOVE.COM ns1.domena-na-predaj.sk ns7.above.com ns1.above.com ns3.above.com ns2.above.com

Map

Whois Information

  • inetnum: 103.224.212.0 - 103.224.213.255
  • netname: TRELLIAN-AU
  • descr: Trellian Pty. Limited
  • descr: 8 East Concourse, Beaumaris Victoria 3193
  • country: AU
  • org: ORG-TPL33-AP
  • admin-c: TPLA7-AP
  • tech-c: TPLA7-AP
  • abuse-c: AT1100-AP
  • status: ASSIGNED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-routes: MAINT-TRELLIAN-AU
  • mnt-irt: IRT-TRELLIAN-AU
  • last-modified: 2020-11-25T06:34:10Z
  • irt: IRT-TRELLIAN-AU
  • address: 8 East Concourse, Beaumaris Victoria 3193
  • e-mail: abuse@trellian.com
  • abuse-mailbox: abuse@trellian.com
  • admin-c: TPLA7-AP
  • tech-c: TPLA7-AP
  • mnt-by: MAINT-TRELLIAN-AU
  • last-modified: 2025-03-05T00:06:08Z
  • organisation: ORG-TPL33-AP
  • org-name: Trellian Pty. Limited
  • org-type: LIR
  • country: AU
  • address: 8 East Concourse
  • phone: +61395897946
  • fax-no: +61395897951
  • e-mail: abuse@trellian.com
  • mnt-ref: APNIC-HM
  • mnt-by: APNIC-HM
  • last-modified: 2023-09-05T02:16:19Z
  • role: ABUSE TRELLIANAU
  • country: ZZ
  • address: 8 East Concourse, Beaumaris Victoria 3193
  • phone: +000000000
  • e-mail: abuse@trellian.com
  • admin-c: TPLA7-AP
  • tech-c: TPLA7-AP
  • nic-hdl: AT1100-AP
  • abuse-mailbox: abuse@trellian.com
  • mnt-by: APNIC-ABUSE
  • last-modified: 2025-03-05T00:06:30Z
  • role: Trellian Pty Ltd administrator
  • address: 8 East Concourse, Beaumaris Victoria 3193
  • country: AU
  • phone: +61395897946
  • fax-no: +61395897946
  • e-mail: abuse@trellian.com
  • admin-c: TPLA7-AP
  • tech-c: TPLA7-AP
  • nic-hdl: TPLA7-AP
  • mnt-by: MAINT-TRELLIAN-AU
  • last-modified: 2014-01-24T01:34:44Z

Links to attack logs

****** ****** ******

Share on: