112.220.250.18 Threat Intelligence and Host Information

Nov 14, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 112.220.250.18 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 36/100

Host and Network Information

  • Mitre ATT&CK IDs: T1110 - Brute Force

  • Tags: brute force, bruteforce, Bruteforce, Brute-Force, ssh, SSH

  • View other sources: Spamhaus VirusTotal

  • Country: South Korea
  • Network: AS3786 lg dacom corporation
  • Noticed: 3 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia

Malware Detected on Host

Count: 37 f7e040291cc6c568fa38221e777d9af4154fd6ccb11a8e55bf2b28be92a0089f 830124e7bb547c729902682232f88362197eccc196efc3623036801f0b4a5b49 97874e1f20fa4910e3e2be74b0fd6358e9384fc2e084c5012f3f9ebd763efe10 7341f5afd15a5d221197effd54712a6e339fec5583da5f41212b2e0ffa0349a4 f7e66887a5d01dbda69f59c975cefba7f71e2d906929e640cac63f643f95904a aab6c7dedbc162786dedb77a66429c52c75552e0a5492eaae8c37652e486f868 5589f01db5acb8f92cfc6954cd8b92dc77c0aa737e9bdff6cd76b514dd42b73e bfeb16b72949789f0c0e71edd943f1e4b6e4e076225e603ded5788217b6f086e 33287eb6eef85acb0df9337d292f8cd31fb1a15fa687f9d0e2e7bbf1008b1acb 125a883e41c2254b90c74008763281dcff5ad3a770433b14ad9c81c51bea04b2

Whois Information

  • inetnum: 112.216.0.0 - 112.223.255.255
  • netname: BORANET
  • descr: LG DACOM Corporation
  • admin-c: IM646-AP
  • tech-c: IM646-AP
  • country: KR
  • status: ALLOCATED PORTABLE
  • mnt-by: MNT-KRNIC-AP
  • mnt-irt: IRT-KRNIC-KR
  • last-modified: 2017-02-03T00:55:03Z
  • irt: IRT-KRNIC-KR
  • address: Jeollanam-do Naju-si Jinheung-gil
  • e-mail: irt@nic.or.kr
  • abuse-mailbox: irt@nic.or.kr
  • admin-c: IM574-AP
  • tech-c: IM574-AP
  • mnt-by: MNT-KRNIC-AP
  • last-modified: 2021-06-15T06:21:49Z
  • person: IP Manager
  • address: Seoul Yongsan-gu Hangang-daero 32
  • country: KR
  • phone: +82-2-1-01
  • e-mail: ipadm@lguplus.co.kr
  • nic-hdl: IM646-AP
  • mnt-by: MNT-KRNIC-AP
  • last-modified: 2021-10-05T05:20:03Z
  • inetnum: 112.216.0.0 - 112.223.255.255
  • netname: BORANET-KR
  • descr: LG DACOM Corporation
  • country: KR
  • admin-c: IA5-KR
  • tech-c: IA5-KR
  • status: ALLOCATED PORTABLE
  • mnt-by: MNT-KRNIC-AP
  • mnt-irt: IRT-KRNIC-KR
  • changed: hostmaster@nic.or.kr
  • person: IP Manager
  • address: Seoul Yongsan-gu Hangang-daero 32
  • address: LG UPLUS
  • country: KR
  • phone: +82-2-1-01
  • e-mail: ipadm@lguplus.co.kr
  • nic-hdl: IA5-KR
  • mnt-by: MNT-KRNIC-AP
  • changed: hostmaster@nic.or.kr

Links to attack logs

digitaloceanlondon-ssh-bruteforce-ip-list-2024-11-14 digitaloceantoronto-ssh-bruteforce-ip-list-2024-11-13

Share on: